October 29th, 2015 by Elma Jane
What is Identity Theft?
Identity theft and identity fraud are terms used to refer to all types of crimes in which someone wrongfully obtains and uses another person’s personal data.
Basic categories of identity theft:
Account Takeover Fraud – is one of the two basic forms of financial identity theft, it occurs when a fraudster obtains and uses a victim’s personal information to take control of existing bank or credit card accounts and carries out unauthorized transactions right at a point of sale or access individual accounts online. Victims are often the first to detect account takeover when they discover charges on monthly statements they did not authorize or funds depleted from existing accounts.
Business or commercial identity theft – entails using a business’ name to obtain credit or even billing a business’ clients for products and services. Business identity theft can go on for years undetected.
Criminal identity theft – occurs when an imposter gives another person’s name and personal information such as drivers’ license, date of birth, or Social Security Number to a law enforcement officer during an investigation or upon arrest.
Identity cloning – some people use identity theft and identity cloning interchangeably, but definitely are not the same thing. True identity clones pretends to be you, they want to assume your identity. They want to become YOU.
Medical identity theft – occurs when someone steals your personal information (like name, Social Security Number or MediCare Number) to obtain medical care in your name. Medical identity theft can damage your credit rating.
New Account Fraud – means using another’s personal identifying information to obtain products and services. New credit card accounts is the most prevalent form of new account fraud. Because the thief is likely to use a different mailing address, the victim never sees the bill for the new account. When this type of fraud involves a credit card, once the new plastic is issued, the criminal turns it into cash very quickly. Victims may also be denied credit as a result of applying for loans.
Posted in Best Practices for Merchants Tagged with: bank, credit, credit card, data, fraud, medical, Medicare, point of sale, transactions
September 10th, 2013 by Admin
Verizon annually releases it’s Data Breach Investigation Reports which probes data breaches in various industries and studies the nature of fraud reported by merchants and other agencies. In the past Verizon has worked with the U.S. Secret Service, now the information gathered on the electronic payment breaches have expanded to Police Central e-Crime Unit, Australian Federal Police, the Dutch National High Tech Crime Unit, and the Irish Reporting & Information Security Service in addition to the United States Secret Service.
One area that Verizon broke out and performed independent studies on was the healthcare industry. In 2010 the Health Information Technology for Economic and Clinical Health (HI TECH) Act included a provision to report healthcare and medical data breaches to a variety of outlets including the Secretary of Health and Human Services. Medical record protections keep the casual cyber criminal at bay but the majority of security data breaches are in large part targeted at information attackers can profit from. The data cybercriminals target most often includes health insurance data, personal and electronic payment transaction data. Hardware is another assett that is targeted both because of the data on the hardware and the cost of the hardware itself.
Remote data breaches on health care providers were typically carried out through some form of hacking or malware. That is consistent with other industries in the report and is considered the favorites among cybercriminal organizations. Exploiting of default or guessable credentials rang in at the top of the chart. Of those, point of sale payment systems and desktop computers were the highest targeted areas of the health care industry. Although electronic medical records and transcriptions stored on file and database servers were a target, those criminals were more likely interested in indentity theft and fraudulent loans than what was actually in any individuals medical records.
Point of sale payment terminals are the most targeted assett with POS servers and gateways as the second most targeted. Like all other sectors, professional criminals tend to follow the money trail and that ends up being at POS payment systems. So much so that even desktop computers and emails try to get malware onto medical systems to render security policies inneffective. To find out how to better protect medical and healthcare records from cybercriminals and data breaches read the reports here and here.
Posted in Best Practices for Merchants, Credit Card Security, Point of Sale Tagged with: Breach, breaches, electronic payment, gateways, healthcare, medical, point of sale, POS, Security, transactions, transcription
