now browsing by tag
#cyberfraud | #cybercriminals | Cottage Grove Sentinel | Building a Digital Defense Against Medicare Scams
More and more companies are offering services to test your DNA, allowing you to explore your genetic heritage. Eastern European? Chilean? Something super exotic that you never even considered as part of your ancestry? These tests can be spendy, though, so when someone offers you a special deal to do the testing for free, it sounds like a good deal. Scammers know this and have concocted a new scheme to steal your personal information.
Our friends at the Federal Trade Commission (FTC) are receiving reports that callers, claiming to be from Medicare, are asking for personal information, such as Social Security or Medicare numbers, in exchange for a “free” DNA testing kit. The fraudster may make a convincing argument by claiming that the test is a “free way” to get an early diagnosis for diseases like cancer. However, the truth of the matter is that Medicare does not market DNA testing kits to the general public.
Here are some tips on what you can do to avoid being a victim:
If an alleged “government agency” demands personal information or payment, you can be sure it is a scam.
Don’t rely on caller ID. Scammers can make it appear as if they were calling from a government-affiliated number.
Never give anyone who randomly calls you information such as your bank account, credit card, Medicare or Social Security number. Scammers can use this information to either steal your identity and your money.
You can report Medicare imposters at 1-800-MEDICARE and ftc.gov/complaint.
As always, if you have been the victim of this online scam or any other cyber fraud, can also report it to the FBI’s Internet Crime Complaint Center at www.ic3.gov or call your local FBI office.
View full post on National Cyber Security
#nationalcybersecuritymonth | Do You Know How To Protect Yourself Against Phishing Emails? – University Times
Source: National Cyber Security – Produced By Gregory Evans Close Illustration by Lauren Dahncke Illustration by Lauren Dahncke Illustration by Lauren Dahncke National Cybersecurity Awareness month recently came to an end, but phishing emails never seem to. According to Cal State LA’s Information Technology Security, phishing emails are sent to the recipient with the purpose […] View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans Article by Wontok product head Bruce Carney Never a day goes by without headlines of yet another cyber-attack, data breach or identity theft – even boardrooms have finally become familiar with terms like “ransomware” – an alien concept in the past that belonged to the “geeks […] View full post on AmIHackerProof.com
#cyberfraud | #cybercriminals | Cybersecurity: Hostile nations responsible for ‘significant’ number of attacks against UK organisations
The National Cyber Security Centre (NCSC) has helped UK organisations fight over 600 cyber attacks over the course of the last year, with hostile nation-states blamed for a ‘significant’ number of the attempts at hacking UK-based targets.
The NCSC Annual Review 2019 sheds a light on some of the work the cyber arm of GCHQ has done over the last year to help protect the UK from malicious cyber activity and reveals that it handled 658 incidents in the last 12 months, providing support to almost 900 victims of cyber attacks.
Some of the cyber attacks which have targeted the UK in the past year include a phishing scam posing as an airport refund email which attempted to defraud over 200,000 people, nation-state backed hackers attempting to steal intellectual property from universities, a ransomware attack against the police.
It takes the total number of cyber incidents the NCSC has dealt with since it opened its doors in 2016 to almost 1,800 as cyber criminals and other malicious threat groups continue to target the UK.
For the first time, the NCSC has detailed the sectors which has been most commonly called on to support in reaction to incidents. Government is the top target for cyber attacks, followed by academia and tech companies. Managed service providers are the fourth most common organisations which the NCSC has helped with cyber incidents, followed by transport and health in joint fifth place.
“From handling more than 600 incidents – many from hostile nation states – to equipping the public with the tools they need to stay safe online, we are employing our expertise on a number of fronts,” said Ciaran Martin, chief executive of the NCSC.
SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)
The report lists Russia, China, Iran and North Korea as hostile states actively targeting the UK with cyber attacks, following the NCSC strategy of calling out countries conducting attacks.
The NCSC is also trying to keep individual users safe from cyber attacks and has revealed one way it has been doing so is with something called the Haulster operation which automates defence of credit cards by flagging fraudulent intention against them.
Haulster takes stolen credit card data collected by the NCSC and its partners and returns information about them to banks – often before being used for crime, allowing financial institutions to protect users from their money being stolen. So far, this operation has flagged fraudulent information against a million stolen credit cards and the NCSC aims to increase the scope of the operation.
The NCSC also continued with its policy of Active Cyber Defence (ACD), a strategy designed to ensure there are fewer cyber attacks in the world, causing less harm to users in the UK and beyond in the process.
A major element of this is a takedown service which stops phishing and other malicious websites from operating as soon as possible by contacting the web host and getting the sites removed from the internet.
According to the annual report, 98% of phishing URLs – 177,335 of them – discovered by the takedown service were successfully forced to stop operating. In 62% of cases, this happened within 24 hours of the website being deemed to be malicious.
The fight against these malicious domains means the UK only accounts for 2% of the websites hosting phishing scams around the world – down from 3% last year and 5% when the NCSC started operating.
However, despite a number of successes from the NCSC, the organisation isn’t under any illusion that the fight against cyber attacks and hacking is anywhere near over – and that everyone has a part to play in battle.
“Looking ahead, there is also the risk that advanced cyber attack techniques could find their way into the hands of new actors, through proliferation of such tools on the open market,” said Martin.
“Cyber security has moved away from the exclusive prevail of security and intelligence agencies towards one that needs the involvement of all of government, and indeed all of society,” he added.
READ MORE ON CYBER SECURITY
View full post on National Cyber Security
An estimated 97% of cyber-attacks originate from or involve email.
This estimate cited by The Wall Street Journal may be a little bit high, according to IT consultant J. Peter Bruzzese, who believes it is between 90% and 95%. But it nevertheless means emails are the biggest threat and employees are typically the weakest point at which an organisation can be attacked.
Speaking at the Armour Expo on Friday, 4 Oct., Bruzzese said gone are the days when hackers would drop infected USB sticks in the parking lot of their target organisation.
Those who picked up the devices and used them would ultimately infect their computers and potentially a whole network. The method was so successful that IT teams started to super glue the USB drives on computers to render them unusable.
“We actually have software for that,” the IT consultant said. “But some people are really extreme. Why? Because that’s where the threat was coming from.”
Nowadays these types of attack have been replaced by sophisticated email scams.
These can take the form of ransomware and other malware attacks, URL links that lead to malicious websites and even impersonation attacks that make heavy use of “social engineering”, the hacker term for manipulating the victim through verbal or written interaction.
Far from the Nigerian email scams, which involved preposterous stories written in bad English, these attacks appeal right to the heart of the victim, said Bruzzese. They are emails using sophisticated language, often imitating a person known to the target, and containing plausible messages or requests.
The IT consultant presented an email that he, although highly sensitised to the threat, fell prey to himself. It was purportedly sent from the CEO of a client company, who informed Bruzzese that the company had changed direction and to continue the collaboration his compensation structure would have to be adjusted. More information was supposedly contained in an attached Excel file.
Of course, Bruzzese said, he should have noticed that he had never communicated with the CEO about compensation in the past or that an Excel spreadsheet was not really needed in this context.
“I wasn’t thinking. That is what your end-user is like most of the time,” he told local IT professionals at the event hosted by IT and cyber-security firm eShore.
The first thing he therefore recommends is end-user training.
“You have to prevent the end-user from making that click or opening that attachment. If you can stop that just a proportion of the time, you will save the company the frustration of a ransomware attack, the frustration of some form of impersonation attack or URL-based attack where they get password credentials.”
But in some cases, even the best training will not be sufficient. When homoglyphs, different character sets that look like letters, are used to replicate an email domain name, Brazzese said what looks like “apple.com” to the naked eye will actually be “xm00-ak68.com”, adding, “That’s how sneaky these folks are.”
The solution therefore must involve technology on top of user security awareness because most people will not pick up on these attempts. “You have to have the technology in place. An end-user is never going to see a URL that is based on homoglyphs.”
Moving email systems into the cloud will take care of some, but not all, security issues. Most people think that if they use Office365 they will never have a problem with a ransomware attack because their email is in the cloud and on Microsoft servers, Brazzese noted. “That makes sense, except there is a new form of attack called a ‘ransomcloud’ attack.”
In this attack, the end-user is prompted with a fake Microsoft message to opt into certain settings to enhance their security. Once these settings are accepted, the attackers can take control of the Microsoft mailbox online and they can encrypt it.
“They only way you can get your mailbox back is to pay the ransom unless you have a back-up, which in Office365 most people don’t,” the IT consultant added, because most people believe that Microsoft backs up their emails in such a way that they can be easily restored. But with 180 million corporate users across the globe that is impossible, he said.
The post #cyberfraud | #cybercriminals | Strengthening the human firewall against cyber attacks appeared first on National Cyber Security.
View full post on National Cyber Security
#hacker | #government | Russian Secret Weapon Against U.S. 2020 Election Revealed In New Cyberwarfare Report
The FBI has warned that “the threat” to U.S. election security “from nation-state actors remains a persistent concern,” that it is “working aggressively” to uncover and stop, and the U.S. Director of National Intelligence has appointed an election threats executive, explaining that election security is now “a top priority for the intelligence community—which must bring the strongest level of support to this critical issue.”
With this in mind, a new report from cybersecurity powerhouse Check Point makes for sobering reading. “It is unequivocally clear to us,” the firm warns, “that the Russians invested a significant amount of money and effort in the first half of this year to build large-scale espionage capabilities. Given the timing, the unique operational security design, and sheer volume of resource investment seen, Check Point believes we may see such an attack carried out near the 2020 U.S. Elections.”
None of which is new—it would be more surprising if there wasn’t an attack of some sort, to some level. What is new, though, is Check Point’s unveiling of the sheer scale of Russia’s cyberattack machine, the way it is organised, the staggering investment required. And the most chilling finding is that Russia has built its ecosystem to ensure resilience, with cost no object. It has formed a fire-walled structure designed to attack in waves. Check Point believes this has been a decade or more in the making and now makes concerted Russian attacks on the U.S. “almost impossible” to defend against.
The new research was conducted by Check Point in conjunction with Intezer—a specialist in Genetic Malware Analysis. It was led by Itay Cohen and Omri Ben Bassat, and has taken a deep dive to get “a broader perspective” of Russia’s threat ecosystem. “The fog behind these complicated operations made us realize that while we know a lot about single actors,” the team explains, “we are short of seeing a whole ecosystem.”
And the answer, Check Point concluded, was to analyse all the known data on threat actors, attacks and malware to mine for patterns and draw out all the connections. “This research is the first and the most comprehensive of its kind—thousands of samples were gathered, classified and analyzed in order to map connections between different cyber espionage organizations of a superpower country.”
The team expected to find deep seated linkages, connections between groups working into different Russia agencies—FSO, SVR, FSB, GRU. After all, one can reasonably expect all of the various threat groups sponsored by the Russian state to be on the same side, peddling broadly the same agenda.
But that isn’t what they found. And the results from the research actually carry far more terrifying implications for Russia’s capacity to attack the U.S. and its allies on a wide range of fronts than the team expected. It transpires that Russia’s secret weapon is an organisational structure which has taken years to build and makes detection and interception as difficult as possible.
“The results of the research was surprising,” Cohen explains as we talk through the research. “We expected to see some knowledge, some libraries of code shared between the different organizations inside the Russian ecosystem. But we did not. We found clusters of groups sharing code with each other, but no evidence of code sharing between different clusters.” And while such findings could be politics and inter-agency competition, the Check Point team have concluded that it’s more likely to have an operational security motive. “Sharing code is risky—if a security researcher finds one malware family, if it has code shared with different organizations, the security vendor can take down another organisation.”
The approach points to extraordinary levels of investment. “From my perspective,” Yaniv Balmas, Check Point’s head of cyber research tells me. “We were surprised and unhappy—we wanted to find new relationships and we couldn’t. This amount of effort and resources across six huge clusters means huge investment by Russia in offensive cyberspace. I have never seen evidence of that before.”
And the approach has been some time in the making. “It’s is an ongoing operation,” Cohen says, “it’s been there for at least a decade. This magnitude could only be done by China, Russia, the U.S. But I haven’t seen anything like it before.”
The research has been captured in “a very nice map,” as Balmas described it. This map has been built by Check Point and Israeli analytics company Intezer, a complex interactive tool that enables researchers to drill down into malware samples and attack incidents, viewing the relationships within clusters and the isolated firewalls operating at a higher level.
The research has been angled as an advisory ahead of the 2020 U.S. elections. Russia has the capability to mount waves of concerted attacks. It’s known and accepted within the U.S. security community that the elections will almost certainly come under some level of attack. But the findings actually point to something much more sinister. A cyber warfare platform that does carry implications for the election—but also for power grids, transportation networks, financial services.
“That’s the alarming part,” Check Point’s Ekram Ahmed tells me. “The absence of relationships. The sheer volume and resource requirements leads us to speculate that it’s leading up to something big. We’re researchers— if it’s alarming to us, it should definitely be alarming to the rest of the world.”
So what’s the issue? Simply put, it’s Russia’s ability to attack from different angles in a concerted fashion. Wave upon wave of attack, different methodologies with a common objective. And finding and pulling one thread doesn’t lead to any other cluster. No efficiencies have been sought between families of threat actors. “Offense always has an advantage over defense,” Balmas says, “but here it’s even worse. Given the resources Russia is putting in, it’s practically impossible to defend against.”
“It’s alarming,” Check Point explains in its report, “because the segregated architecture uniquely enables the Russians to separate responsibilities and large-scale attack campaigns, ultimately building multi-tiered offensive capabilities that are specifically required to handle a large-scale election hack. And we know that these capabilities cost billions of dollars to build-out.”
I spend lot of time talking to cybersecurity researchers—it’s a noisy space. And given current geopolitics, the Gulf, the trade war, the “splinternet,” there is plenty to write about. But I get the sense here that there’s genuine surprise and alarm at just what has been seen, the extent and strategic foresight that has gone into it, the implications.
And one of those implications is that new threats, new threat actors if following the same approach will be harder to detect. The Check Point team certainly think so. “This is the first time at such a scale we have mapped a whole ecosystem,” the team says, “the most comprehensive depiction yet of Russian cyber espionage.”
And attacks from Russia, whichever cluster might be responsible, tend to bear different hallmarks to the Chinese—or the Iranians or the North Koreans.
“Russian attacks tend to be very aggressive,” Balmas explains. “Usually in offensive cyber and intelligence, the idea is to do things that no-one knows you’re doing. But the Russians do the opposite. They’re very noisy. Encrypting or shutting down entire systems they attack. Formatting hard drives. They seem to like it—so an election attack would likely be very aggressive.”
With 2020 in mind, Ahmed explains, “given what we can see, the organization and sheer magnitude of investment, an offensive would be difficult to stop—very difficult.”
Cohen reiterates the staggering investment implications of what they’ve found. “This separation shows Russia is not afraid to invest enormous amount of money in this operation. There’s no effort to save money. Different organisations with different teams working on the same kind of malware but not sharing code. So expensive.”
All the research and the interactive map is available and open source, Cohen explains, “researchers can see the connections between families, better understanding of evolution of families and malware from 1996 to 2019.”
The perceived threat to the 2020 election is “speculation,” Check Point acknowledges. “But it’s based on how the Russians are organizing, the way they’re building the foundation of their cyber espionage ecosystem.”
So, stepping back from the detail what’s the learning here? There have been continual disclosures in recent months on state-sponsored threat actors and their tactics, techniques and procedures. The last Check Point research I reported on disclosed China’s trapping of NSA malware on “honeypot” machines. Taken in the round, all of this increased visibility on Russian and Chinese approaches, in particular, provides a better sense of the threats as the global cyber warfare landscape becomes more complex and integrated with the physical threats we also face.
On Monday [September 23], 27 nation-states signed a “Joint Statement on Advancing Responsible State Behavior in Cyberspace,” citing the use of cyberspace “to target critical infrastructure and our citizens, undermine democracies and international institutions and organizations, and undercut fair competition in our global economy by stealing ideas when they cannot create them.”
The statement was made with Russia and China in mind, and a good working example of how such attack campaigns are supported in practice can be viewed by exploring Check Point’s Russian cyber espionage map, which is now available online.
View full post on National Cyber Security
There’s a good chance words like “cybersecurity” and “hacking” are floating around the minds of Atlanta’s internet users in light of the recent ransomware attack on the city’s computer network or the data breaches that affected Equifax customers.
In 2014, 47 percent of adults in the U.S. had some of their personal information exposed by hackers, and a recent Gallup poll showed that 67 percent of Americans worry “frequently or occasionally” about cybercrime.
Falling victim to cybercrime is a scary thought, but there are steps people can take to protect themselves from malicious agents on the internet. WABE has compiled a guide to common internet crimes with tips on how Atlantans can avoid falling victim to them.
Ransomware attacks affect victims large and small. It was a ransomware attack that left Atlantans without the ability to pay their bills for days in March, but these attacks can affect individual users’ computers as well. Once they’re running on someone’s machine, ransomware programs take control of the computer and threaten to restrict access to it indefinitely unless a ransom is paid.
Ransomware enters a computer or network either by “exploiting a security hole in vulnerable software or by tricking someone to install it,” according to internet security company Norton.
Victims of ransomware might find themselves compelled to pay the money asked of them to get their data back, but the FBI states that’s exactly what a user should not do. Ransomware should be removed by a “computer professional” because even when the malware appears to be gone, it could still be working in the background.
Phishing is the act of luring in users with emails or phone calls that appear to be innocuous but are actually sent to trick users into giving away access to their computers, according to Microsoft. Phishing scams usually originate in spam emails or phone calls from people claiming to be with companies such as Microsoft saying they need to gain access to a user’s machine.
It is relatively simple for attackers to disguise the emails they send to look like they originate from someplace official, be it a company’s IT department or even Microsoft itself.
Clicking on a seemingly harmless link in an email can be a trigger to install malware or a route for hackers to access personal information. In 2017, phishing scammers managed to steal the paychecks of 27 Atlanta Public Schools employees, costing the district nearly $300,000, according to the AJC.
Microsoft recommends a few best practices for staying away from phishing scams: make sure to hover over links before clicking on them to be sure they go where they say they do. Be wary of official-looking emails that are full of spelling or grammar mistakes and be sure to double-check spelling on URLs that look official because a slightly misspelled web address could lead somewhere dangerous.
All it took to put 56 million credit cards at risk and create $62 million in costs was a set of stolen log-on credentials for the computer network of Atlanta-based Home Depot, according to USA Today.
In addition to the credit card information that was stolen from self-checkout counters in Home Depot stores, millions of email addresses were stolen, leading to victims being at risk of further phishing scams.
One thing to remember is that, according to Experian, even though someone might be a victim of a data breach, they are not necessarily a victim of identity theft. The three steps the business services company recommends for people who have fallen victim to this are closely monitoring credit history and looking out for new accounts, keeping track of Social Security benefits and monitoring tax returns for unusual activity.
Denial Of Service Attacks
A Denial of Service, or DoS attack, is when an attacker attempts to take down a computer or network by targeting it with a barrage of requests. Every attempt to access a website by typing a URL or clicking a link is a request, but large numbers of these at the same time can overload a server and prevent legitimate users from accessing a website or its content, according to the United States Computer Emergency Readiness Team.
In 2016, the University of Georgia’s internet was brought to a halt by a Denial of Service attack that “saturated” the university’s internet capacity of 20 gigabytes per second of data, blocking all access to the internet for everyone on campus, according to the AJC.
These attacks are difficult to prevent, simply because they take advantage of the way a server works. But many of these attacks utilize networks called botnet, which are computers connected by the same piece of malware that can all be used at the same time. While a user may not be able to prevent a DoS attack against a network, they could potentially avoid their computer becoming the newest member of a botnet by remaining wary of phishing scams and ensuring their antivirus software is up to date.
While anyone can be the victim of cybercrime, there are a few helpful tips to keep in mind. Norton recommends practices such as using long, difficult-to-guess passwords, keeping your network secured and using a full-service internet security suite.
The post Cybercrime: How To #Define It And #Defend #Yourself #Against It appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
Cyber security #experts discuss #mitigating #threats, say #universities can #play a key #role in #protecting the #country against a #cyber attack
Former U.S. Director of National Intelligence and Navy Vice Adm. Mike McConnell advocated today for stronger protection of digital data transfers and for universities to play a key role in filling cyber security jobs.
McConnell was among the keynote speakers at the 2018 SEC Academic Conference hosted by Auburn University. The conference, which is ongoing through Tuesday, is focused on the topic of “Cyber Security: A Shared Responsibility” and brings together representatives from the SEC’s 14 member universities along with industry experts in the area of cyber security.
McConnell is encouraging the use of ubiquitous encryption as a solution for stronger data protection.
“As we go to the cloud…ubiquitous encryption of some sort would be used so that if anybody accessed that data, you can’t read it. If you’re moving [the data] from point A to point B, it scrambles so you can’t read it,” he said.
McConnell understands that stronger data security can come at a cost for others, including law enforcement who may need to access data within a device during a criminal investigation.
“What I’m arguing is the greater need for the country is a higher level of [data] security. If that’s the greater need, then some things of lesser need have to be sacrificed. So when I say ubiquitous encryption, that’s what I’m attempting to describe. It is protecting the data that is the very lifeblood of the country,” McConnell said.
McConnell also addressed how academia can help in securing the nation from cyber attacks.
“We have about 300,000 job openings across the United States for which there are no cyber security-skilled people to fill those jobs,” he said. “Universities are debating academically ‘What is cyber security?’ and ‘How do you credit the degrees?’ and ‘How do you get consensus on what it is and what it should do?’”
He urged universities to move more quickly on coming to a consensus so they can get certified and accredited to start producing students who can fill those jobs.
Glenn Gaffney, executive vice president at In-Q-Tel, also spoke to the role higher education institutions can play in cyber security during his keynote address at the conference.
“It is at the university level where we don’t have to take a top-down approach,” Gaffney said, adding that universities can work together, through research and student involvement, to create proactive solutions to cyber security. “This is where the next generation of leaders will be developed. It’s here that these dialogues must begin. This is the opportunity.”
Ray Rothrock, CEO and chairman of RedSeal Inc., was the day’s third speaker, presenting on the topic of “Infrastructure: IoT, Enterprise, Cyber Physical.” Rothrock also held a signing for his new book, “Digital Resilience: Is Your Company Ready for the Next Cyber Threat?”
Attendees at the conference are exploring computer and communication technology; the economic and physical systems that are controlled by technology; and the policies and laws that govern and protect information stored, transmitted and processed with technology.
Students at each SEC member university participated in a Cyber Challenge and presented posters displaying their work in the area of cyber security.
The post Cyber security #experts discuss #mitigating #threats, say #universities can #play a key #role in #protecting the #country against a #cyber attack appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
Source: National Cyber Security News
On March 13, a book titled “Russian Roulette: The Inside Story of Putin’s War on America and the Election of Donald Trump” will hit the shelves. Written by Michael Isikoff and David Corn, the book specifically focuses on Russia’s alleged interference in the 2016 US presidential elections.
In the summer of 2016, the Obama team prepared a plan for a large-scale cyber-operation against the Russian media, the country’s most influential businessmen and President Vladimir Putin personally, according to former White House cybersecurity coordinator Michael Daniel.
His remarks are included in “Russian Roulette: The Inside Story of Putin’s War on America and the Election of Donald Trump,” a book by Michael Isikoff’s and David Corn’s which is due to go on sale on March 13. Excerpts were released by Yahoo News earlier this week.
Daniel explained that the cyber-offensive against Moscow was co-authored by Celeste Wallander, the US National Security Council’s former chief Russia expert.
The plan stipulated that the National Security Agency (NSA) would conduct a number of cyberattacks to neutralize Russian websites and the Guccifer 2.0 hacker, who compromised the emails of the campaign headquarters of former Secretary of State Hillary Clinton and the Democratic Party’s National Committee.
View full post on National Cyber Security Ventures
Source: National Cyber Security News
When a data breach happens, it’d be great if you could simply prevent identity theft with a credit freeze. The truth is, nothing can prevent identity theft, although there are things you can do to help protect against it.
Still, with identity thieves taking aim at everything from tax refunds to bank accounts, it’s worth asking the question: “Is a credit freeze a good idea?
It can be. But it may not be enough. Here’s why.
When your personal information is exposed in a data breach, you could face a greater chance of becoming a victim of identity theft. More of your information could be out there. And if it is, it might be for sale on the dark web for criminals to acquire.
Consider this statistic: You are 11 times more likely to be a victim of identity fraud if you are notified of a breach. That’s according to the 2017 Identity Theft Study by Javelin Strategy & Research.
No one wants their personal information stolen in a data breach. But if it happens to you, you’ll probably want to do whatever you can to help protect yourself against identity theft.
View full post on National Cyber Security Ventures