Latest News

12/17/2018

Office 365 Phishing Attack Using Fake Non-Delivery Notifications

The State of Security

A new phishing attack is using fake non-delivery notifications in an attempt to steal users’ Microsoft Office 365 credentials.

Details >
12/14/2018

Examiners Will Be Focusing on Your Institution’s Riskiest Areas. Do You Know What They Are?

NContracts

In the FFIEC Press Release, dated 11/27/2018, the Federal Financial Institutions Examination Council (FFIEC) provided a more formal idea of what a “risk-based exam” looks like and the factors that will help define the scope of the exam in its second update of the Exam Modernization Project released late last month.

Details >
12/14/2018

Spammed Bomb Threat Hoax Demands Bitcoin

Krebs on Security

A new email extortion scam is making the rounds, threatening that someone has planted bombs within the recipient’s building that will be detonated unless a hefty bitcoin ransom is paid by the end of the business day.

Details >
12/14/2018

Fraudsters are Getting More Sophisticated. That’s Bad News for Banks!

Banking Exchange

About 94 percent of financial services companies have experienced fraud.

Details >
12/14/2018

Save the Children Federation Tricked Into Sending $1 Million to Scammers

The State of Security

Scammers tricked Save the Children Federation, a well-known U.S. charity, into sending them approximately one million dollars.

Details >
12/14/2018

Are the new Robinhood checking and savings products FDIC or SIPC insured?

USA Today

Fintech investing platform Robinhood has introduced new checking and savings products that earn 3 percent, much more than what traditional banks offer and higher than online banks. Robinhood charges no fees and requires no minimum balance.

Details >
12/13/2018

Fake calls about your SSN

Federal Trade Commission

The FTC is getting reports about people pretending to be from the Social Security Administration (SSA) who are trying to get your Social Security number and even your money.

Details >
12/13/2018

Marriott hack’s fallout could be worse than the Equifax breach

PaymentsSource

The Marriott hotel hack is the latest in an alarming series of data breaches, exposing the personal data of 500 million customers.

Details >
12/13/2018

7 (realistic) predictions about fintech in 2019

American Banker

When it comes to fintech, there is no shortage of big bets on which new technologies will come to fruition and the levels of mass adoption. From talk of plastic cards going away to the end of cash, everyone is eager to anticipate the next big trend.

Details >
12/13/2018

Amazon Teams With Cops To Catch Crooks

PYMNTS.com

Police in Jersey City are partnering with Amazon on an operation aimed to catch thieves stealing holiday packages from residential homes. Law enforcement is installing doorbell cameras and planting dummy boxes with GPS tracking devices at homes around the city — and it has managed to catch someone on the first day of the operation.

Details >
12/13/2018

Why You Need a Concrete Incident Response Plan (Not Strategy)

The State of Security

Recently, I had the privilege to be part of a four-person discussion panel at a security event in London where the topic was about incident response.

Details >
12/12/2018

Patch Tuesday, December 2018 Edition

Krebs on Security

Adobe and Microsoft each released updates today to tackle critical security weaknesses in their software.

Details >
12/12/2018

As Voice Commerce Becomes More Common, Jack Henry Adds More Payment Services

Digital Transactions

Core processors for financial institutions are starting to make their moves in voice-triggered consumer payments, and Jack Henry & Associates is looking to stake out an early lead in this nascent business

Details >
12/12/2018

Scanning for Flaws, Scoring for Security

Krebs on Security

Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices?

Details >
12/10/2018

Intel Releases Draft Federal Privacy Bill

The State of Security

One strange story to emerge as part of the recent midterm elections was Intel’s release of a piece of federal legislation.

Details >
12/10/2018

Linux Rabbit and Rabbot Malware Leveraged to Install Cryptominers

The State of Security

Digital attackers used new malware called “Linux Rabbit” and “Rabbot” to install cryptominers on targeted devices and servers.

Details >
12/10/2018

Chase Reconnects With Contactless Cards

Digital Transactions

Giant card issuer Chase may not be big enough to single-handedly make contactless cards commonplace in the United States, but now that it plans to once again issue tap-and-go credit and debit plastic, the money-center bank could come close.

Details >
12/10/2018

Draft Guidelines Clarify GDPR Scope

Pymnts.com

As GDPR continues to take root, having an impact in Europe and beyond the confines of the continent, news came late last month that the European Data Protection Board has published draft guidelines that touch on the data protection regulation’s territorial scope.

Details >
12/10/2018

State police warn of Verizon phone scam

Dover Post

The scammer called a person in Kent County, but police are concerned this could be a statewide problem

Details >
12/06/2018

Security Summit warns employers: Be alert to identity theft and W-2 scams

IRS

As the 2019 tax season approaches, the IRS, state tax agencies and the nation’s tax industry joined together to warn small businesses to be on-guard against a growing wave of identity theft and W-2 scams.

Details >
12/06/2018

Buying an internet-connected smart toy? Read this.

Federal Trade Commission

Before giving in to your kid's plea for a new toy, you may want to collect some information about it. Why? Well, for one thing, that toy may want to collect information about your kid.

Details >
12/05/2018

Federal Reserve Payments Study shows increased payments fraud

Federal Reserve

On October 16, 2018, the Board of Governors of the Federal Reserve System released the latest Federal Reserve Payments Study fraud report (Off-site), which details the cost and number of fraudulent payments in the U.S. The Federal Reserve collected the fraud data using surveys of depository institutions in 2012 and 2015 and payment card networks in 2015 and 2016.

Details >
12/05/2018

A Breach, or Just a Forced Password Reset?

Krebs on Security

Software giant Citrix Systems recently forced a password reset for many users of its Sharefile content collaboration service, warning it would be doing this on a regular basis in response to password-guessing attacks that target people who re-use passwords across multiple Web sites.

Details >
12/04/2018

The one banking bill Congress might actually pass next term

American Banker

Conventional wisdom says that it’s going to be a tall order to pass banking legislation next term, but there just might be a key exception.

Details >
12/04/2018

California IoT Security Law: A Nearsighted, Toothless Guard Dog or a Wolf in Sheep’s Clothing?

The State of Security

With three new sections added to the California Civil Code, California became the first U.S. state with a cybersecurity law specifically for internet-connected devices on September 28, 2018. The new Security of Connected Devices law will take effect on January 1, 2020.

Details >
12/04/2018

Read All About It: The Breaches That Won’t Make the Headlines

The State of Security

It’s been a busy few months for those tracking cybersecurity breaches. Considering that this quarter alone has seen headlines for British Airways identifying additional victims behind its already significant breach, Facebook’s massive messaging leak and Yahoo’s significant payout related to earlier data breaches, there are plenty of high profile cases that reinforce the importance of good cybersecurity when operating on the web.

Details >
12/04/2018

Consumers Have No Reservations About Using P2P Payments To Give Cash During the Holidays

Digital Transactions

The surge in popularity for peer-to-peer payments is making itself felt in the realm of holiday gifting, helping to erode a longstanding cultural taboo against giving cash during the annual gift-giving season.

Details >
12/03/2018

New Ways To Prevent Identity Theft During The Holiday Shopping Season

Forbes

It's too easy to tune out advice about new ways to prevent identity theft and other threats to your personal information, even as the holiday shopping season gets into full swing. That seems like someone else's problem.

Details >
12/03/2018

Jared, Kay Jewelers Parent Fixes Data Leak

Krebs on Security

The parent firm of bling retailers Jared and Kay Jewelers has fixed a bug in the Web sites of both companies that exposed the order information for all of their online customers.

Details >
12/03/2018

What the Marriott Breach Says About Security

Krebs on Security

We don’t yet know the root cause(s) that forced Marriott this week to disclose a four-year-long breach involving the personal and financial information of 500 million guests of its Starwood hotel properties.

Details >
12/03/2018

What Type of Vulnerabilities Does a Penetration Test Look For?

The State of Security

Penetration testing is becoming increasingly popular as organizations are beginning to embrace the need for stronger cybersecurity.

Details >
12/03/2018

The PCI Council Publishes Updated Guidance for Securing Telephone-Based Payments

Digital Transactions

Online and mobile payments get all the press, but plenty of card-not-present payments still originate from telephone orders.

Details >
12/03/2018

Starwood Breach Raises the Question of Whether Hackers Have Keys to Encrypted Data

Digital Transactions

Friday’s disclosure from hotel giant Marriott International Inc. that hackers compromised information on up to 500 million guests held in its Starwood reservation system raises the question of whether fraudsters will be able to use an unknown quantity of encrypted payment card numbers because they also might have stolen the decryption keys.

Details >
11/30/2018

Marriott Reveals Security Incident Involving Starwood Reservation Database

The State of Security

Marriott announced that it recently detected and addressed a security incident involving the Starwood guest reservation database.

Details >
11/30/2018

What You Need to Know About Cardless ATM Fraud

NextAdvisor

People around the world are increasingly turning to their mobile phones to pay for everything from rent to restaurant bills, so it was only a matter of time before ATMs caught up.

Details >
11/30/2018

Dunkin’ Alerts DD Perks Account Holders That Hackers May Have Accessed Data

PYMNTS.com

Dunkin’, the operator of Dunkin’ Donuts franchises, is alerting DD Perks rewards program account holders that its profiles and data may have been accessed by a hacker in October.

Details >
11/30/2018

Cybercrime: There Is No End in Sight

The State of Security

Whoever said “crime doesn’t pay” hasn’t been following the growth of cybercrime across the globe. A thriving underground economy has evolved over the past decade to become a massive industry.

Details >
11/30/2018

Dell Discloses Digital Security Event Involving Customer Information

The State of Security

Dell disclosed a digital security incident in which unauthorized individuals targeted some pieces of customer information.

Details >
11/30/2018

The Black Friday-Cyber Monday Shopping Lesson? Pay Attention to the Checkout

Digital Transactions

Add e-commerce platform Shopify Inc. to the roster of entities that experienced record sales during the recent holiday-shopping weekend, reporting $1.5 billion in volume from Friday through Monday. Two-thirds of that came from mobile transactions.

Details >
11/30/2018

FBI Arrests AriseBank CEO Over $4 Million Crypto Fraud

coindesk

The FBI has arrested the CEO of cryptocurrency platform AriseBank after he was indicted over an alleged multi-million dollar scam.

Details >
11/28/2018

Google Maps scammers put their own phone numbers onto bank listings

Naked Security

Google Maps lets users edit and update listings: crowd-sourcing that’s helped Google to fill in the details of its maps, such as adding new roads or parks: a helpful feature, particularly in areas where governments restrict distribution of such data or in what are often less-developed regions.

Details >
11/28/2018

Rooted in Security Basics: The Four Pillars of Cyber Hygiene

The State of Security

The term “cyber hygiene” pops up frequently in articles, blogs and discussions about cybersecurity. But what does it really mean?

Details >
11/28/2018

The Challenges of Managing Third-Party Vendor Security Risk

The State of Security

It’s no longer enough to secure your own company’s infrastructure; you now must also evaluate the risk of third-party vendors and plan and monitor for breaches there, too

Details >
11/26/2018

How to Shop Online Like a Security Pro

Krebs on Security

‘Tis the season when even those who know a thing or two about Internet scams tend to let down their guard in the face of an eye-popping discount or the stress of last-minute holiday shopping.

Details >
11/26/2018

Amazon data glitch could hinder plans for point of sale

American Banker

There's never a good time to expose customer data, but the incident Amazon disclosed Wednesday could upend two major events: Black Friday/Cyber Monday and a reported effort to get merchants to accept Amazon at the point of sale.

Details >
11/26/2018

Venmo Payment Fraud Leads To $40M In Losses

PYMNTS.com

Venmo, the digital money transfer service owned by PayPal, suffered payments fraud earlier in 2018 that played a role in the company posting losses that were higher than forecasted for the first quarter of this year.

Details >
11/26/2018

Call Centers Push With Biometrics As Fraud Soars

PYMNTS.com

The rate of contact center fraud has skyrocketed recently, growing by 350 percent during the past four years.

Details >
11/23/2018

5 Reasons Why Your Business Needs Penetration Testing

The State of Security

Nowadays, high-profile security breaches continue to dominate the media headlines. This trend places an increasing number of businesses at risk.

Details >
11/23/2018

SIM swap! Man charged after million dollar cryptocurrency theft

The State of Security

San Francisco resident Robert Ross first realised something odd was going on when his iPhone lost its signal on 26th October.

Details >
11/21/2018

4 free services to thwart the identity thieves lurking in your mailbox

AJC.com

FedEx, UPS, DHL and the United States Postal Service (USPS) are contending with criminals setting up fraudulent online accounts under the legitimate street addresses of unsuspecting victims.

Details >
11/21/2018

The US Finally Has a Defense Agency Devoted to Cybersecurity

Futurism

In July, officials from the Department of Homeland Security (DHS) confirmed a very scary rumor: hackers working for the Russian government had hacked the U.S. power grid, gaining a level of access at which they could have cut off power to U.S. citizens.

Details >
11/21/2018

To Bolster Cybersecurity, France Gives Google the Guillotine

Futurism

In recent months, the French government has taken serious steps to boost its and Europe’s cybersecurity, in part by ousting foreign corporations that could spy on French leaders and citizens.

Details >
11/19/2018

Voice of the consumer: Real estate wire fraud an epidemic

The Gazette

If you’re getting ready to buy a home or know someone who is, please, please warn them about the growing crime of real estate wire fraud.

Details >
11/19/2018

IRS Identity Theft Criminal Prosecutions Plummet By More Than Half In A Year

Forbes

IRS criminal prosecutions for identity theft have plummeted by more than a half in a year.

Details >
11/19/2018

Teen faces potential ID theft after Children's employee takes medical records out of hospital

Fox 9 News, Minneapolis, MN

BIG LAKE, Minn. (KMSP) - A 15-year-old appears to be a victim of identity theft after his medical records were taken out of Children’s Hospital in St. Paul by an employee.

Details >
11/16/2018

If Mobile Wallets Functioned More Like Leather Wallets, Usage Might Get a Lift, Research Says

Digital Transactions

Ever since mobile payments first captured the public imagination four years ago with the launch of Apple Inc.’s Apple Pay, experts have debated why usage of the iOS and Android wallets has fallen short of the original, lofty expectations

Details >
11/16/2018

Don't cash that check: Fake check scams bait consumers

Jackson Sun

Paradoxically, consumers are writing fewer and fewer real checks while at the same time falling for more and more scams involving fake checks

Details >
11/16/2018

Bank of Hawaii launches debit card fraud alerts

saipantribune.com

It seems that being a victim of fraud is commonplace in today’s digitally driven world. Scammers attempt to interfere with financial accounts and transactions wherever you are—on the phone, online or at home.

Details >
11/15/2018

Congress returns, gets back to work on cybersecurity

Politico

The lame-duck Congress is here, and it jumps right back into the cybers this week with a pair of hearings on Wednesday.

Details >
11/15/2018

14 Malware Families Targeting E-Commerce Brands Ahead of Black Friday

The State of Security

Researchers discovered 14 malware families targeting dozens of e-commerce brands just over one week before Black Friday.

Details >
11/15/2018

Nordstrom Suffers Data Breach

Information Security Buzz

It was reported that Nordstrom suffered a breach at the hands of a careless employee, exposing highly sensitive information of 76,000 former and current employees.

Details >
11/14/2018

Patch Tuesday, November 2018 Edition

Krebs on Security

Microsoft on Tuesday released 16 software updates to fix more than 60 security holes in various flavors of Windows and other Microsoft products. Adobe also has security patches available for Flash Player, Acrobat and Reader users.

Details >
11/13/2018

Has Hunting: Why File Hashes are Still Important

The State of Security

According to Gartner, threat intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications and actionable intelligence.

Details >
11/13/2018

Fallback Fraud Falls as Card Issuers Ramp Up Their Monitoring

Digital Transactions

Fallback fraud, an offshoot of the counterfeit fraud that EMV chip cards are meant to reduce, declined over the past year, according to new findings from Auriemma Consulting Group.

Details >
11/13/2018

Banks Have a Solution for Their Identity-Fraud Woes: The DMV

Wall Street Journal

Big banks are enlisting the local DMV in their fight against identity fraud.

Details >
11/08/2018

Who’s In Your Online Shopping Cart?

Krebs on Security

Crooks who hack online merchants to steal payment card data are constantly coming up with crafty ways to hide their malicious code on Web sites,

Details >
11/08/2018

U.S. Secret Service Warns ID Thieves are Abusing USPS’s Mail Scanning Service

Krebs on Security

A year ago, KrebsOnSecurity warned that “Informed Delivery,” a new offering from the U.S. Postal Service (USPS) that lets residents view scanned images of all incoming mail, was likely to be abused by identity thieves and other fraudsters unless the USPS beefed up security around the program and made it easier for people to opt out.

Details >
11/08/2018

Amex Suffers Breach In India

PYMNTS.com

American Express India enabled a database to be accessible to anyone for longer than five days in October, according to a report in The Next Web.

Details >
11/08/2018

Half a Million People Potentially Affected by Data Breach at Bankers Life

The State of Security

A data breach at Bankers Life might have compromised the personally identifiable information of over half a million people.

Details >
11/08/2018

Don’t Mix the Two Up: What Is the Difference Between Privacy & Security?

The State of Security

Knowing that a tomato is a fruit is knowledge – not adding it to a fruit salad is wisdom. Similarly, having knowledge about privacy and security is good, but true wisdom is knowing that they are vastly different from each other. While both, to some extent, revolve around the protection of your personal, public and corporate data, they are still not the same.

Details >
11/08/2018

Spam-spewing IoT botnet infects 100,000 routers using five-year-old flaw

The State of Security

Security researchers are warning that a botnet has been exploiting a five-year-old vulnerability to hijack home routers over the last couple of months.

Details >
11/07/2018

Fake bank apps may have stolen data of thousands of customers: Report

The Economic Times

Fake apps of SBI, ICICINSE 0.79 %, Axis BankNSE -0.10 %, Citi and other leading banks are available on Google Play, which may have stolen data of thousands of bank customers, claims a report by IT security firm Sophos Labs.

Details >
11/07/2018

Watch Out for the “Programmer Who Cracked Your Email” Bitcoin Scam

The State of Security

The internet can be as dangerous a place as any. And every so often, it gets shaken up by some new threat that jeopardizes the safety of users across the globe.

Details >
11/07/2018

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

KrebsOnSecurity recently had a chance to interview members of the REACT Task Force, a team of law enforcement officers and prosecutors based in Santa Clara, Calif. that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims.

Details >
11/07/2018

HSBC Suffers US Hack

PYMNTS.com

HSBC, the U.K. bank, disclosed on Tuesday (Nov. 6) that some of its U.S. customers had their accounts hacked in October.

Details >
11/04/2018

Who’s In Your Online Shopping Cart?

Krebs on Security

Crooks who hack online merchants to steal payment card data are constantly coming up with crafty ways to hide their malicious code on Web sites.

Details >
11/03/2018

Police Raid Illegal Call Centers Linked to CRA Phone Scam

The State of Security

There have been many scams that have utilized the phone system to gain access to funds or personal information from hardworking individuals

Details >
11/03/2018

Redefining the Meaning of Operational Risk

The State of Security

The definition of “operational risk” is variable but it generally covers the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events.

Details >
11/03/2018

SMS Phishing + Cardless ATM = Profit

Krebs on Security

Thieves are combining SMS-based phishing attacks with new “cardless” ATMs to rapidly convert phished bank account credentials into cash. Recent arrests in Ohio shed light on how this scam works.

Details >
11/02/2018

Equifax Has Chosen Experian. Wait, What?

Krebs on Security

A year after offering free credit monitoring to all Americans on account of its massive data breach that exposed the personal information of nearly 148 million people, Equifax now says it has chosen to extend the offer by turning to a credit monitoring service offered by a top competitor — Experian. And to do that, it will soon be sharing with Experian contact information that affected consumers gave to Equifax in order to sign up for the service.

Details >
11/02/2018

YAPBS – Yet Another Password Breach Scam

The State of Security

Back in July, I wrote about the sextortion scam that had been circulating for a while

Details >
10/31/2018

Spear phishing scammers want more from you

Federal Trade Commission

“I’m calling from [pick any bank]. Someone’s been using your debit card ending in 2345 at [pick any retailer]. I’ll need to verify your Social Security number — which ends in 8190, right? — and full debit card information so we can stop this unauthorized activity...”

Details >
10/31/2018

Viewpoint: How Artful Manipulation Can Undermine Employee Security

Society for Human Resource Management

Chief financial officer Malcolm Fisher never thought he would be victimized by cybercrime—until a social engineer successfully impersonated him and bilked his company out of more than $125,000.

Details >
10/31/2018

The Revenge of the AI Assistants

The State of Security

Disclaimer: Due to a lack of originality over at Google, it’s difficult to anthropomorphize Google Assistant, so our story will be limited to Siri, Alexa and Cortana. Secondary Disclaimer: The horror begins now!

Details >
10/30/2018

First Data Plans To Bring Its Popular Clover Platform to Full-Service Restaurants

Digital Transactions

First Data Corp. plans to further exploit its fast-growing Clover point-of-sale hardware and software platform for small and mid-sized businesses by bringing it to full-service restaurants.

Details >
10/30/2018

The Masquerade Ball: Train Yourself to Detect Spoofed Files

The State of Security

Masquerading is a technique used in which a file name is maliciously named something similar to one which may be trusted.

Details >
10/29/2018

Hang up on spoofed SSA calls

Federal Trade Commission

If you get a call that looks like it’s from the Social Security Administration (SSA), think twice.

Details >
10/29/2018

How Connected Devices Are Revolutionizing How And Who We Pay

PYMNTS.com

Connected devices — smartphones, tablets, voice-activated speakers, smartwatches, in-car dashboard systems — are changing how consumers in the U.S. buy and pay.

Details >
10/29/2018

Flimsy PINs, The Stalwart Protectors Of Billions Of Loyalty Rewards Dollars?

PYMNTS.com

As data theft continues to surge, companies are looking to bolster their defenses to protect customers and prevent fraudsters from committing cybercrimes. However, while merchants rush to reinforce payment protection, they may be neglecting the security of a less than obvious, yet crucial, part of their business.

Details >
10/29/2018

Tracking Customers Without Giving Them The Creeps

PYMNTS.com

By 2020, 30 billion Intelligence of Things (IoT) devices are expected to be connected worldwide — a figure anticipated to skyrocket to 100 billion by 2025. As the number of IoT devices grow, the security risks will only become more impactful.

Details >
10/29/2018

The Far-Reaching Impact of Same-Day ACH, One Year After Launch

Digital Transactions

Competition from faster payments pushed the automated clearing house to introduce same-day processing, but now the ACH may well turn the tables, says Sarah Grotta.

Details >
10/29/2018

Faster Payments Are Coming to Acquiring, Triggering Opportunity for Payments Providers

Digital Transactions

When it comes to faster payments, merchants don’t want to be left out, and that’s creating a big opportunity for payments processors and other merchant acquirers.

Details >
10/29/2018

Mirai Co-Author Gets 6 Months Confinement, $8.6M in Fines for Rutgers Attacks

Krebs on Security

The convicted co-author of the highly disruptive Mirai botnet malware strain has been sentenced to 2,500 hours of community service, six months home confinement, and ordered to pay $8.6 million in restitution for repeatedly using Mirai to take down Internet services at Rutgers University, his former alma mater.

Details >
10/26/2018

IRS Impersonator Scam Leader Sentenced to 135 Months in Prison After Stealing Millions of Dollars; Co-Conspirators Also Imprisoned

US Department of Justice

LITTLE ROCK—Cody Hiland, United States Attorney for the Eastern District of Arkansas, Gary Smith, Special-Agent-in-Charge, Southern Field Division, Treasury Inspector General for Tax Administration (TIGTA), and Robert G. Feldt, Special-Agent-in-Charge, Social Security Administration (SSA), Dallas Field Division, announced today the sentencing of five defendants involved in an IRS impersonation scheme that netted millions of dollars from unsuspecting victims.

Details >
10/26/2018

As The 2018 Holiday Shopping Season Approaches, So Too Do Criminals, Especially for Online Merchants

Digital Transactions

Merchants should expect even more consumers to shop online this holiday shopping season. They also should expect even more fraud attempts.

Details >
10/26/2018

Visa CEO Predicts 100 Million Contactless Cards in a Year

Digital Transactions

Visa Inc. has been talking up contactless payments lately, though its executives and spokespersons usually dole out percentages rather than hard numbers to describe what is still a minuscule market in terms of card numbers and transaction volume.

Details >
10/26/2018

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Krebs on Security

The fraudsters behind the often laughable Nigerian prince email scams have long since branched out into far more serious and lucrative forms of fraud, including account takeovers, phishing, dating scams, and malware deployment.

Details >
10/26/2018

Mastercard Tackles ‘Greening’ Plastic Cards

PYMNTS.com

The world has a plastic problems — a fact illustrated earlier this week when researchers from the Environment Agency Austria and the Medical University of Vienna jointly presented evidence that there is so much plastic in the environment that we’ve actually begun to inadvertently eat it.

Details >
10/25/2018

Scams against older adults: reporting to Congress

Federal Trade Commission

You might have read media stories about older people losing lots of money to scams. It does happen – and FTC data show that when people over 80 report losing money, the amount they lose is a lot higher than the amount younger people lose. But that’s not the whole story.

Details >
10/24/2018

Today in Data: Digital Banking Cybersecurity

PYMNTS.com

With new risks come new solutions, and banks are taking this approach to data security: They are adopting technologies such as biometric authentication to protect sensitive information.

Details >
10/24/2018

Occ Fines Capital One $100M Over AML Lapse

PYMNTS.com

The Office of the Comptroller of the Currency (OCC) announced that it has fined Capital One $100 million due to shortcomings in the company’s Bank Secrecy Act and anti-money laundering programs.

Details >
10/24/2018

Indiana National Guard Suffers Ransomware Attack

The State of Security

The Indiana National Guard confirmed that a ransomware attack affected some of its members’ personally identifiable information.

Details >
10/24/2018

Yahoo Agrees to Pay $50 Million in Damages to Settle Data Breach Lawsuit

The State of Security

Yahoo has agreed to pay $50 million to help settle a lawsuit that seeks to hold the company responsible for a data breach the company suffered several years ago.

Details >
10/23/2018

Who Is Agent Tesla?

Krebs on Security

A powerful, easy-to-use password stealing program known as Agent Tesla has been infecting computers since 2014, but recently this malware strain has seen a surge in popularity — attracting more than 6,300 customers who pay monthly fees to license the software.

Details >
10/23/2018

Card Fraud and Account Takeovers Continue to Haunt Multiple Industries, Says IDology

Digital Transactions

Credit, debit, and prepaid card fraud shows no signs of retreat, finds the Sixth Annual Fraud Report from IDology, an Atlanta-based identity-verification company. Sixty-seven percent of executive respondents to an IDology survey said card-based fraud is most prevalent among their industries. That compares to 65% in 2017.

Details >
10/23/2018

The Zelle P2P Payment Service Posts 83% Transaction Growth in the Third Quarter

Digital Transactions

The Zelle person-to-person payment service continued to gain traction in the third quarter. Zelle Network reported Tuesday that it processed $32 billion in the three months ended Sept. 30 on 116 million transactions.

Details >
10/22/2018

FTC Consumer Info - Spread the word about charity fraud

Federal Trade Commission

This week, the FTC, the National Association of State Charities Officials (NASCO), and state charity regulators are joining forces with regulators from across the world to participate in the first International Charity Fraud Awareness Week.

Details >
10/22/2018

FTC Consumer Info - New materials on cybersecurity for small business

Federal Trade Commission

If you own a small business, you know it’s critical to protect your business from cyber threats.

Details >
10/22/2018

FTC Consumer Info - Scams near you, by the numbers

Federal Trade Commission

Every day, people across the country are telling the FTC what happened to them

Details >
10/22/2018

FTC Consumer Info - Scammers demand gift cards

Federal Trade Commission

Gift cards are a great way to give a gift. But did you know they are also a scammer’s favorite way to steal money?

Details >
10/22/2018

FTC Consumer Info - Managing someone else's money: New Protection from ID theft and fraud

Federal Trade Commission

If you manage someone else’s money, protecting your loved one from financial exploitation and scams is among your important responsibilities.

Details >
10/22/2018

FTC Consumer Info - Will background check errors deny you a home?

Federal Trade Commission

A background check can determine if you can get credit, a job, or even a place to live.

Details >
10/22/2018

Russian National Charged with Interfering in U.S. Political System

The United States Department of Justice

A criminal complaint was unsealed in Alexandria, Virginia, today charging a Russian national for her alleged role in a Russian conspiracy to interfere in the U.S. political system, including the 2018 midterm election. Assistant Attorney General for National Security John C. Demers, U.S. Attorney G. Zachary Terwilliger of the Eastern District of Virginia, and FBI Director Christopher Wray made the announcement after the charges were unsealed.

Details >
10/22/2018

NCR To Take a Direct Role in Payments With its Pending $184 Million Acquisition of JetPay

Digital Transactions

Best known for its ATMs, NCR Corp. has long been close to the point-of-sale payment business with its software products such as Retail One, Aloha, and NCR Silver, and its hardware for retailers and the hospitality industry that includes self-checkout systems for grocery stores.

Details >
10/18/2018

Intuit On Why Small Biz Can Lead The Way For B2B Payments Change

PYMNTS.com

People learn to live with their messes, whether that means piles of old clothes stuffed into the closet, emotional baggage from high school or that wine stain on the carpet.

Details >
10/18/2018

Is Sharing Cybercrime Data Key To Fighting Fraud?

PYMNTS.com

In search of added convenience and simplicity, banking customers are migrating to online and mobile banking interfaces, leaving in-person visits to brick-and-mortar branches behind. While this switch in preference to digital banking is providing new tools and capabilities to consumers, it’s also presenting new opportunities for fraudsters — and they’re not hesitating to take advantage.

Details >
10/18/2018

RAT author jailed for 30 months, ordered to hand over $725k worth of Bitcoin

The State of Security

A US court has sentenced a programmer to 30 months in a federal prison in connection with software that claimed to be a legitimate tool for Windows sysadmins to remotely manage computers, but was actually used by criminals to backdoor PCs and secretly spy on victims.

Details >
10/16/2018

What a Difference a Year Makes: Consumer Sentiment Shifts Substantially Toward Tech Firms

Digital Transactions

With technology companies increasingly eyeing financial services, a survey from Brookfield, Wis.-based bank processor Fiserv Inc. indicates 55% of consumers feel comfortable using a company like Apple Inc. or Alphabet Inc.’s Google to pay bills, up from 40% in 2017. Thirty-nine percent would take out a loan from a tech-company service, up 10 percentage points, and 52% would use a tech-company service for person-to-person payments, up 14 points.

Details >
10/15/2018

Fake Adobe update really *does* update Flash (while also installing cryptominer)

The State of Security

Online criminals have frequently distributed their malware attacks as fake updates for Adobe Flash.

Details >
10/14/2018

Financial Companies Rack Up Complaints, but Good Luck Finding Them

Nerd Wallet

The federal watchdog agency created to protect consumers is not regulating two of the country’s fastest-growing financial institutions despite receiving voluminous complaints about them, NerdWallet has found.

Details >
10/14/2018

Supply Chain Security 101: An Expert’s View

Krebs on Security

Earlier this month I spoke at a cybersecurity conference in Albany, N.Y. alongside Tony Sager, senior vice president and chief evangelist at the Center for Internet Security and a former bug hunter at the U.S. National Security Agency.

Details >
10/11/2018

New Evidence of Hacked Supermicro Hardware Found in U.S. Telecom

Bloomberg

The discovery shows that China continues to sabotage critical technology components bound for America.

Details >
10/09/2018

Supply Chain Security is the Whole Enchilada, But Who’s Willing to Pay for It?

Krebs on Security

From time to time, there emerge cybersecurity stories of such potential impact that they have the effect of making all other security concerns seem minuscule and trifling by comparison.

Details >
10/05/2018

PCI SSC Works on Security for New Payment Options

Bank Info Security

As new payment options continue to emerge via mobile phones and internet of things devices, the PCI Security Standards Council is broadening its security efforts, starting with a new standard for contactless payments coming early next year, says Troy Leach, PCI SSC's chief technology officer.

Details >
10/02/2018

Voice Phishing Scams Are Getting More Clever

Krebs on Security

Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams.

Details >
10/02/2018

Visa as gumshoe: How the card network tracks fraud to its source

PaymentsSource

There’s an adage in business and war that goes, “The best defense is a good offense.” This is the philosophy that Visa is deploying against online fraud.

Details >
09/30/2018

The PCI Council Will Take Further Comments on an Updated Point-to-Point Encryption Standard

Digital Transactions

When security managers and executives gather this week for the PCI Security Standards Council’s annual North America Community Meeting, one of the topics sure to be on their minds is point-to-point encryption (P2PE) of payment card data.

Details >
09/30/2018

Social Security Opens More Offices To Fight Fraud: 'We Will Find You; We Will Prosecute You...'

Forbes

The Social Security Administration (SSA) and its Office of the Inspector General (OIG) today announced the opening of three new Cooperative Disability Investigations (CDI) Units across the country.

Details >
09/30/2018

UN On Using AI To Crack Down On Laundering, Trafficking

PYMNTS.com

Recent innovations in artificial intelligence (AI) have given financial institutions (FIs) the ability to fight fraud and better serve their customers.

Details >
09/30/2018

Facebook says big breach exposed 50 million accounts to full takeover

geo.tv

Facebook Inc said Friday hackers stole digital login codes allowing them to take over nearly 50 million user accounts in its worst security breach ever given the unprecedented level of potential access, adding to what has been a difficult year for the company’s reputation.

Details >
09/27/2018

Secret Service Warns of Surge in ATM ‘Wiretapping’ Attacks

Krebs on Security

The U.S. Secret Service is warning financial institutions about a recent uptick in a form of ATM skimming that involves cutting cupcake-sized holes in a cash machine and then using a combination of magnets and medical devices to siphon customer account data directly from the card reader inside the ATM.

Details >
09/26/2018

Uber Agrees To Pay $145M Fine To Settle Data Breach Lawsuit

PYMNTS.com

California Attorney General Xavier Becerra and San Francisco District Attorney George Gascón announced on Wednesday (Sept. 26) that they have reached a settlement with Uber Technologies Inc., in which Uber will pay $148 million to resolve allegations that it violated state laws pertaining to data breach reporting.

Details >
09/26/2018

Barracuda Networks Sees More ATO Attacks Ahead

Security Boulevard

A new report published by Barracuda Networks warns the number of account takeover (ATO) incidents involving compromised email credentials is starting to rise.

Details >
09/26/2018

Malware in the Cloud: What You Need to Know

The State of Security

Cloud security is not as simple as it may seem. Businesses have a shared security responsibility with cloud service providers, but some lack the knowledge to keep up their share of the bargain.

Details >
09/26/2018

North Dakota U.S. Attorney’s Office Continues Attack on Transnational Criminal Organizations in ‘Operation Hard Copy’

U.S. Attorney's Office - North Dakota

BISMARCK – Melinda Bulgin, of Providence, Rhode Island, was found guilty on September 14, 2018, by a federal jury on all 15 counts of Conspiracy to Commit Wire Fraud or Mail Fraud, Wire Fraud, Mail Fraud, and Conspiracy to Commit International Money Laundering, in connection with her participation in a transnational criminal advance fee telemarketing (“lottery”) fraud.

Details >
09/25/2018

Christmas In September? Holiday Fraud Planning Is In Full Takeover Mode

PYMNTS.com

The criminals have already started. They are buying fraud tutorials and data from other criminals online.

Details >
09/25/2018

Beware of Hurricane Florence Relief Scams

Krebs on Security

If you’re thinking of donating money to help victims of Hurricane Florence, please do your research on the charitable entity before giving: A slew of new domains apparently related to Hurricane Florence relief efforts are now accepting donations on behalf of victims without much accountability for how the money will be spent.

Details >
09/23/2018

How Banks Can Benefit From Partnering With FinTechs

PYMNTS.com

When it comes to treasury market offerings, banks have historically started wholesale and retail lockbox businesses.

Details >
09/20/2018

Understanding OFAC: A Best Practices Compliance Guide for All Businesses

Digital Transactions

Over the last decade, the Office of Foreign Assets Control (OFAC) has imposed $4.3 billion in civil money penalties. But did you know that businesses other than banks received 81% of these fines last year?

Details >
09/20/2018

British Airways breach shows the need for 'constant compliance'

PaymentsSource

The recent British Airways card breach compromised several types of information that raise both PCI DSS and GDPR concerns.

Details >
09/17/2018

GovPayNow.com Leaks 14M+ Records

Krebs on Security

Government Payment Service Inc. — a company used by thousands of U.S. state and local governments to accept online payments for everything from traffic citations and licensing fees to bail payments and court-ordered fines — has leaked more than 14 million customer records dating back at least six years, including names, addresses, phone numbers and the last four digits of the payer’s credit card.

Details >
09/17/2018

NY Sues Fed Over OCC’s FinTech Charter Decision

PYMNTS.com

To challenge the Office of the Comptroller of the Currency (OCC)’s decision to allow online payment companies and lenders to have national bank charters, the top banking regulator in New York is suing the federal government. In a complaint filed with a federal court, New York Department of Financial Services (DFS) Superintendent Maria Vullo said, “The OCC’s reckless folly should be stopped,” Reuters reported.

Details >
09/16/2018

10,000 stolen Social Security numbers recovered in arrest

sfgate.com

Officers said they recovered more than 10,000 stolen Social Security numbers, bank account numbers and bank routing information as part of an identity theft investigation that resulted in a 36-year-old man's arrest.

Details >
09/16/2018

How to Be Invisible Online -- Without Going Off the Grid (Infographic

Entrepreneur

It's important to go the extra mile to protect your personal information online.

Details >
09/14/2018

Your Social Security Number isn’t suspended. Ever.

Federal Trade Commission

A caller says that he’s from the government and your Social Security Number (SSN) has been suspended. He sounds very professional. So you should do exactly what he says to fix things…right?

Details >
09/13/2018

Data: What EMV overlooked

PaymentsSource

The vast majority of credit and debit cards in the U.S. are now EMV compliant, and nearly 70 percent of U.S. stores can support chip-enabled cards.

Details >
09/13/2018

Beware the Homeless Homebuyer Real Estate Scam!

The State of Security

Security professionals are warning users who are or soon will be engaged in real estate transactions to watch out for the “homeless homebuyer” scam.

Details >
09/13/2018

U.S. Mobile Giants Want to be Your Online Identity

Krebs on Security

The four major U.S. wireless carriers today detailed a new initiative that may soon let Web sites eschew passwords and instead authenticate visitors by leveraging data elements unique to each customer’s phone and mobile subscriber account, such as location, customer reputation, and physical attributes of the device.

Details >
09/13/2018

Here’s Why Business Email Compromise Is Still Driving Executive Identity Theft

Security Intelligence

All it took was access to a lawyer’s email, and suddenly, almost $532,000 was in the wrong hands.

Details >
09/13/2018

New Data: Why Bank Customers Prefer Convenience Over Security

PYMNTS.com

Consumers prefer speed, convenience and ease of use over security — even when it comes to accessing financial services online.

Details >
09/13/2018

What Cloud Migration Means for Your Security Posture

The State of Security

It shouldn’t come as a surprise to anyone reading this article that there has been a major shift towards businesses hosting their critical applications in the cloud.

Details >
09/10/2018

With Platform Embedded In 25M Vehicles, Xevo’s Putting Pedal Down On Connected Commerce

PYMNTS.com

The race is on to reduce commerce and payments friction in the fast growing world of connected vehicles.

Details >
09/10/2018

Uber’s Newest Project? Reinventing Its Payments Experience

PYMNTS.com

The transportation company that innovated payments by delivering the Uber experience is at it again — this time, by making it easier and more rewarding for its users to pay for products and services inside its growing ecosystem.

Details >
09/07/2018

'SIM swapping' cybercrime targets cellphone owners

ABC Arizona

A Chandler family has become the latest victim of a sophisticated cybercrime known as "SIM swapping.”

Details >
09/07/2018

Beware of the New Way Crooks Can Drain Your Credit Card Account

The State of Security

This article describes one of the recent frauds used by cybercriminals to steal funds from people’s credit cards. Unfortunately, it is a simple one to pull off, so peruse the details below and make sure you don’t get on the hook.

Details >
09/06/2018

Browser Extensions: Are They Worth the Risk?

Krebs on Security

Popular file-sharing site Mega.nz is warning users that cybercriminals hacked its browser extension for Google Chrome so that usernames and passwords submitted through the browser were copied and forwarded to a rogue server in Ukraine.

Details >
09/05/2018

Anatomy of a fake check scam

Federal Trade Commission

Fake checks drive many types of scams – like those involving phony prize wins, fake jobs, mystery shoppers, online classified ad sales, and others.

Details >
09/05/2018

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Krebs on Security

mSpy, the makers of a software-as-a-service product that claims to help more than a million paying customers spy on the mobile devices of their kids and partners, has leaked millions of sensitive records online, including passwords, call logs, text messages, contacts, notes and location data secretly collected from phones running the stealthy spyware.

Details >
09/03/2018

Alleged ‘Satori’ IoT Botnet Operator Sought Media Spotlight, Got Indicted

Krebs on Security

A 20-year-old from Vancouver, Washington was indicted last week on federal hacking charges and for allegedly operating the “Satori” botnet, a malware strain unleashed last year that infected hundreds of thousands of wireless routers and other “Internet of Things” (IoT) devices.

Details >
08/31/2018

‘Amazon Bank’ Is Already Here, Without a Charter or Regulatory Approval

The Financial Brand

Nothing can stop Amazon. Not even banking regulators or geographic borders can slow them down. With patents, patience, a willingness to fail, a huge and devoted customer base, a universe of data, and gobs of money, Amazon represents a real threat to the traditional banking industry.

Details >
08/31/2018

How Five High School Kids Are Changing Payments For The Visually Impaired

PYMNTS.com

Right now, it looks like a blood pressure cuff with wires and tiny boxes attached to it. Or, perhaps, an oversized watchband, one that was made by a child stuck inside on a rainy day.

Details >
08/30/2018

Cheddar’s Restaurants Bitten By Credit-Card Breach

Threat Post

Fast-casual stalwart Cheddar’s Scratch Kitchen has become the latest restaurant to suffer a payment-card breach.

Details >
08/30/2018

Zelle Eyeing Expansion Into Small Business Payments

PYMNTS.com

Zelle, the digital payment app that enables consumers to send money to friends and family, is gearing up to expand its offering to enable customers to pay small businesses.

Details >
08/30/2018

Amazon's Cashier-Free Stores are Going National. And it might just change the future of retail

Futurism

MORE CHOICES. If you live in Seattle and want to pick up a quick snack without having to wait in a checkout line, you’ve now got two options for where you can do so.

Details >
08/30/2018

Digital transactions' speed is a gateway to account fraud

PaymentsSource

Fraud related to account opening has become a costly issue in the digital age.

Details >
08/30/2018

Comerica scrambles to address fraud in prepaid benefits program

PaymentsSource

Comerica Bank has shut down a component of its prepaid card program for federal benefits recipients after a recent spate of fraud cases.

Details >
08/30/2018

Visa: Chip Cards Reduce Counterfeit Fraud At U.S. Merchants By 75 Percent

PYMNTS.com

Data released by Visa on Wednesday (Aug. 29) showed that counterfeit fraud ticked down at U.S. merchants by 75 percent from September 2015 to March 2018 as more storefronts started accepting chip cards.

Details >
08/30/2018

Air Canada Alerts Customers of Mobile App Breach, 20,000 Users Affected

The State of Security

Air Canada announced on Wednesday that approximately 20,000 customers may have had their personal information compromised after a data breach in its mobile app.

Details >
08/28/2018

Fiserv Flaw Exposed Customer Data at Hundreds of Banks

Krebs on Security

Fiserv, Inc., a major provider of technology services to financial institutions, just fixed a glaring weakness in its Web platform that exposed personal and financial details of countless customers across hundreds of bank Web sites, KrebsOnSecurity has learned.

Details >
08/28/2018

Bank of Spain Reveals Its Website Suffered a DoS Attack

The State of Security

The Bank of Spain revealed that bad actors used a denial-of-service (DoS) attack to temporarily disrupt access to its website.

Details >
08/27/2018

St. Paul Duo Accused Of Prolific Theft Operation

WCCO 4 News

Investigators say they uncovered the largest retail theft operation in metro-area history.

Details >
08/27/2018

Who’s Behind the Screencam Extortion Scam?

Krebs on Security

The sextortion email scam last month that invoked a real password used by each recipient and threatened to release embarrassing Webcam videos almost certainly was not the work of one criminal or even one group of criminals

Details >
08/24/2018

Alleged SIM Swapper Arrested in California

Krebs on Security

Authorities in Santa Clara, Calif. have arrested and charged a 19-year-old area man on suspicion hijacking mobile phone numbers as part of a scheme to steal large sums of bitcoin and other cryptocurrencies.

Details >
08/24/2018

As P2P Payments Increase, So Must Fraud Controls

Bank Innovation

The demand for P2P payments does not seem to be slowing anytime soon. A study released today by research firm Aite and Early Warning, owner of the bank-based P2P firm Zelle, found that P2P payments will triple by 2020.

Details >
08/24/2018

Twin Cities Bank Robber Pleads Guilty in Federal Court

United States Attorney's Office - District of MN

United States Attorney Erica H. MacDonald today announced the guilty plea of JAYVON DOMINIQUE GANT, 28, to one count of bank robbery. GANT, who was charged by criminal complaint on June 7, 2018, entered his guilty plea before Judge Joan N. Ericksen in U.S. District Court in Minneapolis, Minnesota.

Details >
08/24/2018

The five most common credit-card frauds

nzherald.co.nz

As long as credit cards have been around, an opportunity for fraud has followed.

Details >
08/20/2018

6 common habits that put you at risk for identity theft

NBC News

Data breaches and hacks are often unavoidable, but security experts say there are some everyday habits that put consumers even more at risk.

Details >
08/17/2018

Hanging Up on Mobile in the Name of Security

Krebs on Security

An entrepreneur and virtual currency investor is suing AT&T for $224 million, claiming the wireless provider was negligent when it failed to prevent thieves from hijacking his mobile account and stealing millions of dollars in cryptocurrencies.

Details >
08/17/2018

Hackers steal $13.5 million from Indian bank in global attack

The State of Security

Hackers planted malware on an automated teller machine (ATM) server belonging to an Indian bank as part of a criminal scheme which saw the theft of nearly 944 million rupees (US $13.5 million) in a co-ordinated attack across 28 countries last weekend.

Details >
08/13/2018

FBI Warns of ‘Unlimited’ ATM Cashout Blitz

Krebs on Security

The Federal Bureau of Investigation (FBI) is warning banks that cybercriminals are preparing to carry out a highly choreographed, global fraud scheme known as an “ATM cash-out,” in which crooks hack a bank or payment card processor and use cloned cards at cash machines around the world to fraudulently withdraw millions of dollars in just a few hours.

Details >
08/11/2018

Fraud and Friction: Fighting Two Significant Challenges

Credit Union Times

Credit unions have recently experienced a period of significant growth. But this also means increased risk.

Details >
08/10/2018

EXTORTIONISTS INCREASINGLY USING RECIPIENTS' PERSONAL INFORMATION TO INTIMIDATE VICTIMS

IC3

The Internet Crime Complaint Center (IC3) has recently received an increase in reports about extortion attempts received via e-mail and postal mail and using specific user information to add authenticity. While there are many variations in these extortion attempts, they often share certain commonalties.

Details >
08/10/2018

Beware: Real Estate Scams are Growing

The State of Security

What does the chairman of MIT’s board of trustees and a Supreme Court judge for New York State have in common with the Weintraubs of Lebanon, Oregon? They were all victims of real-estate spoofing scams, a form of cyber-security fraud that has grown from $19 million in 2016 to over $1B in 2017.

Details >
08/10/2018

Flaw exposed Comcast Xfinity customers’ partial home addresses and SSNs

The State of Security

Poor security measures have reportedly put the personal details of Comcast Xfinity customers at risk, a researcher has revealed.

Details >
08/07/2018

Florida Man Arrested in SIM Swap Conspiracy

Krebs on Security

Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud ring that hijacked mobile phone numbers in online attacks that siphoned hundreds of thousands of dollars worth of bitcoin and other cryptocurrencies from victims.

Details >
08/07/2018

Watch out for card skimming at the gas pump

Federal Trade Commission

With the summer travel season in high gear, the FTC is warning drivers about skimming scams at the pump.

Details >
08/07/2018

Promoter pitches "secrets" to big bucks on Amazon

Federal Trade Commission

Online ads and in-person workshops for Sellers Playbook claim to offer “secrets” to making big money on Amazon. But like a lot of namedroppers, the truth doesn’t live up to the hype. That’s what the FTC and the Minnesota Attorney General allege in a lawsuit they filed.

Details >
08/06/2018

3 trends hackers at Black Hat and DEFCON are watching

Yahoo

Cybersecurity is a constant game of cat-and-mouse — with every security improvement and criminal crackdown, there is a corresponding evolution in attacker methods and techniques.

Details >
08/06/2018

On a Hot Streak, the ACH Network Has Racked up 5%-Plus Growth in 12 of the Last 14 Quarters

Digital Transactions

The growth surge at the nation’s automated clearing house network shows no signs of slowing down. The payments system handled 5.68 billion transactions in the quarter ended June 30, a 6.2% increase year-over-year, according to numbers from Herndon, Va.-based NACHA, the network’s governing body. The network has now notched growth exceeding 5% in 12 out of the 14 quarters since the start of 2015.

Details >
08/04/2018

Credit Card Issuer TCM Bank Leaked Applicant Data for 16 Months

Krebs on Security

TCM Bank, a company that helps more than 750 small and community U.S. banks issue credit cards to their account holders, said a Web site misconfiguration exposed the names, addresses, dates of birth and Social Security numbers of thousands of people who applied for cards between early March 2017 and mid-July 2018.

Details >
08/03/2018

Avoid the most common bank-to-school scams

fraud.org

Avoid the most common back-to-school scams, including fake diploma and scholarship scams.

Details >
08/03/2018

Resurgent payments fraud heightens ID challenge for banks

American Banker

Verifying identities continues to be a tricky proposition for banks as cybercriminals diversify and increase their attacks — especially when it comes to wire transactions.

Details >
08/02/2018

Hunting the Con Queen of Hollywood: Who's the "Crazy Evil Genius" Behind a Global Racket?

Hollywood Reporter

For more than a year, some of the most powerful women in entertainment — including Amy Pascal, Kathleen Kennedy, Stacey Snider and a 'Homeland' director — have been impersonated by a cunning thief who targets insiders with promises of work, then bilks them out of thousands of dollars.

Details >
07/31/2018

FS-ISAC Cyber-Attack Against Payment Systems (CAPS) Exercises

FS-ISAC

A great opportunity to practice your plan.

Details >
07/31/2018

OCC Begins Accepting National Bank Charter Applications From Financial Technology Companies

OCC Notice

The Office of the Comptroller of the Currency (OCC) today announced it will begin accepting applications for national bank charters from nondepository financial technology (fintech) companies engaged in the business of banking.

Details >
07/31/2018

Cryptomining Malware Is Infecting Corporate Networks Worldwide

Futurism

CORPORATE HIJACKING. Security firm Kaspersky Lab just exposed an international cryptocurrency mining ring that is using malware software called PowerGhost to spread across vast corporate networks.

Details >
07/31/2018

Save the Embarrassment: The Value of Two-Factor Authentication

The State of Security

These days, it’s not a matter of if your password will be breached but when.

Details >
07/31/2018

The depth of Macy's breach pushes PCI compliance investment

PaymentsSource

Macy’s recently became the latest major retailer forced to inform its customers that their data had been exposed by another cyberthreat. Although detected by a third-party security tool, the cybercrooks still gained access to data from customers who had shopped on the retail store’s website.

Details >
07/30/2018

Report: Hawaii has most victims of identity theft

khon2.com

Sad to report residents of the Aloha state are at the top of the list when it comes to being at risk to thieves.

Details >
07/30/2018

Data Security Incident at Pediatric Hospital Affects 100K Individuals

The State of Security

A data security incident at a pediatric hospital affected more than 100,000 individuals including patients and employees.

Details >
07/27/2018

State Govts. Warned of Malware-Laden CD Sent Via Snail Mail from China

Krebs on Security

Here’s a timely reminder that email isn’t the only vector for phishing attacks: Several U.S. state and local government agencies have reported receiving strange letters via snail mail that include malware-laden compact discs (CDs) apparently sent from China, KrebsOnSecurity has learned.

Details >
07/26/2018

To Prevent Breaches, Banks Must Change the Way They Face Threats

Bank Innovation

Security firms have evolved their techniques to meet mounting threats on a digital front, as such banks must change too.

Details >
07/26/2018

LifeLock Bug Exposed Millions of Customer Email Addresses

Krebs on Security

Identity theft protection firm LifeLock — a company that’s built a name for itself based on the promise of helping consumers protect their identities online — may have actually exposed customers to additional attacks from ID thieves and phishers.

Details >
07/25/2018

Uptick in San Francisco retail theft

Kron4.com

SAN FRANCISCO (KRON) - Retail theft is on the uptick in San Francisco, and while luxury goods were once the focus, now it seems as if those stealing are going for lower end merchandise.

Details >
07/25/2018

Former online survey worker sentenced to 18 months for stealing $492,000 in unclaimed Amazon gift cards

gizmodo.com

A Lexington, Kentucky man was sentenced to 18 months in federal prison on Monday, the Department of Justice wrote in a press release, for a data heist in which he abused his status as an employee of online polling company IntelliSurvey Inc. to snatch up nearly half a million dollars in unclaimed Amazon gift cards.

Details >
07/25/2018

Louisiana mobile drivers license first to roll out statewide

SecureID News

With its new LA Wallet, Louisiana becomes the first state to actually rollout digital driver’s licenses to its citizenry. While other states have piloted the mobile licenses, this is the first instance where any citizen can use the mobile app during any traffic stop of police interaction.

Details >
07/25/2018

Porting Out: It's Phone Fraud 101

howstuffworkds

When people talk about phone scams, it's often the variety of fraud that can occur through cold calls to a person's home or mobile device.

Details >
07/25/2018

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

Krebs on Security

Hackers used phishing emails to break into a Virginia bank in two separate cyber intrusions over an eight-month period, making off with more than $2.4 million total.

Details >
07/25/2018

Hacker Exposes Security Vulnerability in Popular Cryptocurrency Site Ehterscan

Futurism

EXPLORING THE BLOCK. One of the main draws of a blockchain is that it’s a public record. Anyone, anywhere, can look at every cryptocurrency transaction on the blockchain — unlike the transactions made via traditional financial institutions, the information isn’t secreted away in a server somewhere.

Details >
07/25/2018

Kronos Malware Returns With New Attack Campaigns, Updates

The State of Security

The Kronos banking trojan has returned with several new attack campaigns as well as a few updates

Details >
07/23/2018

Human Resources Firm ComplyRight Breached

Krebs on Security

Cloud-based human resources company ComplyRight said this week that a security breach of its Web site may have jeopardized sensitive consumer information — including names, addresses, phone numbers, email addresses and Social Security numbers — from tax forms submitted by the company’s thousands of clients on behalf of employees.

Details >
07/23/2018

Zelle Catches A Growth Wave, Threatening Venmo

PYMNTS.com

The Q2 earnings season has just kicked off, and it’s already helping shedding light on recent developments in the peer-to-peer (P2P) world — most notably, the shape of the ongoing competition between Zelle and Venmo.

Details >
07/23/2018

Social Security Issues Warning About Scams Similar To Those IRS Phone Scams

Forbes

It may be summer, but the bad guys aren’t taking a vacation. The Acting Inspector General of Social Security, Gale Stallworth Stone, has issued a warning about an ongoing phone scam from thieves pretending to be from the Social Security Administration (SSA).

Details >
07/23/2018

Symantec Releases “Email Threat Isolation” Technology To Prevent Attacks

The Truth News

Symantec Corp, the cyber-security giant unveiled a new solution rooted on threat isolation technology that thwarts advanced email hits on the end-user devices.

Details >
07/23/2018

Google: Security Keys Neutralized Employee Phishing

Krebs on Security

Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity.

Details >
07/20/2018

Woman charged in elaborate car theft ring in Westchester County

abc7ny.com

Brand new cars, many of them luxury models, are being stolen from dealerships in several Westchester County communities by an elaborate identity theft ring, prosecutors say.

Details >
07/20/2018

Cuban citizen sentenced to prison for Green Bay area skimming scheme

2WBAY.com

A Cuban citizen has been sentenced to four years in federal prison for his role in a credit card skimming scheme in the Green Bay area.

Details >
07/20/2018

Federal prison for woman who embezzled over $1 million

The Maui News

A former employee was sentenced Wednesday to more than four years in federal prison for her role in conspiring to embezzle more than $1 million from the now-closed First Hawaiian Homes Federal Credit Union on Molokai.

Details >
07/20/2018

Fraud symposium educates local financial institutions

upmatters.com

Financial institutions from around the U.P. met today for the Upper Midwest Automated Clearing House Association's Fraud Symposium. This was co-sponsored with FRPA and the Minneapolis Federal Reserve Bank.

Details >
07/16/2018

‘LuminosityLink RAT’ Author Pleads Guilty

Krebs on Security

A 21-year-old Kentucky man has pleaded guilty to authoring and distributing a popular hacking tool called “LuminosityLink,” a malware strain that security experts say was used by thousands of customers to gain unauthorized access to tens of thousands of computers across 78 countries worldwide.

Details >
07/16/2018

8 Insights on the Future of Ransomware

The State of Security

Ransomware is a variant of malware that we are seeing as the next wave of quick compromise attacks

Details >
07/16/2018

Security Fundamentals for Federal Agencies

The State of Security

Cybersecurity experts are urging government agencies to protect their data with up-to-date, foundational security controls, and agencies are listening

Details >
07/15/2018

To Catch A Thief - Lessons We Can All Learn From Demi Moore's Identity Theft Drama

Forbes

The recent film Ocean’s 8 is the story of a group of thieves that steal a priceless necklace from a famous movie actress, in plain sight.

Details >
07/15/2018

Fighting Fraud By Finding The Gaps

PYMNTS.com

The problem with fighting fraud — according to GIACT EVP of Product David Barnhardt in this week’s edition of the PYMNTS Topic TBD — is how much information fraudsters have at their fingertips about regular consumers

Details >
07/13/2018

Use Layered Authentication to Secure Real-Time Payments

Digital Transactions

Real-time processing heightens risk for providers that aren’t prepared. Here’s what financial institutions should be doing now, says Eric Woodward.

Details >
07/13/2018

BUSINESS E-MAIL COMPROMISE THE 12 BILLION DOLLAR SCAM

FBI

This Public Service Announcement (PSA) is an update and companion to Business E-mail Compromise (BEC) PSA 1-050417-PSA posted on www.ic3.gov. This PSA includes new Internet Crime Complaint Center (IC3) complaint information and updated statistical data for the time frame October 2013 to May 2018.

Details >
07/13/2018

Fictitious Notification Regarding the Release of Funds Supposedly Under the Control of the Office of the Comptroller of the Currency

OCC Notice

Consumers have reported receiving fictitious e-mail messages, allegedly initiated by the Office of the Comptroller of the Currency (OCC), regarding funds purportedly under the control of the OCC.

Details >
07/11/2018

Macy’s, Bloomingdales Alert Online Customers of Data Breach

The State of Security

Macy’s is notifying customers of a data breach involving unauthorized access to their payment card data and personal information.

Details >
07/09/2018

Square Will Reapply for Banking License with the FDIC After Last Week’s Withdrawal

Bank Innovation

Payment processor Square has withdrawn its application to become a deposit-taking bank, a move similar to online lender Social Finance or SoFi, which withdrew its application last fall. However, unlike SoFI, Square plans to refile its application, attributing Thursday’s withdrawal to mere procedural issues. It plans to reapply with the FDIC, but did not reveal a timeline.

Details >
07/06/2018

7 Questions for Evaluating your Security Posture against Insider Threats

The State of Security

Insider threats top the list of the most dangerous cyber risks for organizations worldwide. It doesn’t take much effort for insiders to steal your sensitive data, while such activities are hard to discover and impossible to prevent.

Details >
07/06/2018

Bigger, Faster, Stronger: 2 Reports Detail the Evolving State of DDoS

DARKReading

DDoS attacks continue to plague the Internet, getting bigger and more dangerous. And now, the kids are involved.

Details >
07/06/2018

The Problem of Stolen Crypto Is Getting Worse Fast, Spurring a Possible Regulatory Crackdown

Digital Transactions

Enthusiasts of Bitcoin and other cryptocurrencies are trying to position the digital currencies as legitimate means of exchange, but crypto’s tendency to be stolen and then laundered by thieves is not only well-known, it’s growing worse.

Details >
07/06/2018

Square Pulls Banking Application

PYMNTS.com

Though Square has reportedly withdrawn its application to create a deposit-taking bank, the payments processor intends to file the application again in the future. The firm had applied for an “industrial loan company (ILC)” license with the Federal Deposit Insurance Corporation (FDIC), Reuters reported.

Details >
07/02/2018

Shimmers: The New Credit Card Skimmers

Journal Times

According to Visa®, the introduction of the EMV (Europay, MasterCard®, and Visa) chip card in late 2015 resulted in a 76% decrease in counterfeit fraud in less than three years.

Details >
07/02/2018

WPA3: What You Need To Know

The State of Security

Earlier this month, the Wi-Fi Alliance issued a press release announcing the availability of WPA3.

Details >
07/02/2018

Harpoon Cannon Method: How Scammers Catch Bitcoin Whales

The State of Security

Bitcoin whales are considered to be people who have thousands of coins in their crypto-wallets.

Details >
07/02/2018

Getting a vacation rental? Watch out for scams.

Federal Trade Commission

With July 4th right around the corner, plenty of us are still running around trying to book a last-minute vacation rental. If that’s you, here’s what you need to know: scammers are ready with fake vacation rental ads.

Details >
06/29/2018

Ticketmaster Warns of Data Breach, Customer Payment Details Potentially Exposed

The State of Security

Ticketmaster has alerted thousands of UK-based customers that it has learned of a security breach in which their payment information may have been exposed.

Details >
06/29/2018

Equifax reaches deal with 8 states on steps to avoid future breaches

PaymentsSource

The credit reporting giant Equifax has agreed to shore up its data security efforts after a massive breach of personal information sparked scrutiny from state regulators.

Details >
06/29/2018

Who won, who lost in Supreme Court’s credit card ruling

PaymentsSource

Whether they take the form of cash, miles or points, credit card rewards have become a staple of U.S. consumer culture. Many households, particularly at the upper end of the income spectrum, charge just about every purchase, mainly so they can collect rewards with each swipe.

Details >
06/29/2018

Vehicle Shippers Springing Up on Internet May Be Scams, BBB Warns

Better Business Bureau

St. Louis, Mo., June 7, 2018 – Better Business Bureau (BBB) warns consumers shopping for a vehicle on the internet to be on alert if the seller suggests using a third party to handle the transaction.

Details >
06/29/2018

Hitherto unknown marketing firm exposed hundreds of millions of Americans’ data

The State of Security

It’s been discovered that a marketing company left almost two terabytes of sensitive data exposed on the internet for anybody to access.

Details >
06/26/2018

How to Avoid Card Skimmers at the Pump

Krebs on Security

Previous stories here on the proliferation of card-skimming devices hidden inside fuel pumps have offered a multitude of security tips for readers looking to minimize their chances of becoming the next victim, such as favoring filling stations that use security cameras and tamper-evident tape on their pumps.

Details >
06/20/2018

Scams and Your Small Business

Federal Trade Commission

At the FTC, our mission is to protect consumers, including small business owners. That’s why, when we see scammers taking money from small businesses, we step in.

Details >
06/19/2018

Verizon to Stop Sharing Customer Location Data With Third Parties

Krebs on Security

In the wake of a scandal involving third-party companies leaking or selling precise, real-time location data on virtually all Americans who own a mobile phone, the four major wireless carriers have responded to requests from a U.S. senator for more details about how the carriers are managing access to this extremely sensitive information.

Details >
06/18/2018

Bitcoin and ether are not securities, but some initial coin offerings may be, SEC official says

CNBC

The SEC's point man on cryptocurrencies and initial coin offerings (ICOs) says that bitcoin and ether are not securities but that many, but not all, ICOs are securities and will come under the regulatory control of the SEC and relevant securities laws.

Details >
06/18/2018

Google to Fix Location Data Leak in Google Home, Chromecast

Krebs on Security

Google in the coming weeks is expected to fix a location privacy leak in two of its most popular consumer products.

Details >
06/18/2018

How Deep Learning Is Making Computers Better at Guessing Your Passwords

The State of Security

Recently, researchers from The New York Institute of Technology and the Stevens Institute of Technology computer science department released a paper about using a relatively new machine learning technique to make computers 18-24 percent better at guessing your passwords than ever before

Details >
06/18/2018

Banco de Chile Says Virus Infiltrated Its Computer Systems, Stole $10M

The State of Security

Chilean bank and financial services company Banco de Chile said that a virus infiltrated its computer systems and stole $10 million.

Details >
06/17/2018

What Is Integrity Management?

The State of Security

If you’ve been in information security for a while, you’ve likely had some experience with file integrity monitoring (FIM). It’s a capability with a long history, going back to the original open-source Tripwire tool for monitoring file hashes.

Details >
06/17/2018

Electronics Retailer Confirms Breach Attempt of 5.9M Payment Cards

The State of Security

A consumer electronics retailer has confirmed a data breach attempt to compromise the details of 5.9 million payment cards.

Details >
06/17/2018

As breaches mount, PCI standards have never been more important

PaymentsSource

PCI standards continue to evolve, protecting against data thieves and ensuring merchants continue to have a healthy bottom line.

Details >
06/17/2018

74 Arrested in Coordinated International Enforcement Operation Targeting Hundreds of Individuals in Business Email Compromise Schemes

United States Department of Justice

Federal authorities announced today a significant coordinated effort to disrupt Business Email Compromise (BEC) schemes that are designed to intercept and hijack wire transfers from businesses and individuals, including many senior citizens.

Details >
06/17/2018

As Mobile’s Importance Increases, Ease of Use And Fraud Risk Take on a Higher Profile

Digital Transactions

By 2020, nearly 33% of merchants say the mobile channel will account for at least half of their total revenue. This, and other mobile-payments insights, come from the Kount Inc. 2018 Mobile Payments & Fraud Survey released Thursday.

Details >
06/17/2018

Already Ahead of Venmo in Dollars, Zelle Is Poised to Jump Ahead in Users, a Forecaster Says

Digital Transactions

Now officially a year old, Zelle is steadily gaining momentum. San Francisco-based Bank of the West, the 29th largest bank in the country ranked by assets, announced Thursday it will join the bank-controlled person-to-person payment network, which already claims some of the biggest financial institutions in the country.

Details >
06/17/2018

How ALTR Uses Blockchain Tech To Boost Enterprise Security

PYMNTS.com

So much in tech comes out of left field, even amid evolution. Change creeps up and suddenly is … there.

Details >
06/17/2018

Is The GDPR Coming To The US?

PYMNTS.com

Imitation is the sincerest form of flattery, right? If so, some European regulators might like what’s going on with California in regards to digital privacy.

Details >
06/08/2018

Mulvaney Ousts 25-Member CFPB Advisory Board

PYMNTS.com

Mick Mulvaney, acting director of the Consumer Financial Protection Bureau, has ousted the 25 members of the agency’s Consumer Advisory Board.

Details >
06/08/2018

U.S. Marshals, FBI Urge Public to Report Phone Scams

U.S. Marshals Service

Washington, D.C. - The U.S. Marshals and the FBI are alerting the public of several nationwide imposter scams involving individuals claiming to be U.S. marshals, court officers, or other law enforcement officials.

Details >
06/08/2018

Adobe Patches Zero-Day Flash Flaw

Krebs on Security

Adobe has released an emergency update to address a critical security hole in its Flash Player browser plugin that is being actively exploited to deploy malicious software.

Details >
06/08/2018

Man Allegedly Angry Over Castile Case Is Charged in Hacking

New York Times

A man who allegedly hacked into Minnesota government databases last year because he was angry over the acquittal of the officer who shot and killed Philando Castile was charged in an indictment unsealed Tuesday.

Details >
06/08/2018

Protecting your devices from cryptojackin

Federal Trade Commission

Instead of min(d)ing their own business, are scammers using your computer as their virtual ATM?

Details >
06/06/2018

HR Software Provider Says Malware Infection Might Have Exposed User Data

TripWire

A provider of HR software said that a malware infection might have exposed user data including personal and account information.

Details >
06/06/2018

Consumers Want Fast and Easy Authentication, But Security is Top Concern

Bank Innovation

Security breaches continue to be an ever-present threat for financial institutions. Defending against attacks and authenticating customers without creating undue friction is something financial institutions have not yet completely solved.

Details >
06/06/2018

Fraud Prevention 101

Gambling Insider

Irenne Zbarsky, Lead Security Research Analyst, and Itay Kozuch, Director of Research from online security firm IntSights join consultant Peter Taylor to offer thoughts on fraud in the online casino industry, and suggest how operators can combat this increasingly pervasive threat

Details >
06/05/2018

Atlanta Ransomware Attack Wiped Out Years of Police Dashcam Footage

The State of Security

A ransomware attack targeting the city of Atlanta wiped out years of dashcam footage generated by the Atlanta Police Department.

Details >
06/04/2018

A New Threat to Your Finances: Cell-Phone Account Fraud

Consumer Reports

Consumers have a new privacy threat to worry about. It’s known as cell-phone account fraud, where crooks open up a phony cell-phone account in your name and use it to access your bank account, sign up for credit cards, or sell the phone number for other criminals to use.

Details >
06/04/2018

Artificial Intelligence And The Future Of Financial Fraud Detection

Forbes

Fraud has long been a major issue for financial services institutions. And as global transactions have increased, the danger has too.

Details >
06/03/2018

The Hidden Costs Of Identity Theft

Forbes

The headlines are filled with stories of millions of people falling victim to identity theft.

Details >
06/03/2018

Reducing the Impact of New Account and Credit Card Fraud on Financial Institutions

CPO Magazine

The latest biennial report from the Bureau of Consumer Financial Protection found that the total number of credit card accounts and enrollments in associated online services continue to increase.

Details >
06/03/2018

TRENDING: mPOS That Turns Fingerprints Into Payments

PYMNTS.com

New developments in the mobile point-of-sale (mPOS) space are coming to the rescue for both merchants and consumers who don’t like to be tied down.

Details >
06/03/2018

Visa Outage: Is Europe Really Ready To Become Completely Cashless?

Forbes

Visa services have now reportedly returned back to normal after a hardware failure resulted in customers all over Europe unable to make payments using their cards for several hours yesterday.

Details >
06/01/2018

Is Your Google Groups Leaking Data?

Krebs on Security

Google is reminding organizations to review how much of their Google Groups mailing lists should be public and indexed by Google.com.

Details >
06/01/2018

Can Blockchain Solve Identity Fraud?

Forbes

A crypto-craze fueled by digital currency volatility is bringing blockchain technology, the digital ledger system that underlies such currencies, into the spotlight.

Details >
06/01/2018

Fraudsters Go Omnichannel

PYMNTS.com

Fraud is always evolving. Beyond the hack in its rawest form — breaking into systems or hardware to steal individuals’ personal data — criminals are using their wily ways to manipulate consumer behavior.

Details >
06/01/2018

ICANN Files Lawsuit to Clarify WHOIS Data Collection Under GDPR

The State of Security

ICANN filed a lawsuit in which it asks a German court for assistance in interpreting GDPR as it relates to WHOIS data collection.

Details >
05/31/2018

WSJ: "Bill Moves To Block U.S. From Buying Chinese Surveillance Equipment"

IPVM

This morning, a day after HR 5515 was passed, the WSJ has released an article: "Bill Moves to Block U.S. From Buying Chinese Surveillance Equipment".

Details >
05/30/2018

Will the Real Joker’s Stash Come Forward?

Krebs on Security

Will the Real Joker’s Stash Come Forward? For as long as scam artists have been around so too have opportunistic thieves who specialize in ripping off other scam artists.

Details >
05/30/2018

SEC charges cryptocurrency company that raised $21 million with fraud

The Hill

The Securities and Exchange Commission (SEC) on Tuesday announced that it is suing the blockchain company behind a $21 million initial coin offering (ICO) for fraud.

Details >
05/29/2018

Why Is Your Location Data No Longer Private?

Krebs on Security

The past month has seen one blockbuster revelation after another about how our mobile phone and broadband providers have been leaking highly sensitive customer information, including real-time location data and customer account details

Details >
05/29/2018

As computers get harder to crack, thieves are pillaging mailboxes

CNBC

"Mail fishing" is on the rise across the country, according to law enforcement officials. Here's how to keep your correspondence safe.

Details >
05/29/2018

FBI: Kindly Reboot Your Router Now, Please

Krebs on Security

The Federal Bureau of Investigation (FBI) is warning that a new malware threat has rapidly infected more than a half-million consumer devices.

Details >
05/29/2018

EMVCo Rolls Out EMV QR Code Payment Mark

PYMNTS.com

EMVCo, the global technical body that manages EMV Specifications, announced it has created a QR Payment Mark to promote global interoperability across EMV QR Code payments.

Details >
05/29/2018

Wyoming Lures Crypto Companies With Friendly Laws

PYMNTS.com

Wyoming is trying to position itself as a leader in cryptocurrency and one of the friendliest states when it comes to legislation around crypto companies.

Details >
05/29/2018

Two Canadian Banks Contacted by Fraudsters About Potential Data Theft

The State of Security

Fraudsters contacted two Canadian banks claiming they stole tens of thousands of customers’ personal and account information.

Details >
05/29/2018

The 'Internet of Payments' puts ID security on the smartphone

PaymentsSource

When a "pay restroom" 100 miles from the nearest major city accepts frictionless mobile payments, stores that force buyers to wait a minute for a chip-and-PIN transaction seem dated, and cash-only transactions are inconvenient.

Details >
05/25/2018

Fraud Wars: How Can Biometrics Help Win the Card Fraud Battle?

Payments Journal

Fighting fraudsters is a complex and ever-evolving challenge. As consumers change the way they pay, fraudsters change the way they steal. For banks to keep up, these new battles require new tactics to minimize losses and reassure consumers.

Details >
05/24/2018

House passes reg relief bill

BankBeat

The Economic Growth, Regulatory Relief, and Consumer Protection Act (S.2155) overwhelmingly passed in the U.S. House of Representatives May 22. The final tally was 258-119 votes for the bill. Thirty-three Democrats voted for the bill.

Details >
05/24/2018

Credit freezes will be free, thanks to new banking bill and Equifax

Detroit Free Press

Wait? You still didn't freeze your credit report after the ginormous Equifax data breach back in September?

Details >
05/24/2018

Consumers Say Their Bank Accounts Were Hacked Through Zelle

NBCDFW.com

Zelle is an app that is supposed to make it easy and safe for you to send money to friends or relatives. But some consumers who never signed up for Zelle said strangers are using the service to steal money in a matter of seconds.

Details >
05/24/2018

FREE PLATFORM LETS SMES DITCH PASSWORDS FOR BIOMETRICS

Business Cloud

AimBrain On Demand lets entrepreneurs, app developers and technical audiences swap PINS and passwords for more secure facial and voice technology

Details >
05/23/2018

Mobile Giants: Please Don’t Share the Where

Krebs on Security

Your mobile phone is giving away your approximate location all day long. This isn’t exactly a secret: It has to share this data with your mobile provider constantly to provide better call quality and to route any emergency 911 calls straight to your location.

Details >
05/23/2018

New alert for Western Union refunds

Federal Trade Commission

Did you lose money to a scam, wiring the money via Western Union between January 1, 2004 and January 19, 2017? If so, you might know that May 31 is the deadline for filing your claim to get money back from the FTC’s and the Department of Justice’s settlement with Western Union.

Details >
05/21/2018

Staying One Step Ahead of Cyber Crime

ABA Banking Journal

With each passing year, the number of fraud victims continues to grow, and data breaches have become routine occurrences.

Details >
05/20/2018

Tracking Firm LocationSmart Leaked Location Data for Customers of All Major U.S. Mobile Carriers Without Consent in Real Time Via Its Web Site

Krebs on Security

LocationSmart, a U.S. based company that acts as an aggregator of real-time data about the precise location of mobile phone devices, has been leaking this information to anyone via a buggy component of its Web site — without the need for any password or other form of authentication or authorization — KrebsOnSecurity has learned.

Details >
05/18/2018

This Equifax credit database can boost your risk of phone fraud

Money Watch

Identity thieves may be able to hijack your phone and utility accounts, thanks to a little-known credit reporting database run by Equifax.

Details >
05/18/2018

Mobile Data, On Literal Wheels And In The Driver’s Seat

PYMNTS.com

It’s mobile data (emphasis on the mobile) — as in data, wrought by and transferred across vehicles.

Details >
05/18/2018

Hackers siphon hundreds of millions of pesos out of Mexican banks through shadow transactions

The State of Security

A software vulnerability is suspected of being to blame for a hack through which criminals transfer more than 300 million pesos (over US $15 million) out of Mexican banks.

Details >
05/18/2018

PCI Security Standards Council Published Minor Revision to PCI Data Security Standard

PCI Security Standards Council

Today the PCI Security Standards Council (PCI SSC) published a minor revision to the PCI Data Security Standard (PCI DSS), which businesses around the world use to safeguard payment card data before, during and after a purchase is made.

Details >
05/18/2018

NYPD tests new tool that detects credit card skimmers

AP News

Patrick Traynor, a cybersecurity expert, was in New York in February working with police to help identify a way to detect credit card skimmers on ATMs when he got a financial fraud alert: his own information had been stolen while he was in town.

Details >
05/14/2018

Chili's data breach leaves credit and debit card information exposed

USA Today

While you were enjoying that slab of Chili's Grill & Bar baby back ribs, hackers may have been feasting on your payment card information.

Details >
05/14/2018

Detecting Cloned Cards at the ATM, Register

Krebs on Security

Much of the fraud involving counterfeit credit, ATM debit and retail gift cards relies on the ability of thieves to use cheap, widely available hardware to encode stolen data onto any card’s magnetic stripe.

Details >
05/14/2018

In Hawaii, Streamlined Mass Transit In The (HOLO) Cards, Beyond The Paper Pass

Pymnts.com

You may be familiar with the drill: Get on the bus — or the train — and get out the ticket. The paper one, the one that gets punched (yes, that’s still a thing!) or gets put in the slot to log your fare and is returned to you.

Details >
05/14/2018

Tokenization Sets B2B Payments On A Path To Security, Speed

Pymnts.com

Payments security is an increasingly critical component for businesses on both sides of a B2B transaction today.

Details >
05/14/2018

Bitbond Enables Clients To Transfer Loans Via Bitcoin

PYMNTS.com

SHARE TWEET SHARE SHARE PRINT EMAIL Bitbond, a German online bank that lets clients transfer loans around the globe using bitcoin, has officially launched. It was licensed as a bank in 2016 and has gained many more investors since then.

Details >
05/14/2018

Bitbond Enables Clients To Transfer Loans Via Bitcoin

PYMNTS.com

SHARE TWEET SHARE SHARE PRINT EMAIL Bitbond, a German online bank that lets clients transfer loans around the globe using bitcoin, has officially launched. It was licensed as a bank in 2016 and has gained many more investors since then.

Details >
05/11/2018

Encryption Is Only as Strong as Your Password

The State of Security

In recent months, the encryption debate has heated up once again.

Details >
05/10/2018

FBI Releases the IC3 2017 Internet Crime Report and Calls for Increased Public Awareness

FBI

The FBI Reminds the Public that Reporting Internet Crime is Necessary to Combating Internet Crime

Details >
05/10/2018

Think You’ve Got Your Credit Freezes Covered? Think Again.

Krebs on Security

I spent a few days last week speaking at and attending a conference on responding to identity theft.

Details >
05/10/2018

Faster Payments: Effective Fraud Mitigation Strategies

Bank Info Security

The Faster Payments Task Force is working toward launching a real-time payments network in the U.S. by 2020. But faster payments could open the door to more fraud, as has been experienced in other countries, such as the U.K. and Mexico.

Details >
05/10/2018

Faster Payments: Effective Fraud Mitigation Strategies

Bank Info Security

The Faster Payments Task Force is working toward launching a real-time payments network in the U.S. by 2020. But faster payments could open the door to more fraud, as has been experienced in other countries, such as the U.K. and Mexico.

Details >
05/07/2018

Behavioural biometrics proves key in preventing loyalty fraud

The Paypers

Deepak Dutt, CEO of Zighra reveals the value of loyalty points, loyalty fraud’s stats and the role of behavioural biometrics in preventing this type of fraud

Details >
05/07/2018

City of Sioux Falls scammed in vendor fraud

InFOrum

The City of Sioux Falls is likely out of funds after a vendor scam.

Details >
05/07/2018

Credential abuse: How real is the problem?

Financial Express

Attackers today have become much more subtle and use a “low-and-slow” approach while planning malicious activity

Details >
05/04/2018

Twitter says it found a password bug and that you should change yours

CNBC

Twitter said on Thursday that it found a bug in how it stores passwords, which meant they weren't scrambled to protect them from attack.

Details >
05/04/2018

Brazil becomes a hotbed of financial cybercrime

PaymentsSource

The spread of breached identity information has resulted in an outbreak of new account creation fraud with a new ground zero for the crimes pointing right at Latin America.

Details >
05/03/2018

Mobile phone maker misled people on privacy & security

Federal Trade Commission

People use their mobile devices for everything from making calls and sending emails and text messages to maintaining contact lists, taking photos, surfing the web, and finding the best travel routes. You count on your device to help with your daily routine, and you expect that your information will be private and secure.

Details >
05/03/2018

The FBI’s 10 Most-Wanted Black-Hat Hackers – #7 and #6

The State of Security

The FBI’s 10 most-wanted black-hat hackers countdown continues this week with No. 7 and No. 6: the co-conspirators Bjorn Daniel Sundin and Shaileshkumar “Sam” P. Jain.

Details >
05/03/2018

Phishers Leveraging GDPR-Themed Scam Emails to Steal Users’ Information

The State of Security

Phishers are using scam emails that leverage the European Union’s General Data Protection Regulation (GDPR) as a theme in an attempt to steal users’ information, a security firm found.

Details >
05/02/2018

How GDPR Forces Marketers to Rethink Data & Security

Dark Reading

Multinational marketers are closing in on the May 25 date by which they must comply with the EU's General Data Protection Regulation (GDPR).

Details >
05/02/2018

KSL Investigates: How to prevent crooks from using your cellphone number to hack your identity

KSL.com

Cyber crooks have another way to steal your identity and money, take over your social media and get access to your personal information and financial records. It’s your cell phone number.

Details >
05/02/2018

When Your Employees Post Passwords Online

Krebs on Security

Storing passwords in plaintext online is never a good idea, but it’s remarkable how many companies have employees who are doing just that using online collaboration tools like Trello.com

Details >
05/02/2018

SWIFT Cyber-Attackers Strike Again – Organizations Must Turn to the Software Defined Perimeter

Security Boulevard

Cyber-attacks targeting the SWIFT inter-bank transfer system have blighted the financial services industry worldwide over the past two years. Now yet another major attack has been foiled after Malaysia’s central bank blocked an attempted fraudulent transfer of funds via SWIFT.

Details >
04/30/2018

Visa Checkout’s Future: Secure in the Short Term, Cloudy in the Long Term

Digital Transactions

Visa Inc. isn’t about to pull the plug on Visa Checkout, but judging from comments Visa’s top executives made Wednesday, the online and mobile-payment service’s long-term outlook looks quite iffy.

Details >
04/29/2018

Security Trade-Offs in the New EU Privacy Law

Krebs on Security

On two occasions this past year I’ve published stories here warning about the prospect that new European privacy regulations could result in more spams and scams ending up in your inbox.

Details >
04/26/2018

PayThink Consumers prefer breachless payments to frictionless

PaymentsSource

As e-commerce grows, so does competition, and customer experience is the new way to win big over competitors. Consumers are firmly in control, which means merchants’ main mission is to erase friction and maximize convenience.

Details >
04/26/2018

Anatomy Of An ATO: How To Spot A Fraudster

PYMNTS.com

With the advent of technology and the prevalence of online shopping, the term eCommerce fraud has become more general and more vague. Under it, there are numerous types of categories and attacks.

Details >
04/26/2018

Mulvaney makes CFPB name change official

CFPB Journal

The agency formerly known as the Consumer Financial Protection Bureau will now be the Bureau of Consumer Financial Protection, Acting Director Mick Mulvaney told an audience of more than 1,300 bankers at an American Bankers Association conference.

Details >
04/26/2018

Mastercard, Visa and AmEx Back EMVCo’s Secure Remote Commerce Spec

Digital Transaactions

Mastercard Inc. says it is preparing for a better online payments experience by backing the EMVCo secure remote commerce specification. Visa Inc., too, says it supports the spec.

Details >
04/26/2018

DDoS-for-Hire Service Webstresser Dismantled

Krebs on Security

Authorities in the U.S., U.K. and the Netherlands on Tuesday took down popular online attack-for-hire service WebStresser.org and arrested its alleged administrators.

Details >
04/26/2018

More than 1 million children were victims of identity theft in 2017

Business Insider

In 2017, over 1 million children were victims of identity theft, resulting in $2.6 billion in losses and millions of out-of-pocket expenses for families.

Details >
04/26/2018

Zelle’s bumpy ride toward ubiquity

American Banker

Zelle, the bank-led person-to-person payment network, is having growing pains.

Details >
04/26/2018

Researchers reveal how hotel key cards can be hacked – what you need to knowResearchers reveal how hotel key cards can be hacked – what you need to know

The State of Security

WHAT’S HAPPENED? Security researchers at F-Secure have discovered a flaw that could allow millions of hotel rooms around the world to be accessed by unauthorised parties, without leaving a trace.

Details >
04/25/2018

Routers Prove to Be an Easy Target for Russian Hackers

Security Boulevard

You may unknowingly be part of a Russian hacking campaign.

Details >
04/25/2018

Publishers Clearing House imposters keep coming

Federal Trade Commission

Who wouldn’t love to be that winner you see on TV holding a great big sweepstakes check? That’s what con artists are counting on when they claim to be Publishers Clearing House. This trick is an oldie but goodie for scammers.

Details >
04/23/2018

Transcription Service Leaked Medical Records

Krebs on Security

MEDantex, a Kansas-based company that provides medical transcription services for hospitals, clinics and private physicians, took down its customer Web portal last week after being notified by KrebsOnSecurity that it was leaking sensitive patient medical records — apparently for thousands of physicians.

Details >
04/23/2018

Zelle, the Banks' Answer to Venmo, Proves Vulnerable to Fraud

NY Times

Big banks making it easy to zap money to your friends. Maybe too easy.

Details >
04/20/2018

Federal Regulatory Agencies Issue Joint Guidance to Financial Institutions on Cyber Insurance

JD SUPRA

The Federal Financial Institutions Examination Council (FFIEC) has issued a joint statement providing guidance for financial institutions about the role of cyber insurance in risk management of informational technology systems.

Details >
04/20/2018

A Look at the 2018 Verizon DBIR: Key Takeaways and Industry Highlights

The State of Security

Now in its 11th installment, Verizon’s Data Breach Investigations Report (DBIR) is a must-read for cybersecurity professionals across the globe.

Details >
04/20/2018

Is Facebook's Anti-Abuse System Broken?

Krebs on Security

Facebook has built some of the most advanced algorithms for tracking users, but when it comes to acting on user abuse reports about Facebook groups and content that clearly violate the company’s “community standards,” the social media giant’s technology appears to be woefully inadequate.

Details >
04/17/2018

Are We Taking Our Online Privacy Seriously Enough?

The State of Security

Technology has become the lens through which we perceive and experience day-to-day life. Take the smartphone as an example. What used to be a technological rarity and business-oriented tool has become the nexus of our personal and recreational lives.

Details >
04/16/2018

Deleted Facebook Cybercrime Groups Had 300,000 Members

Krebs on Security

Hours after being alerted by KrebsOnSecurity, Facebook last week deleted almost 120 private discussion groups totaling more than 300,000 members who flagrantly promoted a host of illicit activities on the social media network’s platform.

Details >
04/15/2018

Thousands of compromised websites spreading malware via fake updates

The State of Security

Malicious hackers have been exploiting thousands of legitimate websites since at least December 2017 in a sophisticated campaign that has disguised malware as fake software updates.

Details >
04/15/2018

Blockchain Payment Protocol Aims to End ‘Downsides’ of Online Payments

News BTC

A crypto startup aims to attract customers away from using credit cards to pay for items both online and offline by introducing a Blockchain protocol that will make it easier to use cryptocurrencies instead.

Details >
04/09/2018

Sears, Delta Air Lines Customer Data Compromised In [24]7.ai Breach

PYMNTS.com

Sears, the department store operator, and Delta Air Lines, the airline operator, disclosed Wednesday (April 4) that payment information of some of their customers could have been exposed as part of a data breach at [24]7.ai, the software provider.

Details >
04/09/2018

FTC asking for access to your computer? It’s a scam.

Federal Trade Commission

Scammers pretending to be with the FTC or with FTC refund administrators are calling, asking for remote access to your computer.

Details >
04/04/2018

Mark Zuckerberg Doesn’t Plan to Extend GDPR to All Facebook Users

The State of Security

Mark Zuckerberg doesn’t plan on extending the European Union’s General Data Protection Regulation (GDPR) to all Facebook users.

Details >
04/04/2018

Dot-cm Typosquatting Sites Visited 12M Times So Far in 2018

Krebs on Security

A story published here last week warned readers about a vast network of potentially malicious Web sites ending in “.cm” that mimic some of the world’s most popular Internet destinations (e.g. espn[dot]cm, aol[dot]cm and itunes[dot].cm) in a bid to bombard visitors with fake security alerts that can lock up one’s computer. If that piece lacked one key detail it was insight into just how many people were mistyping .com and ending up at one of these so-called “typosquatting” domains.

Details >
04/04/2018

The ACH Problem: How its Biggest Upside is Being Exploitedeme

Digital Transactions

Accounts receivable professionals say that they expect nearly half of all payments will be made by way of ACH by 20201. But while financial institutions, payment providers, businesses and consumers continue to adopt and benefit from faster payments, significant new challenges and risks are emerging in tandem.

Details >
04/04/2018

New malware freezes user's device in account takeover scheme

Payments Source

The one thing more valuable to consumers than their bank accounts might be their internet access — and a new version of the "Trickbot" trojan targets both.

Details >
04/02/2018

Saks Fifth Avenue, Lord & Taylor Suffer Payment Card Data Breach

The State of Security

Saks Fifth Avenue and Lord & Taylor have both suffered a data breach involving customers’ debit and credit card information.

Details >
03/28/2018

Cambridge Analytica: The Devil Is in the (Contractual) Details

The State of Security

It appears we reached a global level of moral outrage surpassing a high warp factor during the week commencing 19th March 2018 with widespread news coverage of the machinations of Cambridge Analytica (CA). [I write as a long-time cynic who did not need to experience last week to know that “I am the product.”]

Details >
03/28/2018

AARP Helps Taxpayers Avoid IRS Imposter and Related Scams

CISION News

WASHINGTON, March 28, 2018 /PRNewswire-USNewswire/ -- As tax time approaches, AARP's Fraud Watch Network is redoubling its efforts to help taxpayers avoid criminal imposters who aim to defraud them.

Details >
03/28/2018

Bad bot traffic increases, gambling and airlines most targeted industries

HelpNetSecurity

Distil Networks analyzed hundreds of billions of bad bot requests at the application layer to provide insight and guidance on the nature and impact of automated threats in 2017.

Details >
03/26/2018

Who and what is Coin Hive

Security Intelligence

If you haven’t done so already after seeing the title of this article, please stop reading immediately and enable two-factor authentication (2FA) on every system and service you use that allows it.

Details >
03/26/2018

Why You Should Drop Everything and Enable Two-Factor Authentication Immediately

Security Intelligence

If you haven’t done so already after seeing the title of this article, please stop reading immediately and enable two-factor authentication (2FA) on every system and service you use that allows it.

Details >
03/25/2018

Why Facebook’s Business Model Isn’t Its Biggest Problem

PYMNTS.com

About 20 years before Julius Caesar overthrew the Roman Republic and became the first Emperor of the Roman Empire, he was elected to the position Pontifex Maximus.

Details >
03/23/2018

Western Union refunds scam alert

Federal Trade Commission

We’ve heard that people are getting official-looking emails about the Western Union settlement. The thing to know is that you cannot apply for a refund by email.

Details >
03/23/2018

Get-rich scheme sold to wannabe Amazon sellers

Federal Trade Commission

“Get started selling on Amazon and make $5,000 - $10,000 in the next 30 days… even if you’ve never sold anything online before.” That’s one of the pitches the promoters of a large get-rich scheme used to lure people into a bogus business opportunity.

Details >
03/23/2018

Venmo Puts Pause On Instant Transfers

PYMNTS.com

Venmo abruptly removed its instant money transfer feature on Wednesday, saying it needed to “make a few changes” to the service.

Details >
03/23/2018

Siignifyd Ecommerce Fraud Index Finds 80% Increase in Account Takeover Fraud and 24% Increase in Total Fraud Over the Holiday Season

Business Wire

Signifyd, the world’s largest provider of guaranteed fraud protection, today announced the Ecommerce Fraud Index with global data culminated from billions of transactions across thousands of merchants.

Details >
03/23/2018

Orbitz Breach Exposes Risks to Partners, and the Vulnerabilities of Older Technology

Digital Transactions

Another day, another data breach. But each one has lessons for the payments industry, and that includes the breach disclosed Tuesday by online travel-services provider Expedia Inc.’s Orbitz subsidiary.

Details >
03/23/2018

Google Assistant Now Allows Users to Pay and Request IOUs

Bank Innovation

Google Assistant is now letting its users pay or request ‘IOUs’ from friends via Google Pay, further interconnecting the mobile payments service with its other products.

Details >
03/19/2018

Bitcoin + online chain referral = illegal scheme

Federal Trade Commission

Ever get a chain letter in the mail or online? Then you know the drill — you send money to a person at the top of the list, then take their name off and add yours to the bottom before sending the letter to more people. If the letters keep going, you’re supposed to make money as your name moves up the list. In fact, most people are guaranteed to lose money.

Details >
03/13/2018

Government needs to rethink cybersecurity approach

American Banker

Attend any speech by a current or former defense official these days, and you will likely hear a description of the grave threat posed by cyberattacks, particularly to the financial system.

Details >
03/12/2018

Checked Your Credit Since the Equifax Hack?

Krebs on Security

A recent consumer survey suggests that half of all Americans still haven’t checked their credit report since the Equifax breach last year exposed the Social Security numbers, dates of birth, addresses and other personal information on nearly 150 million people. If you’re in that fifty percent, please make an effort to remedy that soon.

Details >
03/12/2018

Yahoo Agrees to $80 Million Settlement Over Data Breaches

The State of Security

Yahoo has agreed to pay $80 million to settle a federal securities class action lawsuit following the massive data breaches that compromised the personal information of three billion users.

Details >
03/09/2018

Military Consumers and Sentinel: A deeper dive

Federal Trade Commission

Last week, we gave you an overview of the latest Consumer Sentinel Network Data Book. Today, let’s look a bit more closely at the data from military consumers.

Details >
03/09/2018

FTC continues to crack down on student loan scams

Federal Trade Commission

A lot of us have student loans – and some of us have trouble paying them every month. Some companies claim to resolve that issue by saying they can help you pay them down quicker, cheaper or get them forgiven altogether.

Details >
03/06/2018

167 Applebee's Restaurants Hit With Payment Card Malware

Bank Info Security

Anyone who dined out at Applebee's restaurants in 15 states - ranging from Alabama and Arizona to Texas and Wyoming - may have gotten a free side of payment card theft with their meal.

Details >
03/05/2018

Welcome to National Consumer Protection Week 2018

Federal Trade Commission

As the nation’s consumer protection agency, the FTC stands up for consumer rights. Every day, we work to shut down scammers and protect consumers everywhere. But we care just as much about empowering you. That’s why National Consumer Protection Week.

Details >
03/04/2018

Tax Scams / Consumer Alerts

IRS

Thousands of people have lost millions of dollars and their personal information to tax scams. Scammers use the regular mail, telephone, or email to set up individuals, businesses, payroll and tax professionals.

Details >
03/04/2018

Powerful New DDoS Method Adds Extortion

Krebs on Security

Attackers have seized on a relatively new method for executing distributed denial-of-service (DDoS) attacks of unprecedented disruptive power, using it to launch record-breaking DDoS assaults over the past week.

Details >
03/01/2018

Mobile bankers beware: Sophisticated hacks soar

MoneyWatch

If you bank by phone, you better be careful. Malicious mobile-banking software aimed at taking over consumer bank accounts has threatened up to 10 percent of consumer cell phones, security experts warn

Details >
02/28/2018

Justice Department Coordinates Nationwide Elder Fraud Sweep of More than 250 Defendants

DOJ

Attorney General Jeff Sessions and law enforcement partners announced today the largest coordinated sweep of elder fraud cases in history.

Details >
02/28/2018

Increase in W-2Phishing Campaigns

FBI

Beginning in January 2017, IRS’s Online Fraud Detection & Prevention (OFDP), which monitors for suspected IRS-related phishing emails, observed an increase in reports of compromised or spoofed emails requesting W-2 information. Sometimes these requests were followed by or combined with a request for an unauthorized wire transfer.

Details >
02/26/2018

USPS Finally Starts Notifying You by Mail If Someone is Scanning Your Snail Mail Online

Krebs on Security

In October 2017, KrebsOnSecurity warned that ne’er-do-wells could take advantage of a relatively new service offered by the U.S. Postal Service that provides scanned images of all incoming mail before it is slated to arrive at its destination address.

Details >
02/26/2018

New Report Offers Better Cybersecurity Definitions

Trip Wire - The State of Security

The Council of Economic Advisers recently released a report that examines the cost of malicious cyber activity to the U.S. economy.

Details >
02/23/2018

Phishers send fake invoices

Federal Trade Commission

We’ve recently heard that scammers are recycling an old phishing attempt. In this version, scammers, posing as a well-known tech company, email a phony invoice showing that you’ve recently bought music or apps from them.

Details >
02/23/2018

What is RFID Skimming?

Trip Wire - The State of Security

Security breaches are increasingly affecting organizations across various domains as they heavily rely on technologies to reduce the operational costs and improve the work efficiency.

Details >
02/23/2018

500 Million Breached Passwords Released by Researcher to Help Organizations Protect Their Systems

Trip Wire - The State of Security

A security researcher has released an updated list of 500 million breached passwords so that organizations can use it to protect their systems.

Details >
02/22/2018

Stopping scams targeting older consumers

Federal Trade Commission

The FTC has a long history of protecting people from scams. As part of its ongoing efforts to protect people in every community, the FTC recently took steps to stop two schemes harming older adults: a tech support scam and a sweepstakes scam.

Details >
02/22/2018

The 'IRS' has issued a warrant for my arrest

CNBC

Tax fraudsters are aggressive and use threatening phone calls while impersonating IRS agents, and the scams remain a major threat to taxpayers.

Details >
02/22/2018

Malicious Trends: Cryptojacking Could Surpass Ransomware as Primary Money Maker

Trip Wire - The State of Security

Cryptocurrencies are hot. According to CoinMarketCap, there are now over 1,300 cryptocurrencies with new initial coin offerings (ICOs) accelerating all the time

Details >
02/22/2018

ATM ‘Jackpotting’ Hackers Hauled Into Court

PYMNTS.com

The U.S. Justice Department has charged two men for allegedly hacking ATM machines in order to illegally obtain cash from them.

Details >
02/22/2018

Hackers scored more Social Security numbers than stolen credit card numbers in 2017

NBC News

Fighting digital fraud has always been a game of wack-a-mole, but those pesky moles keep getting smarter — finding new ways to use stolen information to commit lucrative scams. And despite increasing efforts to stop them, the bad guys are winning.

Details >
02/22/2018

A solution to California’s pot-banking problem: Its own central bank

American Banker

California became the first state to legalize medical marijuana in 1996. And as of last month, recreational use of pot is also legal.

Details >
02/20/2018

Realtime Payments Goes Live in Australia

Bank Innovation

Australia’s realtime payments platform is live today.

Details >
02/20/2018

IRS Scam Leverages Hacked Tax Preparers, Client Bank Accounts

Krebs on Security

Identity thieves who specialize in tax refund fraud have been busy of late hacking online accounts at multiple tax preparation firms, using them to file phony refund requests.

Details >
02/16/2018

IRS didn’t notify 458,658 identity theft victims

Accounting Today

The Internal Revenue Service failed to tell nearly half a million victims of identity theft last year their information was being used by others for employment purposes, according to a new report, which attributed the failure to a computer programming error.

Details >
02/15/2018

Equifax Rolls Out New Service to Let You ‘Lock’ Your Credit File

Komo News

Equifax has just launched a new service to help fight identity theft. It's called “Lock & Alert” and it enables those who sign up to limit or allow access to their Equifax credit file with a click of the mouse or a swipe on the smartphone.

Details >
02/15/2018

The FTC will never ask you to send money

FTC

If someone claiming to be with the Federal Trade Commission (FTC) contacts you and asks you to send money, it’s a scam.

Details >
02/14/2018

NOW CRYPTOJACKING THREATENS CRITICAL INFRASTRUCTURE, TOO

Wired

The rise of cryptojacking—which co-opts your PC or mobile device to illicitly mine cryptocurrency when you visit an infected site—has fueled mining's increasing appeal.

Details >
02/13/2018

Microsoft Patch Tuesday, February 2018 Edition

Krebs on Security

Microsoft today released a bevy of security updates to tackle more than 50 serious weaknesses in Windows, Internet Explorer/Edge, Microsoft Office and Adobe Flash Player, among other products.

Details >
02/13/2018

ID Fraud Hits All Time High: What You Can Do to Protect Yourself

Credit.com

Not to name names (cough, cough, Equifax), but it seems a particular data breach involving the sensitive information of 145.5 million people may have something to do with the spike in identity-related crimes reported in Javelin Strategy and Research’s 2018 Identity Fraud Study.

Details >
02/12/2018

Tokenization: The Security Key For Call Centers

PYMNTS.com

Call centers are fast becoming a fraudster favorite. Why? Because they’re just so darn inviting. Committing fraud over the phone in a call center environment represents a path of least resistance as other popular fraud targets ramp up defenses.

Details >
02/12/2018

Equifax Data Breach Was Bigger Than Previously Reported

Consumer Reports

Equifax hackers reportedly accessed more personal information than previously disclosed, but the additional breach may not have put consumers at more risk than they already are, a cybersecurity expert says.

Details >
02/12/2018

Visa Acquires Fraedom For $195M To Expand B2B Payments

PYMNTS.com

Visa said Friday that it has acquired Fraedom, which provides — via software as a service — expense management solutions for financial institutions and business.

Details >
02/08/2018

T-Mobile Customers: If You Got a Confusing Text About Phone Hijacking Scams, You’re Not Alone

Gizmodo

For the last few weeks, T-Mobile customers have been receiving text message alerts warning them about “an industry-wide phone number port out scam.”

Details >
02/08/2018

The Battle Against Synthetic Identity Fraud Is Just Beginning

Forbes

“Which people are real and which are synthetic?” sounds like a question from Blade Runner, but for banks, the issue is far from science fiction.

Details >
02/08/2018

Fraudsters’ First Love: Signature Debit Cards

Digital Transactions

Criminals target signature-based debit cards for fraud attempts far more than any other payment method, according to new findings from the Federal Reserve Bank of Minneapolis.

Details >
02/08/2018

Don’t Know About TLS? You, and Your Merchants, Soon Will

Digital Transactions

A July 1 PCI Security Standards Council deadline is prompting payments providers to act well before then, with many establishing their own compliance deadlines in February. What has provoked this eagerness? It could be that noncompliance with the PCI mandate could halt merchant transactions that rely on the Internet.

Details >
02/07/2018

FEMA Impersonators and identity theft

Federal Trade Commission

If you’ve been affected by a recent natural disaster has someone called asking to verify your FEMA registration even though you didn’t apply? Or have you tried to claim FEMA benefits or assistance, but were told you had already applied?

Details >
02/06/2018

What do you need to know about Stegware

IDG Connect

Post-mortems on recent cyberattacks reveal determined attackers are turning to steganography, the covert hiding of data within seemingly innocuous files

Details >
02/06/2018

Would you have spotted this skimmer?

Krebs on Security

When you realize how easy it is for thieves to compromise an ATM or credit card terminal with skimming devices, it’s difficult not to inspect or even pull on these machines when you’re forced to use them personally — half expecting something will come detached. For those unfamiliar with the stealth of these skimming devices and the thieves who install them, read on.

Details >
02/04/2018

Attackers Exploiting Unpatched Flaw in Flash

Krebs on Security

Adobe warned on Thursday that attackers are exploiting a previously unknown security hole in its Flash Player software to break into Microsoft Windows computers.

Details >
02/04/2018

Advocates Look to EMV Fuel Pumps And Contactless Cards for Advances in Payments Tech

Digital Transactions

The U.S. Payments Forum on Monday reported that the vast majority of large U.S. merchants now accept EMV chip cards.

Details >
02/04/2018

CFPB's Mulvaney strips his fair-lending office of enforcement powers

American Banker

Acting Consumer Financial Protection Bureau Director Mick Mulvaney has stripped the agency's fair-lending office of enforcement powers in a sign that many consumer advocates see as trying to reduce oversight and penalties for firms that discriminate against borrowers.

Details >
02/04/2018

Alibaba Leads The Pack on Elder-Friendly eCommerce

Pymnts.com

It’s time to retire the perception that consumers at the older end of the spectrum (65 and up) can’t or don’t shop online. They may not be digital natives, yet that hasn’t stopped them from figuring out some of the ins and outs (even if they are more likely to fall for tricks and scams)

Details >
02/04/2018

Sage Payments CEO on What's Next and What's Now

Pymnts.com

In 2017, Sage Payments parted ways with parent Sage Group. It was acquired by GTCR and brought on Joe Kaplan as its new CEO in October. Now, it’s officially beginning its first chapter as an independent company with a change of name and focus. Kaplan spoke with Karen Webster about the new Sage Payments – where it came from, where it’s going and what other payment processors can learn from its perspective.

Details >
02/02/2018

Integrity: The New "I" in PCI Compliance

The State of Security

The retail industry saw more than its fair share of data breaches in 2017, with security incidents impacting at American supermarket chain Whole Foods Market and clothing companies Brooks Brothers, The Buckle, and Forever 21, to name a few.

Details >
01/30/2018

The Secretary of State is not emailing you

Federal Trade Commission

There are many scammers who pretend to be government officials – from the IRS, Social Security, and even the FTC.

Details >
01/29/2018

App State Fleeced for almost $2 million by scam; feds get most of the money back

Charlotte Observer

First Appalachian State got played. Then it got paid. According to newly released federal documents, the Boone-based university was fleeced for almost $2 million last year by fraudsters posing as a Charlotte construction company doing work on campus.

Details >
01/28/2018

First "Jackpotting" Attacks Hit U.S. ATMs

Krebs on Security

ATM “jackpotting” — a sophisticated crime in which thieves install malicious software and/or hardware at ATMs that forces the machines to spit out huge volumes of cash on demand — has long been a threat for banks in Europe and Asia, yet these attacks somehow have eluded U.S. ATM operators.

Details >
01/28/2018

CFPB Delays Prepaid Card Rule Implementation For A Year

PYMNTS.com

The Consumer Financial Protection Bureau (CFPB) has extended the effective date on its 2016 prepaid card rule, among other modifications announced today (Jan. 25).

Details >
01/28/2018

W-2 Phishing Scam: What It Is and How To Help Protect Against It

LifeLock

Identity thieves would love to swipe your 2018 tax refund. One way they might try is by tricking your employer with a W-2 phishing scam.

Details >
01/24/2018

Expert: IoT Botnets the Work of a ‘Vast Minority’

Krebs on Security

In December 2017, the U.S. Department of Justice announced indictments and guilty pleas by three men in the United States responsible for creating and using Mirai, a malware strain that enslaves poorly-secured “Internet of Things” or IoT devices like security cameras and digital video recorders for use in large-scale cyberattacks.

Details >
01/21/2018

Visa Says It, Too, Will Make Signatures Optional for North American EMV POS

Digital Transactions

Visa Inc. is joining the other three card brands in making signatures optional or many of its transactions beginning in April.

Details >
01/18/2018

IRS, States and Tax Industry Warn Employers to Beware of Form W-2 Scam; Tax Season Could Bring New Surge in Phishing Scheme

IRS

The Internal Revenue Service, state tax agencies and the tax industry today urged all employers to educate their payroll personnel about a Form W-2 phishing scam that made victims of hundreds of organizations and thousands of employees last year.

Details >
01/17/2018

Super Bowl Security - Behind-the-Scenes Look at Planning and Partnerships

FBI

On the wintry streets of downtown Minneapolis, ice crunches underfoot. The wind is whipping, and the temperature hovers in the teens. The weather will be one of the many topics under discussion inside the city’s convention center, where officials from every local, state, and federal organization involved with security at this year’s Super Bowl have gathered to put their planning and preparation to the test.

Details >
01/17/2018

Fingerprint Card Teams with Visa on Biometric Authentication Card

Bank Innovation

Biometrics is expected by many to make it big in the payments space this year. Just ask Fingerprints Card AB, which teamed up with Visa on a dual-interface biometric payment trial in the U.S.

Details >
01/15/2018

OnePlus investigating credit card fraud reports

BetaNews

A number of OnePlus customers have reported unusual credit card transactions after buying products from the smartphone maker's online store. And, today, OnePlus announces a formal investigation.

Details >
01/12/2018

Ripple, MoneyGram Announce Partnership to ‘Modernize’ Payments

Innovation

Blockchain firm Ripple will be partnering with U.S. money transfer service, MoneyGram, to test out payment flows of XRP, Ripple’s native cryptocurrency, the companies announced today.

Details >
01/12/2018

Bitcoin Blackmail by Snail Mail Preys on Those with Guilty Conscience

Krebs on Security

KrebsOnSecurity heard from a reader whose friend recently received a remarkably customized extortion letter via snail mail that threatened to tell the recipient’s wife about his supposed extramarital affairs unless he paid $3,600 in bitcoin.

Details >
01/10/2018

"We are about to be overwhelmed by bitcoin," senator warns

American Banker

WASHINGTON — The Senate Banking Committee is likely to take a closer look at bitcoin and other cryptocurrencies.

Details >
01/10/2018

Microsoft's Jan. 2018 Patch Tuesday Lowdown

Krebs on Security

Microsoft on Tuesday released 14 security updates, including fixes for the Spectre and Meltdown flaws detailed last week, as well as a zero-day vulnerability in Microsoft Office that is being exploited in the wild. Separately, Adobe pushed a security update to its Flash Player software.

Details >
01/05/2018

What is "Juice Jacking", and Should I avoid Public Phone Chargers?

How-To Geek

Your smartphone needs a recharge yet again and you’re miles from the charger at home; that public charging kiosk is looking pretty promising–just plug your phone in and get the sweet, sweet, energy you crave.

Details >
01/04/2018

Forget Bitcoin - Privacy Tokens A Favorite of the Bad Guys

PYMNTS.com

Bitcoin may be garnering a lot of interest from all sorts of investors, but it’s losing its luster for criminals, as they move on to a different cryptocurrency.

Details >
01/04/2018

Everything you need to know about Cryptocurrency and why it's the future of money

Futurism

In a matter of weeks in November 2017, bitcoin surged from a fringe investment to a global sensation

Details >
01/02/2018

Romanians charged with hacking DC surveillance cams in ransomeware scheme

The Car News Insider

"This case was of the highest priority due to its impact on the Secret Service's protective mission and its potential effect on the security plan for the 2017 Presidential Inauguration", U.S. Attorney Jessie K. Liu said in a press release announcing the charges.

Details >
01/02/2018

Mastercard Scrubs Its Signature Requirement for POS Transacations

Digital Transactions

Mastercard Inc. is doing away with a rule requiring merchants to get signatures for transactions made with its credit and debit cards in the United States and Canada.

Details >
01/02/2018

BBB Trends: Keep your tax information safe from scammers; tax identity is largest segment of theft

Northern Kentucky Tribune

When consumers and business owners take their receipts in for tax filing season, they’re counting on the person preparing their taxes to keep their information safe. Tax preparers are bound by federal law to keep things confidential from cyber thieves, but despite their best efforts, tax identity theft still accounts for the largest segment of personal identity theft.

Details >
12/27/2017

Uber Accused of Hacking, Wiretapping Rival Companies in Bombshell Letter Released by Judge

San Francisco CBS

SAN FRANCISCO (AP) — A former Uber security specialist accused the company of dispatching a team of spies to steal its rivals’ trade secrets and using shady tactics to thwart its competition in the ride-hailing market, according an inflammatory letter unsealed Friday by a federal judge.

Details >
12/27/2017

U.S. says Facebook, Microsoft disabled North Korean cyber threats

Reuters

WASHINGTON (Reuters) - Facebook Inc and Microsoft Corp disabled a number of North Korean cyber threats last week, a White House official said on Tuesday, as the United States publicly blamed Pyongyang for a May cyber attack that crippled hospitals, banks and other companies.

Details >
12/27/2017

'Deadpool' robber drops money bag after dye pack explosion, Madison police say

Wisconsin State Journal

A robber wearing a mask of the comic book superhero Deadpool robbed a Far West Side bank Friday, but dropped the money bag when packs of dye exploded in the bag.

Details >
12/22/2017

1.4B Credentials Dumped, Dark Web Database Found

Business2Community

On Dec. 5, 2017, a massive database with data from over 300 data breaches was discovered on the Dark Web. This Dark Web database contains over 1.4 billion unique clear text, or publicly viewable, login credentials, which experts have confirmed are legitimate pairings.

Details >
12/22/2017

Account Takeover Attacks are on the rise, and you need to hear about it

Forbes

In September, the SEC was hacked. If high-level government organizations can't guarantee user data safety, how can your business?

Details >
12/22/2017

U.S. Secret Service helped bust $10M Ponzi scheme in Red Deer, RCMP says

CBCNews

A man in Red Deer, Alta., faces multiple charges in connection with an alleged $10-million Ponzi scheme that RCMP say they cracked with help from the U.S. Secret Service.

Details >