August 8, 2007
These NewsBriefs are produced and delivered weekly by
Attainium to keep our friends and clients
current on topics relating to Business Continuity, Disaster Recovery and Crisis Management.
It is said that security is a process, not a product. Even if you have many "tools" to prevent phishing
and identity theft, perhaps your best defense is knowledge about how these could happen to you, your employees,
and/or your organization. As long as valuable customer or individually identifying information is available,
your association or company could be next.
What should you do if confidential information is compromised? (Item #1)
Don't get caught in "phishing" nets! (Item #2)
Preventing identity theft is the only viable course of action, reformed thief says. (Item #3)
Identity theft is on the rise. Is your organization part of the solution
or part of the problem? (Item #4)
Offline identity theft - particularly via the US mail - is more prevalent than online instances…
here are some tips on protecting yourself. (Item #5)
There are alternatives to passwords for greater security. (Item #6)
As always, we look forward to hearing about your concerns
with regards to business continuity. If you have a topic
you'd like to see covered, please email me at
bmellinger@attainium.net
Best Regards,
Bob Mellinger
President
Attainium Corp
Quote of the Week
"There is NO 100% effective method to defend yourself against identity theft."
- Jonathan Kraft -
Articles
1. Information Compromise and the Risk of Identity Theft: Guidance for Your Business
These days, it is almost impossible to be in business and not collect or hold personally identifying
information - names and addresses, Social Security numbers, credit card numbers, or other account
numbers - about your customers, employees, business partners, students, or patients. If this information falls
into the wrong hands, it could put these individuals at risk for identity theft.
http://www.ftc.gov/bcp/edu/pubs/business/idtheft/bus59.shtm
2. Fight "phishers"
The government, police and banks are working together to combat the widespread phishing problem.
But it's difficult to catch the crooks; many are overseas. The spoofed Web sites are active for a short time,
then they disappear. Until this problem is eradicated, here are four steps to protect against the theft of your
own personal information and your company's valuable business data.
http://www.microsoft.com/smallbusiness/resources/technology/security/fight_phishers_4_tips_to_avoid_identity_theft.mspx
3. 14 Tips to Avoid Identity Theft
The real thief of "Catch Me If You Can" offers tips on avoiding identity theft.
http://www.bankrate.com/brm/news/advice/20030124b.asp
4. Prevent theft of your employees' and clients' identity by avoiding these seven common mistakes
Identity theft may be on the rise, but you don't have to make it easy for thieves -- take steps
to protect the personally identifiable information (PII) of your employees and clients. You can start
by avoiding these seven mistakes.
http://articles.techrepublic.com/5100-1009_11-6184718.html
5. Offline Identity Theft
The Internet may help facilitate identity theft, but the crime was around before the Internet existed.
The mail remains one of the weak links in efforts to prevent identity theft.
http://www.insideid.com/idtheft/article.php/11784_3438261_7
6. The Problem with Passwords
One of the reasons phishing attacks have any success at all is that the user name and password scheme we use to protect
our personal information and access to our online accounts is woefully insecure.
http://www.insideid.com/idtheft/article.php/11784_3438261_5#monitor
|
