Posts

With its global crime-fighting efforts, the FBI can monitor potential criminal activity in an effort to take preventive action. One of the many important industries that the agency can protect this way is the financial sector. Recent discoveries have already prompted the FBI to issue a warning to banks and financial institutions: we have reason to believe a global-scale cybercrime is about to happen.

Specifically, this cybercrime targets ATMs, forcing what’s known as an “unlimited operation,” or “ATM cash payout scheme.” Essentially by combining malware infections at various banks with stolen card information onto magnetic stripe card blanks, thieves can bypass the usual account balance limits and daily withdrawal limits to steal millions of dollars through ATMs.

These kinds of attacks aren’t new, and law enforcement agencies have even managed to arrest a bad guy or two for this specific category of crime. The real obstacle, though, is that global crime syndicates can enable the theft of millions of dollars from ATMs before anyone notices what’s happening.

Many banks stock their ATMs with a fresh supply of cash for the weekend or a holiday since the bank won’t be open to help customers, so the FBI has already warned that an attack could take place at times like these.

The FBI had some vital tips for banks concerning this possible incident. While you can’t stop a global crime syndicate, there are a lot of things you can do to help:

1. Don’t panic – Your gut instinct might be to run to the bank and withdraw a lot of cash as a safety net, but that doesn’t help anything. It’s far more important to keep your head and continue with your everyday financial behaviors.

2. Monitor your accounts – After any kind of POS or data breach, consumers are urged to check their account statements. This time, we mean it! Checking your accounts right now—literally, right now—for any signs of suspicious behavior and then reporting that behavior to your bank could mean that your stolen card information (the one thieves transferred onto a blank magnetic stripe card) won’t work when a thief tries to use it. You could be one less card that gives them access to the bank’s money. So check your accounts and spread the word!

3. Report strange activity – Take immediate action if you find anything out of the ordinary in your account statements as this could indicate someone has been in your account. If someone accesses your account, they might copy it onto a blank card.

Again, one of the most important things you can do is not panic. As word spreads, there may be social media posts that end up spreading misinformation to a viral audience. Help others know fact from fiction when it comes to the impact of this crime.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Read next: The Harm in Hoaxes on Social Media

When news breaks of a data breach, consumers might envision a network of Dark Web hackers infiltrating a major target and stealing their files. However, a large number of data breaches are the work of a company’s employees. Sometimes, those employees have set out to steal information from the business, while other inside job data breaches are purely accidental.

That appears to be the case in yet another data breach that can be traced back to an unsecured Amazon S3 web hosting server. Many breaches have already occurred as a result of user error in password protecting these hosted file storage databases, but this time, the compromised information was voter registration records.

A data breach involving voter records might automatically make the public assume the worst in today’s political climate, so it’s important to point out that the compromised information includes a lot of data that is already publicly available to researchers, journalists and other interested parties.

In this event, an unsecured server allowed anyone who “stumbled” on it online to see information that includes full names, phone numbers, complete mailing addresses, political affiliations, birth dates and genders, demographic information that has been gathered and more. The database included records for more than 26,000 voters, according to a report by Bob Diachenko, head of communications for cybersecurity firm Kromtech Alliance Corp.

Diachenko found the information online after conducting a sweep for unsecured S3 web servers. The information belonged to a political robocalling company named Robocent, who sells individual voter records to anyone who wants them for three-cents apiece. The only thing Diachenko had to do to find this exposed database was search for the keyword “voter” in his hunt for unsecured servers.

Unfortunately, another service had already found the information. According to a report on this incident by Cyberscoop, “By the time it was identified by Kromtech, the server had already been indexed by GrayhatWarfare, another website that scans the internet for open S3 buckets.”

When Diachenko reached out to Robocent to report the compromised data, the response was less than satisfactory: “We’re a small shop (I’m the only developer) so keeping track of everything can be tough.” The information is now secured, but there is no way of knowing who else has already seen it.

Looking back at the information that was exposed, it might seem like fairly harmless, common knowledge-type data. After all, names and addresses need more protection. However, this type of database exposure is a gold mine for identity thieves who commit synthetic identity fraud; that type of fraud occurs when the criminal pairs existing identifying information with a made up or unissued Social Security number, essentially creating a fake person who has the victim’s name, address, and other data points.

Since members of the public have very little recourse when it comes to knowing if someone compromises their information, it’s more important than ever to monitor your account statements and credit reports, secure all of your accounts with strong, unique passwords and stay on top of anything suspicious that happens with your identifying information.

ith harsh comments, pleas for help, and any other statement to get the money out of you. Don’t fall for it, and don’t let love turn into heartache and loss by giving in.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Ah, summer! What’s better than longer days, warmer temps and maybe a quick out-of-town getaway to enjoy the season? Why, a budding romance, of course!

Unfortunately, for too many victims, that newfound romantic interest might be something other than he or she seems. Romance scams are some of the cruelest, costliest forms of fraud. Preying on people’s loneliness and hope, the perpetrators have no qualms about not just stealing your money, but also leaving you broken-hearted, embarrassed and ashamed.

With the summer months in full swing, there’s no time like the present to identify the telltale signs of a possible scam and develop some strong self-protection skills:

1. The Out-of-Towner Love Interest – It seems like many romance scammers have one unifying feature: they work out of town or in career fields that keep them isolated. It might be on an offshore oil rig, a deep-sea fisherman, a deployed active duty service member, or any other plausible excuse to not be available to talk or message all the time. If you meet someone online with one of these specific or similar job areas, proceed with caution because that’s a huge red flag

2. The Struggling Widow – Many online scammers rely on the sob story to get money out of their victims. A typical scenario is a single parent with a wonderful child, as this allows them the chance to very quickly ask their victim for money. “My son’s computer broke and I’m away at sea, he’s going to fail the school year and lose his scholarship if he doesn’t turn in this paper…” Who would refuse to help a dedicated student while his parent is out of town? Again, romance scammers often rely on the widow/widower story to snare their marks

3. The Overly Zealous Significant Other – “I’ve never felt this way before… I hope I don’t scare you off, but I think I want to spend the rest of my life with you.” Romance scammers often take a long time to groom their victims, keeping the charade going for months before starting to cheat them. During that time, scammers may even work in shifts to ply their victims with sweet talk, text messages filled with hearts and flowers and more. By escalating the relationship quickly, the victim already feels invested in it. Refusing to give money to a desperate person after they’ve professed their love and started talking about marriage? Inconceivable

4. And Finally, Show Me the Money – When a romance scammer finally does come around to asking for money, there’s ALWAYS a reason. “I hate to ask you this, please feel free to say no…” but my mother’s utilities are about to be shut off due to an error at the bank and I’m away at sea, or our son’s tuition check didn’t clear and they’re going to kick him out of school right here at exam time if it’s not paid. Other, more sophisticated tactics even involve the scammer sending the victim a check or granting them access to their bank accounts, only to end up costing the victim money when they go back on their promise. Many victims have also reported being told to send the money via untraceable methods like Western Union despite supposedly knowing this person.

Here’s the real clincher about romance scams: far too many victims keep it going rather than admit—to others or themselves—that this was all a giant lie. There have even been reports of victims becoming part of the scam, helping to launder money or bilk others for funds. Do NOT hesitate to cut off any relationship that starts to smell like a fraud.

If you are ever asked for money from someone online, stop and think: why would this person need me to help? Where are the other people this individual could turn to? Then, try this: refuse. Be firm about not paying, no matter what excuse the other party gives, and see if it leads to the end of the relationship. Any legitimate love interest would immediately backtrack and apologize, but a scammer will double down with harsh comments, pleas for help, and any other statement to get the money out of you. Don’t fall for it, and don’t let love turn into heartache and loss by giving in.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.