Data Breach Incidents Expose Individuals to Identity Theft, Spear-Phishing and Fraud

Data breach incidents expose users to varied threats such as identity theft, fraud, scam e-mails and spear-phishing attacks.

Albuquerque, NM (prHWY.com) May 13, 2011 - The recent spate of data breach incidents, which resulted in unauthorized access to personally identifiable information, has exposed users to varied threats such as identity theft, fraud, scam e-mails and spear-phishing attacks. Over the last month, the world has witnessed several high-profile data breach incidents, which include that at Epsilon, Hyundai Capital, Texas Comptroller Office, Sony PlayStation Network and Sony Online Entertainment (SOE). The data breach incident at Epsilon resulted in the leakage of names and e-mail addresses of thousands of customers associated with many of the clients of the marketing services firm. Hyundai Capital reported disclosure of names, contact numbers, mailing addresses and e-mail addresses of around 420,000 customers. Cybercriminals were also able to access 13,000 passwords of customer loan accounts. The data breach at Texas Comptroller resulted in disclosure of confidential personal information related to 3.5 employees and retirees. The intrusion of Sony PSN and SOE revealed information pertaining to more than 100 million individuals.

Intruders may sell the extracted information on online criminal forums and underground crime market. Cyber-crime Black market report by Panda Security reveals that criminals sell credit card details in black markets for as low as $2 to $90. Cybercriminals may use the collected information to make counterfeit credit cards, conduct unauthorized transactions, steal funds, transfer funds to remote accounts, open fraudulent credit accounts, impersonate individuals, black mail and extortion. Fraudsters may also redirect mails to different addresses and make unauthorized transactions.

Attackers may use the sensitive information to launch spear phishing attacks. In case of spear-phishing attacks, offenders send personalized, cleverly crafted e-mails to the targeted users. The e-mails may appear to come from a legitimate source such as a banking institution, online portal, Internet shopping sites, subordinates and peers. The e-mails may try to seek further personal and financial information. Attackers may also launch URL obfuscation attacks. In this case, fraudsters entice users to click on a specific link, which may redirect users to a spoofed websites, which resembles a legitimate site. When unwary users enter confidential information on the spoofed site, the data entered is misused. Attackers may also use social engineering techniques to persuade users to download malicious files sent as e-mail attachments.

Cybersecurity awareness is crucial to deal with sophisticated threats. Professionals qualified in computer science degree and IT security certifications must alert users on latest threats and safe online computing practices through blog posts and articles.

Internet users must adhere to security advisories provided by Internet security firms, computer emergency response teams and product vendors. Educational institutions must encourage online degree courses on cyber security to create awareness among the youth and aid in the development of future cyber warriors.

Frequent instance of cybercrime has led to the creation of separate cybercrime departments in counter crime agencies. Hiring professionals qualified in information security and computer forensics may help counter crime agencies in resolving cybercrime cases. They may also encourage employees to undertake online university degree courses to improve their awareness on IT security, data protection and privacy regulations.

Contact Press

EC-Council
Website: http://www.eccuni.us
Email: iclass@eccouncil.org
Tel: 505-341-3228

EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.

EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.

EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.

###

Tag Words: impersonation, fraud, identity theft, url obfuscation, phishing, spear phishing, data breach, unauthorized transactions, fraudulent accounts, online

Categories: Security

Link To This Press Release:

URL HTML Code