Did you know that cyber crime is a multi-billion dollar industry? Probably not. You probably also didn’t realize that your personal data is the currency.
We’ve all seen films and TV shows where millions of dollars were stolen from banks by young, attractive bad boys (who just happen to also be computer experts). While this may occasionally happen, real cyber crime at the consumer level occurs one credit card at a time, one phishing scam at a time, one identity theft at time-and usually by organized criminals.
Cyber crime is a reality. So, question becomes: how do we keep our personal data out of the mix?
Hindsight is 20-20 and, as a result, one of the best ways to learn what to do in the event of a security breach is to learn from the mistakes of others. Below are two examples of hacks we can learn from:
The Epsilon Security Breach
In April, Epsilon, an email marketing company that is responsible for sending out promotional email for large retailers like Sears and Target, was severely hacked. Since Epsilon’s databases don’t store large quantities of consumer credit card information, no real data was stolen except for consumer names and email addresses and the retail stores that those consumers frequented.
Though the Epsilon security breach didn’t allow credit card or other sensitive information to be stolen, this data breach did set up consumers to become the victim of phishing scams. The problem is, that after receiving promotional emails from trusted companies like Sears over many months, loyal customers can be presented with fake emails from places far away (Yugoslavia perhaps) that send them to equally fake websites-without ever noticing they’ve been tricked.
These websites, set up to look just like the real company websites, are designed to con consumers into entering private information — credit card information, for instance. When faced with such deceptive websites, studies show that 1 in 7 consumers fall for a phishing attack.
A tip that every consumer should know: never let yourself be led to a website from a link within an email. If you didn’t enter the site address yourself or pick it from your favorite list, just don’t go there. It could be part of a sophisticated scam.
The Sony Data Breach
The second instructive and most visible breach surrounds Sony and the various times this corporation has been hacked over the past few months. Hackers breached Sony’s data center in late April 2011 and extracted millions of user accounts that contained personal information-including credit card numbers. In the days following the attack, there was a reported auction of 100,000 credit cards, each of which would be used for fraud.
There are two lessons about how not to become a victim that consumers can learn from this breach.
- If you have a credit card in a network that has been breached, cancel it immediately. Canceling a card takes minutes, recovering from credit card fraud or identity theft might take weeks. The potential damage done could affect your credit score for years.
- Another way to protect yourself is to sign-up for a low limit credit card to use when making purchases on the Internet. In this case, if a breach did occur, at worst you’d be out a few hundred dollars but your primary financial world would be intact.
Protecting Your Data
Overall, it is important to think about the information you put in the hands of companies. Only a fraction of the breaches that take place actually get reported. To make matters worse, many companies don’t recognize when they have been breached. Epsilon, for instance, discovered their breach by accident several weeks after the event. The more places you trust your data, the higher the odds you’ll be one of the millions of consumers who become a victim of cyber crime.