Loyalty Rewards Programs: A New Cybercrime?

By | November 13th, 2014|Uncategorized|

Rewards PointsCyber criminals are getting creative. We constantly hear about hackers stealing credit card numbers and even Twitter handles. Now, they have also added your loyalty rewards points to their list.

Brian Krebs wrote an excellent article highlighting a few of interesting cases where victims had rewards points stolen.

One victim reported that he had about 250,000 Hilton Honors points stolen from his account. These points were used to reserve a number of Hilton hotel rooms, and then the criminals continued to purchase additional points with the corporate credit card associated with the account.

Experts are also starting to see rewards points being sold in the online black market for a fraction of their worth. For instance, a hacker might sell points worth $1,200 in hotel reservations for $12.

So what does this mean for you? It is unlikely that stolen rewards points are going to overtake trends like mobile malware or medical identity theft as the “next big thing” to worry about. That said, we always recommend keeping up-to-date with the latest security trends and being proactive about protecting your identity and online accounts.

Some proactive actions you can take now:

  • Keep an eye on your bank accounts and credit reports as usual. Stolen rewards points may actually be one small piece of a larger puzzle when it comes to identity theft.
  • Avoid saving credit card information on websites with rewards programs, such as your favorite hotel, airline or retail site.
  • Use a secure, unique password for loyalty program sites. Don’t reuse passwords.
  • As a retailer or company that offers reward points, institute a CAPTCHA system to protect against hacking bots and scripts.

What are your thoughts on stolen rewards points? Is this something that concerns you? As always, join the conversation on Twitter, Facebook or LinkedIn.

Top 5 Tips to Keep You – and Your Belongings – Safe While Traveling

By | June 26th, 2014|Uncategorized|

Passport_062614Summer is here and that means it’s travel season. What most people don’t think about when planning their vacation is how to keep their identity, PII and financial information secure while they’re away. Cyber criminals and identity thieves are opportunistic and will be on the lookout this summer to strike while the iron is hot. Make sure to protect your personal assets by considering these five security tips while vacationing this summer:

Be wary of travel sites and deals. When you’re planning a trip, be extra cautious of how and where you book your hotel and flights. Watch out for email phishing scams in your inbox with enticing flight deals and malvertisements, online advertisements that are malicious once you click on them, for exotic travel accommodations. Use trusted, well-established websites to book your travel.

Leave PII documents at home. If you’re traveling abroad, bring your passport and driver’s license. The extra documentation, like your social security card and birth certificate, should remain at home to avoid loss or theft. The less information you have with you, the less likely you are to forget it in a hotel room, on a flight or in another insecure area.

Never hook up to free Wi-Fi. With man-in-the-middle attacks becoming more and more common, there’s never a good reason to connect to free Wi-Fi in a café, airport or elsewhere. Turn off the auto-connect to Wi-Fi feature on your mobile device so your device does not link up to an insecure network without you knowing. A great alternative is to use a free VPN app, like TunnelBear, to connect to a secure network.

Do not access personal websites in a public setting. Cyber criminals can use technology to track your keystrokes and steal your password information. When you’re in public, avoid visiting websites that host sensitive information and that require a personal login.

Post pictures to social sites after your vacation. While it can be tempting to brag about your vacation on social media sites while it is happening, wait until you get home. Criminals may be on the lookout for vacation photos or other social media posts to confirm when a person is not at home. They then can take advantage of this information to break into your home, as the theft may go unnoticed while you are away.

Do you have any steadfast security rules you follow before heading out on vacation? Let us know on Facebook, Twitter or LinkedIn!

News Recap: PayPal Hack Reminds Us To Travel Securely

By | February 14th, 2014|Uncategorized|

PassportThis week, PayPal CEO David Marcus had his credit information swiped while traveling abroad in the UK. Marcus tweeted, “My card (with EMV chip) got skimmed while in the UK. Ton of fraudulent txns. Wouldn’t have happened if merchant accepted PayPal…” Ashley Feinberg of Gizmodo reported, “When you own a company specializing in online payments, the constant threat of hackers and phishing schemes is an inescapable part of the job description.”

While this may be true, identity theft can happen to anyone – especially while traveling. Check out our past blog post for a few of our top tips to help you travel secure.

Update everything before traveling
Make sure all of your devices are up to date on the latest software prior to going on your trip, as updating while traveling (on hotel or public Wi-Fi for instance) can increase your chances of downloading malware.

Enroll in ID & Data Breach Protection Plans
Enroll yourself in an identity protection program to ensure that you’re covered in the case that your identity is stolen while traveling. Also, encourage your company to invest in data breach and fraud detection solutions to provide an extra layer of protection for important data, traveling or not.

Don’t use public Wi-Fi at the airport
Never connect to an unsecured Wi-Fi network on your laptop or mobile device. Connecting to “Free Public Wi-Fi” at the airport or other public place enables cyber criminals to capture your Internet history tracking data, aka “cookies,” and access your email and social networking accounts. Use a VPN (virtual private network) and/or stay on your 3G or 4G connection to remain secure.

Keep your mobile device locked
Password-protect your phone in case it is lost or stolen. This can prevent, or at least delay, identity thieves from accessing sensitive apps and data. For extra protection, you can download the “Find My Phone” app for iOS or “Where’s My Droid” app for Android that enables you to remotely wipe your SD card and phone data.

Check your bank account activity intermittently
Make sure there’s no fraudulent activity occurring during your trip – and after. Keep an eye on your bank account for several weeks after returning from a trip; identity thieves are patient and will likely use your information after you return home.

Have you experienced identity theft while traveling? What tips would you suggest to keep yourself or others secure? Have you heard any updates on Marcus’ news? Let us know what you think on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

Load More Posts