Consumers should clean up their act on personal security

**Glaswegian** · 10-21-2009, 01:33 PM

The growing use of social networking sites is leaving PC inadvertently open to identity thieves warned Hugh Thompson, chief security strategist at People Security.

Speaking at the RSA Europe Conference, Thompson said that people were unaware just how many clues they left for fraudsters. He said such carelessness was fuelling the rise of cybercrime. He told the conference about the way he managed to access one of his wife's friend's bank account in a couple of hours using publicly available data - a process that he had previously documented in a Scientific American article. He warned that most people's private accounts could be accessed in this way.

He identified three types of ways in which public data could be misused: direct use, where public data is converted; and what he called "amplification gateway data" where public data is converted to private data by using additional data. "For example," said Thompson, "fraudsters using the first four numbers of a credit card number to extract the remaining numbers."

The third technique was drawing on collective intelligence and correlating publicly available information, as an example, he cited the appearance of 10 senior executives all seeking recommendations on LinkedIn at the same time - "if you see one manager, that tells you that someone's job-hunting, 10 tells you something about the company - perhaps it's in trouble, perhaps there's going to be a takeover".

http://news.techworld.com/security/3...urity/?olo=rss

10-21-2009, 01:33 PM	#1 (permalink)
Glaswegian Moderator/ Rangemaster TSF Academy; Analyst, Security Team; Oor Wullie; TSF Surgeon and Resident Comic Join Date: Sep 2005 Location: Glasgow Posts: 25,528 OS: Win XP Pro SP3 / Win 7 Pro My System Blog Entries: 10	Consumers should clean up their act on personal security The growing use of social networking sites is leaving PC inadvertently open to identity thieves warned Hugh Thompson, chief security strategist at People Security. Speaking at the RSA Europe Conference, Thompson said that people were unaware just how many clues they left for fraudsters. He said such carelessness was fuelling the rise of cybercrime. He told the conference about the way he managed to access one of his wife's friend's bank account in a couple of hours using publicly available data - a process that he had previously documented in a Scientific American article. He warned that most people's private accounts could be accessed in this way. He identified three types of ways in which public data could be misused: direct use, where public data is converted; and what he called "amplification gateway data" where public data is converted to private data by using additional data. "For example," said Thompson, "fraudsters using the first four numbers of a credit card number to extract the remaining numbers." The third technique was drawing on collective intelligence and correlating publicly available information, as an example, he cited the appearance of 10 senior executives all seeking recommendations on LinkedIn at the same time - "if you see one manager, that tells you that someone's job-hunting, 10 tells you something about the company - perhaps it's in trouble, perhaps there's going to be a takeover". http://news.techworld.com/security/3...urity/?olo=rss __________________ Iain - Defender of the Haggis and all things Scottish. I don't help by PM - post in the Forums. PC Safety & Security::PC running a bit slow?::Donate::Photographers Corner