Technology Law Source

Archives: Identity Theft

Subscribe to Identity Theft RSS Feed

Phishing for tax returns: Where’s your refund?

The use of phishing scams, phone scams and computer hacking seems to multiply daily. The object of the scams and hacks: getting your tax refund. How? By the scammers and hackers filing a false tax return on your behalf. It’s more common than you think. Part of the problem is that those darn phishing emails look so real, including company logos, brand identity, signature blocks and even the photo of the alleged sender of the email.

These scams are not new, but many of them continue to succeed. Last year, phishing emails were so prevalent that it prompted the IRS to issue a special alert. It’s becoming common practice for IT departments at many companies to introduce “fake” phishing threats to train their employees on what not to do. These are essentially planned attacks from a known source. Employees learn how to recognize a phishing email using various techniques, such as looking for misspellings, incorrect domains and hovering over any links embedded in the body of the email. More importantly, they learn what to do, and what not to do: DO report the suspicious email to the help desk and delete the email; DON’T reply to the email, click on any links in the email, or open any attachments to the email.…

IMPACT: Measuring the Loss of Brand and Business Reputation after a Data Breach

Brand and business reputation suffer following a data breach. A recently released survey puts some numbers to the losses and shows just how much that damage can be, with breach of customer data being the most costly. The study, independently conducted Ponemon Institute LLC and sponsored by Experian® Data Breach Resolution, is believed to be the first study to compare the impact of the loss of confidential customer or employee information and sensitive business information with loss of brand and business reputation.…

Porter Wright Information Privacy and Data Security Workshop Series

Please join us for this informative series focused on the technical, enforcement, and practical aspects of experiencing and responding to a data security incident. For the complete invitation and details on registration please click here.


Learn How to Effectively Utilize Law Enforcement and Private Security Resources to Protect Yourself and Your Business From Computer Criminals

January 20, 2011 11:30 a.m. – 1:30 p.m. Lunch will be provided Capital Club – 41 South High Street, 7th Floor Columbus, Ohio

Focus issues: Trends in Identity Theft What Can Lead to a Data Breach Law Enforcement Identity Theft Investigations


FBI Issues Warning Regarding Denial of Service Attacks

Is your phone ringing off the hook? Then you’d better check your bank account. According to the Federal Bureau of Investigation, a new “telephone denial-of-service” attack is combining high-tech and low-tech fraud techniques to steal money from the bank accounts of unsuspecting victims.

As reported in the alert issued by the FBI, the scam begins with the suspect obtaining a victim’s personal and banking information, perhaps including bank account numbers, PINs, and passwords. Scammer can obtain a victim’s personal and banking information in a variety of ways, such as through phishing emails, social engineering tactics, or malware surreptitiously installed on a person’s computer.

Once the scammers have the victim’s personal information, they begin tying up the victim’s telephone line by using automated resources to place hundreds or thousands of calls to the victim’s telephone, not unlike a Distributed Denial of Service attack aimed at a computer network that overwhelms a computer with requests for information resulting in a slowing or failure of the network.

While the victim is busy dealing with the onslaught of telephone calls, the scammers quickly drain the victim’s bank account using the previously obtained personal and banking information to gain access to the account. If the banking institution calls its customer to verify the transactions they find the victim’s telephone line to be busy. In some cases, scammers are brazen enough to change a victim’s contact information listed with the bank. As a result, calls from a bank to verify fraudulent transactions are redirected to …

Identity Theft Protection Company to Pay $12 Million to Settle FTC Claims, State AG Actions

According to an FTC press release on March 3, 2010 and as reported in various media outlet reports, like this one from The New York Times, LifeLock, Inc., an identity theft protection company, has agreed to pay $11 million to the Federal Trade Commission and $1 million to a group of 35 state attorneys general to settle charges that the company used false claims to promote its identity theft protection services.

The FTC claims and state attorneys general actions appear to have been centered around LifeLock’s representations that its protections against identity theft were complete, absolute, and guaranteed.  FTC Chairman Jon Leibowitz noted in the FTC’s press release,

"While LifeLock promised consumers complete protection against all types of identity theft, in truth, the protection it actually provided left enough holes that you could drive a truck through it."…