The Leader in Face-to-Face Education for Senior Executives
Offering regional and national programs, CIO (and CSO) events bring
together some of the most respected names and thought leaders in
information technology and security. Presented by CIOs and other
senior level executives, these invitation-only programs offer timely
topics and strong networking.
A Peer-Advisory Service and Professional Association for CIOs
Public Teleconferences Join CIO Executive Council members and
participate in the following live one-hour teleconferences:
A recent phishing scam targeting users of online services has
successfully duped hundreds into divulging credit card and other
personal information, a security company said today.
According to Dan Clements, president of CardCops Inc., an identity
protection service of Trumbull, Conn.-based Affinion Group Inc., the
phishing campaign scammed between 100 and 200 people with mac.com
addresses in just one day.
CardCops, which uses automated bots and human investigators to scour
the Internet’s underbelly—the chat rooms, sites and message
forums frequented by cybercriminals—uncovered a stash of records
on a server that hackers use to house stolen information.
“We found 20 different files parked on the server,” said Clements,
“each file with two or three or four, up to 20, profiles.”
Computerworld, which was allowed to view the profiles, verified that
the records, or “full profiles” as Clements dubbed them, included full
names, mailing addresses, credit card numbers, card security numbers,
birth dates, mother’s maiden names, and e-mail addresses and
passwords.
“Cumulatively, there were about 300 profiles collected in that one
day,” Clements said. “And 100 to 200 were mac.com addresses.”
After some additional investigation—which included calling many
of the victims to verify that they’d fallen for the
ploy—CardCops pieced together the crime. “We realized that it
was a phishing attack, of course, but also that these phishers timed
it with an Apple event.”
Clements referred to the recent migration Apple conducted for
subscribers of its older .Mac online service to MobileMe, the
successor that launched just over a month ago. “It looks like that
raised the conversion rate of their captures,” he added, explaining
the phishers’ success rate in tricking people into giving up credit
card and other confidential information.
Earlier this week, Macworld, a Computerworld sister publication, with
sophisticated identity theft attacks, again claiming that credit card
problems required them to re-enter information to update their
accounts.
» FORTUNE 100 insurance leaders rely on the Symantec Data Loss
Prevention solution to protect sensitive customer data.
» Do you know where your confidential data is, where it is
going, and how to prevent it from leaving your organization.
» Learn what the thought-leaders at PricewaterhouseCoopers have
to say on the risks associated with data security.
» Incorporate best practices from many companies using DLP
solutions as you establish your organization’s requirements and
safeguard confidential data.
» Learn how this proactive implementation of a DLP solution
helps ensure E-LOAN’s customer trust and loyalty.
Get instant email notifications by topic when white papers, webcasts,
and case studies are added to our library.
Just the basics, please. Sometimes we all need a refresher or we need
to make sure our team and our colleagues are all on the same page.
Search Engine News 