CyberheistNews #17



CyberheistNews Vol 1, #17







Editor's Corner



KnowBe4


[caption id="attachment_1367" align="alignleft" width="150" caption="Stu"]cybercrime[/caption]

Scam Of The Week: ATM Eats Card











Cybercriminals have a new trick. They trap debit and credit cards in

ATMs so they can retrieve them later. It's a move that was caused by

better security measures designed to prevent skimming. There are

several ways to trap a card in an ATM. One trick is to put a device

on the machine that uses either tape, wire or thread in order to

hold a card in. Criminals can then retrieve your card when you walk

away. The PIN can be gotten either by literally looking over your

shoulder or by putting an overlay device on the keypad that can record

your PIN.









So, what to do? Ideally, only grab cash from the ATM at your local

bank. When the ATM eats the card, stay with the ATM and call the

bank on your cell phone. If you are traveling and an ATM in an airport

eats your card, call the credit card company and get them to kill

that card right there and then. Put the 800-number of your credit

card company in your cell phone NOW. Tell your friends.







How Big Is Your Email Attack Surface?







How many of the email addresses of your organization are floating

out there on the Net? Easy to find by hackers, and used for phishing

attacks? Find out now, for free:


http://www.knowbe4.com/eec/





Quotes of the Week









"Far more thought and care go into the composition of any prominent

ad in a newspaper or magazine than go into the writing of their

features and editorials."
- Marshall McLuhan







"If you would not be forgotten as soon as you are dead, either write

something worth reading or do things worth writing."
- Benjamin Franklin







Please tell your friends about CyberheistNews! They can subscribe here:


http://www.knowbe4.com/about-us/cyberheist-news/



KnowBe4






Training: A Powerful Breach Preventer







The Department of Defense, perhaps in reaction to the recent TRICARE

military health program breach, has issued, in conjunction with two

other agencies, a proposed rule that spells out requirements for

contractors' employees to receive training on privacy protections.

And it's time for all healthcare organizations to follow DoD's lead

and check on the privacy training their business associates offer.





A lack of training seems to be one of the causes of many healthcare

information breaches involving business associates. In the TRICARE

incident, unencrypted computer backup tapes containing information

on 4.9 million beneficiaries were stolen from the car of an employee

of a contractor, Science Applications International Corp. Perhaps

a refresher course on HIPAA compliance could have helped avert the

mistake. Here is the story on the Healthcare Infosecurity blog:


http://www.healthcareinfosecurity.com/





KnowBe4






Who Else Was Hit by the RSA Attackers?



The data breach disclosed in March by security firm RSA received worldwide

attention because it highlighted the challenges that organizations face in

detecting and blocking intrusions from targeted cyber attacks. What's more, the

subtext of the intrusion was that if this could happen to one of the largest

security firms, what hope was there for organizations that aren't focused on

security?



Security experts have said that RSA wasn't the only corporation victimized in

the attack, and that dozens of other multinational companies were infiltrated

using many of the same tools and Internet infrastructure. But so far, no one has

been willing to say publicly which additional companies may have been hit.

Today's post features a never-before-published list of those victim

organizations. The information suggests that more than 760 other organizations

had networks that were compromised with some of the same resources used to hit

RSA. Almost 20 percent of the current Fortune 100 companies are on this list.

And all this because employees clicked on a phishing link and opened an

infected excel spreadheet. More at the Brian Krebs Blog:


http://krebsonsecurity.com/2011/10/who-else-was-hit-by-the-rsa-attackers/





KnowBe4






Stupid Hacker Tricks: Exploits Gone Bad







Taunting tweets, provocative pics, iPad-spam chats -- stupid slip-ups lead

to high-profile hacker arrests. Fun article to read:


http://www.computerworld.com/s/article/9221127/Stupid_hacker_tricks_Exploits_gone_bad?



KnowBe4







Cyberheist 'FAVE' LINKS:







* This Week's Links We Like. Tips, Hints And Fun Stuff.





People Are Awesome 2011 - A compilation of awesome people doing incredible

things:


http://www.flixxy.com/people-are-awesome-2011.htm



Tel-Aviv University demonstrates "quantum levitation" - superconductors

locked in a magnetic field:
http://www.wservernews.com/go/1319190565687



Watch and listen to "Life of Flowers" and see if it doesn't makes you smile:
http://www.flixxy.com/penguin-heist.htm


One US Aircraft Carrier Has A More Powerful Air Force Than 70% Of All Countries:


powerful-air-force-than-70-of-all-countries-video/">http://www.dump.com/2011/04/16/one-us-aircraft-carrier-has-a-more-

powerful-air-force-than-70-of-all-countries-video/





Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews