Hum 140: Social Media - Cyber fraud

Just how gullible are we?

Cell phone data charges

Ring tones Vanity fraud

• http://www.youtube.com/watch?v=0zvPEfksbyQ

419ers419ers

Identity Fraud is at an All Time Identity Fraud is at an All Time High According to JavelinHigh According to JavelinStrategy and Research's Strategy and Research's

2010 Identity Fraud Survey 2010 Identity Fraud Survey ReportReport

A new, targeted social media A new, targeted social media version of a very old scam -- the version of a very old scam -- the

“Nigerian,” or “419,” ploy“Nigerian,” or “419,” ploy

The meteoric rise in social media use has also The meteoric rise in social media use has also created a launch pad for identity thieves. created a launch pad for identity thieves.

“My prediction for 2010 is that the increase in social networking activity, along with a user’s

failure to implement security and privacy settings and protocols, will lead to an

increased exposure of not only the user’s not only the user’s personal information but possibly that of personal information but possibly that of

their “friends”.their “friends”.

Robert Siciliano : CEO of IDTheftSecurity.comhttp://www.youtube.com/watch?v=JwFC0jfxTcohttp://www.youtube.com/watch?v=9LPRaiu0Y8

How did they do that?How did they do that?

Because Facebook regularly contacts its users through e-mail, and includes links in those e-mails to login pages, the format is ripe for phishers. It's easy to imitate Facebook e-mails and simply send users clicking to a look-a-like login page that steal passwords.

“You stand a better chance at any given time of loosing your personally identifiable information than you do of just about any other form of nasty thing

than can happen to a person over their lifetime.” ~The National Safety Council

1 in 146,107,962.00 could potentially win the power ball lottery grand prize

1 in 3,563,608.83 could potentially win the 200,000 dollar prize in the power ball

1 in 3000 will be killed by lighting in any given year

1 in 1,313 chance of being killed by a doctor

1 in 314 chance of being killed by a firearm

1 in 84 chance of being killed in a car crash over your lifetime

1 in 3 has had their personally 1 in 3 has had their personally identifiable information lost this yearidentifiable information lost this year

http://www.onguardonline.gov/games/overview.aspx

FTC Video

• http://www.youtube.com/watch?v=PVZqNSWvdj8&feature=player_embedded

http://www.youtube.com/watch?v=6Y8cU4kVqHg&feature=channel

OMGOMG

They could accurately predict the full, nine-digit Social Security numbers for 8.5 percent of the people born in the United States between 1989 and 2003 — nearly five million individuals.

All they needed was birthdates and city or state of birth.

That helped them figure out the first three digits of each Social Security number, which the government had assigned by location. The remaining six digits were related to when the person applied for the number.

The researchers used projections about those applications as well as other public data, like the Social Security numbers of dead people, and then ran repeated cycles of statistical correlation and inference to partly re-engineer the government’s number-assignment system.

Social networks put careers at risk

Recent Market Research Microsoft

http://www.euractiv.com/en/Social-networks-careers-risk

• US, where 79% of HR experts scan the Web in search of personal information for recruiting purposes.

• 23% are rejected outright because of online reputation, outlandish photos and social artifacts.

• Research by Symantec found that the under-25 age group appear to be the least apprehensive about their digital tattoos and have a careless attitude towards the distribution of their personal details.

Digital tattoos

Symantic and Sperling’s Best Places 2010 Report

Americas Riskiest Cities for CybercrimeAmericas Riskiest Cities for Cybercrime

• "I look at it like driving a car," said Dan Nadir, the director of product management for Symantec. "Your risk of an accident is going to be greater the more you drive. If you're online more, you need to be more cautious, just like the more you're on the road, the more you should wear your seatbelt, have airbags and rotate your tires."

Variables In Study

• Sins of Commission: risky online activities, including online banking and online shopping.

• Sins of Omission: Also factored into the rankings was the number of free WiFi hotspots per capita. "WiFi is a big concern," acknowledged Nadir, "because it's something most people don't understand, and most don't know who is behind that hotspot, or if it's even legitimate.“

What counters the risk? Awareness through education!!What counters the risk? Awareness through education!!

We are all victims!We are all victims!• 1700 new victims in the course of this meeting.• By the end of the decade someone in your family will be

a victim.• Lowest estimate of projected damage is $5000.• Only 1 in 700 is investigated.• 1 year or less in jail.• 70 – 80 % involve illegal dugs• FBI reports 30,000 computer a week are taken over.

Who is doing this?Who is doing this?

Small time crooks

Trans- national crime gangs.Trans- national crime gangs. Russian "Mafiya," Colombian and Mexican drug cartels, Asian Triads,

Japanese Yakuza, Nigerian confidence rings, Hell's Angels, rogue factions of the St. Regis Mohawk tribe and the surviving, leaner and meaner Cosa Nostra

International TerroristsInternational Terrorists

PhishingPhishing

Why do people fall for it ???Why do people fall for it ???

Beware of the push!!Beware of the push!!

Greed…..Greed…..

Greed = Scam…..Greed = Scam…..

Fear….Fear….

Fear = ScamFear = Scam

MailFrontier recently claimed that over 40% of recipients fell for the recent Citibank Email Phishing Scam.

Curiosity…..Curiosity…..

Curiosity = ScamCuriosity = Scam

Temptation…..GroomingTemptation…..GroomingRef. Number:EGOGHS255125600419 Batch Number: 14/ 01259/ IPD Ticket Number:113-2471-752-209 Serial Number: 5063-11

Attention

We are pleased to inform you of the result of the Winners in our UNIVERSAL STAKES Lottery Program held on the 20th JULY, 2004.Your e-mail address attached to ticket number 27522465896-6453 with serial number 3772-554 drew lucky numbers 7-14-18-31-45 which consequently won in the 2ND category, you have therefore been approved for a lump sum pay out of USD$1,500,000 ( One Million Five Hundred Dollars) Only .CONGRATULATIONS!

Some Quick FactsSome Quick Facts

• FBI 2009 statistics show $560 million in losses – over double the figure from 2008.

• Median individual loss - $575.

• But reported loss is tip of the project iceberg – estimated to be in the billions. Only 1 in 10 crime reported

What Scammers LoveWhat Scammers Love

• Social networking sites

• People who click on links

• Pictures, blogs

• Manually hacking “captcha” registration blocks.

Who Scammers HateWho Scammers Hatehttp://www.419hell.com/http://www.419hell.com/

SCaREWARESCaREWAREPretends to detect a virus and offers

to help with inexpensive debugging

software (usually around $50) – then..

You give your credit card # for the software fix!You give your credit card # for the software fix!

Hidden terms..Recurring Billing..Shipping & handling

Texting for Texting for DollarsDollars

• Text message from your bank or credit card company to call right away and verify account information!

OR

• You’ve won a free gift from a reputable vendor like Sears or Macy’s

Bogus LoveBogus Love“ Wire me some money for an airline ticket so that I can be with you forever.”

1) Fake photos: You may be virtual dating with somebody else.

2) Hidden costs: Sign-up could be free, but everything else requires you to pay extra fees.

3) Milking your Bank Account: The guy/girl is in distress and urgently need money, e.g. accidents, trapped at airport, hospitalized, etc.

http://www.youtube.com/watch?v=NyC0EyyuSlc&feature=player_embedded#!

“Make ME your favorite charity…please :( ”

http://www.youtube.com/watch?v=FyzfdTVvV5k

Their pitch: Speed up relief efforts – wire and send personal info such as social security and

checking account numbers.

Log on here:The hot-spot Hot seat

“Coming to a location near you.”

http://telkomhell.com/wi-fi-hotspot-security.html

A word or two about passwordsA word or two about passwordsand…. hacking Facebookand…. hacking Facebook

http://www.youtube.com/watch?v=V_kvQC5DH34&feature=relatedhttp://www.youtube.com/watch?v=V_kvQC5DH34&feature=related

• No birthdates or social security numbers

• No mother’s maiden name

• No universal password

• Yes to long passwords (over eight characters)

• Yes to random patterns – first letter of each word in your favorite song with your favorite number.

• Yes to changing it frequently

Three FREE “must have” online Three FREE “must have” online tools..tools..

http://www.passwordchart.com/

http://www.passpack.com/en/home/

http://www.roboform.com/

Any Web site or print ad offering free credit reports has to display this disclosure across the top of each page:

THIS NOTICE IS REQUIRED BY LAW. Read more at FTC.GOV.THIS NOTICE IS REQUIRED BY LAW. Read more at FTC.GOV.You have the right to a free credit report from You have the right to a free credit report from

AAnnualCreditReport.comnnualCreditReport.com or 877-322-8228, the ONLY authorized source under federal law.or 877-322-8228, the ONLY authorized source under federal law.

In September 2010 the rules will go into effect for TV and radio ads.

Free Credit Report?www.creditkarma.com

Invitation CodeIt’s currently in Beta now like any good start-up, so you’ll need a special promo code to get in. Use CKFRND

“Who steals my purse steals trash…But he that filches from me

my good name …... Makes me poor indeed.”

Othello, Act 3 Scene 3Othello, Act 3 Scene 3

http://www.infoworld.com/d/adventures-in-it/protect-yourself-against-identity-theft-401