Black Friday Kicks Off More Than Holiday Shopping Season

Posted By: Gene Fredriksen | December 2, 2016 | 0 Comments

Thanksgiving is behind us, and Black Friday heralds the beginning of the holiday shopping season. The top stories this week serve as a reminder that perhaps our biggest bond of trust with our Members is the protection of their information.

With a large percentage of the shoppers, the holiday spirit is tempered with worries about identity theft and fraud. Phishing and social engineering is still the primary method by which attackers gain access to our Member’s data. This is a good time to send reminders to your staff, particularly those who deal directly with the public. You might also consider methods to educate Members about ways they can protect themselves from identity theft.

It takes a partnership. PSCU as well as local and federal law enforcement have resources to help with your educational programs. We are able to help if you do not yet have a law enforcement contact.

Another cyber intelligence theme is the increased level of attacks in general as we emerge from an election into a transition of power. This is the time to review Incident Response and Business Continuity plans in case there are internet or service disruptions in the coming months. Take a critical look at the resilience of your processes.

The New Holiday Tradition: Fear of Identity Theft

One-third of shoppers plan to do most or all of their holiday shopping online this year, and 71% of these shoppers are worried about identity theft. Referring to a study by LifeLock, Bill Hardekopf, CEO of LowCards.com, said, “Sadly, Americans now rank protecting their identity ahead of enjoying some holiday traditions. Forty-nine percent said they would pass on gifts this season if it meant their identity wouldn’t be stolen, and when asked what would likely ruin their holiday, 50% of respondents said it would be having their identity stolen.” Hardekopf noted that the study shows identity theft is a bigger fear for consumers than not being able to share the holidays with their family and friends (22%) and not being able to afford presents (17%).”  Hardekopf noted that consumers increase their risk for identity theft when they give out personal information to receive promotions, save their credit card information on a retailer’s website, and order merchandise from a promotional email—even if it looks like it is from a legitimate retailer.

CU Today, November 22, 2016

Credit Unions Not Too Small for Cybersecurity Attacks

Credit union management should not assume they are too small to serve as targets in distributed denial of service and ransomware attacks, according to a cybersecurity expert. Ashley McAlpine, fraud prevention manager of Des Moines, Iowa-based payments processor TMG warned credit union personnel, despite recent coverage of high profile incursions, it might look like these attackers are only after the big guys. “In fact, small organizations are very much on the radar of these criminals.”

CU Times, November 22, 2016

EMV Shift Fires Up Online Holiday Season Fraud

Stoked by the U.S. EMV shift, financial institutions and retailers can expect holiday card-not-present fraud rates to increase 43% by volume and 31% by value according to ACI Worldwide research. Naples, Fla.-based ACI Worldwide’s Holiday Trends Report, found fraudsters more effectively deterred from in-store fraud, shifting focus online following the U.S. adoption of EMV chip cards, which protects present card data through encryption.

CU Times, November 21, 2016

Malware up 5% Last Month, Check Point

The preponderance of active malware families as well as the number of attacks increased by five percent in October, according to the Global Threat Index, a monthly ranking from Check Point’s Threat Intelligence Research Team of the most prevalent malware families attacking enterprise networks. Locky ransomware attacks moved up in the rankings from third to second as its activity continues to spike, while the notorious Zeus banking trojan, first detected in July 2007, returned to the top three. Locky’s rise is attributed to constant tinkering of its code base and spam messaging, as well as its widespread dissemination through ever-increasing distribution networks. Meanwhile, Conficker retained the top spot as the planet’s most prevalent malware, responsible for 17 percent of recognized attacks. HummingBad, an Android malware that deploys a rootkit for a variety of nefarious deeds, retained its top spot in the mobile malware category.

SC Magazine, November 21, 2016

U.S. Navy Warns 130,000 Sailors of Data Breach

The U.S. Navy has launched an investigation into a data breach involving the personal information of more than 130,000 current and former sailors. The organization was informed by Hewlett Packard Enterprise Services on October 27 that the laptop of an employee supporting a Navy contract had been “compromised.” An investigation revealed that the device contained the personal details, including names and social security numbers (SSNs), of 134,386 current and former sailors. Affected individuals will be notified in the upcoming weeks via phone, email and letters. While there is no evidence that the compromised information has been misused, the Navy says it’s looking into credit monitoring service options for impacted sailors. “The Navy takes this incident extremely seriously- this is a matter of trust for our Sailors,” stated Chief of Naval Personnel Vice Admiral Robert Burke. “We are in the early stages of investigating and are working quickly to identify and take care of those affected by this breach.”

SecurityWeek, November 25, 2016

Gene Fredriksen

Gene Fredriksen

Chief Information Security Officer at PSCU
Responsible for the development of information protection and technology risk programs. Gene has over twenty five years of Information Technology experience, with the last twenty focused specifically in the area of Information Security. He served as the Chair of the Security and Risk Assessment Steering Committee for BITS, as well as serving on the R&D committee for the Financial Services Sector Steering Committee of the Department of Homeland Security.He also served as an advisor on various cyber security steering committees for the administrations of George W. Bush and Bill Clinton, assisting in the preparation of the president’s Cyber Security Position Paper. Gene is a member of the SC Magazine Editorial Advisory Board.

He has published numerous papers and books and maintains a close working relationship with both local and federal law enforcement agencies.
Gene Fredriksen

 


 

 
 
 

Leave a Reply