Underground marketplaces such as the now-shuttered AlphaBay have long sold stolen personal data that can be used and adapted by fraudsters. (Image: McAfee)

Nonstop Breaches Fuel Spike in Synthetic Identity Fraud

Mathew J. Schwartz • May 18, 2018

Leading the latest edition of the ISMG Security Report: Years of massive data breaches have fueled an increase in synthetic identity fraud, in which fraudsters combine real and bogus details to create more effective fake identities. Plus, has "The Dark Overlord" hacking group finally met its match?

Cybersecurity

Facebook Keeps Losing the Privacy Advocates Who Can Save It

Latest

Mobility

Real-Time Mobile Phone Location Tracking: Questions Mount

Mathew J. Schwartz • May 18, 2018

Following reports about U.S. companies that enable government and other users to access real-time tracking information for all major U.S. wireless carriers' subscribers, provider Securus Technologies has reportedly been hacked, while LocationSmart has fixed a data-exposing flaw.

Cybercrime

Noose Tightens Around Dark Overlord Hacking Group

Jeremy Kirk • May 17, 2018

The noose appears to be tightening around the Dark Overlord, a group of international hackers who have stolen and held for ransom sensitive information from dozens of companies, healthcare organizations and U.S. public schools. Serbian police say they've arrested a suspect in cooperation with the FBI and U.K....

Fraud

As Payments Speed Up, How Can Fraud Be Minimized?

Nick Holland • May 17, 2018

Knowing as many details as possible about the customer, the payment and the recipient is a critical component of stopping fraud as payments become faster, says anti-fraud specialist David Barnhardt.

Data Breach

US Government Plans to Indict Alleged CIA Leaker

Jeremy Kirk • May 16, 2018

A former CIA software engineer who is facing child pornography charges is a possible suspect in the largest-ever leak of classified information from the spy agency. While Joshua A. Schulte has not been charged with the leak, prosecutors have indicated they will soon indict him.

Anti-Malware

Mexico Investigates Suspected Cyberattacks Against 5 Banks

Jeremy Kirk • May 15, 2018

Mexican officials are investigating a series of technical glitches that may have been a prelude to a large cyberattack affecting at least five banks, according to news reports. While the full scope of the incidents remains unclear, up to $20 million may have been stolen.

Fraud

Sizing Up the Impact of Synthetic Identity Fraud

Nick Holland • May 14, 2018

Credit card losses due to synthetic identity fraud exceeded $800 million in the U.S. last year, says Julie Conroy of Aite Group, who analyzes the evolving threat and offers mitigation insights.

Breach Notification

Chili's Speed Question: To Notify or Not to Notify Quickly?

Mathew J. Schwartz • May 14, 2018

Chili's Grill & Bar is warning customers that an unknown number of payment cards were compromised at an unknown number of corporate-owned locations earlier this year for a period of time it suspects lasted two months. Should Chili's have waited to alert customers until it had more information?

Encryption

Crypto Fight: US Lawmakers Seek Freedom From Backdoors

Jeremy Kirk • May 11, 2018

A bipartisan group of U.S. lawmakers has reintroduced legislation in the House that would stop the government from forcing software vendors to intentionally weaken their products for surveillance purposes. Two prior attempts to enact the legislation in Congress have failed.

Cybercrime

Real-Time Payment Networks Face Off Against Fraudsters

Mathew J. Schwartz • May 11, 2018

With the rise of P2P payment networks and the U.S. working toward a real-time national payments network, the push is on to battle fraudsters. Also, attackers are hacking legitimate websites to more stealthily distribute "Gandcrab" crypto-locking ransomware.

Fraud Management, Cybercrime

Crabby Ransomware Nests in Compromised Websites

Jeremy Kirk • May 10, 2018

The Gandcrab ransomware has been a moving target. Since it was discovered in January, it quickly became one of the most widely distributed file-encrypting malware programs. Researchers with Cisco say they've now found it seeded within legitimate websites, making its spread tougher to stop.

Fraud

Finding Fraud Using Machine Data

Tom Field • May 10, 2018

When it comes to fraud, enterprise data has a story to tell, and it's up to security and fraud leaders to know how to interpret that story. Jim Apger of Splunk discusses reading and reacting to these stories.

Next-Generation Technologies, Secure Development