Introducing: Experian Partner Solutions

In August 2016, Experian took another important step in the transformation of its Consumer Services business by acquiring CSID. As Joe mentioned back in April, the acquisition combines the power of Experian’s Consumer Services products with the proprietary technology and innovation of CSID’s identity protection platform, empowering our partners and paving the way for exciting things to come.

We have reached the point in our post-acquisition integration where the time is right to come together externally as One Experian. As such, CSID and Experian Affinity Services will now be operating as Experian Partner Solutions. Together, we can create opportunities for our partners by enabling them to offer services that engage, retain and monetize customers. We help create better outcomes for consumers by providing comprehensive identity protection technologies and services.

To follow CSID as we embark on our new journey, keep in touch with Experian Partner Solutions on our new website, and follow our blog here.

If you follow us on social, you’ll notice that our pages have gotten a makeover. If you’re not staying in touch with us there already, you can do so on Facebook and Twitter. We’re looking forward to kicking off this amazing journey and continuing to provide innovative credit data and identity management solutions to consumers via our fantastic partners.

By | May 1st, 2017|Company News|0 Comments

Technologies To Up Your Security

CSIDIn our fast-paced, increasingly digital world, more data is being shared and transferred than ever before. As we rely more and more on our digital devices, we must be aware of the risks that come with increased connectivity and take the necessary steps to help keep our information secure.

In the U.S. last year, there were up to 1,000 mobile malware attacks happening every hour. It’s no coincidence that cyber criminals are focusing their efforts and honing their skills on mobile attacks – cyber criminals are aware that mobile devices have become an extension of ourselves and are a high-value target. While you may not be able to make yourself completely immune to attack, there are many technologies and features on your mobile and other devices to help minimize risk.

Technologies to Turn On
Many of the technology features available right at our fingertips can help improve our security. To add an extra layer of protection to your accounts, enable two-factor authentication (2FA) whenever possible. This can take a variety of forms – enabling 2FA on an online banking account, for example, may send an additional code to your phone. If someone discovers your password, they won’t be able to access anything unless they also have your smartphone. 2FA may also take the shape of an additional security question, or entering a unique pin code, before you are able to access your account.

Especially when you’re traveling, it’s worth creating and connecting to a virtual private network (VPN). Wi-Fi options can be limited on vacation, and connecting to public Wi-Fi, which transmits data in cleartext, could allow a remote attacker to identify and extract information. With a VPN, if you need to access sensitive information, your IP address and personal details will remain hidden. VPN connections are encrypted, so even if an attacker captures the traffic, they will only see a handful of indecipherable characters.

While using unique, strong, passwords for your accounts is always recommended, there are additional steps to take to up your security. Strengthen your online accounts by utilizing authentication tools, such as biometrics or security keys, Another technique is to put a PIN lock on your SIM card, which prevents anyone from using your SIM on a different phone. If you were to lose your phone, these all provide an extra layer of security. Invest some time in learning the privacy and password settings of your phone to make sure you’re taking full advantage of these features.

At the rate technology is evolving, it can be difficult to stay on top of threats. Consider enlisting the help of a monitoring service to notify you if something is awry with your monitored personal information. These notifications empower you to respond quickly to a potential identity theft event so that you can minimize your risk.

Technologies to Turn Off
While new technology strives to make our lives easier and more convenient, sometimes having specific features “on” can contribute to a more insecure device. Particularly on our smartphones, there are several settings that may be worth disabling to minimize the risk of attack. For example, consider turning off Wi-Fi and Bluetooth when you’re not using them. If these features are on, they will constantly be searching for networks and devices to connect to in the area. For networks that span wider spaces, your movements could be tracked. Similarly, turning off your phone’s “Location” function will limit others from tracking the location of your phone. Keep in mind that you can always turn this feature back on if you need to use GPS. Turning off the “Location” function will also help with both your social media and SMS messaging because potential criminals won’t be alerted to your whereabouts. You might not think about risks associated with a phone’s geotagging and location functions, but they could be used for malicious purposes.

As cyber criminals continue to target mobile devices, it’s on all of us to ensure we’re taking the necessary steps to improve our security. Do you have a technology feature or best practice that helps you stay secure? Join the conversation – get in touch with us on Facebook, Twitter, or LinkedIn.

 

By | April 25th, 2017|Online Safety|0 Comments

The Latest in PII Values on the Dark Web

CSIDEvery day, cyber criminals of varying skill levels and capabilities buy and sell stolen consumer and business credentials on the dark web. While once perceived to be an inaccessible, mysterious place, the dark web of today is very much within reach. Less technical, younger individuals can access the dark web and participate in underground commerce with just a few clicks.

The dark web now resembles, in many ways, any other commercialized online marketplace. There are banner ads, social media pages, and even user-friendly YouTube tutorials to help guide criminals in their pursuits. Without much effort or technical skill, cyber criminals can access personally identifiable information (PII), popular user accounts, and malware kits to more easily orchestrate attacks.

I’ve enjoyed the opportunity to shed light on these underground marketplaces at conferences like South by Southwest. One exercise I like to run through with attendees is to have them guess the going rate for different pieces of PII. It often shocks people that even high-value information and accounts are selling for cheap across the dark web. For instance, Social Security numbers, email accounts like Gmail and Yahoo, Uber accounts and Netflix accounts being sold on the dark web for around $1.

While it is a somewhat scary reality, consumers and businesses can take steps to significantly reduce the risk that their information ends up on the dark web. By creating long, strong, and unique passwords across accounts, taking advantage of software updates as they are available across all devices, and enlisting the help of a third-party monitoring service, consumers and businesses can stay one step ahead of these growing threats.

Does the price of PII surprise you? Join the conversation on Facebook, Twitter, or LinkedIn.

 

By | April 17th, 2017|The Dark Web|0 Comments

Privacy Settings for Your Favorite Browsers

CSIDAccording to a recent report from Pew Research, 88 percent of adults use the Internet. The way we access it varies – some use a computer, others a smartphone or tablet – but the fact remains that there are security vulnerabilities on any device.

There are steps you can take to keep your devices secure, but did you know there are also privacy and security settings you can enable on the browsers you use every day? Here are some quick and easy ways to minimize your risk of a cyber threat when using popular web browsers.

Google Chrome
Google Chrome in particular sends a large amount of data to Google’s servers. By default, your browser data is automatically synced to your Google account. You can view and change these sync options by clicking Menu -> Settings. Select “Disconnect your Google Account” to surf the web without associating a Google account to your browsing. Alternatively, you can click “Advanced sync settings” to only sync specific types of data. Chrome synchronizes a large amount of data, from installed apps and extensions to bookmarks, browsing history and saved credit cards. The checkbox “Encrypt all synced data with your own sync passphrase” will encrypt your data across Google’s servers. To do this, you’ll just need to establish a distinct sync passphrase and enter it into Chrome on all your devices.

You may already know about opening up incognito windows on Chrome, but there’s a host of additional privacy settings you can enable. On Chrome’s Settings page, click the “Privacy” section. There are features that help protect you and your device from dangerous sites and use a prediction service to help complete searches and URLs typed in the address bar. You’ve probably seen this when you start typing in a search and Google offers you several choices to finish the phrase.

Within the Privacy screen, you can click “Content Settings” to control what websites are able to do within Chrome. This primarily revolves around the use of cookies, which are used to save preferences on the web, such as login information. Clicking “Keep local data only until you quit your browser” will automatically clear cookies whenever you close your browser. You can also “Block third-party cookies and site data,” which will only keep cookies from the website you’re visiting. This will prevent cookies that are used for advertising or other purposes from being tracked. For more on Google Chrome security, check out Google’s Privacy Notice.

Mozilla Firefox
Of all the browsers, some argue Firefox is one of the strongest for private browsing. In the “Privacy” tab, you have a pair of Tracking options: “Request that Sites Not Track You” and “Use Tracking Protection in Private Windows.” The former will have Firefox request that every website you visit not track you – though some websites can and will still do so – and the latter will block advertisements and online trackers when you’re in private browsing mode. Under the “History” section, you can fiddle with your settings. Our recommendation is to only keep cookies until “I close Firefox” and to “Clear history when Firefox closes” but you can adjust accordingly.

Similar to Chrome, Firefox allows you to select what you share with Mozilla. You can access this within the Settings menu (Advanced -> Data Choices). Finally, in the Preferences tab you can click “Search” to choose your default search engine.

Safari
Safari has similar options to block cookies and enable incognito/private browsing, so we’ll highlight something that’s unique to Apple devices – excluding your browsing history from Spotlight Search. In your Settings app, go to General -> Spotlight Search, and toggle the switch for Safari. This prevents others from seeing what you’ve visited on your device. Additionally, you can turn off “Search Engine Suggestions” and “Safari Suggestions” to avoid Apple collecting your search queries, location, and other usage data. This same screen (accessed via Settings -> Safari) allows you to set your search engine from a choice of Google, Yahoo, Bing, or DuckDuckGo.

Whether you’re using the Internet on your desktop computer, a laptop, or a smart device, it’s a good idea to make sure you’re making the most of the privacy settings on your favorite browser. It will only take a few minutes and could help you stay more secure. Have some good tips of your own? Join the conversation – get in touch with us on Facebook, Twitter, or LinkedIn.

 

By | April 7th, 2017|Online Safety|0 Comments

Protecting Yourself Against Tax Identity Theft

CSIDEvery year, tax season gives way to a fresh wave of identity theft-related crimes that affect millions of Americans. In 2015, the U.S. Federal Trade Commission tracked a whopping 47% increase in identity theft complaints. Tax refund fraud was a major contributor to this spike, with FTC Chairwoman Edith Ramirez naming tax refund fraud as the “largest and fastest growing ID theft category” tracked by the commission.

Tax-related identity theft crimes involve thieves using stolen Social Security numbers to file tax returns and cash in on refunds. Tax identity theft victims usually discover the crime when their returns are rejected because scammers have already filed. It’s important to note that even those who are not required to file a return can also fall victim to return fraud. Similarly, even if you’re not owed a refund from the IRS, you are also at risk for these crimes.

Although the IRS reported that their public-private partnership crackdown efforts have helped prevent millions of dollars in fraudulent reports in 2016, there are steps that individuals should take to help reduce the likelihood of tax identity theft:

  • File early: The best way to avoid falling victim to tax identity fraud is filing your state and federal taxes as soon as filing season begins. This usually falls on the second or third week in January.
  • Watch out for tax documents in the mail: Usually, employers and banks will send hard copies of tax documents in the mail, noting “tax documents enclosed” on the envelope. This is an easy target for identity thieves, but can be avoided by having your mail delivered to a mailbox that locks, a P.O. box, or by simply checking your mail frequently.
  • Safeguard your Social Security number: Any vulnerability to your SSN can result in fraudulent tax crime. Some best practices for protecting your SSN are shredding documents that include the number, only sharing on secure documents when required, and keeping your Social Security card in a safe place. If you believe your SSN is at risk, there are monitoring services available that will alert you if a fraudulent name or address has used it.
  • Beware of phishing scams: The IRS saw a 400% increase in phishing and malware incidents in the 2016 tax season. These scams, conducted via email or telephone, are disguised as official communications from the IRS, tax software companies, and other tax companies. The scammers ask for personally identifiable information like SSNs. The IRS does not initiate contact with taxpayers by email, text messages, or social media to request personal or financial information. If you encounter a phishing scam, report it to the IRS.
  • Request a free copy of your credit report annually: Consumers are legally entitled to a free copy of their credit report from each of the major bureaus every year, which include Experian, Equifax, and TransUnion. Proactively disputing unauthorized or suspicious activity is one way to get ahead of potential identity theft. The three national credit reporting companies created a central location for ordering credit reports, which you can do by visiting com or by calling 1-877-322-8228.
  • Data breaches and your taxes: If you’ve fallen victim to a data breach where your SSN was compromised, it’s likely that this information could be used to file a fraudulent tax return. The FTC recommends that data breach victims notify one of the three major credit bureaus to place a free fraud alert on credit files. Another recommended step is a credit freeze, which prevents access to credit records. In some cases, the IRS may contact breach victims to inform them of tax-related identity theft or if an e-file tax return was rejected as a duplicate. In these instances, submit IRS Form 14039 (see below), and continue to file your tax return.

Victims of tax-related identity theft should respond immediately to notices from the IRS that indicate fraudulent tax activity. You can contact the IRS Identity Protection Specialized Unit to report fraud at 1-800-908-4490. It’s also worth filing a police report or an IRS ID Theft Affidavit Form 14039, along with proof of your identity like your Social Security card. Record the dates you made calls and keep any copies of letters you sent, along with all tax documents and IRS notices.

Proactivity is key when combating any instance of identity theft. If you’ve experienced tax identity theft and want to share any lessons learned, join the conversation on Facebook, Twitter, and LinkedIn.

By | March 7th, 2017|Identity Protection|0 Comments

CSID at SXSW 2017

CSIDEvery year, hundreds of thousands of people come to Austin to attend South by Southwest. This technology, film, and music conference and festival brings together some of the brightest minds in innovation from around the world. We’re looking forward to another opportunity to weigh in to the conversation and will be participating in a range of security-focused sessions at this year’s event, which kicks off March 10.

CSID will be hosting a workshop and a solo session at the conference to share our expertise on two topics that have become increasingly prevalent in today’s cybersecurity climate. CSID’s very own Joel Lang will be co-hosting a breach response workshop and giving participants the hands-on opportunity to learn best practices in risk mitigation and breach response through a live simulation. This interactive workshop will take place at 9:30am on March 11 at the Westin Austin Downtown in Continental 2. Don’t forget to RSVP to this workshop. To RSVP, you must sign into your SXSW account and have your badge linked to your account on social.

Additionally, our Chief Innovation Officer, Adam Tyler, will be speaking about the new face of cyber crime, showcasing through a live demonstration how younger individuals get involved in cyber crime, and how consumers can help defend against growing threats. You can catch Adam’s session at 3:30pm on March 15 at the JW Marriott in Salon 7.

If you’re attending SXSW, we’d love to see you at our sessions. Check out some of our other top picks below that are sure to offer unique insights into the latest threats and opportunities in the security landscape. Unable to attend this year’s conference? You can join the conversation at @csidentity where we’ll be on-site and live tweeting from our panels and other sessions throughout SXSW.

The Future of You: Identity Tomorrow
Saturday, March 11, 11:00 am, JW Marriott, Salon 8
In the future, your digital ID may replace all your current forms of identification. These ID experts discuss the current state of web identity from business to consumer, and dig into the important advancements that are being made to build your future identity. Who will own your ID in the future? Why will it become so important for your future digital existence? Is the future of ID centralized and managed by governments, or distributed and trust-less like block chain? What do you need to know to protect yourself in this new digital Domain?

A New Normal: User Security in an Insecure World
Monday, March 13, 3:30 pm, JW Marriott, Salon D
Online security is becoming a game of Whack-a-Mole, where one threat is contained while another emerges; where a credential dump of millions of users is yet another note in a chorus of breaches. Today, complete security is somewhat of a pipe dream. Given this new normal, how do we keep our information as secure as possible? This diverse panel will navigate the evolving challenges to online security and question conventional wisdom around security across industry and sector–to understand the economics of a seemingly chaotic online world and to illuminate unexpected trends.

Connected Cities, Hackable Streets
Tuesday, March 14, 12:30 pm, JW Marriott, Salon 6
In cities around the world, street lights, public transit systems, and electric meters are already connected to the Internet. Soon, smartphone controlled, self-driving cars will roam cities and every part of the urban fabric could be Wi-Fi enabled. While tomorrow’s smart cities will usher in efficiencies and convenience, they’ll also bring about security threats and vulnerabilities. Hackers have already demonstrated they can remotely take over cars and switch off traffic lights. So, how can urban planners and engineers build cities of the future that are resilient enough to guard against cunning criminal hackers who may want to bring Singapore or San Francisco to a grinding halt?

Biotechnology Needs a Security Update
Wednesday, March 15, 12:30 pm, JW Marriott, Salon 6
Great leaps forward in biotechnology have made the IT-based manipulation of life increasingly easy. To many, biotech offers unparalleled opportunities to reshape our world and ourselves. To others, it poses significant threats. As human systems are better understood and life becomes more programmable with CRISPR and other technologies, governments need to prepare for a new age of biosecurity. Join experts from industry, FBI, and academia who work with hackers, sociologists and politicians to tackle the security challenges of the emerging bioeconomy. Explore real opportunities and threat profiles of modern and future biotech, and why life on earth may soon need a security update.

SXSW 2017 is sure to be full of enlightening conversations and ideas. In our new Firewall Chats bonus episode, we take a deep dive into a handful of SXSW sessions and their application in the current cybersecurity landscape. As always, feel free to join the conversation on Facebook, Twitter, or LinkedIn.

By | February 24th, 2017|Uncategorized|0 Comments

Introducing Family Account Management

CSIDWe’re excited to announce Family Account Management: a new feature available for our partners that makes it easy for their subscribers to extend identity protection services to family and friends.

Family Account Management allows our partners to offer quick and easy enrollment, enabling new subscribers to opt in to a family plan by inputting family or friends’ email addresses within their portal. Subscribers can invite anyone of the age of 18 to join. Every family has different security needs and preferences. This feature offers plan options that can be configured to match the primary subscriber’s current enrolled services, or customized to include a set of services that best suits each family’s needs.

The Consumer Sentinel Network, a division of the Federal Trade Commission, reported over 1.2 million fraud-related complaints in 2015. With identity fraud on the rise, we need to be more vigilant than ever before and take steps to improve our own security and the security of our loved ones. We all have unique identity elements, including birthday, email address, and Social Security number, and monitoring one person’s identity elements won’t minimize risk for other family members. That’s why Family Account Management is so important, allowing subscribers to extend coverage for what matters most – family.

“Families are more connected than ever before, but with more ways to stay connected, there are new threats putting families at risk of identity theft,” said Joe Ross, CSID President and Co-Founder. “With Family Account Management, businesses can provide their subscribers with an easy and convenient way to extend identity protection services to their loved ones.”

For more information on Family Account Management, visit our Marketing Support page and stay up to date with all CSID news on FacebookTwitter and LinkedIn.

By | February 10th, 2017|Product News|0 Comments

Tips for Staying Secure on Social Media

CSIDWe recently celebrated Data Privacy Day, where industry leaders and experts shared security insights to help businesses and individuals protect themselves from cybercrime. Social media was a big focus throughout the day; in fact, Twitter celebrated by live streaming from its headquarters, hosting panels with some of the top minds in the industry. As social media continues to become more popular, there are new cybersecurity concerns to consider. Information that is shared on social media can be used to access other, more sensitive accounts – especially if that information is the answer to a password reset question, such as the name of a first pet or favorite teacher. Individuals and businesses alike can take basic precautions to minimize the risk of their information becoming compromised.

Social media networks are doing their part to keep their users’ information secure. Facebook just announced its updated “Privacy Basics” tool, which makes it easier for people to find the tools that control how their information is shared on Facebook. Twitter also updated their safety policy at the end of last year, allowing users to mute or report abusive or hateful content, even allowing bystanders to step in to report questionable content.

While we love seeing social media platforms upping their security, the responsibility ultimately falls on the individual to check out the privacy settings offered across platforms and use caution when sharing information. Here are a few tips and best practices to consider:

  • Facebook offers a Privacy Checkup, which walks users through their settings. The checkup reviews who can see your posts, which apps you’re using, and the privacy of critical pieces of information on your profile.
  • Turn on two-factor authentication. Many networks, including Facebook and Twitter, offer the option to have a security code sent to your phone whenever you log in from a new device. It’s a quick, convenient extra measure of security.
  • If you go on vacation, it’s tempting to share photos of your experiences as they happen. However, it’s best to wait until you’re back home to post. Otherwise, you’re alerting a potential cyber criminal to the fact that you’re away. An empty house is a much more attractive target for a thief.
  • While you’re at it, it’s worth turning off the geotagging feature of your networks. When you’re posting, there’s an option to share your location. Make sure that icon is unchecked, or people will know exactly where you are when you post. If you’re at home, they now have your address. If you’re out and about, they now know your home is unoccupied.
  • Keep your social media bios free of personally identifiable information. You can also remove the year from your birthday, and refrain from sharing other information like your mother’s maiden name or high school mascot, since they often serve as password reset questions to your online accounts.
  • When your favorite social media app offers an update, do this as soon as possible. Many updates fix bugs and potential vulnerabilities, so it’s worth taking the time to do it, even if it means waiting a few minutes before being able to log in.

What other tips do you have for staying secure on social media? Join the conversation on Facebook, Twitter, or LinkedIn.

By | February 2nd, 2017|Online Safety|0 Comments

Secure Your Information for Data Privacy Day

CSIDOn January 28, cybersecurity experts around the world will recognize Data Privacy Day. With efforts led by the National Cyber Security Alliance, Data Privacy Day invites industry leaders and experts to share security insights that can help safeguard businesses and individuals from cybercrime. CSID is proud to be a registered champion of the international event.

On Thursday, Data Privacy Day was celebrated with a daylong event featuring TED-style talks, interviews and tips for staying secure. The National Cyber Security Alliance traveled to Twitter’s San Francisco headquarters, where consumers and businesses were able to watch and engage in real-time through social media.

Practicing secure habits at home and in the workplace can and should happen every day. Here are some of our top tips:

At Work:

  • Create a culture of cybersecurity by discussing threats and best practices with all employees.
  • Develop a “Bring Your Own Device” policy for your company. Be sure to include insights and standards from your IT department, risk management, and legal counsel.
  • Require your employees to create long, strong, and unique passwords. Encourage employees to take advantage of two-factor authentication wherever possible.
  • Require your employees to update their software on devices whenever prompted to help address security vulnerabilities.
  • Be mindful of how you collect, use, and store employee and consumer information.
  • Carefully vet partners and third-party vendors to see how they manage data.

At Home:

  • Discuss security and privacy habits with your family. It’s never too early (or late) to create an ongoing conversation about best practices.
  • Talk to your family about which types of information should be kept private, both online and in-person.
  • As a family, create strong passwords, especially for social media accounts.
  • Discuss how spam and scams can appear through email and private messages. Avoid clicking on links if a message seems suspicious or you do not know the sender.
  • Familiarize yourself with your child’s gadgets and apps. Understand the data collected and consider the privacy settings on each device. Always opt for the strictest security settings to help keep your – and your child’s – information safe.
  • Talk about the permanence of posting to social media, as well as manners and cyberbullying.

How will you celebrate Data Privacy Day? Share your experience with us on our social media — Facebook, Twitter and LinkedIn. For more information around Data Privacy Day, please visit stopthinkconnect.org.

 

 

 

 

 

 

By | January 26th, 2017|Online Safety|0 Comments

Small Businesses Will Remain a Target in 2017

CSIDAs we enter 2017, small businesses remain a prime target for hackers and criminal schemes. Last year, countless headlines reported on nationwide DDoS attacks, complex ransomware, and repeated hacks. These attacks, as well as phishing attempts, malware, and even simple human error, can compromise a thriving business – regardless of its size.

In our own survey, we found that while the majority (58 percent) of small businesses know to be vigilant and proactive about cyber attacks, most are not taking proactive measures to combat these threats. These companies are also not allocating budgets for risk mitigation and response services. The reason is surprising. Of the companies we surveyed, 51 percent were not aware that they were storing at-risk data, although many were collecting email addresses, billing addresses, Social Security numbers, and credit/debit card numbers. This data, belonging to customers and employees, can be easily compromised by malicious activity.

Last year, to help businesses of all sizes and stages protect their sensitive information, we launched our white-labeled Small Business Monitoring product. This service includes two features: Defense and Restoration.

To help defend against threats, our proprietary dark web surveillance technology, CyberAgent, monitors for compromised business information and alerts the business if we find a match to employee credentials, company URLs and domains. If compromised, users will have access to our CSID specialists who can assist with restoration for a wide range of identity theft types. Our case workers are CITRMS, FCRA, and FACTA certified.

This year, take action to help keep your business, employees, and customers safe from cyber threats. To learn more about our small business product, visit csid.com/sb.

To stay up to date with all CSID news, be sure to follow us on Facebook, Twitter and LinkedIn.

By | January 20th, 2017|Business Security|0 Comments
Load More Posts