During my morning news scan, I came across some interesting articles surrounding the recent Hell Tor deep web cybercrime forum. And in particular, discussion about the associated text file that contained more than 23,000 records that “appeared” to be a user database populated exclusively by user accounts with dot-gov email from the Office of Personnel Management (OPM). After a close review of the file, experts stated that these records -- made available as a teaser and/or as “proof” that the hackers had compromised the agency -- were not from the OPM, instead they were a list of users stolen from a different government agency — Unicor.gov, also known as Federal Prison Industries.
Fri, Jul 31, 2015
Wed, May 27, 2015
Just a month ago, I wrote about an emerging critical cyber threat trend -- attacks centered on health care providers and health insurance systems. These schemes are very lucrative for thieves because the loot, electonic health records, contains everything needed -- social security numbers, known addresses, phone numbers, relatives, payment preferences -- to create duplicate identities for individuals. Just add the photo.
Wed, May 27, 2015
I’m just back from a fantastic International Trademark Association (INTA) conference. It is exciting to spend a few days with the foremost practioners in trademark and IP world. One of the most visible organization there was a registrar, Vox Populi Registrar, Inc., who owns the .SUCKS gTLD. Their representatives, clad in bright blue and white, were merrily touring the floor, speaking with vendors and attendees, about how much business sense it made to a brand to purchase the .SUCKS domain. There booth featured a continuous slide show of F500 brands,"using" the .SUCKs domain. ibm.sucks; ford.sucks; starbucks.sucks. yourcompanyhere.sucks. Outside the conference hall, there were more blue-clad representatives, passing out .SUCKs items that were prohibited in the hall. The Vox Populi message was communicated clearly -- It only costs $2500/year to reserve this gTLD.
"Isn't that a small amount to pay to know that no one else uses it with your brand?..."
Topics: risk management, brand abuse, online brand protection, Reputation Management, INTA, trademark, intellectual property, Risk, gTLDs, cyber threats, Chief Security Officer, online risk, unauthorized associations
Tue, Apr 21, 2015
Recently, on Dark Reading, Sara Peters and Ericka Chickowski wrote a great piece that ran about PII-centric attacks and threats in the healthcare market.
As the Health Care marketplace moves online, opportunistic criminals are retraining their attacks to focus on Health Care consumers.
Over the past decade, there has been enormous pressure on the healthcare industry to move health records online. Today, according to studies recently published by the U.S. Department of Health & Human Services, almost 90 percent of all doctors and almost 75 percent of all hospitals have deployed at least a basic electronic health record system. And, these adoption rates have soared over the past five years. Insurance reimbursements have been managed online for years, and healthcare enrollments through employers are increasingly managed through a Web browser. The rollout of the Affordable Care Act, with its online purchase model, further accelerated the migration of healthcare to a predominantly online model.
Fri, Jan 23, 2015
Mobile App-based Threats Can Quickly Derail Your Brand
Mobile Apps are in the news. And they deserve to be. Mobile devices are driving a revolution in computing form factors and transforming digital commerce. Today, businesses aggressively use mobile apps to provide their customers instant connectivity to content, commerce and customer service. From banking and retail to insurance and entertainment, marketing teams are increasingly delivering mobile apps to drive carefully created brand experiences with their customers via these devices that are permanently on … and rarely farther away than a purse or pocket.
Topics: mobile app monitoring
Tue, Dec 16, 2014
- Mobile App Threat Potential Triples
- More than 150K scam and fraudulent activity mentions across Social Media
- 27,000 unique phishing attacks
This is the third year that BrandProtect has investigated this online event.
Fri, Aug 01, 2014
On December 11, 2013, the Federal Financial Institutions Examination Council (“FFIEC”) released the article, Social Media: Consumer Compliance Risk Management Guidelines, to educate financial institutions about the risks involved in using social media. There are no additional obligations, however, this Guidance strongly suggests that financial institutions, effective immediately, become educated on the potential compliance, reputation and operational risks as it relates to social media use, and implement these guidelines into their risk management strategy. Credit Unions, like Banks, can benefit from these risk assessment strategies and need to be aware of the reputational damage that can occur via social media as a result of neglecting risk management. Here are the summarized risks that Credit Unions should be aware of and integrate into their risk assessment process:
Fri, Jul 11, 2014
It is no surprise that 84% of businesses have now adopted social media to implement an online presence to communicate with customers and overall, increase their brand reach . Whether a small independent business or a large B2B company, it is more evident than ever that businesses who do not build and maintain an online social media presence will get left behind, and evidently lack competitiveness. Having a social media presence offers clear advantages for marketing and sales departments, however, with this comes the disadvantage of having increased social media risks that could potentially harm the company’s brand. Therefore, it is extremely important that businesses adopt a Social Media Risk Plan to manage their reputation online and know how to mitigate potential threats.
Topics: Brand Protection, risk management, defamatory, brand abuse, online brand protection, Reputation Management, Social Media Monitoring, employees social media, online identity, social media, Internet Threats, Risk, internet security, cyber threats