MyCRA Specialist Credit Repair Lawyers

Tag: hacks

  • Gamers: cheating could cost you your credit rating

    If you or someone in your family is a gamer, then you would be familiar with gamershacks. Hacks and cheats are designed to give a gamer help with a game by allowing them to download useable software for assistance. But security company, AVG says downloading hacks could open up a can of worms not only for the gamer, but for anyone else that uses the computer, because you have probably also just downloaded Malware. We look at how this occurs, what Malware does and what the risks are for your personal information and  your credit file.

    By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au

    Antivirus vendor AVG has issued a warning to gamers following research which suggests that more than 90 per cent of ‘hacks’ available online contain some form of malware or malicious code.

    Hacks and cheats are commonly incorporated into games; however, the sheer popularity of online multiplayer games has made gamers prime targets for cybercriminals.

    “The research suggests more than 90 per cent of hacks, cracks, patches, cheats, key generators, trainers and other downloadable game tools contain malware or executable code.

    These hacks are commonly delivered via unregulated torrents and file sharing sites, an easy vector for malware.

    Malware inadvertently downloaded with hacks can give attackers easy access to your online gaming account as well as other sensitive information such as online banking details, personal data and passwords for other online services,” Stay Smart Online recently advised.

    They advise gamers to only download patches from the game’s official site, and to avoid any unofficial software. They also recommend:

    Always be suspicious of any files downloaded from torrents and file sharing websites.

    Ensure you always have up-to-date security software installed on your computer.

    Use unique account logon and password information for each of your online gaming accounts (and every other online service you use).

    What is ‘malware’?

    Malware— is short for ‘malicious software’. It is a type of malicious code or program that is used for monitoring and collecting your personal information (spyware) or disrupting or damaging your computer (viruses and worms). Stay Smart Online explains in more detail:

    Spyware

    The term spyware is typically used to refer to programs that collect various types of personal information or that interfere with control of your computer in other ways, such as installing additional software or redirecting web browser activity.

    Examples of spyware include:

    Keyloggers  

    A keylogger is a program that logs every keystroke you make and then sends that information, including things like passwords, bank account numbers, and credit card numbers, to whomever is spying on you.

    Trojans

    A Trojan may damage your system and it may also install a ‘backdoor’ through which to send your personal information to another computer.

    Viruses and worms

    Viruses and worms typically self-replicate and can hijack your system. These types of malware can then be used to send out spam or perform other malicious activities and you may not even know it.  Both can use up essential system resources, which may lead to your computer freezing or crashing.  Viruses and worms often use shared files and email address books to spread to other computers.

    malwareMalware and your credit file

    If fraudsters can get their hands on your personal information they can steal passwords to not only the gaming site, but also to the bank or credit accounts of anyone who uses that computer.

    They can also create a patchwork quilt of information that can allow them to eventually have enough on you to request duplicate identity documents (identity theft), and apply for credit in your name (identity fraud).

    Running up credit all over town, perhaps buying and selling goods in your name, or in some cases mortgaging properties –you may have a stack of credit defaults against your name by the end of their ordeal – and sometimes no proof it wasn’t you that didn’t initiate the credit in the first place.

    Recovery can be slow, and in some cases you may have no way to prove you weren’t responsible for the debt – with fraudsters leaving no trail and the actual identity theft happening long before the fraud took place.

    Who might be most at risk?

    Gamers often aren’t worried about risks to their personal information as they are often young people who consider they don’t have much to lose, when in fact they do. Firstly, if Malware is downloaded – it puts the entire family at risk. But secondly, a young person is just as vulnerable as anyone to exploitation. There have been reports of crooks harvesting the personal information of young people and storing it until the victim turn 18. Australian Police have issued warnings on the issue of data warehousing in relation to Facebook in the past, but fraudsters won’t be fussy about where they get it from. It all has a lucrative price on the ‘black market’ of personal information.

    For more help with teaching kids and young people about online risks, go to the Stay Smart Online website http://www.staysmartonline.gov.au/kids_and_teens.

    Visit our main website www.mycra.com.au for more information on identity theft and your credit file.

    Image 1: Arvind Balaraman/ www.FreeDigitalPhotos.net

    Image 2: Salvatore Vuono/ www.FreeDigitalPhotos.net

  • Personal information…the gateway to identity theft

    Hackers access databases searching for personal information that can be extracted and misused or traded to fraudsters for purposes of identity theft. We look at how your identity and ultimately your clean credit file can be put at risk. By GRAHAM DOESSEL.

    It’s Saturday night in Las Vegas. Thousands of pairs of shoes sit neatly in boxes on warehouse shelves in the dark. The store’s customers and staff are at home enjoying their evening. In the credit information office, the lights are off, the filing has been done. But in the dark, thousands of the store’s computers are being remotely accessed by hackers.

    The personal information of the shoe store’s customers is likely being transferred. It is likely this information will now be sold on the black market to fraudsters. This information could now be used to further attack those unsuspecting customers. Those customers could now be a target for identity theft and receive phishing emails in order to get further information from victims, including the credit card number.

    This may have been how the saga transpired for shoe company, Zappo.com on the weekend. In a story from the Sydney Morning Herald this morning it was reported that on Sunday Amazon.com owned shoe retailer Zappos.com announced it was hacked. Hackers broke into the credit card database. Up to 24 million of its customers’ personal information may have been accessed. The company said customers’ credit card information was not stolen, but names, phone numbers, email addresses, billing and shipping addresses, along with the last four digits from credit cards and more may have been accessed in the attack.

    Here is an excerpt from that story, titled ‘Zappo’s customers details walk out the door’:

    It is not yet known how hackers gained access to the database or if a zero day exploit was used, but a security expert said it is likely customer data will now be sold in the cyber underground.

    Robert Siciliano, a McAfee consultant and identity theft expert, told Mashable he expects whoever hacked Zappos’s site to now sell the data to people who run phishing scams.

    “They’ll sell it 10,000 accounts at a time, short money, like $100,” he said adding there is enough information for a hacker to approach affected users as either Zappos or the credit card company and then ask them for more data — the classic phishing scam — which might be supplemented with a voicemail “vishing” attack as well, Mashable reported.

    Zappos said it was contacting customers by email and urging them to change their passwords.

    Las Vegas-based Zappos said the hackers gained access to its internal network and systems through one of the company’s servers in Kentucky.

    And in the news last week, we get an insight in to the type of crime ring that hackers may sell this information to. AFP report titled ’50 held in Puerto-Rico based identity ring’.

    The U.S. Justice Department announced late last week it has charged 50 people with conspiracy in a scheme to acquire personal identification information on US citizens in Puerto Rico and then sell it through fraudulent documents.

    Typically, the documents consisted of forged Social Security cards and birth certificates. They were sold for prices ranging between $700 and $2,500.
    The documents were sold from April 2009 until December 2011 to buyers throughout the United States.

    “The alleged conspiracy stretched across the United States and Puerto Rico, using suppliers, identity brokers and mail and money runners to fill and deliver orders for the personal identifying information and government-issued identity documents of Puerto Rican US citizens,” said Assistant Attorney General Lanny Breuer in a statement.
    The indictment alleges that identity brokers ordered the forged documents for their customers from Puerto Rican suppliers by making coded telephone calls.
    They would refer to “shirts,” “uniforms” or “clothes” as codes for various kinds of identity documents.
    “Skirts” meant female customers and “pants” meant male customers who needed documents in various “sizes,” which referred to the ages of the identities sought by the customers.

    Payment was made through money transfers while the documents were sent by mail.

    Some of the persons receiving the forged documents used them to obtain drivers licenses, US passports and visas, the Justice Department reported. Others are accused of using the documents to commit financial fraud.

    Sure this crime went on in the U.S. but it couldn’t happen here – could it?

    Well, to begin with – how many Australians have credit card details registered with Amazon, for example? We might live on an island, but U.S. crime can always reach our shores via the internet. Just look at the Sony PlayStation saga as a specific incident of how our details are not immune to theft on overseas shores.

    With identity theft being the fastest growing crime in Australia – it seems criminals here will be hot on the heels of the U.S. with newer, better, more sophisticated ways to get something for nothing.

    Interestingly, many hacks are actually not instigated to commit identity theft, but are statements to different industry bodies. For example the recent Robin Hood-style hacking of Texas security analysis company, Stratfor on Christmas Eve. Hackers obtained thousands of credit card numbers and other personal information from the firm’s clients and started making payments to several charities.

    “The assault was believed to have been orchestrated by a branch of the loosely affiliated hacker group called Anti-Sec and appeared to be inspired by anger at the imprisonment of Bradley Manning, the US army private accused of leaking US government files to WikiLeaks. An online statement from the group said the attack would stop if Manning was given ”a holiday feast … at a fancy restaurant of his choosing”,” the Brisbane Times reports.

    MP Malcolm Turnball and billionare businessman David Smorgon were amongst the victims who had relatively small amounts extracted from their credit card and donated to charities such as Save the Children, Red Cross and CARE.

    But for those hackers whose main aim is to extract details from databases and onsell them to fraudsters – we should all be very wary. And unfortunately, there is always that element of doubt about the security of our personal information in company databases.

    A leading fraud expert made this suggestion for online credit card use:

    In a story the Courier Mail featured in October last year, titled ‘Queensland Police Fraud chief Brian Hay calls for banks to bring in credit cards that can only be used in Australia to stop cyber-crime’, Det. Supt. Hay made some valid suggestions about how Australians can protect themselves from this type of fraud. One included for shoppers to have a credit card specifically for online purchases with a small credit limit. This is good advice to follow to prevent having large amounts extracted from credit cards if the companies with those details are ever hacked.

    Unfortuanately, it doesn’t stop identity thieves ‘phishing’ for further information on their victim for purposes of full-blown identity theft.

    If credit is taken out by fraudsters in the victim’s name, they can end up with defaults on their credit file – and this is not easy to recover from. First the victim has to prove they didn’t initiate the credit themselves. This would require documentary evidence and Police reports. But the identity theft victim would be virtually banned from obtaining credit until they are able to wade through the mess that has been created for them on their credit report, and clear their good name.
    For help with credit repair following identity theft, contact MyCRA Credit Repairs on 1300 667 218 or visit our main website www.mycra.com.au.

    Image: Danilo Rizzuti / FreeDigitalphotos.net