Posted on May 3rd, 2013 No comments
At some point between the time she disembarked from a recent cruise in Miami and returned to Carmel, Ind., someone decided to go shopping with Jody Tzucker’s credit card. “They bought cigars and other odd things in Miami,” says Tzucker, a retired manager for a nonprofit association.
She suspects that the criminals may have skimmed her Visa account information while she was filling up her gas tank in South Florida. Or maybe not. Nowadays, hackers don’t even have to see your credit card to access the information on it. They can scan it from a safe distance.
One of the latest threats against travelers is invisible and silent: wireless attacks that siphon your credit card number, personal information and passwords. Anything with a radio-frequency identification (RFID) chip, including your passport or a credit card, can be read from afar. Thieves can also mine valuable data from your smartphone when it automatically logs on to a WiFi network.
Fortunately, there are a few simple ways to thwart these wireless assaults, including new luggage products and common-sense steps that protect your devices and credit cards.
As it turned out, Tzucker’s card didn’t have an RFID chip. And she was lucky. Before the cigar-loving thieves could finish their shopping excursion, her bank’s fraud detection algorithm tagged her purchases as suspicious, disabled her account and refunded the fraudulent transactions. And that may be one of the most effective solutions — having a bank that can stop fraud quickly and cover any losses. After the incident, Tzucker also switched to using a prepaid debit card when she traveled, which contains no personal information.
But others haven’t been so fortunate. Nearly half of all travelers use their smartphones to access the Internet when they’re on vacation, according to a recent survey by security firm Kaspersky Lab. One-third of phone users store their passwords to online accounts, including bank and social networks, on their devices. While any phone can be a target, the most vulnerable wireless devices run on the Android operating system, according to Kaspersky.
The luggage industry offers one possible solution: new backpacks and suitcases with protective linings to shield your IDs and wireless devices.
This month, luggage manufacturer Briggs & Riley, based in Hauppage, N.Y., will add RFID-blocking pockets to its new @work briefcase and bag collection. The models offer two pockets with electromagnetic shielding, one for IDs and passports, the other for a smartphone or a tablet computer. The black ballistic nylon cases, priced from $129 to $479, are designed to appeal to privacy-conscious business travelers.
Richard Krulik, Briggs & Riley’s chief executive, says that his company is constantly adapting to the concerns and demands of travelers, something he refers to as “reality engineering.”
“Increasingly, travelers are coming to rely on their luggage to keep more than their belongings safe,” he adds. “They need protection for their personal information and data.”
Escape the Wolf, a travel security company based in Virginia Beach, is also introducing a product this month, aimed at leisure travelers and called the Zero Trace Two-Day Backpack. It offers a large interior compartment to store any electronics you want to protect from prying eyes or scans. The $199 backpack, which will be part of Escape the Wolf’s line of security-enhancing luggage, is minimalist on the outside but sophisticated on the inside for a reason, says Clinton Emerson, the company’s chief executive.
“Fancy gets you mugged,” he says. “Fancy gets stolen.”
A closer look at this technology suggests that the best strategy for preventing data theft when you’re on the road is a combination of electromagnetic shields and common sense. A series of tests conducted in 2011 by Consumer Reports concludes that products with electronic shielding can partially block the signal from a chip in a credit card.
Only credit cards with RFID chips — so-called “chip and signature” or “chip and PIN” cards — are vulnerable to scans. Most credit cards in the United States don’t use this technology at present, although it’s gaining some traction, particularly among corporate travelers.
Wireless devices left in the pouches would run down the battery searching for a signal, and security experts say that an equally effective way to prevent someone from accessing them is to power down the device and remove the battery. However, that’s not an option with the most popular wireless devices, such as Apple’s iPhone and iPad, which don’t have an easily removable battery.
Experts say that making sure the WiFi settings on your smartphone or tablet are set so that they don’t automatically connect to any wireless network, and not storing passwords or credit card numbers on your phone, is an equally effective way to make sure hackers don’t access your data and steal your identity, or your money.
But luggage with electromagnetic shielding can’t hurt, either. It makes your information a less desirable mark. Hackers and ID thieves prefer easy targets, which come from unprotected wireless devices and credit cards emitting a clear, easy-to-intercept signal.
In a world of invisible and often unknown security threats, the new bags may make travelers such as Linda Snow feel a little safer. Snow, an actress who lives in Denver, says that many of her friends have had their identities stolen, some of them while traveling. “I’m more careful with how I handle my ID and phone,” she says. Now she’s thinking of upgrading her luggage, too.
Posted on March 10th, 2009 No comments
On Monday the 13th of October, WHRW News made a startling discovery. Heading by a dumpster on the campus of Binghamton University a news team inadvertently stumbled upon a pile of official Binghamton university documents containing personal information. All of the files contained Social Security numbers and full names, for fifty-six different people. The ninety-one documents (totaling almost a hundred and fifty pages) were office files from the German Department in the mid-seventies detailing classes, grades, assistant stipends and other personal information including birthdays and addresses. To add ironic insult to injury, the pile of documents and folders containing this information was piled on top of bags of shredded documents, making it clear that the building in question had a shredder at its disposal but had not decided to use it for these critical documents.
This is not the first time that Binghamton University has jeopardized the personal information of students past and present. Last year, an undergraduate adviser in Binghamton University’s School of Management e-mailed Social Security numbers of three hundred and thirty eight students to over two hundred accounting students. On top of this, there were numerous reported instances of failures to protect students’ identities, including one instance where inter-campus mail services accidentally sent a package containing scans of passports and personal information of Turkish exchange students to WHRW.
Worse still, in 2005 the data of over four hundred students, including their social security numbers and dates of birth, was left on an unsecured server. The fallout of this incident prompted Binghamton University officials to recommend that BU students be issued randomly generated ID numbers on entry to the university, a recommendation which was only implemented after the School of Management fiasco last year.
The fifty-six people detailed in the pile of documents found this week include Paul Ewald, the deceased beneficiary of a scholarship bearing his name for German majors in Binghamton University; the late Dr. Emory Carr who was a professor of German studies in Marshall University; and a professor at Broome Community College, along with numerous other people. The data, a veritable gold mine for would be identity thieves, had over six hundred social security numbers in the pages and had suffered no attempts at obscuration at all, and was clearly available in plain sight to any passers by.
When contacted for information the head of Public Relations for Binghamton University declined to comment. An official of Binghamton University did say that they were “deeply concerned” about the breach of protocol and were running an investigation to find what lead to this regrettable accident. They also said that they were going to contact everyone whose name appeared on the documents in question to inform them of any potential future problems.
Peter Spaet, the Student Association Vice President of Academic affairs, and the man whose jurisdiction this would fall to, did respond to a request for comment. Saying “this is a very disappointing occurrence for all students” made worse “by this being only the latest in a series of similar instances.” However he did go on to say that he did not blame the university administration, saying “The administrators at the top levels … [have] gone above and beyond [their duty] to eliminate the use of social security numbers around campus.” Peter did not wish to make further comment at this time.
WHRW News did try to contact a number of people whose names appeared on the documents. But no one has returned phone calls as of yet. WHRW News has decided not to make public any living names that appeared on the list until we contact the persons in question and attain their permission to do so. However, we will release that some people’s social security numbers appeared on as many as twenty or thirty individual documents, with one person appearing a grand total of forty-seven times.
WHRW News will keep you informed as more happens, and will be the first place to inform you as to the reaction of Binghamton University when they decide to make a public statement on the subject.
This article was written by Robert Glass. Assistance in tallying the documents came from Scott Schoen, Leah Gottlieb, Calvin Bienvenu and Michael Mechmann.
(Source : news.whrwfm.org)
Posted on July 15th, 2008 No comments
Identity Theft has become an important topic around where I live lately as there has been a string of reports where people have had their bank accounts cleaned out thanks to some thieves. You can never be too cautious when it comes to your personal and financial information. Here are a few more quick tips and reminders to help prevent you from becoming a victim:
- Shred pre-approved credit card offers, bills, canceled checks, bank statements, and other documents that contain personal or financial information before putting them in the trash. If you have a lot of this information to shred (business owners) hiring a shredding company to come to you and shred everything is such a great way to make sure that your confidential data is protected.
- When using an ATM, make sure nobody can see the numbers you punch in. If somebody is behind you, shield your hand when entering information.
- Don’t carry your PIN numbers with you, and never give your PIN to another person.
- Never give out your credit card number to anyone who calls you unsolicited.
- Guard your Social Security number. Don’t give it out to salesmen, vendors, or others who have no legal need for it.
- Don’t carry your Social Security card with you.
- Don’t use your mother’s maiden name, your birth date, or the last four digits of your Social Security number as a password on credit card or bank accounts. This information is too easy to obtain and can be used by thieves to access your accounts.
- Use a locked mailbox to prevent checks, credit card offers, and other financial information from being stolen.