Latest News

06/23/2019

As Facebook’s Libra Provokes A Slew of Questions, An Expert Struggles With the Coin’s ‘Justification’

Digital Transactions

Facebook Inc. is expected to release details this week, perhaps as early as Tuesday, on its Libra cryptocurrency initiative, but for now what’s known about the project has at least some experts shaking their heads.

Details >
06/23/2019

Chip Cards Make Gains, but the U.S. Still Lags Most of the World in EMV Adoption

Digital Transactions

EMV chip card payments made substantial gains in the U.S. last year, but the nation still lags most other regions in EMV penetration, according to new figures from payment card standards body EMVCo.

Details >
06/23/2019

Two women arrested for Felony Lane Gang identity thefts, bank fraud

WKOW.com

BROWN COUNTY (WBAY) — The Brown County Sheriff’s Office have two women in custody suspected of stealing more than $50,000 through identity theft and bank fraud.

Details >
06/21/2019

Collections Firm Behind LabCorp, Quest Breaches Files for Bankruptcy

Krebs on Security

A medical billing firm responsible for a recent eight-month data breach that exposed the personal information on nearly 20 million Americans has filed for bankruptcy, citing “enormous expenses” from notifying affected consumers and the loss of its four largest customers.

Details >
06/21/2019

Facebook to man barricades against Libra hackers

Financial Review

Facebook's proposed cryptocurrency Libra will present a juicy target for organised criminals, according to global cyber security experts, forcing the social network and its new partners to invest billions in defences to protect users' money and convince regulators the network can be trusted.

Details >
06/21/2019

The Costs and Risks of Account Takeover

Security Boulevard

Account takeover (ATO) attacks result in billions of dollars of fraud and damage to brand reputation each year. These are the costs and risks associated with ATO.

Details >
06/18/2019

Call 4 Action case prompts federal investigation into check fraud

TMJ4.com

The United States Postal Service is investigating a check fraud case after TODAY’S TMJ4 contacted the companies whose names were used in connection with the fraud.

Details >
06/17/2019

Couple hauled off plane in Milwaukee face numerous charges involving identity theft

WISN 12 News

MILWAUKEE — As Transportation Security Administration officials prepare for what they predict will be the busiest summer travel season on record, a real-life crime spree quickly came to an end at Milwaukee’s General Mitchell International Airport.

Details >
06/17/2019

Local bank warning of secret shopper scam sending people fake cashier's checks

Fox 4 New Kansas City MO

HOLDEN, Mo. -- A secret shopper scam is targeting thousands of customers across the country.

Details >
06/17/2019

Hackers and Cyber-criminals Have Discovered a Goldmine in the Form of Gaming Industry

Digital Information World

There is no second opinion about the fact that the gaming industry is one of the most profitable industry so far.

Details >
06/17/2019

7M Venmo Transactions Scraped To Warn Users

PYMNTS.com

A computer science student scraped seven million Venmo transactions to warn users that their public activity can still be stolen.

Details >
06/12/2019

Instant fraud: Consumers see funds disappear in Zelle account scam

NBC News

Chrysanthi Rausch was taking a nap on her couch two months ago when she got a call from a number she didn't recognize.

Details >
06/12/2019

U.S. Customs and Border Protection says photos of travelers were taken in a data breach

The Washington Post

U.S. Customs and Border Protection officials said Monday that photos of travelers had been compromised as part of a “malicious cyberattack,” raising concerns over how federal officials’ expanding surveillance efforts could imperil Americans’ privacy.

Details >
06/12/2019

Lake City Reveals It Suffered a ‘Triple Threat’ Ransomware Attack

The State of Security

The City of Lake City has confirmed that a “Triple Threat” ransomware attack affected the functionality of several of its computer systems.

Details >
06/12/2019

Use payment apps like Venmo, Zelle and CashApp? Here's how to protect yourself from scammers

NBC News

Peer-to-Peer (P2P) payment platforms — such as Zelle, Venmo, Apple Pay, Google Pay, Facebook Payments and Cash App — make it convenient to send someone money from your checking account. Unfortunately, scammers have now discovered them.

Details >
06/09/2019

Cryptocurrency wallet GateHub hacked, nearly $10 million worth of Ripple (XRP) stolen

The State of Security

In a “preliminary statement” published on its blog on Thursday, cryptocurrency wallet service GateHub has warned that over 100 customers have had their ledger wallets hacked and funds stolen.

Details >
06/06/2019

Automatic robocall blocking: Here's how cell phone carriers are responding to the FCC's ruling

FastCompany

The Federal Communications Commission ruled Thursday that phone companies can block robocalls to customers automatically, making such services opt out rather than opt in.

Details >
06/06/2019

New Bank/Credit Card Scam

Fox Business News

New phone call scam, video from Fox Business News

Details >
06/04/2019

Why AI is MIA in most FI Fraud Departments

PYMNTS.com

In the old days, forged checks were the biggest problems that bank fraud departments had to manage.

Details >
06/04/2019

Quest Diagnostics says data on nearly 12M patients exposed by breach

C.net

Quest Diagnostics said 11.9 million of its patients may have been exposed in a data breach of computer systems at the American Medical Collection Agency, a billings collection firm the medical lab works with.

Details >
06/04/2019

Quest Diagnostics says data on nearly 12M patients exposed by breach

C.net

Quest Diagnostics said 11.9 million of its patients may have been exposed in a data breach of computer systems at the American Medical Collection Agency, a billings collection firm the medical lab works with.

Details >
06/04/2019

Australia National University Reveals Data Breach Involving 19 Years of Info

The State of Security

Australia National University (ANU) has disclosed a data breach that affected some information of its community members dating back 19 years.

Details >
06/03/2019

8 residents of Los Angeles' San Fernando valley arrested in check-kiting scheme that allegedly defrauded banks out of nearly $1.5 million

U.S. Immigration and Customs Enforcement

LOS ANGELES – Federal authorities this morning arrested eight people named in a federal grand jury indictment that alleges check-kiting schemes that used hundreds of altered Armenian passports to fraudulently open bank accounts and steal nearly $1.5 million from Bank of America and Wells Fargo.

Details >
06/03/2019

Sale Barn Owners in Kansas Indicted in Multi-Million Dollar Fraud

Drovers

The owners of a sale barn in Kansas have been charged with carrying out a check kiting scheme by federal authorities after the fraud resulted in banks losing millions of dollars.

Details >
06/03/2019

It’s Time to Take Loyalty Fraud Seriously

The Wise Marketer

We report frequently on the subject of loyalty fraud for two main reasons. 1) Because maintaining the integrity of a loyalty program for the sake of your member’s confidence and security is just as important as doing so for bottom line integrity. 2) Because loyalty fraud keeps happening. A lot.

Details >
05/31/2019

NY Investigates Exposure of 885 Million Mortgage Documents

Krebs on Security

New York regulators are investigating a weakness that exposed 885 million mortgage records at First American Financial Corp.

Details >
05/30/2019

Canada Uses Civil Anti-Spam Law in Bid to Fine Malware Purveyors

Krebs on Security

Canadian government regulators are using the country’s powerful new anti-spam law to pursue hefty fines of up to a million dollars against Canadian citizens suspected of helping to spread malicious software.

Details >
05/30/2019

Should Failing Phish Tests Be a Fireable Offense?

Krebs on Security

Would your average Internet user be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails?

Details >
05/30/2019

Checkers Says Data Breach Affected 100+ Locations

The State of Security

Checkers Drive-In Restaurants, Inc. revealed that a data breach possibly affected customers at more than 100 of its Checkers and Rally’s locations.

Details >
05/28/2019

Fake Romeo arrested for allegedly scamming thousands from dozens of women in 8 states

ABC News

Los Angeles police are looking for more victims of a Lothario who will do more than just steal your heart.

Details >
05/28/2019

First American Financial Admits To Consumer Data Breach

PYMNTS.com

First American Financial, the real estate title insurance company, may have provided unauthorized access to the financial information of its customers.

Details >
05/23/2019

Legal Threats Make Powerful Phishing Lures

Krebs on Security

Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm.

Details >
05/19/2019

More Than 1.5 Million Malicious And Spam Emails Were Sent From Thousands Of Compromised Office 365 Accounts: Barracuda Networks

Express Computer

Barracuda researchers have revealed a startling rise in account takeover, one of the fastest growing email security threats

Details >
05/19/2019

Paper checks aren’t as safe as you think; electronic payments urged by FTC

Cleveland Paper

CLEVELAND, Ohio -- Most people know that allowing a thief to get credit card or debit card numbers could lead to fraud.

Details >
05/17/2019

Do DDoS attacks originate from Cloud Service Providers?

Security Boulevard

In a word, yes.

Details >
05/17/2019

Forbes subscribers warned of Magecart threat skimming credit card details

The State of Security

The notorious Magecart malware, that blights online stores by stealing payment card details from unsuspecting shoppers at checkout, has claimed another high profile victim.

Details >
05/14/2019

Imposter scams top the list of 2018 consumer fraud complaints

Property Casualty 360

For the first time, the Federal Trade Commission’s (FTC’s) Consumer Sentinel Network Data Book, 2018 has identified imposter scams as the top consumer fraud complaint received in 2018.

Details >
05/14/2019

Nine Charged in Alleged SIM Swapping Ring

Krebs on Security

Eight Americans and an Irishman have been charged with wire fraud this week for allegedly hijacking mobile phones through SIM-swapping, a form of fraud in which scammers bribe or trick employees at mobile phone stores into seizing control of the target’s phone number and diverting all texts and phone calls to the attacker’s mobile device.

Details >
05/14/2019

Bad Actors Using MitM Attacks against ASUS to Distribute Plead Backdoor

The State of Security

Researchers believe bad actors are using man-in-the-middle (MitM) attacks against ASUS software to distribute the Plead backdoor.

Details >
05/13/2019

Amazon Merchants Affected By Cyberattack

PYMNTS.com

Amazon was the target of an “extensive” cyberattack in which hackers stole money from merchant accounts and funneled them into their own, according to a report by Bloomberg.

Details >
05/13/2019

A Changing Threat Landscape: Inside Verizon’s 2019 DBIR

The State of Security

Verizon Enterprise has once again released its annual Data Breach Investigations Report (DBIR).

Details >
05/13/2019

RobbinHood ransomware attack brings down parts of City of Baltimore’s computer network

The State of Security

For the second time in a year, Baltimore city government computers have been infected by ransomware. Malicious hackers are demanding that a ransom is paid for the safe recovery of encrypted files on affected computers and servers.

Details >
05/13/2019

L&M Supply acknowledges online data breach

The Timberjay

REGIONAL—The growing issue of online security hit the North Country (MN) this week as Grand Rapids-based L&M Supply acknowledged an unauthorized breach of credit and debit card information from the company’s online store.

Details >
05/13/2019

New record high: 82% of companies recently hit by payment fraud

CFO Daily News

Today, your finance team must do more than ever before to ensure that company money stays where it belongs.

Details >
05/13/2019

7 of the worst scams people fall for when renting an apartment

Stamford Advocate

Scams are a huge problem for apartment hunters, and online listings have only made the problem worse

Details >
05/08/2019

Catch Me If You Can: Fighting Fraud With Blockchain

Cointelegraph.com

Fraud impacts organizations of all types and sizes across a wide range of industries and geographies.

Details >
05/08/2019

Five fraudulent schemes used against small businesses... and how to detect them

Kens5 - BBB

The Better Business Bureau will be offering resources to the business community throughout National Small Business Week, an event that recognizes the important contributions made by American entrepreneurs and their small businesses.

Details >
05/06/2019

Avoid Crowdfunding scams

FTC

Crowdfunding is one way to support a project you believe in and get rewards for that support.

Details >
05/06/2019

Experts Warn of Office 365 Account Takeover Surge

Info Securityy

Over 1.5 million malicious and spam emails were sent from thousands of compromised Office 365 accounts in just one month thanks to a surge in account takeovers (ATOs), according to Barracuda Networks.

Details >
05/06/2019

Fraudsters Targeting Consumers with One-Ring Phone Scams

The State of Security

Fraudsters are targeting consumers with one-ring phone scams that exploit people’s curiosity so as to trick them into paying exorbitant fees.

Details >
05/06/2019

Consumer Sentinel Network Data Book 2018

FTC

The FTC takes in reports from consumers about problems they experience in the marketplace.

Details >
05/03/2019

Inside the Government Cybersecurity Landscape: Federal vs. State Level Challenges

The State of Security

Few would dispute the idea that an effective cybersecurity profile requires candid assessments of potential vulnerabilities. Here’s a closer look at the challenges facing the federal cybersecurity mission and the efforts of state-level agencies.

Details >
05/03/2019

Mitigating Risks in Cloud Migration

The State of Security

Companies are moving to incorporate the cloud into their computing infrastructure at a phenomenal rate. This is, without question, a very positive move.

Details >
05/03/2019

Data: E-Retail Hacks More Lucrative Than Ever

Krebs on Security

For many years and until quite recently, credit card data stolen from online merchants has been worth far less in the cybercrime underground than cards pilfered from hacked brick-and-mortar stores.

Details >
05/03/2019

Worried About Payroll Fraud? Nine Ways Small Businesses Can Mitigate The Risk

Forbes

Payroll fraud is a common issue with severe consequences. Whether an employee asks for a pay advance that is never repaid, punches in for a fellow worker who takes the day off or diverts the paychecks of an absent or former employee, there are plenty of ways dishonest staff can conspire to get extra money out of your business.

Details >
05/01/2019

How Email Bombing Uses Spam to Hide an Attack

How-To Geek

If you suddenly start receiving an endless stream of junk email, perhaps asking for confirmation of a subscription, you’re the victim of email bombing. The perpetrator is probably trying to hide their real goal, so here’s what to do.

Details >
05/01/2019

Unprotected Database Exposed Details of Over 80 Million U.S. Households

The State of Security

Security researchers found an unprotected database stored on the cloud that contained detailed information of over 80 million U.S. households.

Details >
05/01/2019

Disruptions from cyber attacks increasing, taking longer to fix

information Management

Cyber attack disruptions are increasing, and it’s taking organizations longer to fix the underlying issues, according to a new report from global consulting firm Protiviti and the Shared Assessments Program, a member-driven organization of risk assurance providers. Among the areas they need to focus on: vendor risk management (VRM) practices and programs.

Details >
05/01/2019

$9.8M Settlement to Eddie Bauer Data Breach Filed in Federal Court

The State of Security

A Washington federal court has received a $9.8 million settlement that would resolve a data breach class-action lawsuit filed against Eddie Bauer.

Details >
04/29/2019

COMMENTARY: How Mobile-App Testing Can Stop Three Common Types of E-Commerce Fraud

Digital Transactions

In the race to attract and retain today’s always-on, mobile-savvy consumer, most companies are developing their own e-commerce apps at a fast and furious pace.

Details >
04/26/2019

Will Consumers Bank With Their Telcos?

PYMNTS.com

Last week, wireless carrier T-Mobile announced it would throw its hat into the mobile banking arena with the national rollout of T-Mobile MONEY.

Details >
04/26/2019

The Chipotle Hack And The Troubling Trend Of Credential Stuffing

PYMNTS.com

The news out of Chipotle feels a bit like déjà vu, as it’s a story we’ve all heard before.

Details >
04/26/2019

A Beginner’s Guide to PCI Compliance

The State of Security

PCI DSS, or the Payment Card Industry Data Security Standard, is the set of requirements for organizations who process card payments. Sounds simple enough, right?

Details >
04/26/2019

What AI Can (and Can’t) Do Right Now to Fight CNP Fraud

CPO Magazine

AI is a powerful tool in the fight against online payment fraud. However, AI alone can’t provide all the functions merchants need to prevent fraud and avoid expensive, reputation-damaging false positives.

Details >
04/25/2019

Planet Hollywood group POS breach sees 2m records on darkweb

The Cyber-Security Source

A point-of-sale data breach allegedly discovered a month ago and just now admitted, exposed two million credit cards belonging to diners of Earl Enterprises restaurants.

Details >
04/25/2019

Scammers and your Notre Dame donations

FTC

Following last week’s devastating fire that destroyed much of the famous and historically important Cathedral of Notre Dame in Paris, fundraising efforts have begun.

Details >
04/25/2019

COPPA: A few tips to keep your child safe online

FTC

Online games and websites for kids are everywhere these days – to the point where it’s commonplace to see toddlers playing with them, too.

Details >
04/22/2019

‘123456’ Remains the World’s Most Breached Password

The State of Security

“123456” remains the most common password which digital criminals abuse to steal unsuspecting users’ sensitive information.

Details >
04/22/2019

British cyber expert pleads guilty to creating malware

The Star Online

MILWAUKEE: A British cybersecurity researcher credited with stopping a worldwide computer virus has pleaded guilty to developing malware to steal banking information.

Details >
04/22/2019

Who’s Behind the RevCode WebMonitor RAT?

Krebs on Security

The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT, a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.

Details >
04/19/2019

Wipro Intruders Targeted Other Major IT Firms

Krebs on Security

The crooks responsible for launching phishing campaigns that netted dozens of employees and more than 100 computer systems last month at Wipro, India’s third-largest IT outsourcing firm, also appear to have targeted a number of other competing providers, including Infosys and Cognizant, new evidence suggests. The clues so far suggest the work of a fairly experienced crime group that is focused on perpetrating gift card fraud.

Details >
04/19/2019

Dark Web Fraudsters Defraud Each Other with Fraud Guides

Info Security

Cyber-criminals are doing a roaring trade in “how-to” fraud guides for their fellow scammers, although many are out-of-date and incomplete, according to new dark web research from Terbium Labs.

Details >
04/19/2019

The Robots Aren’t Coming: They’re Already Here (and Ripping Off Banks)

Banking Exchange

Committing financial fraud used to be a precision exercise: find a target, take aim and fire a single shot.

Details >
04/17/2019

SSA imposters top IRS in consumer loss reports

FTC

Have you gotten calls about supposed problems with your Social Security number from callers pretending they’re with the Social Security Administration (SSA)?

Details >
04/17/2019

The lead-generation bait-and-switch

FTC

You’ve probably shared your contact information online to, say, get details about a job opening.

Details >
04/17/2019

RobbinHood Ransomware Demands Grow $10K Per Day after Fourth Day

The State of Security

The ransom demands imposed by the new “RobbinHood” ransomware family increase $10,000 each day beginning on the fourth day following encryption.

Details >
04/17/2019

Experts: Breach at IT Outsourcing Giant Wipro

Krebs on Security

Indian information technology (IT) outsourcing and consulting giant Wipro Ltd. [NYSE:WIT] is investigating reports that its own IT systems have been hacked and are being used to launch attacks against some of the company’s customers, multiple sources tell KrebsOnSecurity. Wipro has refused to respond to questions about the alleged incident.

Details >
04/17/2019

Strong security defense starts with prioritizing, limiting data collection

information Management

Dow Jones, parent of The Wall Street Journal, is among the latest companies to expose highly sensitive data, including the identities of global government officials, politicians and political influencers, on the public cloud.

Details >
04/17/2019

Navicent Health Discloses Data Breach as the Result of a Digital Attack

The State of Security

Navicent Health, a part of Central Georgia Health System, has disclosed that it suffered a data breach as the result of a digital attack.

Details >
04/17/2019

Navicent Health Discloses Data Breach as the Result of a Digital Attack

The State of Security

Navicent Health, a part of Central Georgia Health System, has disclosed that it suffered a data breach as the result of a digital attack.

Details >
04/17/2019

What to Do if Your Business Identity is Stolen

NAV

We hear a lot about data breaches and just about everyone has a story of having a credit card number stolen.

Details >
04/14/2019

New Wire Fraud Scam Reroutes Direct Deposit Paychecks

PYMNTS.com

A new type of phishing scam targets the HR departments of companies and asks for reroutes on direct deposit accounts, CNBC reported. Once the changes are made, a paycheck will go directly into a criminal’s account.

Details >
04/14/2019

Corporate Payments Fraud Jumps Despite Stronger Internal Controls

PYMNTS.com

While corporates are adopting stronger internal controls to combat the threat of payments fraud, new data from the Association for Financial Professionals (AFP) reveals the number of incidents has continued to climb to new heights

Details >
04/14/2019

Visa To Lower Its Chargeback and Fraud Ratios for Merchants in October

Digital Transactions

Visa Inc. will lower its merchant dispute and fraud ratios in October. Merchants that exceed the revised ratios could be placed in monitoring programs meant to control risk.

Details >
04/14/2019

The scams the IRS says you should be watching out for this tax season

WJLA

ARLINGTON, Va. (ABC7) — The IRS compiles a yearly "Dirty Dozen" list of tax scams that have been particularly popular that year. Here are 2019's:

Details >
04/14/2019

THE NEW WAVE OF AUTOMATED CYBER ATTACKS

BBN Times

From big players to small and midsize businesses, every organization has faced the impact of cyber threats at some point. But, the new generation of automated cyber attacks will affect multiple businesses to an unimaginable extent.

Details >
04/11/2019

Scammers Target ACH Transactions

CFO

"Fraudsters are now trying to use ACH transactions as vehicles for their scams as they move away from checks and wires," said the AFP.

Details >
04/07/2019

RUSSIA SAYS “SUPER SOLDIERS” CAN CRASH COMPUTERS WITH TELEPATHY

Futurism

According to a report in the official magazine of its Defense Ministry, Russian “supersoldiers” are able to use “parapsychology” techniques to crash enemy computers, access the minds of foreign soldiers, and read documents inside locked safes — abilities they gained, according to the article, from telepathic dolphins they can now communicate with.

Details >
04/07/2019

The Latest Big Data Breach Should Make You Rethink How You Pay For Everything

Forbes

Last Friday, the restaurant group Earl Enterprises confirmed that over two million credit cards were compromised in a breach affecting diners at Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken Guy! and other restaurants between May 2018 and March 2019.

Details >
04/03/2019

If the Data Breach Doesn’t Kill Your Business, the Fine Might

The State of Security

When you hear about a data breach in the news, it’s usually related to a major company or social media network that has been targeted. The erroneous conclusion would be that the hackers only focus on exploiting security flaws in large organizations, but the opposite is true.

Details >
04/03/2019

Canadian Police Raid ‘Orcus RAT’ Author

Krebs on Security

Canadian police last week raided the residence of a Toronto software developer behind “Orcus RAT,” a product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015.

Details >
03/31/2019

A Month After 2 Million Customer Cards Sold Online, Buca di Beppo Parent Admits Breach

Krebs on Security

On Feb. 21, 2019, KrebsOnSecurity contacted Italian restaurant chain Buca di Beppo after discovering strong evidence that two million credit and debit card numbers belonging to the company’s customers were being sold in the cybercrime underground

Details >
03/31/2019

Nearly One Billion Emails Leaked Online by Unprotected Database

Identity Management Solutions Review

In what some experts call one of the most largest and comprehensive email breaches of all time, nearly one billion emails have been exposed by a little-known marketing company called Verifications.io.

Details >
03/31/2019

Call Center Agents Aim to Balance Service and Identification

Credit Union Times

Credit unions’ desire to always help their members is playing into the hands of fraudsters, who are taking advantage of call center agents by spoofing member IDs in order to take over their accounts.

Details >
03/31/2019

How To Pay The Millennial Workforce

PYMNTS.com

Demand for instant and peer-to-peer (P2P) payments is heating up, and financial institutions (FIs) are seeking to cater to that need, knowing that if they don’t, their customers are likely to turn elsewhere. This month’s Faster Payments Tracker™ explores the latest developments, as FIs and other companies seek to provide or tap into accelerated payment services.

Details >
03/31/2019

Five ways artificial intelligence and machine learning can fight financial fraud

SC Media

One of banking's biggest challenges is to minimize the amount of false positives being generated, thereby saving time, money and avoiding needlessly frustrating customers.

Details >
03/28/2019

Phishing Schemes Top List of IRS Dirty Dozen Tax Scams For 2019

Forbes

With just a few weeks until Tax Day, the Internal Revenue Service (IRS) is reminding taxpayers to be on the lookout for tax scams

Details >
03/28/2019

Bitcoin Daily: Trustology Debuts iPhone-Controlled Crypto Vault; FINMA Says $90M ICO Illegal

PYMNTS.com

Trustology has launched an iPhone-controlled crypto vault that is reportedly safe enough for financial institutions (FIs). TrustVault is now available in the Apple U.K. App Store, and can be used to store ether, with bitcoin and ERC-20 tokens to follow soon.

Details >
03/28/2019

Popular Web Browser’s Hidden Ability Threatens 500M Google Play Users

The State of Security

A popular web browser’s hidden ability poses a serious risk to more than 500 million Google Play users and their Android devices.

Details >
03/28/2019

Ransomware Hit Garage Used by Canadian Internet Registration Authority

The State of Security

A parking garage used by employees of the Canadian Internet Registration Authority (CIRA) suffered a ransomware infection.

Details >
03/28/2019

Apple Card: 7 key takeaways

PaymentsSource

Apple's new credit card isn't just another virtual card in its virtual wallet. It borrows a lot of features from the most successful brands in payments and technology.

Details >
03/28/2019

Office Depot computer scans gave fake results

FTC

Most of us manage basic computer safety on our own. We keep security software and firewalls up to date, and ignore pesky pop-up ads about computer health.

Details >
03/26/2019

Young people falling for scams more often than their grandparents

KOAA News 5

COLORADO SPRINGS- Consumers in Southern Colorado lost millions of dollars in 2018 to scams, but you may be surprised at the age group most likely to fall victim to fraud. Impostor scams have become the most popular tactic for fraudsters after your money they pretend to be someone they’re not to gain your trust and ultimately your money. In 2018 people under the age of 30 were fooled and paid scammers more often than any other age group.

Details >
03/26/2019

Those (not really) IRS calls

FTC

You’ve probably gotten one of these calls: They say it’s the IRS and they’re filing a lawsuit against you for back taxes. They may threaten to arrest or deport you.

Details >
03/26/2019

Robocallers, you’re out

FTC

Most robocalls are prohibited by law, but scammers and dishonest people continue to send them. And even some legitimate companies violate peoples’ privacy rights with illegal robocalls. Today the FTC announced several victories in the fight against illegal robocalls.

Details >
03/24/2019

FACEBOOK STORED “HUNDREDS OF MILLIONS” OF PASSWORDS AS PLAIN TEXT

Futurism.

In a damning privacy revelation, Facebook admitted to storing “hundreds of millions” of account passwords in plain text — a flabbergasting breach with good data security practices.

Details >
03/19/2019

Why Phone Numbers Stink As Identity Proof

Krebs on Security

Phone numbers stink for security and authentication. They stink because most of us have so much invested in these digits that they’ve become de facto identities.

Details >
03/19/2019

The kidnapper calling from his daughter's iPhone demanded money or she would die. It was all a scam.

Wisconsin Rapids Tribune

It appeared he was getting a call from his daughter, but the voice on the other end was that of a man screaming demands for cash.

Details >
03/17/2019

Beware of Fake Check Scams

Financial Industry Regulatory Authority

We are warning the public about job-search scams in which people who respond to ads or online job postings receive checks that appear to be from legitimate companies—including FINRA.

Details >
03/17/2019

Tokenization can make card info less inviting to crooks

PaymentsSource PayThink

It is hard not to become desensitized to the almost daily news of data breaches. Identity theft is appealing to fraudsters, but the endgame is nearly always financial gain, so lifting payments data is a far more direct path to a payoff.

Details >
03/17/2019

Large grocery chain widens ban on Visa credit cards

PaymentsSource

Kroger Co., the biggest U.S. supermarket chain, plans to widen a ban on Visa Inc. credit cards to its Smith’s food and drug division, blaming rising costs from premium cards.

Details >
03/17/2019

For payments, Generation Z is 'generation e-wallet'

PaymentsSource PayThink

Though often mistaken for millennials, Generation Z has an entirely different set of values that need to be acknowledged when developing a plan to connect with these buyers.

Details >
03/15/2019

Getting calls from the SSA?

FTC

Probably not. At least, not from the real SSA. But how many of you have gotten calls from someone who said they were the Social Security Administration? And maybe showed the real SSA phone number (1-800-772-1213) or a number close to it on your caller ID? Lots, right?

Details >
03/15/2019

New protections available for minors under 16

FTC

Young people now have more protection from identity theft and fraud, thanks to a new federal law that went into effect September 21st, 2018. The new law lets parents and child welfare representatives of people under 16, as well as legal guardians, request a security freeze, also called a credit freeze, on their behalf. Taking this step can help protect a young person from identity theft and fraud – and it’s free.

Details >
03/15/2019

What Every Banker Needs to Know Today About Artificial Intelligence

Gonzo Banker

In the last two years, almost every technology company has started using the terms artificial intelligence and, related to that, machine learning.

Details >
03/15/2019

How secure are payment apps? Volusia man says he lost thousands with Zelle

clickorlando.com

ORMOND BEACH, Fla. - Touted as one of the easiest ways to send money to people you know, Zelle is a person-to-person digital payment service offered through most banks and credit unions.

Details >
03/13/2019

DEA warns of alarming increase of scam calls

DEA

El PASO, Texas – The Drug Enforcement Administration urges its DEA-registered practitioners and members of the public to be cautious of telephone calls from criminals posing as DEA or other law enforcement personnel threatening arrest and prosecution for supposed violations of federal drug laws or involvement in drug-trafficking activities.

Details >
03/13/2019

Study: Online retail fraud attacks on the rise

CSA - Chain Store Age

Attempts to defraud online retailers have increased for the second year in a row, with food and beverages and online electronics seeing the biggest increases.

Details >
03/13/2019

$356,000 to protect your computer? Feds promise 'all-out attack' on scams targeting the elderly

USA Today

WASHINGTON – One man, alarmed at the thought that hackers might attack his computer, shelled out $14,990 to a company promising a "fix" that would keep it safe.

Details >
03/11/2019

More than 260 people targeted in elder fraud sweeps, including alleged $30M attorney scammer

ABA Journal

More than 260 people have been targeted across the globe in the largest coordinated sweep of elder fraud cases in history, the U.S. Department of Justice announced Thursday.

Details >
03/11/2019

Philadelphia Bans Cashless Stores

PYMNTS.com

Lawmakers in Philadelphia have passed a ban on cashless stores, making it the first major city in the U.S. to do so, according to a report by The Wall Street Journal.

Details >
03/11/2019

Can Banks Safely Monetize Consumer Data?

PYMNTS.com

It’s one of the main clichés of the early 21st century, but that doesn’t mean it’s wrong: Data is the new oil.

Details >
03/11/2019

Insert Skimmer + Camera Cover PIN Stealer

Krebs on Security

Very often the most clever component of your typical ATM skimming attack is the hidden pinhole camera used to record customers entering their PINs.

Details >
03/07/2019

Justice Department Coordinates Largest-Ever Nationwide Elder Fraud Sweep

The US Department of Justice

Attorney General William P. Barr and multiple law enforcement partners today announced the largest coordinated sweep of elder fraud cases in history, surpassing last year’s nationwide sweep.

Details >
03/06/2019

More Consumers Speak Out About Fraudulent Zelle Transfers

NCBDFW 5

Leah Montez was stunned when she saw more than $1680 transferred from her checking account to someone she doesn’t even know.

Details >
03/06/2019

Consumers lost more than $1.4 billion to fraud last year, the FTC reports. This was the No. 1 scam

FOX 47

BALTIMORE — Out of the 3 million consumer complaints submitted to the Federal Trade Commission in 2018, imposter scams took the top spot.

Details >
03/01/2019

When Synthetic IDs Are As Good As The Real Thing

PYMNTS.com

.It’s no secret that digital criminals are becoming more sophisticated.

Details >
02/28/2019

Top Fraud of 2018

Federal Trade Commission

Every year, millions of you tell us – and our partners – about the frauds you spotted.

Details >
02/28/2019

Booter Boss Interviewed in 2014 Pleads Guilty

Krebs on Security

A 20-year-old Illinois man has pleaded guilty to running multiple DDoS-for-hire services that launched millions of attacks over several years.

Details >
02/27/2019

The payments industry is falling behind fast-acting fraudsters

PaymentsSource

Financial institutions, retailers and mobile wallet providers struggle to keep up with changing fraud patterns.

Details >
02/27/2019

Pompano Beach warned nearly 4,000 residents of data breach

SunSentinel

A data breach at a company that handles the billing for municipal water service has Pompano Beach city officials working to minimize the potential damage.

Details >
02/27/2019

The mobile point of sale wave presents a distinct fraud risk

PaymentsSource

As more mobile point of sale devices come into use, security and fraud experts caution that these tools carry their own set of data safety and payment fraud concerns, in addition to the challenges that all business face when accepting with card payments.

Details >
02/27/2019

Shift Away from Passwords; the Search for the New Standard of Account Protection

Banking Exchange

Usernames and passwords have been the gold standard of online security for as long as most people can remember.

Details >
02/27/2019

Jamie Dimon Doesn’t Rule Out Consumer Payments Via JPM Coin

PYMNTS.com

Jamie Dimon, the CEO of JPMorgan Chase, said the bank’s new cryptocurrency, JPM Coin, could one day be used by consumers, according to CNBC.

Details >
02/26/2019

Vulnerability Management and Patch Management Are Not the Same

The State of Security

Vulnerability management and patch management are not products. They are processes, and the products are tools used to enable the process. You cannot buy a hammer, nails and wood and expect them to just become a house, but you can go through the process of building the house or hire someone to do it for you as a service.

Details >
02/25/2019

Payroll Provider Gives Extortionists a Payday

Krebs on Security

Payroll software provider Apex Human Capital Management suffered a ransomware attack this week that severed payroll management services for hundreds of the company’s customers for nearly three days.

Details >
02/25/2019

Telephone Scams: Your Credit Card was Used in Fraudulent Activities

The State of Security

Everyone by now should have heard about the telephone scams involving a caller who claims that they are from the CRA (Canada Revenue Agency) or the IRS (Internal Revenue Service).

Details >
02/25/2019

Direct Deposits Fuel Green Dot’s Payment Volume and Revenue Growth

Digital Transactions

Green Dot Corp.’s diversification from a pure prepaid card management company into banking and other financial-services niches is driving direct deposits into its card accounts and spurring revenue-generating payment volume, according to the company’s latest financial report.

Details >
02/25/2019

Scammers go after international students’ money

Federal Trade Commission

We try to let you know when we learn about new scams, so you can avoid them and warn your friends and family

Details >
02/22/2019

Proposed Bill Would Strengthen California’s Data Breach Notification Law

The State of Security

A new bill would strengthen California’s data breach notification law by expanding businesses’ obligations to inform their customers in the event of a security incident.

Details >
02/21/2019

Breaking Down Organizational Silos To Break Fraud

PYMNTS.com

The fight against fraud really kicks in with customer onboarding — but that is only the first step, of course. Enhancing the customer experience, and keeping the customer and business secure through the entire relationship, is an increasingly complex and vital job, thanks to regulatory and competitive pressures.

Details >
02/21/2019

Robocalls and phone scams are all the rage in 2019

TCPalm

You're in the shower. The phone rings. Your husband is out of town and you've been waiting for his call. You push through the curtain, your hair full of shampoo, you grab the phone and blurt out, "Hello?"

Details >
02/18/2019

The U.S. is About to Hit Facebook With a Multi-Billion Dollar Fine

Futurism.

Facebook’s sketchy history with users’ privacy rights is finally starting to catch up with it.

Details >
02/18/2019

Separating Transactions From Authentication — And Authentication From The Internet

PYMNTS.com

Nine months in, and the European Union’s General Data Protection Regulation (GDPR) is gathering steam, with fines accruing. Google’s $57 million fine on data protection violations, levied in January, stands as one recent example of what can happen when companies run afoul of its mandates.

Details >
02/18/2019

BBB Tip of the Week: BBB sees more phony agency calls

The Spokesman-Review

Better Business Bureau is seeing an increasing number of scammers hiding behind fake phone personas to trick consumers.

Details >
02/18/2019

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Krebs on Security

The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies.

Details >
02/13/2019

Where cybersecurity legislation 'goes to die' in Congress

Politico

Wisconsin Republican Sen. Ron Johnson leads the committee with broad oversight over the nation’s most important cybersecurity issues, including protecting consumers and U.S. elections from hackers.

Details >
02/13/2019

Cybersecurity Documentation: The Best Defense Is a Good Offense

The State of Security

Most people do not regard their cybersecurity and privacy documentation as a proactive security measure.

Details >
02/13/2019

Patch Tuesday, February 2019 Edition

Krebs on Security

Microsoft on Tuesday issued a bevy of patches to correct at least 70 distinct security vulnerabilities in Windows and software designed to interact with various flavors of the operating system.

Details >
02/13/2019

High Severity RunC Vulnerability Exposes Docker And Kubernetes Hosts

The State of Security

Often claimed as a worst-case scenario, a container breakout vulnerability has been discovered in RunC, the universal container runtime used by Docker, Kubernetes and other containerization systems.

Details >
02/13/2019

Romance scams will cost you

Federal Trade Commission

Because we can't say it enough.....It’s Valentine’s Day and love is in the air. You may think you spend a lot on flowers or chocolate, but losing money in a romance scam would cost you even more.

Details >
02/12/2019

Comptroller of the Currency Supports CFPB Proposed Rule on Short-Term Small-Dollar Lending

Office of the Comptroller of the Currency

WASHINGTON—Comptroller of the Currency Joseph Otting today issued the following statement supporting Director Kathy Kraninger and the Consumer Financial Protection Bureau’s proposed rule rescinding requirements that lenders make certain underwriting determinations before issuing short-term small-dollar loans.

Details >
02/12/2019

Many Consumers Report P2P Funds Availability Takes a Day or More

Digital Transactions

Speed is a key selling point for person-to-person payments, but many P2P users aren’t taking advantage of real-time payment capabilities offered by their providers, according research firm Aite Group LLC.

Details >
02/12/2019

FIS sued for $50 million for alleged fraud, conspiracy

bizjournals.com

Jacksonville-based Fidelity National Information Systems Inc. (NYSE: FIS) has been accused of defrauding a client and a California regulator as well as orchestrating a conspiracy to conceal its behavior.

Details >
02/12/2019

How Face ID Can Power End-To-End Verification

PYMNTS.com

Go back a generation or two and imagine the construction of the Gateway Arch — the sleek, shiny monument to westward expansion that stands along the west side of the Mississippi River in St. Louis (which just underwent an extensive update and makeover to its grounds and museum).

Details >
02/11/2019

Phishers Leveraging Google Translate to Target Google and Facebook Users

The State of Security

Phishers are leveraging Google Translate in their attempts to steal the login credentials for users’ Google and Facebook accounts.

Details >
02/11/2019

The State of Faster Payments: 'Early Innings"

PYMNTS.com

The “state” of — well, anything — refers to its condition, the attributes and even the state of “mind” that denotes where we are at any given time on an endeavor. Might the state of faster payments be described as “conflicted?”

Details >
02/11/2019

Supply Chain Security – Sex Appeal, Pain Avoidance and Allies

The State of Security

Every security professional and every privacy professional understands that supply chain security is as important as in-house security

Details >
02/11/2019

Red Envelopes, Fortnite And The Rise Of Micro Money Laundering

PYMNTS.com

One of the main differences between a successful criminal and a wanna-be is that the smart one knows how to hide (often in plain sight), and use methods that often seem more mundane than dramatic — despite what Hollywood has trained us to believe over the last century or so.

Details >
02/08/2019

FTC halts another phantom debt collection scheme

Federal Trade Commission

Getting a call about a debt you don’t owe – or even recognize – can be annoying. It can be downright scary when the caller claims to be a lawyer and threatens legal action if you don’t pay.

Details >
02/08/2019

Data breach can leave 24 million vulnerable to home title fraud - protect yourself now

Komando

A terrifying data breach recently exposed 24 million people to title fraud. If you have a mortgage on your home, or are refinancing or have a home equity line of credit (a HELOC), you could be a victim of this fraud, and you might not realize it until it’s too late.

Details >
02/08/2019

Phishers Target Anti-Money Laundering Officers at U.S. Credit Unions

Krebs on Security

A highly targeted, malware-laced phishing campaign landed in the inboxes of multiple credit unions last week.

Details >
02/04/2019

Introducing Zombie POODLE and GOLDENDOODLE

The State of Security

I’m excited to announce that I will be presenting at this year’s Black Hat Asia about my research into detecting and exploiting CBC padding oracles!

Details >
02/04/2019

Crooks Continue to Exploit GoDaddy Hole

Krebs on Security

Godaddy.com, the world’s largest domain name registrar, recently addressed an authentication weakness that cybercriminals were using to blast out spam through legitimate, dormant domains.

Details >
02/03/2019

Venmo And Zelle’s P2P Battle Royale

PYMNTS.com

The fourth quarter of 2018 was kind to Venmo and Zelle, the two big peer-to-peer (P2P) services that are battling for consumer loyalty and market supremacy — a fight that pits PayPal, the owner of Venmo, against the banks that operate Zelle. The numbers tell a story of ongoing growth and more consumer acceptance.

Details >
02/03/2019

Employees report 23,000 phishing incidents annually, costing $4.3 million to investigate

helpnetsecurity.com

Account takeover-based (ATO) attacks now comprise 20 percent of advanced email attacks, according to Agari’s Q1 2019 Email Fraud & Identity Deception Trends report.

Details >
02/01/2019

5 Types of Fraudulent Schemes That Can Occur in eCommerce in 2019

esellercafe.com

As the popularity and trust of people in eCommerce stores is increasing day by day, the cases of fraudulent activities have also elevated in parallel.

Details >
02/01/2019

Tax Day is Coming: How to Guard Yourself Against Tax Identity Theft

Nextadvisor Blog

Accountants and IRS agents, rejoice: tax season is upon us.

Details >
01/31/2019

Two indicted in unrelated financial cases

Hawaii Tribune Herald

A Hilo grand jury on Jan. 23 indicted two individuals in unrelated cases for alleged financial crimes.

Details >
01/31/2019

Can AI help banks thwart elder abuse?

American Banker

Banks are stepping up their efforts to detect and deter financial elder abuse in response to a rise in such crime, and artificial intelligence software could become part of the solution.

Details >
01/30/2019

Here's why thieves have more incentive to steal your tax refund this year, how to stop them

indystar.com

With the federal government shutdown ending, it's full speed ahead into tax season

Details >
01/30/2019

New YouTube Scam Targets Victims with Identity Fraud

TECH.co

Influencers and content creators on YouTube are big business, commanding millions in branding deals and attracting legions of devoted fans.

Details >
01/30/2019

Malware: Three Industry Problems and How to Solve Them

The State of Security

In the last few years, organizations have been subject to extortion through ransomware.

Details >
01/30/2019

Visa, NFL To Collaborate On First Cashless Super Bowl

PYMNTS.com

Visa and the National Football League (NFL), partners since 1995, will extend their collaboration through 2025 and work together to make a cashless Super Bowl a reality one day, Visa said in a release.

Details >
01/30/2019

Judge Denies Approval of $50M Settlement to Yahoo Data Breach Lawsuit

The State of Security

A federal judge has denied the approval of a proposed $50 million settlement to a class action lawsuit over a data breach at Yahoo.

Details >
01/28/2019

Crypto’s $2.5 Million Daily Fraud Problem

PYMNTS.com

The big bitcoin and crypto breach events are well-known news items.

Details >
01/28/2019

Who Will Lead The US To Real-Time Ubiquity By 2020?

PYMNTS.com

It’s expected that more than 56 real-time payment rails will be live by 2020, and the U.S. is hoping to attain real-time payments ubiquity by that point. The demand for faster payments is strong in the U.S., but not all financial players agree on how to achieve it.

Details >
01/28/2019

ACH Payments Have Lowest Fraud Rate, Fed Survey Finds

NACHA

Payments fraud “remains rare” in the U.S., with ACH payments having the lowest fraud rate by value, a new Federal Reserve study found.

Details >
01/25/2019

Web Hosting Security Best Practices

The State of Security

If you’ve been online recently, you may have read the news about hackers demanding a ransom from Dublin’s tram system.

Details >
01/23/2019

How the U.S. Govt. Shutdown Harms Security

Krebs on Security

The ongoing partial U.S. federal government shutdown is having a tangible, negative impact on cybercrime investigations, according to interviews with federal law enforcement investigators and a report issued this week by a group representing the interests of FBI agents.

Details >
01/22/2019

No Pain, No Gain? GDPR, PSD2 And The New Payments Reality

The State of Security

Last year brought the General Data Protection Regulation (GDPR) deadline, Europe’s attempt to boost online privacy and security for consumers — a law that just resulted in a $57 million fine against Google, which was accused of not doing enough to gain the consent of users when collecting data meant for targeted advertising.

Details >
01/22/2019

Adware Installers Disguised as Cracks Installing STOP Ransomware

The State of Security

STOP ransomware is using adware installers disguised as cracks as a new method of distributing itself to unsuspecting users.

Details >
01/18/2019

How to Avoid Government Shutdown Scams

Consumer Reports

Fraudsters are taking advantage of furloughed workers and others

Details >
01/18/2019

The PCI Council Unveils Its New Software Security Standards

Digital Transactions

The PCI Security Standards Council on Wednesday published its new software security standards and said the existing standard will be retired in 2022.

Details >
01/17/2019

Stole $24 Million But Still Can’t Keep a Friend

Krebs on Security

Unsettling new claims have emerged about Nicholas Truglia, a 21-year-old Manhattan resident accused of hijacking cell phone accounts to steal tens of millions of dollars in cryptocurrencies from victims.

Details >
01/17/2019

Woman charged, man wanted in identity theft ring spanning Twin Cities metro

Fox 9 MN

(FOX 9) - Authorities are investigating a string of mail thefts and identity thefts that span the Twin Cities metro, putting many at risk.

Details >
01/17/2019

Nearly 800 Million Email Addresses Exposed in “Collection #1” Data Breach

The State of Security

A data breach known as “Collection #1” exposed approximately 800 million email addresses as well as tens of millions of passwords.

Details >
01/17/2019

Fiserv’s Planned Acquisition of First Data Raises Questions About the Debit Market’s Future

Digital Transactions

The proposed merger of Fiserv Inc. and mega-processor First Data Corp. has huge implications for many parts of the payments industry. But the deal, if consummated as planned, could have an especially large effect on the U.S. debit card market.

Details >
01/17/2019

FBI records, emails, Social Security numbers exposed in massive data leak, security experts say

Fox News

A massive data leak has been discovered at the Oklahoma Securities Commission, in which millions of records -- including files related to sensitive FBI investigations over the last seven years, emails dating back 17 years and thousands of Social Security numbers -- have been exposed.

Details >
01/15/2019

Courts Hand Down Hard Jail Time for DDoS

Krebs on Security

Seldom do people responsible for launching crippling cyberattacks face justice, but increasingly courts around the world are making examples of the few who do get busted for such crimes

Details >
01/11/2019

Jury duty scammer caught in the act by Plymouth police

KARE11

A man calling Bill Pucel with a fake jury duty story was surprised when Bill answered - along with a Plymouth police officer.

Details >
01/11/2019

How Cybercriminals Are Getting Initial Access into Your System

The State of Security

This article covers the main techniques cybercriminals use at the initial stage of attacks against enterprise networks.

Details >
01/11/2019

Neiman Marcus to Pay $1.5 Million under Data Breach Settlement

The State of Security

Neiman Marcus Group, Inc. has agreed to pay $1.5 million as part of a settlement for an earlier data breach that exposed customers’ information.

Details >
01/11/2019

Secret Service: Theft Rings Turn to Fuze Cards

Krebs on Security

Street thieves who specialize in cashing out stolen credit and debit cards increasingly are hedging their chances of getting caught carrying multiple counterfeit cards by relying on Fuze Cards, a smartcard technology that allows users to store dozens of cards on a single device, the U.S. Secret Service warns.

Details >
01/09/2019

Faster Payments, Open Banking Should Keep Treasurers On High Alert

PYMNTS.com

While financial services (FinServ) innovations often emerge with built-in security measures, new market trends — including faster payments and open banking — are introducing new security threats to corporate treasury departments, according to cybersecurity company BioCatch.

Details >
01/09/2019

AML enforcement needs more whistleblowers

American Banker

In recent weeks, major anti-money-laundering enforcement actions have highlighted the critical role of whistleblowers in government efforts to curb illegal movement of funds.

Details >
01/09/2019

Dirt-Cheap, Legit, Windows Software: Pick Two

Krebs on Security

Buying heavily discounted, popular software from second-hand sources online has always been something of an iffy security proposition.

Details >
01/09/2019

Google Drive Has a Serious Spam Problem, But Google Says a Fix is Coming

How-to-Geek

Google Drive has a pretty bad spam problem, and it seems Google doesn’t care. Spammers can share files that automatically appear in your Drive, and there’s no way to stop it.

Details >
01/04/2019

Apple Phone Phishing Scams Getting Better

Krebs on Security

A new phone-based phishing scam that spoofs Apple Inc. is likely to fool quite a few people.

Details >
01/04/2019

How To Fight Online Fraud: Ruin Cybercrime’s ROI

PYMNTS.com

Let’s get a few things straight, a couple of points that might go against what every payments and commerce professional knows, but which will be important for the rest of the story.

Details >
01/03/2019

Cloud Hosting Provider DataResolution.net Battling Christmas Eve Ransomware Attack

Krebs on Security

Cloud hosting provider Dataresolution.net is struggling to bring its systems back online after suffering a ransomware infestation on Christmas Eve, KrebsOnSecurity has learned.

Details >
01/03/2019

Don’t Get Caught in a SMiShing Scam

The State of Security

The word ‘SMiShing’ may sound like gibberish — we think it’s a weird one — but some of the world’s largest enterprises are losing millions of dollars to these scams every year.

Details >
01/03/2019

5 Cybersecurity Steps You Should Already Be Taking

The State of Security

There’s nothing more impactful than a proactive cybersecurity strategy.

Details >
01/02/2019

Scam alert for 2019: ‘Shimming’ is the new skimming

WDAM 7

RICHMOND, VA (WWBT) - In the new year, there’s a new worry about the way thieves are getting their hands on other people’s money.

Details >
01/02/2019

Minnesota's new child ID theft protection law trumped by federal law

MN 5 Eyewitness News

One of the new state laws that goes into effect Jan. 1 is a measure aimed at protecting kids from identity theft.

Details >
01/02/2019

Deploying Blockchain and Smart Contract based Solutions

The State of Security

As discussed before, the blockchain-based solution is built to provide strong integrity and independent verifiability.

Details >
12/27/2018

Big Breaches Breed Bad Bots

PaymentsJournal

According to Breach Level Index (breachlevelindex.com), more than six million data records are stolen each day

Details >
12/27/2018

Doxxing: What It Is How You Can Avoid It

The State of Security

Doxxing means publishing private information about someone online to harass or intimidate them. It has ruined reputations and caused untold distress to hundreds of people. On occasion, doxxing has resulted in injury or even death.

Details >
12/26/2018

Crypto Scam Victims Unlikely To Get Their Money Back

PYMNTS.com

The Securities and Exchange Commission (SEC) and various state regulators have been investigating more than 90 cryptocurrency cases in which investors lost money.

Details >
12/26/2018

What A Cashless Society Could Mean For The Future

Forbes

With the growth of contactless payment systems, the spread of mobile technology and the establishment of Open Banking catalyzing faster development of digital payment infrastructure, use of cash is slowing.

Details >
12/26/2018

Go Phish! What do thieves get from stealing our data?

Security Boulevard

If black hats were sharks, then our emails would be a school of innocent, unsuspecting guppies nonchalantly drifting along. For black hats or malicious hackers, getting into the average person’s email is as challenging as overeating at a buffet.

Details >
12/26/2018

US Banks Shun Money Transmittal

PYMNTS.com

.U.S. banks are keeping their distance from money transmitters sending cash to Mexico, as worries about money laundering and increased regulatory scrutiny ensue.

Details >
12/20/2018

Caribou Coffee says its customers' card information was possibly exposed in data breach

Fox 9 News, Minneapolis, MN

Caribou Coffee announced a data security breach Thursday that may have exposed its customers’ payment card information.

Details >
12/20/2018

How to Apply the Risk Management Framework (RMF)

The State of Security

The Risk Management Framework (RMF) is most commonly associated with the NIST SP 800-37 guide for “Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach,” which has been available for FISMA compliance since 2004.

Details >
12/20/2018

Microsoft Issues Emergency Fix for IE Zero Day

Krebs on Security

Microsoft today released an emergency software patch to plug a critical security hole in its Internet Explorer (IE) Web browser that attackers are already using to break into Windows computers.

Details >
12/20/2018

We Need To Talk About Mule Fraud

Forbes

Fraud is becoming increasingly diverse and complex. In our digital age, criminals are using technology to their advantage and are adapting to the current prevention's in place.

Details >
12/20/2018

HACKERS ACCESSED NASA SERVERS CONTAINING EMPLOYEE INFORMATION

Futurism

A troubling email landed in the inboxes of all NASA employees on Tuesday.

Details >
12/20/2018

Square Resumes Its Pursuit of a Bank Charter

Digital Transactions

After a lull of more than five months, merchant processor Square Inc. is resuming its attempt to obtain a bank charter.

Details >
12/20/2018

Click2Gov Payment Application for Municipalities Cited in 47 Data Breaches

Digital Transactions

Click2Gov, a software application popular among municipalities for processing online payments of utility bills and fees, has been compromised in 46 U.S. cities and one Canadian location, according to an analysis released this week by Gemini Advisory.

Details >
12/18/2018

To Successfully Fight Fraud Stop Believing These 4 Myths

PaymentsJournal

If we’ve learned anything from the hacks and breaches in 2018 (think Facebook, Under Armour and Adidas — to name a few) it’s that the business world still struggles to keep up with fraudsters who are exploiting new surface areas and the latest tools to block them.

Details >
12/18/2018

Grand Island woman loses thousands in survey fraud

Fox NE

A Grand Island woman was scammed out of $5,000 in what appeared to be a survey company.

Details >
12/18/2018

Breaches are getting larger, and traditional network security isn’t enough

Pay Think

Dell’s recent security breach heightens the risk and complexity for data risk management.

Details >
12/17/2018

Office 365 Phishing Attack Using Fake Non-Delivery Notifications

The State of Security

A new phishing attack is using fake non-delivery notifications in an attempt to steal users’ Microsoft Office 365 credentials.

Details >
12/14/2018

Examiners Will Be Focusing on Your Institution’s Riskiest Areas. Do You Know What They Are?

NContracts

In the FFIEC Press Release, dated 11/27/2018, the Federal Financial Institutions Examination Council (FFIEC) provided a more formal idea of what a “risk-based exam” looks like and the factors that will help define the scope of the exam in its second update of the Exam Modernization Project released late last month.

Details >
12/14/2018

Spammed Bomb Threat Hoax Demands Bitcoin

Krebs on Security

A new email extortion scam is making the rounds, threatening that someone has planted bombs within the recipient’s building that will be detonated unless a hefty bitcoin ransom is paid by the end of the business day.

Details >
12/14/2018

Fraudsters are Getting More Sophisticated. That’s Bad News for Banks!

Banking Exchange

About 94 percent of financial services companies have experienced fraud.

Details >
12/14/2018

Save the Children Federation Tricked Into Sending $1 Million to Scammers

The State of Security

Scammers tricked Save the Children Federation, a well-known U.S. charity, into sending them approximately one million dollars.

Details >
12/14/2018

Are the new Robinhood checking and savings products FDIC or SIPC insured?

USA Today

Fintech investing platform Robinhood has introduced new checking and savings products that earn 3 percent, much more than what traditional banks offer and higher than online banks. Robinhood charges no fees and requires no minimum balance.

Details >
12/13/2018

Fake calls about your SSN

Federal Trade Commission

The FTC is getting reports about people pretending to be from the Social Security Administration (SSA) who are trying to get your Social Security number and even your money.

Details >
12/13/2018

Marriott hack’s fallout could be worse than the Equifax breach

PaymentsSource

The Marriott hotel hack is the latest in an alarming series of data breaches, exposing the personal data of 500 million customers.

Details >
12/13/2018

7 (realistic) predictions about fintech in 2019

American Banker

When it comes to fintech, there is no shortage of big bets on which new technologies will come to fruition and the levels of mass adoption. From talk of plastic cards going away to the end of cash, everyone is eager to anticipate the next big trend.

Details >
12/13/2018

Amazon Teams With Cops To Catch Crooks

PYMNTS.com

Police in Jersey City are partnering with Amazon on an operation aimed to catch thieves stealing holiday packages from residential homes. Law enforcement is installing doorbell cameras and planting dummy boxes with GPS tracking devices at homes around the city — and it has managed to catch someone on the first day of the operation.

Details >
12/13/2018

Why You Need a Concrete Incident Response Plan (Not Strategy)

The State of Security

Recently, I had the privilege to be part of a four-person discussion panel at a security event in London where the topic was about incident response.

Details >
12/12/2018

Patch Tuesday, December 2018 Edition

Krebs on Security

Adobe and Microsoft each released updates today to tackle critical security weaknesses in their software.

Details >
12/12/2018

As Voice Commerce Becomes More Common, Jack Henry Adds More Payment Services

Digital Transactions

Core processors for financial institutions are starting to make their moves in voice-triggered consumer payments, and Jack Henry & Associates is looking to stake out an early lead in this nascent business

Details >
12/12/2018

Scanning for Flaws, Scoring for Security

Krebs on Security

Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices?

Details >
12/10/2018

Intel Releases Draft Federal Privacy Bill

The State of Security

One strange story to emerge as part of the recent midterm elections was Intel’s release of a piece of federal legislation.

Details >
12/10/2018

Linux Rabbit and Rabbot Malware Leveraged to Install Cryptominers

The State of Security

Digital attackers used new malware called “Linux Rabbit” and “Rabbot” to install cryptominers on targeted devices and servers.

Details >
12/10/2018

Chase Reconnects With Contactless Cards

Digital Transactions

Giant card issuer Chase may not be big enough to single-handedly make contactless cards commonplace in the United States, but now that it plans to once again issue tap-and-go credit and debit plastic, the money-center bank could come close.

Details >
12/10/2018

Draft Guidelines Clarify GDPR Scope

Pymnts.com

As GDPR continues to take root, having an impact in Europe and beyond the confines of the continent, news came late last month that the European Data Protection Board has published draft guidelines that touch on the data protection regulation’s territorial scope.

Details >
12/10/2018

State police warn of Verizon phone scam

Dover Post

The scammer called a person in Kent County, but police are concerned this could be a statewide problem

Details >
12/06/2018

Security Summit warns employers: Be alert to identity theft and W-2 scams

IRS

As the 2019 tax season approaches, the IRS, state tax agencies and the nation’s tax industry joined together to warn small businesses to be on-guard against a growing wave of identity theft and W-2 scams.

Details >
12/06/2018

Buying an internet-connected smart toy? Read this.

Federal Trade Commission

Before giving in to your kid's plea for a new toy, you may want to collect some information about it. Why? Well, for one thing, that toy may want to collect information about your kid.

Details >
12/05/2018

Federal Reserve Payments Study shows increased payments fraud

Federal Reserve

On October 16, 2018, the Board of Governors of the Federal Reserve System released the latest Federal Reserve Payments Study fraud report (Off-site), which details the cost and number of fraudulent payments in the U.S. The Federal Reserve collected the fraud data using surveys of depository institutions in 2012 and 2015 and payment card networks in 2015 and 2016.

Details >
12/05/2018

A Breach, or Just a Forced Password Reset?

Krebs on Security

Software giant Citrix Systems recently forced a password reset for many users of its Sharefile content collaboration service, warning it would be doing this on a regular basis in response to password-guessing attacks that target people who re-use passwords across multiple Web sites.

Details >
12/04/2018

The one banking bill Congress might actually pass next term

American Banker

Conventional wisdom says that it’s going to be a tall order to pass banking legislation next term, but there just might be a key exception.

Details >
12/04/2018

California IoT Security Law: A Nearsighted, Toothless Guard Dog or a Wolf in Sheep’s Clothing?

The State of Security

With three new sections added to the California Civil Code, California became the first U.S. state with a cybersecurity law specifically for internet-connected devices on September 28, 2018. The new Security of Connected Devices law will take effect on January 1, 2020.

Details >
12/04/2018

Read All About It: The Breaches That Won’t Make the Headlines

The State of Security

It’s been a busy few months for those tracking cybersecurity breaches. Considering that this quarter alone has seen headlines for British Airways identifying additional victims behind its already significant breach, Facebook’s massive messaging leak and Yahoo’s significant payout related to earlier data breaches, there are plenty of high profile cases that reinforce the importance of good cybersecurity when operating on the web.

Details >
12/04/2018

Consumers Have No Reservations About Using P2P Payments To Give Cash During the Holidays

Digital Transactions

The surge in popularity for peer-to-peer payments is making itself felt in the realm of holiday gifting, helping to erode a longstanding cultural taboo against giving cash during the annual gift-giving season.

Details >
12/03/2018

New Ways To Prevent Identity Theft During The Holiday Shopping Season

Forbes

It's too easy to tune out advice about new ways to prevent identity theft and other threats to your personal information, even as the holiday shopping season gets into full swing. That seems like someone else's problem.

Details >
12/03/2018

Jared, Kay Jewelers Parent Fixes Data Leak

Krebs on Security

The parent firm of bling retailers Jared and Kay Jewelers has fixed a bug in the Web sites of both companies that exposed the order information for all of their online customers.

Details >
12/03/2018

What the Marriott Breach Says About Security

Krebs on Security

We don’t yet know the root cause(s) that forced Marriott this week to disclose a four-year-long breach involving the personal and financial information of 500 million guests of its Starwood hotel properties.

Details >
12/03/2018

What Type of Vulnerabilities Does a Penetration Test Look For?

The State of Security

Penetration testing is becoming increasingly popular as organizations are beginning to embrace the need for stronger cybersecurity.

Details >
12/03/2018

The PCI Council Publishes Updated Guidance for Securing Telephone-Based Payments

Digital Transactions

Online and mobile payments get all the press, but plenty of card-not-present payments still originate from telephone orders.

Details >
12/03/2018

Starwood Breach Raises the Question of Whether Hackers Have Keys to Encrypted Data

Digital Transactions

Friday’s disclosure from hotel giant Marriott International Inc. that hackers compromised information on up to 500 million guests held in its Starwood reservation system raises the question of whether fraudsters will be able to use an unknown quantity of encrypted payment card numbers because they also might have stolen the decryption keys.

Details >
11/30/2018

Marriott Reveals Security Incident Involving Starwood Reservation Database

The State of Security

Marriott announced that it recently detected and addressed a security incident involving the Starwood guest reservation database.

Details >
11/30/2018

What You Need to Know About Cardless ATM Fraud

NextAdvisor

People around the world are increasingly turning to their mobile phones to pay for everything from rent to restaurant bills, so it was only a matter of time before ATMs caught up.

Details >
11/30/2018

Dunkin’ Alerts DD Perks Account Holders That Hackers May Have Accessed Data

PYMNTS.com

Dunkin’, the operator of Dunkin’ Donuts franchises, is alerting DD Perks rewards program account holders that its profiles and data may have been accessed by a hacker in October.

Details >
11/30/2018

Cybercrime: There Is No End in Sight

The State of Security

Whoever said “crime doesn’t pay” hasn’t been following the growth of cybercrime across the globe. A thriving underground economy has evolved over the past decade to become a massive industry.

Details >
11/30/2018

Dell Discloses Digital Security Event Involving Customer Information

The State of Security

Dell disclosed a digital security incident in which unauthorized individuals targeted some pieces of customer information.

Details >
11/30/2018

The Black Friday-Cyber Monday Shopping Lesson? Pay Attention to the Checkout

Digital Transactions

Add e-commerce platform Shopify Inc. to the roster of entities that experienced record sales during the recent holiday-shopping weekend, reporting $1.5 billion in volume from Friday through Monday. Two-thirds of that came from mobile transactions.

Details >
11/30/2018

FBI Arrests AriseBank CEO Over $4 Million Crypto Fraud

coindesk

The FBI has arrested the CEO of cryptocurrency platform AriseBank after he was indicted over an alleged multi-million dollar scam.

Details >
11/28/2018

Google Maps scammers put their own phone numbers onto bank listings

Naked Security

Google Maps lets users edit and update listings: crowd-sourcing that’s helped Google to fill in the details of its maps, such as adding new roads or parks: a helpful feature, particularly in areas where governments restrict distribution of such data or in what are often less-developed regions.

Details >
11/28/2018

Rooted in Security Basics: The Four Pillars of Cyber Hygiene

The State of Security

The term “cyber hygiene” pops up frequently in articles, blogs and discussions about cybersecurity. But what does it really mean?

Details >
11/28/2018

The Challenges of Managing Third-Party Vendor Security Risk

The State of Security

It’s no longer enough to secure your own company’s infrastructure; you now must also evaluate the risk of third-party vendors and plan and monitor for breaches there, too

Details >
11/26/2018

How to Shop Online Like a Security Pro

Krebs on Security

‘Tis the season when even those who know a thing or two about Internet scams tend to let down their guard in the face of an eye-popping discount or the stress of last-minute holiday shopping.

Details >
11/26/2018

Amazon data glitch could hinder plans for point of sale

American Banker

There's never a good time to expose customer data, but the incident Amazon disclosed Wednesday could upend two major events: Black Friday/Cyber Monday and a reported effort to get merchants to accept Amazon at the point of sale.

Details >
11/26/2018

Venmo Payment Fraud Leads To $40M In Losses

PYMNTS.com

Venmo, the digital money transfer service owned by PayPal, suffered payments fraud earlier in 2018 that played a role in the company posting losses that were higher than forecasted for the first quarter of this year.

Details >
11/26/2018

Call Centers Push With Biometrics As Fraud Soars

PYMNTS.com

The rate of contact center fraud has skyrocketed recently, growing by 350 percent during the past four years.

Details >
11/23/2018

5 Reasons Why Your Business Needs Penetration Testing

The State of Security

Nowadays, high-profile security breaches continue to dominate the media headlines. This trend places an increasing number of businesses at risk.

Details >
11/23/2018

SIM swap! Man charged after million dollar cryptocurrency theft

The State of Security

San Francisco resident Robert Ross first realised something odd was going on when his iPhone lost its signal on 26th October.

Details >
11/21/2018

4 free services to thwart the identity thieves lurking in your mailbox

AJC.com

FedEx, UPS, DHL and the United States Postal Service (USPS) are contending with criminals setting up fraudulent online accounts under the legitimate street addresses of unsuspecting victims.

Details >
11/21/2018

The US Finally Has a Defense Agency Devoted to Cybersecurity

Futurism

In July, officials from the Department of Homeland Security (DHS) confirmed a very scary rumor: hackers working for the Russian government had hacked the U.S. power grid, gaining a level of access at which they could have cut off power to U.S. citizens.

Details >
11/21/2018

To Bolster Cybersecurity, France Gives Google the Guillotine

Futurism

In recent months, the French government has taken serious steps to boost its and Europe’s cybersecurity, in part by ousting foreign corporations that could spy on French leaders and citizens.

Details >
11/19/2018

Voice of the consumer: Real estate wire fraud an epidemic

The Gazette

If you’re getting ready to buy a home or know someone who is, please, please warn them about the growing crime of real estate wire fraud.

Details >
11/19/2018

IRS Identity Theft Criminal Prosecutions Plummet By More Than Half In A Year

Forbes

IRS criminal prosecutions for identity theft have plummeted by more than a half in a year.

Details >
11/19/2018

Teen faces potential ID theft after Children's employee takes medical records out of hospital

Fox 9 News, Minneapolis, MN

BIG LAKE, Minn. (KMSP) - A 15-year-old appears to be a victim of identity theft after his medical records were taken out of Children’s Hospital in St. Paul by an employee.

Details >
11/16/2018

If Mobile Wallets Functioned More Like Leather Wallets, Usage Might Get a Lift, Research Says

Digital Transactions

Ever since mobile payments first captured the public imagination four years ago with the launch of Apple Inc.’s Apple Pay, experts have debated why usage of the iOS and Android wallets has fallen short of the original, lofty expectations

Details >
11/16/2018

Don't cash that check: Fake check scams bait consumers

Jackson Sun

Paradoxically, consumers are writing fewer and fewer real checks while at the same time falling for more and more scams involving fake checks

Details >
11/16/2018

Bank of Hawaii launches debit card fraud alerts

saipantribune.com

It seems that being a victim of fraud is commonplace in today’s digitally driven world. Scammers attempt to interfere with financial accounts and transactions wherever you are—on the phone, online or at home.

Details >
11/15/2018

Congress returns, gets back to work on cybersecurity

Politico

The lame-duck Congress is here, and it jumps right back into the cybers this week with a pair of hearings on Wednesday.

Details >
11/15/2018

14 Malware Families Targeting E-Commerce Brands Ahead of Black Friday

The State of Security

Researchers discovered 14 malware families targeting dozens of e-commerce brands just over one week before Black Friday.

Details >
11/15/2018

Nordstrom Suffers Data Breach

Information Security Buzz

It was reported that Nordstrom suffered a breach at the hands of a careless employee, exposing highly sensitive information of 76,000 former and current employees.

Details >
11/14/2018

Patch Tuesday, November 2018 Edition

Krebs on Security

Microsoft on Tuesday released 16 software updates to fix more than 60 security holes in various flavors of Windows and other Microsoft products. Adobe also has security patches available for Flash Player, Acrobat and Reader users.

Details >
11/13/2018

Has Hunting: Why File Hashes are Still Important

The State of Security

According to Gartner, threat intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications and actionable intelligence.

Details >
11/13/2018

Fallback Fraud Falls as Card Issuers Ramp Up Their Monitoring

Digital Transactions

Fallback fraud, an offshoot of the counterfeit fraud that EMV chip cards are meant to reduce, declined over the past year, according to new findings from Auriemma Consulting Group.

Details >
11/13/2018

Banks Have a Solution for Their Identity-Fraud Woes: The DMV

Wall Street Journal

Big banks are enlisting the local DMV in their fight against identity fraud.

Details >
11/08/2018

Who’s In Your Online Shopping Cart?

Krebs on Security

Crooks who hack online merchants to steal payment card data are constantly coming up with crafty ways to hide their malicious code on Web sites,

Details >
11/08/2018

U.S. Secret Service Warns ID Thieves are Abusing USPS’s Mail Scanning Service

Krebs on Security

A year ago, KrebsOnSecurity warned that “Informed Delivery,” a new offering from the U.S. Postal Service (USPS) that lets residents view scanned images of all incoming mail, was likely to be abused by identity thieves and other fraudsters unless the USPS beefed up security around the program and made it easier for people to opt out.

Details >
11/08/2018

Amex Suffers Breach In India

PYMNTS.com

American Express India enabled a database to be accessible to anyone for longer than five days in October, according to a report in The Next Web.

Details >
11/08/2018

Half a Million People Potentially Affected by Data Breach at Bankers Life

The State of Security

A data breach at Bankers Life might have compromised the personally identifiable information of over half a million people.

Details >
11/08/2018

Don’t Mix the Two Up: What Is the Difference Between Privacy & Security?

The State of Security

Knowing that a tomato is a fruit is knowledge – not adding it to a fruit salad is wisdom. Similarly, having knowledge about privacy and security is good, but true wisdom is knowing that they are vastly different from each other. While both, to some extent, revolve around the protection of your personal, public and corporate data, they are still not the same.

Details >
11/08/2018

Spam-spewing IoT botnet infects 100,000 routers using five-year-old flaw

The State of Security

Security researchers are warning that a botnet has been exploiting a five-year-old vulnerability to hijack home routers over the last couple of months.

Details >
11/07/2018

Fake bank apps may have stolen data of thousands of customers: Report

The Economic Times

Fake apps of SBI, ICICINSE 0.79 %, Axis BankNSE -0.10 %, Citi and other leading banks are available on Google Play, which may have stolen data of thousands of bank customers, claims a report by IT security firm Sophos Labs.

Details >
11/07/2018

Watch Out for the “Programmer Who Cracked Your Email” Bitcoin Scam

The State of Security

The internet can be as dangerous a place as any. And every so often, it gets shaken up by some new threat that jeopardizes the safety of users across the globe.

Details >
11/07/2018

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

KrebsOnSecurity recently had a chance to interview members of the REACT Task Force, a team of law enforcement officers and prosecutors based in Santa Clara, Calif. that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims.

Details >
11/07/2018

HSBC Suffers US Hack

PYMNTS.com

HSBC, the U.K. bank, disclosed on Tuesday (Nov. 6) that some of its U.S. customers had their accounts hacked in October.

Details >
11/04/2018

Who’s In Your Online Shopping Cart?

Krebs on Security

Crooks who hack online merchants to steal payment card data are constantly coming up with crafty ways to hide their malicious code on Web sites.

Details >
11/03/2018

Police Raid Illegal Call Centers Linked to CRA Phone Scam

The State of Security

There have been many scams that have utilized the phone system to gain access to funds or personal information from hardworking individuals

Details >
11/03/2018

Redefining the Meaning of Operational Risk

The State of Security

The definition of “operational risk” is variable but it generally covers the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events.

Details >
11/03/2018

SMS Phishing + Cardless ATM = Profit

Krebs on Security

Thieves are combining SMS-based phishing attacks with new “cardless” ATMs to rapidly convert phished bank account credentials into cash. Recent arrests in Ohio shed light on how this scam works.

Details >
11/02/2018

Equifax Has Chosen Experian. Wait, What?

Krebs on Security

A year after offering free credit monitoring to all Americans on account of its massive data breach that exposed the personal information of nearly 148 million people, Equifax now says it has chosen to extend the offer by turning to a credit monitoring service offered by a top competitor — Experian. And to do that, it will soon be sharing with Experian contact information that affected consumers gave to Equifax in order to sign up for the service.

Details >
11/02/2018

YAPBS – Yet Another Password Breach Scam

The State of Security

Back in July, I wrote about the sextortion scam that had been circulating for a while

Details >
10/31/2018

Spear phishing scammers want more from you

Federal Trade Commission

“I’m calling from [pick any bank]. Someone’s been using your debit card ending in 2345 at [pick any retailer]. I’ll need to verify your Social Security number — which ends in 8190, right? — and full debit card information so we can stop this unauthorized activity...”

Details >
10/31/2018

Viewpoint: How Artful Manipulation Can Undermine Employee Security

Society for Human Resource Management

Chief financial officer Malcolm Fisher never thought he would be victimized by cybercrime—until a social engineer successfully impersonated him and bilked his company out of more than $125,000.

Details >
10/31/2018

The Revenge of the AI Assistants

The State of Security

Disclaimer: Due to a lack of originality over at Google, it’s difficult to anthropomorphize Google Assistant, so our story will be limited to Siri, Alexa and Cortana. Secondary Disclaimer: The horror begins now!

Details >
10/30/2018

First Data Plans To Bring Its Popular Clover Platform to Full-Service Restaurants

Digital Transactions

First Data Corp. plans to further exploit its fast-growing Clover point-of-sale hardware and software platform for small and mid-sized businesses by bringing it to full-service restaurants.

Details >
10/30/2018

The Masquerade Ball: Train Yourself to Detect Spoofed Files

The State of Security

Masquerading is a technique used in which a file name is maliciously named something similar to one which may be trusted.

Details >
10/29/2018

Hang up on spoofed SSA calls

Federal Trade Commission

If you get a call that looks like it’s from the Social Security Administration (SSA), think twice.

Details >
10/29/2018

How Connected Devices Are Revolutionizing How And Who We Pay

PYMNTS.com

Connected devices — smartphones, tablets, voice-activated speakers, smartwatches, in-car dashboard systems — are changing how consumers in the U.S. buy and pay.

Details >
10/29/2018

Flimsy PINs, The Stalwart Protectors Of Billions Of Loyalty Rewards Dollars?

PYMNTS.com

As data theft continues to surge, companies are looking to bolster their defenses to protect customers and prevent fraudsters from committing cybercrimes. However, while merchants rush to reinforce payment protection, they may be neglecting the security of a less than obvious, yet crucial, part of their business.

Details >
10/29/2018

Tracking Customers Without Giving Them The Creeps

PYMNTS.com

By 2020, 30 billion Intelligence of Things (IoT) devices are expected to be connected worldwide — a figure anticipated to skyrocket to 100 billion by 2025. As the number of IoT devices grow, the security risks will only become more impactful.

Details >
10/29/2018

The Far-Reaching Impact of Same-Day ACH, One Year After Launch

Digital Transactions

Competition from faster payments pushed the automated clearing house to introduce same-day processing, but now the ACH may well turn the tables, says Sarah Grotta.

Details >
10/29/2018

Faster Payments Are Coming to Acquiring, Triggering Opportunity for Payments Providers

Digital Transactions

When it comes to faster payments, merchants don’t want to be left out, and that’s creating a big opportunity for payments processors and other merchant acquirers.

Details >
10/29/2018

Mirai Co-Author Gets 6 Months Confinement, $8.6M in Fines for Rutgers Attacks

Krebs on Security

The convicted co-author of the highly disruptive Mirai botnet malware strain has been sentenced to 2,500 hours of community service, six months home confinement, and ordered to pay $8.6 million in restitution for repeatedly using Mirai to take down Internet services at Rutgers University, his former alma mater.

Details >
10/26/2018

IRS Impersonator Scam Leader Sentenced to 135 Months in Prison After Stealing Millions of Dollars; Co-Conspirators Also Imprisoned

US Department of Justice

LITTLE ROCK—Cody Hiland, United States Attorney for the Eastern District of Arkansas, Gary Smith, Special-Agent-in-Charge, Southern Field Division, Treasury Inspector General for Tax Administration (TIGTA), and Robert G. Feldt, Special-Agent-in-Charge, Social Security Administration (SSA), Dallas Field Division, announced today the sentencing of five defendants involved in an IRS impersonation scheme that netted millions of dollars from unsuspecting victims.

Details >
10/26/2018

As The 2018 Holiday Shopping Season Approaches, So Too Do Criminals, Especially for Online Merchants

Digital Transactions

Merchants should expect even more consumers to shop online this holiday shopping season. They also should expect even more fraud attempts.

Details >
10/26/2018

Visa CEO Predicts 100 Million Contactless Cards in a Year

Digital Transactions

Visa Inc. has been talking up contactless payments lately, though its executives and spokespersons usually dole out percentages rather than hard numbers to describe what is still a minuscule market in terms of card numbers and transaction volume.

Details >
10/26/2018

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Krebs on Security

The fraudsters behind the often laughable Nigerian prince email scams have long since branched out into far more serious and lucrative forms of fraud, including account takeovers, phishing, dating scams, and malware deployment.

Details >
10/26/2018

Mastercard Tackles ‘Greening’ Plastic Cards

PYMNTS.com

The world has a plastic problems — a fact illustrated earlier this week when researchers from the Environment Agency Austria and the Medical University of Vienna jointly presented evidence that there is so much plastic in the environment that we’ve actually begun to inadvertently eat it.

Details >
10/25/2018

Scams against older adults: reporting to Congress

Federal Trade Commission

You might have read media stories about older people losing lots of money to scams. It does happen – and FTC data show that when people over 80 report losing money, the amount they lose is a lot higher than the amount younger people lose. But that’s not the whole story.

Details >
10/24/2018

Today in Data: Digital Banking Cybersecurity

PYMNTS.com

With new risks come new solutions, and banks are taking this approach to data security: They are adopting technologies such as biometric authentication to protect sensitive information.

Details >
10/24/2018

Occ Fines Capital One $100M Over AML Lapse

PYMNTS.com

The Office of the Comptroller of the Currency (OCC) announced that it has fined Capital One $100 million due to shortcomings in the company’s Bank Secrecy Act and anti-money laundering programs.

Details >
10/24/2018

Indiana National Guard Suffers Ransomware Attack

The State of Security

The Indiana National Guard confirmed that a ransomware attack affected some of its members’ personally identifiable information.

Details >
10/24/2018

Yahoo Agrees to Pay $50 Million in Damages to Settle Data Breach Lawsuit

The State of Security

Yahoo has agreed to pay $50 million to help settle a lawsuit that seeks to hold the company responsible for a data breach the company suffered several years ago.

Details >
10/23/2018

Who Is Agent Tesla?

Krebs on Security

A powerful, easy-to-use password stealing program known as Agent Tesla has been infecting computers since 2014, but recently this malware strain has seen a surge in popularity — attracting more than 6,300 customers who pay monthly fees to license the software.

Details >
10/23/2018

Card Fraud and Account Takeovers Continue to Haunt Multiple Industries, Says IDology

Digital Transactions

Credit, debit, and prepaid card fraud shows no signs of retreat, finds the Sixth Annual Fraud Report from IDology, an Atlanta-based identity-verification company. Sixty-seven percent of executive respondents to an IDology survey said card-based fraud is most prevalent among their industries. That compares to 65% in 2017.

Details >
10/23/2018

The Zelle P2P Payment Service Posts 83% Transaction Growth in the Third Quarter

Digital Transactions

The Zelle person-to-person payment service continued to gain traction in the third quarter. Zelle Network reported Tuesday that it processed $32 billion in the three months ended Sept. 30 on 116 million transactions.

Details >
10/22/2018

FTC Consumer Info - Spread the word about charity fraud

Federal Trade Commission

This week, the FTC, the National Association of State Charities Officials (NASCO), and state charity regulators are joining forces with regulators from across the world to participate in the first International Charity Fraud Awareness Week.

Details >
10/22/2018

FTC Consumer Info - New materials on cybersecurity for small business

Federal Trade Commission

If you own a small business, you know it’s critical to protect your business from cyber threats.

Details >
10/22/2018

FTC Consumer Info - Scams near you, by the numbers

Federal Trade Commission

Every day, people across the country are telling the FTC what happened to them

Details >
10/22/2018

FTC Consumer Info - Scammers demand gift cards

Federal Trade Commission

Gift cards are a great way to give a gift. But did you know they are also a scammer’s favorite way to steal money?

Details >
10/22/2018

FTC Consumer Info - Managing someone else's money: New Protection from ID theft and fraud

Federal Trade Commission

If you manage someone else’s money, protecting your loved one from financial exploitation and scams is among your important responsibilities.

Details >
10/22/2018

FTC Consumer Info - Will background check errors deny you a home?

Federal Trade Commission

A background check can determine if you can get credit, a job, or even a place to live.

Details >
10/22/2018

Russian National Charged with Interfering in U.S. Political System

The United States Department of Justice

A criminal complaint was unsealed in Alexandria, Virginia, today charging a Russian national for her alleged role in a Russian conspiracy to interfere in the U.S. political system, including the 2018 midterm election. Assistant Attorney General for National Security John C. Demers, U.S. Attorney G. Zachary Terwilliger of the Eastern District of Virginia, and FBI Director Christopher Wray made the announcement after the charges were unsealed.

Details >
10/22/2018

NCR To Take a Direct Role in Payments With its Pending $184 Million Acquisition of JetPay

Digital Transactions

Best known for its ATMs, NCR Corp. has long been close to the point-of-sale payment business with its software products such as Retail One, Aloha, and NCR Silver, and its hardware for retailers and the hospitality industry that includes self-checkout systems for grocery stores.

Details >
10/18/2018

Intuit On Why Small Biz Can Lead The Way For B2B Payments Change

PYMNTS.com

People learn to live with their messes, whether that means piles of old clothes stuffed into the closet, emotional baggage from high school or that wine stain on the carpet.

Details >
10/18/2018

Is Sharing Cybercrime Data Key To Fighting Fraud?

PYMNTS.com

In search of added convenience and simplicity, banking customers are migrating to online and mobile banking interfaces, leaving in-person visits to brick-and-mortar branches behind. While this switch in preference to digital banking is providing new tools and capabilities to consumers, it’s also presenting new opportunities for fraudsters — and they’re not hesitating to take advantage.

Details >
10/18/2018

RAT author jailed for 30 months, ordered to hand over $725k worth of Bitcoin

The State of Security

A US court has sentenced a programmer to 30 months in a federal prison in connection with software that claimed to be a legitimate tool for Windows sysadmins to remotely manage computers, but was actually used by criminals to backdoor PCs and secretly spy on victims.

Details >
10/16/2018

What a Difference a Year Makes: Consumer Sentiment Shifts Substantially Toward Tech Firms

Digital Transactions

With technology companies increasingly eyeing financial services, a survey from Brookfield, Wis.-based bank processor Fiserv Inc. indicates 55% of consumers feel comfortable using a company like Apple Inc. or Alphabet Inc.’s Google to pay bills, up from 40% in 2017. Thirty-nine percent would take out a loan from a tech-company service, up 10 percentage points, and 52% would use a tech-company service for person-to-person payments, up 14 points.

Details >
10/15/2018

Fake Adobe update really *does* update Flash (while also installing cryptominer)

The State of Security

Online criminals have frequently distributed their malware attacks as fake updates for Adobe Flash.

Details >
10/14/2018

Financial Companies Rack Up Complaints, but Good Luck Finding Them

Nerd Wallet

The federal watchdog agency created to protect consumers is not regulating two of the country’s fastest-growing financial institutions despite receiving voluminous complaints about them, NerdWallet has found.

Details >
10/14/2018

Supply Chain Security 101: An Expert’s View

Krebs on Security

Earlier this month I spoke at a cybersecurity conference in Albany, N.Y. alongside Tony Sager, senior vice president and chief evangelist at the Center for Internet Security and a former bug hunter at the U.S. National Security Agency.

Details >
10/11/2018

New Evidence of Hacked Supermicro Hardware Found in U.S. Telecom

Bloomberg

The discovery shows that China continues to sabotage critical technology components bound for America.

Details >
10/09/2018

Supply Chain Security is the Whole Enchilada, But Who’s Willing to Pay for It?

Krebs on Security

From time to time, there emerge cybersecurity stories of such potential impact that they have the effect of making all other security concerns seem minuscule and trifling by comparison.

Details >
10/05/2018

PCI SSC Works on Security for New Payment Options

Bank Info Security

As new payment options continue to emerge via mobile phones and internet of things devices, the PCI Security Standards Council is broadening its security efforts, starting with a new standard for contactless payments coming early next year, says Troy Leach, PCI SSC's chief technology officer.

Details >
10/02/2018

Voice Phishing Scams Are Getting More Clever

Krebs on Security

Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams.

Details >
10/02/2018

Visa as gumshoe: How the card network tracks fraud to its source

PaymentsSource

There’s an adage in business and war that goes, “The best defense is a good offense.” This is the philosophy that Visa is deploying against online fraud.

Details >
09/30/2018

The PCI Council Will Take Further Comments on an Updated Point-to-Point Encryption Standard

Digital Transactions

When security managers and executives gather this week for the PCI Security Standards Council’s annual North America Community Meeting, one of the topics sure to be on their minds is point-to-point encryption (P2PE) of payment card data.

Details >
09/30/2018

Social Security Opens More Offices To Fight Fraud: 'We Will Find You; We Will Prosecute You...'

Forbes

The Social Security Administration (SSA) and its Office of the Inspector General (OIG) today announced the opening of three new Cooperative Disability Investigations (CDI) Units across the country.

Details >
09/30/2018

UN On Using AI To Crack Down On Laundering, Trafficking

PYMNTS.com

Recent innovations in artificial intelligence (AI) have given financial institutions (FIs) the ability to fight fraud and better serve their customers.

Details >
09/30/2018

Facebook says big breach exposed 50 million accounts to full takeover

geo.tv

Facebook Inc said Friday hackers stole digital login codes allowing them to take over nearly 50 million user accounts in its worst security breach ever given the unprecedented level of potential access, adding to what has been a difficult year for the company’s reputation.

Details >
09/27/2018

Secret Service Warns of Surge in ATM ‘Wiretapping’ Attacks

Krebs on Security

The U.S. Secret Service is warning financial institutions about a recent uptick in a form of ATM skimming that involves cutting cupcake-sized holes in a cash machine and then using a combination of magnets and medical devices to siphon customer account data directly from the card reader inside the ATM.

Details >
09/26/2018

Uber Agrees To Pay $145M Fine To Settle Data Breach Lawsuit

PYMNTS.com

California Attorney General Xavier Becerra and San Francisco District Attorney George Gascón announced on Wednesday (Sept. 26) that they have reached a settlement with Uber Technologies Inc., in which Uber will pay $148 million to resolve allegations that it violated state laws pertaining to data breach reporting.

Details >
09/26/2018

Barracuda Networks Sees More ATO Attacks Ahead

Security Boulevard

A new report published by Barracuda Networks warns the number of account takeover (ATO) incidents involving compromised email credentials is starting to rise.

Details >
09/26/2018

Malware in the Cloud: What You Need to Know

The State of Security

Cloud security is not as simple as it may seem. Businesses have a shared security responsibility with cloud service providers, but some lack the knowledge to keep up their share of the bargain.

Details >
09/26/2018

North Dakota U.S. Attorney’s Office Continues Attack on Transnational Criminal Organizations in ‘Operation Hard Copy’

U.S. Attorney's Office - North Dakota

BISMARCK – Melinda Bulgin, of Providence, Rhode Island, was found guilty on September 14, 2018, by a federal jury on all 15 counts of Conspiracy to Commit Wire Fraud or Mail Fraud, Wire Fraud, Mail Fraud, and Conspiracy to Commit International Money Laundering, in connection with her participation in a transnational criminal advance fee telemarketing (“lottery”) fraud.

Details >
09/25/2018

Christmas In September? Holiday Fraud Planning Is In Full Takeover Mode

PYMNTS.com

The criminals have already started. They are buying fraud tutorials and data from other criminals online.

Details >
09/25/2018

Beware of Hurricane Florence Relief Scams

Krebs on Security

If you’re thinking of donating money to help victims of Hurricane Florence, please do your research on the charitable entity before giving: A slew of new domains apparently related to Hurricane Florence relief efforts are now accepting donations on behalf of victims without much accountability for how the money will be spent.

Details >
09/23/2018

How Banks Can Benefit From Partnering With FinTechs

PYMNTS.com

When it comes to treasury market offerings, banks have historically started wholesale and retail lockbox businesses.

Details >
09/20/2018

Understanding OFAC: A Best Practices Compliance Guide for All Businesses

Digital Transactions

Over the last decade, the Office of Foreign Assets Control (OFAC) has imposed $4.3 billion in civil money penalties. But did you know that businesses other than banks received 81% of these fines last year?

Details >
09/20/2018

British Airways breach shows the need for 'constant compliance'

PaymentsSource

The recent British Airways card breach compromised several types of information that raise both PCI DSS and GDPR concerns.

Details >
09/17/2018

GovPayNow.com Leaks 14M+ Records

Krebs on Security

Government Payment Service Inc. — a company used by thousands of U.S. state and local governments to accept online payments for everything from traffic citations and licensing fees to bail payments and court-ordered fines — has leaked more than 14 million customer records dating back at least six years, including names, addresses, phone numbers and the last four digits of the payer’s credit card.

Details >
09/17/2018

NY Sues Fed Over OCC’s FinTech Charter Decision

PYMNTS.com

To challenge the Office of the Comptroller of the Currency (OCC)’s decision to allow online payment companies and lenders to have national bank charters, the top banking regulator in New York is suing the federal government. In a complaint filed with a federal court, New York Department of Financial Services (DFS) Superintendent Maria Vullo said, “The OCC’s reckless folly should be stopped,” Reuters reported.

Details >
09/16/2018

10,000 stolen Social Security numbers recovered in arrest

sfgate.com

Officers said they recovered more than 10,000 stolen Social Security numbers, bank account numbers and bank routing information as part of an identity theft investigation that resulted in a 36-year-old man's arrest.

Details >
09/16/2018

How to Be Invisible Online -- Without Going Off the Grid (Infographic

Entrepreneur

It's important to go the extra mile to protect your personal information online.

Details >
09/14/2018

Your Social Security Number isn’t suspended. Ever.

Federal Trade Commission

A caller says that he’s from the government and your Social Security Number (SSN) has been suspended. He sounds very professional. So you should do exactly what he says to fix things…right?

Details >
09/13/2018

Data: What EMV overlooked

PaymentsSource

The vast majority of credit and debit cards in the U.S. are now EMV compliant, and nearly 70 percent of U.S. stores can support chip-enabled cards.

Details >
09/13/2018

Beware the Homeless Homebuyer Real Estate Scam!

The State of Security

Security professionals are warning users who are or soon will be engaged in real estate transactions to watch out for the “homeless homebuyer” scam.

Details >
09/13/2018

U.S. Mobile Giants Want to be Your Online Identity

Krebs on Security

The four major U.S. wireless carriers today detailed a new initiative that may soon let Web sites eschew passwords and instead authenticate visitors by leveraging data elements unique to each customer’s phone and mobile subscriber account, such as location, customer reputation, and physical attributes of the device.

Details >
09/13/2018

Here’s Why Business Email Compromise Is Still Driving Executive Identity Theft

Security Intelligence

All it took was access to a lawyer’s email, and suddenly, almost $532,000 was in the wrong hands.

Details >
09/13/2018

New Data: Why Bank Customers Prefer Convenience Over Security

PYMNTS.com

Consumers prefer speed, convenience and ease of use over security — even when it comes to accessing financial services online.

Details >
09/13/2018

What Cloud Migration Means for Your Security Posture

The State of Security

It shouldn’t come as a surprise to anyone reading this article that there has been a major shift towards businesses hosting their critical applications in the cloud.

Details >
09/10/2018

With Platform Embedded In 25M Vehicles, Xevo’s Putting Pedal Down On Connected Commerce

PYMNTS.com

The race is on to reduce commerce and payments friction in the fast growing world of connected vehicles.

Details >
09/10/2018

Uber’s Newest Project? Reinventing Its Payments Experience

PYMNTS.com

The transportation company that innovated payments by delivering the Uber experience is at it again — this time, by making it easier and more rewarding for its users to pay for products and services inside its growing ecosystem.

Details >
09/07/2018

'SIM swapping' cybercrime targets cellphone owners

ABC Arizona

A Chandler family has become the latest victim of a sophisticated cybercrime known as "SIM swapping.”

Details >
09/07/2018

Beware of the New Way Crooks Can Drain Your Credit Card Account

The State of Security

This article describes one of the recent frauds used by cybercriminals to steal funds from people’s credit cards. Unfortunately, it is a simple one to pull off, so peruse the details below and make sure you don’t get on the hook.

Details >
09/06/2018

Browser Extensions: Are They Worth the Risk?

Krebs on Security

Popular file-sharing site Mega.nz is warning users that cybercriminals hacked its browser extension for Google Chrome so that usernames and passwords submitted through the browser were copied and forwarded to a rogue server in Ukraine.

Details >
09/05/2018

Anatomy of a fake check scam

Federal Trade Commission

Fake checks drive many types of scams – like those involving phony prize wins, fake jobs, mystery shoppers, online classified ad sales, and others.

Details >
09/05/2018

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Krebs on Security

mSpy, the makers of a software-as-a-service product that claims to help more than a million paying customers spy on the mobile devices of their kids and partners, has leaked millions of sensitive records online, including passwords, call logs, text messages, contacts, notes and location data secretly collected from phones running the stealthy spyware.

Details >
09/03/2018

Alleged ‘Satori’ IoT Botnet Operator Sought Media Spotlight, Got Indicted

Krebs on Security

A 20-year-old from Vancouver, Washington was indicted last week on federal hacking charges and for allegedly operating the “Satori” botnet, a malware strain unleashed last year that infected hundreds of thousands of wireless routers and other “Internet of Things” (IoT) devices.

Details >
08/31/2018

‘Amazon Bank’ Is Already Here, Without a Charter or Regulatory Approval

The Financial Brand

Nothing can stop Amazon. Not even banking regulators or geographic borders can slow them down. With patents, patience, a willingness to fail, a huge and devoted customer base, a universe of data, and gobs of money, Amazon represents a real threat to the traditional banking industry.

Details >
08/31/2018

How Five High School Kids Are Changing Payments For The Visually Impaired

PYMNTS.com

Right now, it looks like a blood pressure cuff with wires and tiny boxes attached to it. Or, perhaps, an oversized watchband, one that was made by a child stuck inside on a rainy day.

Details >
08/30/2018

Cheddar’s Restaurants Bitten By Credit-Card Breach

Threat Post

Fast-casual stalwart Cheddar’s Scratch Kitchen has become the latest restaurant to suffer a payment-card breach.

Details >
08/30/2018

Zelle Eyeing Expansion Into Small Business Payments

PYMNTS.com

Zelle, the digital payment app that enables consumers to send money to friends and family, is gearing up to expand its offering to enable customers to pay small businesses.

Details >
08/30/2018

Amazon's Cashier-Free Stores are Going National. And it might just change the future of retail

Futurism

MORE CHOICES. If you live in Seattle and want to pick up a quick snack without having to wait in a checkout line, you’ve now got two options for where you can do so.

Details >
08/30/2018

Digital transactions' speed is a gateway to account fraud

PaymentsSource

Fraud related to account opening has become a costly issue in the digital age.

Details >
08/30/2018

Comerica scrambles to address fraud in prepaid benefits program

PaymentsSource

Comerica Bank has shut down a component of its prepaid card program for federal benefits recipients after a recent spate of fraud cases.

Details >
08/30/2018

Visa: Chip Cards Reduce Counterfeit Fraud At U.S. Merchants By 75 Percent

PYMNTS.com

Data released by Visa on Wednesday (Aug. 29) showed that counterfeit fraud ticked down at U.S. merchants by 75 percent from September 2015 to March 2018 as more storefronts started accepting chip cards.

Details >
08/30/2018

Air Canada Alerts Customers of Mobile App Breach, 20,000 Users Affected

The State of Security

Air Canada announced on Wednesday that approximately 20,000 customers may have had their personal information compromised after a data breach in its mobile app.

Details >
08/28/2018

Fiserv Flaw Exposed Customer Data at Hundreds of Banks

Krebs on Security

Fiserv, Inc., a major provider of technology services to financial institutions, just fixed a glaring weakness in its Web platform that exposed personal and financial details of countless customers across hundreds of bank Web sites, KrebsOnSecurity has learned.

Details >
08/28/2018

Bank of Spain Reveals Its Website Suffered a DoS Attack

The State of Security

The Bank of Spain revealed that bad actors used a denial-of-service (DoS) attack to temporarily disrupt access to its website.

Details >
08/27/2018

St. Paul Duo Accused Of Prolific Theft Operation

WCCO 4 News

Investigators say they uncovered the largest retail theft operation in metro-area history.

Details >
08/27/2018

Who’s Behind the Screencam Extortion Scam?

Krebs on Security

The sextortion email scam last month that invoked a real password used by each recipient and threatened to release embarrassing Webcam videos almost certainly was not the work of one criminal or even one group of criminals

Details >
08/24/2018

Alleged SIM Swapper Arrested in California

Krebs on Security

Authorities in Santa Clara, Calif. have arrested and charged a 19-year-old area man on suspicion hijacking mobile phone numbers as part of a scheme to steal large sums of bitcoin and other cryptocurrencies.

Details >
08/24/2018

As P2P Payments Increase, So Must Fraud Controls

Bank Innovation

The demand for P2P payments does not seem to be slowing anytime soon. A study released today by research firm Aite and Early Warning, owner of the bank-based P2P firm Zelle, found that P2P payments will triple by 2020.

Details >
08/24/2018

Twin Cities Bank Robber Pleads Guilty in Federal Court

United States Attorney's Office - District of MN

United States Attorney Erica H. MacDonald today announced the guilty plea of JAYVON DOMINIQUE GANT, 28, to one count of bank robbery. GANT, who was charged by criminal complaint on June 7, 2018, entered his guilty plea before Judge Joan N. Ericksen in U.S. District Court in Minneapolis, Minnesota.

Details >
08/24/2018

The five most common credit-card frauds

nzherald.co.nz

As long as credit cards have been around, an opportunity for fraud has followed.

Details >
08/20/2018

6 common habits that put you at risk for identity theft

NBC News

Data breaches and hacks are often unavoidable, but security experts say there are some everyday habits that put consumers even more at risk.

Details >
08/17/2018

Hanging Up on Mobile in the Name of Security

Krebs on Security

An entrepreneur and virtual currency investor is suing AT&T for $224 million, claiming the wireless provider was negligent when it failed to prevent thieves from hijacking his mobile account and stealing millions of dollars in cryptocurrencies.

Details >
08/17/2018

Hackers steal $13.5 million from Indian bank in global attack

The State of Security

Hackers planted malware on an automated teller machine (ATM) server belonging to an Indian bank as part of a criminal scheme which saw the theft of nearly 944 million rupees (US $13.5 million) in a co-ordinated attack across 28 countries last weekend.

Details >
08/13/2018

FBI Warns of ‘Unlimited’ ATM Cashout Blitz

Krebs on Security

The Federal Bureau of Investigation (FBI) is warning banks that cybercriminals are preparing to carry out a highly choreographed, global fraud scheme known as an “ATM cash-out,” in which crooks hack a bank or payment card processor and use cloned cards at cash machines around the world to fraudulently withdraw millions of dollars in just a few hours.

Details >
08/11/2018

Fraud and Friction: Fighting Two Significant Challenges

Credit Union Times

Credit unions have recently experienced a period of significant growth. But this also means increased risk.

Details >
08/10/2018

EXTORTIONISTS INCREASINGLY USING RECIPIENTS' PERSONAL INFORMATION TO INTIMIDATE VICTIMS

IC3

The Internet Crime Complaint Center (IC3) has recently received an increase in reports about extortion attempts received via e-mail and postal mail and using specific user information to add authenticity. While there are many variations in these extortion attempts, they often share certain commonalties.

Details >
08/10/2018

Beware: Real Estate Scams are Growing

The State of Security

What does the chairman of MIT’s board of trustees and a Supreme Court judge for New York State have in common with the Weintraubs of Lebanon, Oregon? They were all victims of real-estate spoofing scams, a form of cyber-security fraud that has grown from $19 million in 2016 to over $1B in 2017.

Details >
08/10/2018

Flaw exposed Comcast Xfinity customers’ partial home addresses and SSNs

The State of Security

Poor security measures have reportedly put the personal details of Comcast Xfinity customers at risk, a researcher has revealed.

Details >
08/07/2018

Florida Man Arrested in SIM Swap Conspiracy

Krebs on Security

Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud ring that hijacked mobile phone numbers in online attacks that siphoned hundreds of thousands of dollars worth of bitcoin and other cryptocurrencies from victims.

Details >
08/07/2018

Watch out for card skimming at the gas pump

Federal Trade Commission

With the summer travel season in high gear, the FTC is warning drivers about skimming scams at the pump.

Details >
08/07/2018

Promoter pitches "secrets" to big bucks on Amazon

Federal Trade Commission

Online ads and in-person workshops for Sellers Playbook claim to offer “secrets” to making big money on Amazon. But like a lot of namedroppers, the truth doesn’t live up to the hype. That’s what the FTC and the Minnesota Attorney General allege in a lawsuit they filed.

Details >
08/06/2018

3 trends hackers at Black Hat and DEFCON are watching

Yahoo

Cybersecurity is a constant game of cat-and-mouse — with every security improvement and criminal crackdown, there is a corresponding evolution in attacker methods and techniques.

Details >
08/06/2018

On a Hot Streak, the ACH Network Has Racked up 5%-Plus Growth in 12 of the Last 14 Quarters

Digital Transactions

The growth surge at the nation’s automated clearing house network shows no signs of slowing down. The payments system handled 5.68 billion transactions in the quarter ended June 30, a 6.2% increase year-over-year, according to numbers from Herndon, Va.-based NACHA, the network’s governing body. The network has now notched growth exceeding 5% in 12 out of the 14 quarters since the start of 2015.

Details >
08/04/2018

Credit Card Issuer TCM Bank Leaked Applicant Data for 16 Months

Krebs on Security

TCM Bank, a company that helps more than 750 small and community U.S. banks issue credit cards to their account holders, said a Web site misconfiguration exposed the names, addresses, dates of birth and Social Security numbers of thousands of people who applied for cards between early March 2017 and mid-July 2018.

Details >
08/03/2018

Avoid the most common bank-to-school scams

fraud.org

Avoid the most common back-to-school scams, including fake diploma and scholarship scams.

Details >
08/03/2018

Resurgent payments fraud heightens ID challenge for banks

American Banker

Verifying identities continues to be a tricky proposition for banks as cybercriminals diversify and increase their attacks — especially when it comes to wire transactions.

Details >
08/02/2018

Hunting the Con Queen of Hollywood: Who's the "Crazy Evil Genius" Behind a Global Racket?

Hollywood Reporter

For more than a year, some of the most powerful women in entertainment — including Amy Pascal, Kathleen Kennedy, Stacey Snider and a 'Homeland' director — have been impersonated by a cunning thief who targets insiders with promises of work, then bilks them out of thousands of dollars.

Details >
07/31/2018

FS-ISAC Cyber-Attack Against Payment Systems (CAPS) Exercises

FS-ISAC

A great opportunity to practice your plan.

Details >
07/31/2018

OCC Begins Accepting National Bank Charter Applications From Financial Technology Companies

OCC Notice

The Office of the Comptroller of the Currency (OCC) today announced it will begin accepting applications for national bank charters from nondepository financial technology (fintech) companies engaged in the business of banking.

Details >
07/31/2018

Cryptomining Malware Is Infecting Corporate Networks Worldwide

Futurism

CORPORATE HIJACKING. Security firm Kaspersky Lab just exposed an international cryptocurrency mining ring that is using malware software called PowerGhost to spread across vast corporate networks.

Details >
07/31/2018

Save the Embarrassment: The Value of Two-Factor Authentication

The State of Security

These days, it’s not a matter of if your password will be breached but when.

Details >
07/31/2018

The depth of Macy's breach pushes PCI compliance investment

PaymentsSource

Macy’s recently became the latest major retailer forced to inform its customers that their data had been exposed by another cyberthreat. Although detected by a third-party security tool, the cybercrooks still gained access to data from customers who had shopped on the retail store’s website.

Details >
07/30/2018

Report: Hawaii has most victims of identity theft

khon2.com

Sad to report residents of the Aloha state are at the top of the list when it comes to being at risk to thieves.

Details >
07/30/2018

Data Security Incident at Pediatric Hospital Affects 100K Individuals

The State of Security

A data security incident at a pediatric hospital affected more than 100,000 individuals including patients and employees.

Details >
07/27/2018

State Govts. Warned of Malware-Laden CD Sent Via Snail Mail from China

Krebs on Security

Here’s a timely reminder that email isn’t the only vector for phishing attacks: Several U.S. state and local government agencies have reported receiving strange letters via snail mail that include malware-laden compact discs (CDs) apparently sent from China, KrebsOnSecurity has learned.

Details >
07/26/2018

To Prevent Breaches, Banks Must Change the Way They Face Threats

Bank Innovation

Security firms have evolved their techniques to meet mounting threats on a digital front, as such banks must change too.

Details >
07/26/2018

LifeLock Bug Exposed Millions of Customer Email Addresses

Krebs on Security

Identity theft protection firm LifeLock — a company that’s built a name for itself based on the promise of helping consumers protect their identities online — may have actually exposed customers to additional attacks from ID thieves and phishers.

Details >
07/25/2018

Uptick in San Francisco retail theft

Kron4.com

SAN FRANCISCO (KRON) - Retail theft is on the uptick in San Francisco, and while luxury goods were once the focus, now it seems as if those stealing are going for lower end merchandise.

Details >
07/25/2018

Former online survey worker sentenced to 18 months for stealing $492,000 in unclaimed Amazon gift cards

gizmodo.com

A Lexington, Kentucky man was sentenced to 18 months in federal prison on Monday, the Department of Justice wrote in a press release, for a data heist in which he abused his status as an employee of online polling company IntelliSurvey Inc. to snatch up nearly half a million dollars in unclaimed Amazon gift cards.

Details >
07/25/2018

Louisiana mobile drivers license first to roll out statewide

SecureID News

With its new LA Wallet, Louisiana becomes the first state to actually rollout digital driver’s licenses to its citizenry. While other states have piloted the mobile licenses, this is the first instance where any citizen can use the mobile app during any traffic stop of police interaction.

Details >
07/25/2018

Porting Out: It's Phone Fraud 101

howstuffworkds

When people talk about phone scams, it's often the variety of fraud that can occur through cold calls to a person's home or mobile device.

Details >
07/25/2018

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

Krebs on Security

Hackers used phishing emails to break into a Virginia bank in two separate cyber intrusions over an eight-month period, making off with more than $2.4 million total.

Details >
07/25/2018

Hacker Exposes Security Vulnerability in Popular Cryptocurrency Site Ehterscan

Futurism

EXPLORING THE BLOCK. One of the main draws of a blockchain is that it’s a public record. Anyone, anywhere, can look at every cryptocurrency transaction on the blockchain — unlike the transactions made via traditional financial institutions, the information isn’t secreted away in a server somewhere.

Details >
07/25/2018

Kronos Malware Returns With New Attack Campaigns, Updates

The State of Security

The Kronos banking trojan has returned with several new attack campaigns as well as a few updates

Details >
07/23/2018

Human Resources Firm ComplyRight Breached

Krebs on Security

Cloud-based human resources company ComplyRight said this week that a security breach of its Web site may have jeopardized sensitive consumer information — including names, addresses, phone numbers, email addresses and Social Security numbers — from tax forms submitted by the company’s thousands of clients on behalf of employees.

Details >
07/23/2018

Zelle Catches A Growth Wave, Threatening Venmo

PYMNTS.com

The Q2 earnings season has just kicked off, and it’s already helping shedding light on recent developments in the peer-to-peer (P2P) world — most notably, the shape of the ongoing competition between Zelle and Venmo.

Details >
07/23/2018

Social Security Issues Warning About Scams Similar To Those IRS Phone Scams

Forbes

It may be summer, but the bad guys aren’t taking a vacation. The Acting Inspector General of Social Security, Gale Stallworth Stone, has issued a warning about an ongoing phone scam from thieves pretending to be from the Social Security Administration (SSA).

Details >
07/23/2018

Symantec Releases “Email Threat Isolation” Technology To Prevent Attacks

The Truth News

Symantec Corp, the cyber-security giant unveiled a new solution rooted on threat isolation technology that thwarts advanced email hits on the end-user devices.

Details >
07/23/2018

Google: Security Keys Neutralized Employee Phishing

Krebs on Security

Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity.

Details >
07/20/2018

Woman charged in elaborate car theft ring in Westchester County

abc7ny.com

Brand new cars, many of them luxury models, are being stolen from dealerships in several Westchester County communities by an elaborate identity theft ring, prosecutors say.

Details >
07/20/2018

Cuban citizen sentenced to prison for Green Bay area skimming scheme

2WBAY.com

A Cuban citizen has been sentenced to four years in federal prison for his role in a credit card skimming scheme in the Green Bay area.

Details >
07/20/2018

Federal prison for woman who embezzled over $1 million

The Maui News

A former employee was sentenced Wednesday to more than four years in federal prison for her role in conspiring to embezzle more than $1 million from the now-closed First Hawaiian Homes Federal Credit Union on Molokai.

Details >
07/20/2018

Fraud symposium educates local financial institutions

upmatters.com

Financial institutions from around the U.P. met today for the Upper Midwest Automated Clearing House Association's Fraud Symposium. This was co-sponsored with FRPA and the Minneapolis Federal Reserve Bank.

Details >
07/16/2018

‘LuminosityLink RAT’ Author Pleads Guilty

Krebs on Security

A 21-year-old Kentucky man has pleaded guilty to authoring and distributing a popular hacking tool called “LuminosityLink,” a malware strain that security experts say was used by thousands of customers to gain unauthorized access to tens of thousands of computers across 78 countries worldwide.

Details >
07/16/2018

8 Insights on the Future of Ransomware

The State of Security

Ransomware is a variant of malware that we are seeing as the next wave of quick compromise attacks

Details >
07/16/2018

Security Fundamentals for Federal Agencies

The State of Security

Cybersecurity experts are urging government agencies to protect their data with up-to-date, foundational security controls, and agencies are listening

Details >
07/15/2018

To Catch A Thief - Lessons We Can All Learn From Demi Moore's Identity Theft Drama

Forbes

The recent film Ocean’s 8 is the story of a group of thieves that steal a priceless necklace from a famous movie actress, in plain sight.

Details >
07/15/2018

Fighting Fraud By Finding The Gaps

PYMNTS.com

The problem with fighting fraud — according to GIACT EVP of Product David Barnhardt in this week’s edition of the PYMNTS Topic TBD — is how much information fraudsters have at their fingertips about regular consumers

Details >
07/13/2018

Use Layered Authentication to Secure Real-Time Payments

Digital Transactions

Real-time processing heightens risk for providers that aren’t prepared. Here’s what financial institutions should be doing now, says Eric Woodward.

Details >
07/13/2018

BUSINESS E-MAIL COMPROMISE THE 12 BILLION DOLLAR SCAM

FBI

This Public Service Announcement (PSA) is an update and companion to Business E-mail Compromise (BEC) PSA 1-050417-PSA posted on www.ic3.gov. This PSA includes new Internet Crime Complaint Center (IC3) complaint information and updated statistical data for the time frame October 2013 to May 2018.

Details >
07/13/2018

Fictitious Notification Regarding the Release of Funds Supposedly Under the Control of the Office of the Comptroller of the Currency

OCC Notice

Consumers have reported receiving fictitious e-mail messages, allegedly initiated by the Office of the Comptroller of the Currency (OCC), regarding funds purportedly under the control of the OCC.

Details >
07/11/2018

Macy’s, Bloomingdales Alert Online Customers of Data Breach

The State of Security

Macy’s is notifying customers of a data breach involving unauthorized access to their payment card data and personal information.

Details >
07/09/2018

Square Will Reapply for Banking License with the FDIC After Last Week’s Withdrawal

Bank Innovation

Payment processor Square has withdrawn its application to become a deposit-taking bank, a move similar to online lender Social Finance or SoFi, which withdrew its application last fall. However, unlike SoFI, Square plans to refile its application, attributing Thursday’s withdrawal to mere procedural issues. It plans to reapply with the FDIC, but did not reveal a timeline.

Details >
07/06/2018

7 Questions for Evaluating your Security Posture against Insider Threats

The State of Security

Insider threats top the list of the most dangerous cyber risks for organizations worldwide. It doesn’t take much effort for insiders to steal your sensitive data, while such activities are hard to discover and impossible to prevent.

Details >
07/06/2018

Bigger, Faster, Stronger: 2 Reports Detail the Evolving State of DDoS

DARKReading

DDoS attacks continue to plague the Internet, getting bigger and more dangerous. And now, the kids are involved.

Details >
07/06/2018

The Problem of Stolen Crypto Is Getting Worse Fast, Spurring a Possible Regulatory Crackdown

Digital Transactions

Enthusiasts of Bitcoin and other cryptocurrencies are trying to position the digital currencies as legitimate means of exchange, but crypto’s tendency to be stolen and then laundered by thieves is not only well-known, it’s growing worse.

Details >
07/06/2018

Square Pulls Banking Application

PYMNTS.com

Though Square has reportedly withdrawn its application to create a deposit-taking bank, the payments processor intends to file the application again in the future. The firm had applied for an “industrial loan company (ILC)” license with the Federal Deposit Insurance Corporation (FDIC), Reuters reported.

Details >
07/02/2018

Shimmers: The New Credit Card Skimmers

Journal Times

According to Visa®, the introduction of the EMV (Europay, MasterCard®, and Visa) chip card in late 2015 resulted in a 76% decrease in counterfeit fraud in less than three years.

Details >
07/02/2018

WPA3: What You Need To Know

The State of Security

Earlier this month, the Wi-Fi Alliance issued a press release announcing the availability of WPA3.

Details >
07/02/2018

Harpoon Cannon Method: How Scammers Catch Bitcoin Whales

The State of Security

Bitcoin whales are considered to be people who have thousands of coins in their crypto-wallets.

Details >
07/02/2018

Getting a vacation rental? Watch out for scams.

Federal Trade Commission

With July 4th right around the corner, plenty of us are still running around trying to book a last-minute vacation rental. If that’s you, here’s what you need to know: scammers are ready with fake vacation rental ads.

Details >
06/29/2018

Ticketmaster Warns of Data Breach, Customer Payment Details Potentially Exposed

The State of Security

Ticketmaster has alerted thousands of UK-based customers that it has learned of a security breach in which their payment information may have been exposed.

Details >
06/29/2018

Equifax reaches deal with 8 states on steps to avoid future breaches

PaymentsSource

The credit reporting giant Equifax has agreed to shore up its data security efforts after a massive breach of personal information sparked scrutiny from state regulators.

Details >
06/29/2018

Who won, who lost in Supreme Court’s credit card ruling

PaymentsSource

Whether they take the form of cash, miles or points, credit card rewards have become a staple of U.S. consumer culture. Many households, particularly at the upper end of the income spectrum, charge just about every purchase, mainly so they can collect rewards with each swipe.

Details >
06/29/2018

Vehicle Shippers Springing Up on Internet May Be Scams, BBB Warns

Better Business Bureau

St. Louis, Mo., June 7, 2018 – Better Business Bureau (BBB) warns consumers shopping for a vehicle on the internet to be on alert if the seller suggests using a third party to handle the transaction.

Details >
06/29/2018

Hitherto unknown marketing firm exposed hundreds of millions of Americans’ data

The State of Security

It’s been discovered that a marketing company left almost two terabytes of sensitive data exposed on the internet for anybody to access.

Details >
06/26/2018

How to Avoid Card Skimmers at the Pump

Krebs on Security

Previous stories here on the proliferation of card-skimming devices hidden inside fuel pumps have offered a multitude of security tips for readers looking to minimize their chances of becoming the next victim, such as favoring filling stations that use security cameras and tamper-evident tape on their pumps.

Details >