ThreatMetrix Digital Identity Network — World’s Largest — Unveiled at RSA

Posted on April 20th, 2015 by Dan Rampe

Standard-Header-AF

Leveraging Global Shared Intelligence, the ThreatMetrix Digital Network Protects Customer IDs Online

Now being showcased at the RSA Conference in San Francisco (April 20-24) is the ThreatMetrix Digital Identity Network. As the world’s largest, the ThreatMetrix Digital Identity Network advances identity protection through a persona-based profile that safeguards consumers’ information, protects businesses against fraud and creates a strong digital assessment on a truly global basis.

All aspects of a person’s online devices and behavior in one unique digital identity

Including email addresses, geo-locations, devices and both personal and business personas, the ThreatMetrix Digital Identity Network combines the specific device and persona each individual is using at any given time and at any given place to accurately authenticate the user in real time.

Alisdair Faulkner, ThreatMetrix chief products officer, on the ThreatMetrix Digital Identity Network’s unique cybercrime-fighting strengths

“The ThreatMetrix Digital Identity Network acts as a personal digital guardian that works on business and consumers’ behalf to keep accounts, money and identity from being used in excess illegally. ThreatMetrix has built the largest digital identity network that can determine when an individual’s credentials are being used by cybercriminals in real time, which enables businesses to better understand the global footprint of stolen identities.”

Value added

Last month, ThreatMetrix announced that it now analyzes more than one billion transactions per month. The ThreatMetrix Digital Identity Network further enhances its value by creating an anonymized digital identity of consumers based on device, persona and behavior from every transaction, account creation and account login.

Faulkner on defeating sophisticated networks of cybercriminals

“Businesses need a digital identity network to fight the sophisticated network of cybercriminals. Specifically, such a network can immunize the digital debris that comes from data breach fallouts. The ThreatMetrix Digital Identity Network locks down identities by providing businesses with an anonymized view of their devices, personas and behaviors so identities cannot be easily spoofed by cybercriminals.”

Extending cybercrime protection by:

  • Enabling banking institutions to meet authentication guidelines— Because digital identities are the new currency powering cybercrime and cyberterrorism, banks and financial institutions in general are especially susceptible to attack. The ThreatMetrix Digital Identity Network enables financial institutions to protect accounts against bots using stolen credentials. It detects anomalies by leveraging a global view of devices and persona behavior.
  • Extending the online identity perimeters for businesses—ThreatMetrix allows for advanced protection by leveraging the largest network of analyzed online transactions in the world. On the fraud prevention side, businesses have always looked at identities but not how these identities are used online across channels and sites. The ThreatMetrix Digital Identity Network ensures identities are looked at as a whole. They are protected across channels without any perimeters.
  • Providing effective customer identity protection —Following data breaches and other cyberattacks, many retailers and banks offer consumers free credit monitoring. However, this is not an effective means of guarding against account takeover attacks, or transaction fraud resulting from those breaches. In the event millions of stolen identities are in use following high profile data breaches (Anthem, Home Depot and Sony for example.), the ThreatMetrix Digital Identity Network analyzes consumers’ digital information – including devices and behavior – in one place and flags anomalies in real time when compromised credentials are not being used by their legitimate owners.

The annual RSA conference

Executives across the security industry come together to discuss current and future concerns, and gain access to the people, content and ideas that enable them to better protect against cybercrime.

Visit ThreatMetrix at Booth #4235

ThreatMetrix will exhibit in Booth #4235, located in the North Hall, where attendees can visit to view demos and learn more from ThreatMetrix executives. Additionally, ThreatMetrix will participate in the following events during RSA Conference:

eFraud Global ForumMonday, April 20

  • Time: 8 a.m.
  • Speaker: Reed Taussig, President and CEO at ThreatMetrix
  • Topic: Global Fraud Intelligence Drives Next Generation Customer Authentication
  • Location: Intercontinental Hotel

Briefing Center Solution DemoTuesday, April 21

  • Time: 3:00 p.m.
  • Speaker: Andreas Baumhof, chief technology officer at ThreatMetrix
  • Topic: Protecting Enterprise Data & Critical Applications Using Context Based Authentication
  • Location: South Hall

Executive Women’s Forum Cocktail Party – Wednesday, April 22

  • Time: 7 p.m.
  • ThreatMetrix is co-sponsoring this event with Alta Associates
  • Location: W Hotel – Work Room 1 & 2

For more information on the RSA Conference, visit http://www.rsaconference.com/.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time, customer driven-analytics platform. These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

ThreatMetrix Announces World’s Largest Digital Identity Network at RSA Conference

Posted on April 20th, 2015 by Dan Rampe

Standard-Header-AF

The ThreatMetrix Digital Identity Network Leverages Global Shared Intelligence to Safeguard Online Customer Identities

San Jose, CA – April 20, 2015 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, announces the ThreatMetrix Digital Identity Network at RSA Conference in San Francisco, which takes place today through this Friday, April 24. This advancement in identity protection through a persona-based profile will safeguard consumers’ information, protect businesses against fraudulent activity and create a strong digital assessment on a global network.

The ThreatMetrix Digital Identity Network brings together all aspects of a person’s online devices and behavior into one unique digital identity – including email addresses, geo-locations, devices and both personal and business personas. The unique identity combines the specific device and persona each individual is using at any given time, at any place to accurately authenticate users in real time.

“The ThreatMetrix Digital Identity Network acts as a personal digital guardian that works on business and consumers’ behalf to keep accounts, money and identities from being used in excess illegally,” said Alisdair Faulkner, chief products officer at ThreatMetrix. “ThreatMetrix has built the largest digital identity network that can determine when an individual’s credentials are being used by cybercriminals in real time, which enables businesses to better understand the global footprint of stolen identities.

Last month, ThreatMetrix announced that it now analyzes more than one billion transactions each month. The ThreatMetrix Digital Identity Network further enhances its value by creating an anonymized digital identity of consumers based on device, persona and behavior from every transaction, account creation and account login.

“Businesses need a digital identity network to fight the sophisticated network of cybercriminals,” said Faulkner. “Specifically, such a network can immunize the digital debris that comes from data breach fallouts. The ThreatMetrix Digital Identity Network locks down identities by providing businesses with an anonymized view of their devices, personas and behaviors so identities cannot be easily spoofed by cybercriminals.”

The ThreatMetrix Digital Identity Network extends cybercrime protection in the following ways:

  • Enables Banking Institutions to Meet Authentication Guidelines—Banks and financial institutions are especially susceptible to cybercrime, as digital identities are the new currency powering cybercrime and cyber terrorism. The ThreatMetrix Digital Identity Network enables these institutions to protect accounts against bots using stolen credentials by leveraging a global view of devices and persona behavior to detect anomalies.
  • Extends the Online Identity Perimeters for Businesses—ThreatMetrix allows for advanced protection by leveraging the largest network of analyzed online transactions. On the fraud prevention side, businesses have always looked at identities but not how these identities are used online across channels or websites. The ThreatMetrix Digital Identity Network ensures identities are looked at as a whole and are protected across channels, eliminating any perimeters.
  • Provide Effective Customer Identity Protection —Following data breaches and other cyberattacks, many retailers and banks offer consumers free credit monitoring, but this is not an effective means of guarding against account takeover attacks, or transaction fraud that result from data breaches. Rather, as millions of stolen identities are in use following high profile data breaches such as Anthem, Home Depot and Sony, the Digital Identity Network analyzes consumers’ digital information – including devices and behavior – in one place and flags if compromised credentials are not being used by their legitimate owner, in real time.

ThreatMetrix will showcase the ThreatMetrix Digital Identity Network at the RSA Conference in San Francisco, today through this Friday, April 24. At the annual RSA Conference, executives across the security industry converge to discuss current and future concerns, and gain access to the people, content and ideas that enable individuals and companies to protect against cybercrime.

ThreatMetrix will exhibit in Booth #4235, located in the North Hall, where attendees can visit to view demos and learn more from ThreatMetrix executives. Additionally, ThreatMetrix will participate in the following events during RSA Conference:

eFraud Global ForumMonday, April 20

  • Time: 8 a.m.
  • Speaker: Reed Taussig, President and CEO at ThreatMetrix
  • Topic: Global Fraud Intelligence Drives Next Generation Customer Authentication
  • Location: Intercontinental Hotel

Briefing Center Solution DemoTuesday, April 21

  • Time: 3:00 p.m.
  • Speaker: Andreas Baumhof, chief technology officer at ThreatMetrix
  • Topic: Protecting Enterprise Data & Critical Applications Using Context Based Authentication
  • Location: South Hall

Executive Women’s Forum Cocktail Party – Wednesday, April 22

  • Time: 7 p.m.
  • ThreatMetrix is co-sponsoring this event with Alta Associates
  • Location: W Hotel – Work Room 1 & 2

For more information on the RSA Conference, visit http://www.rsaconference.com/.

ThreatMetrix Resources

About ThreatMetrix

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time, customer driven-analytics platform. These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

© 2015 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts

Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Beth Kempton
Walker Sands Communications
Tel: 312-241-1178
Email: beth.kempton@walkersands.com

What’s a $25M Fine to a Company Whose Q4 2014 Revenue Was $34.4B?

Posted on April 17th, 2015 by Dan Rampe

FCC

AT&T Fined for Breaches in Mexico, Colombia and the Philippines Exposing 279,000 U.S. Customers’ Names and Full or Partial SSNs

The Federal Communications Commission reported that more than forty employees at three contract call centers in Mexico, Colombia and the Philippines sold customer information to criminals who used it to unlock stolen smartphones.

In Grant Gross’s story on computerworld.com, he interviewed a number of security professionals who thought the punishment did not fit the “crime” including an attorney who questioned why the FCC, rather than the FTC (Federal Trade Commission), didn’t set the fine. The following has been excerpted from Gross’s article and edited to fit our format. You may find the full article by clicking on this link.

Fine not enough

“If you really want companies to think about security you need to do something that makes the decision makers sit up and listen,” [Chris Conacher, director of security research and development at Tripwire.] “If all you are doing is making tiny deductions against the bottom line, businesses are going to keep on doing what they do and consumers will keep on suffering.”

The negative publicity from the FCC settlement may have little impact, according to Conacher. Other companies reporting data breaches, including Target and Sony Pictures, haven’t seen their stock prices fall significantly, he said.

“As long as the companies appear to be managing the issue professionally then investors will also accept major breaches as the cost of doing business,” he said. “Is [the settlement] a warning to other companies? No.”

Done with call center vendors

AT&T said it has ended its relationship with some call center vendors because of the breaches and will notify affected customers. There’s no evidence the breached data has been used for ID theft, the company said in a statement.

In the Colombia call center, full Social Security numbers were accessible by three of [the] managers whose login credentials were used to access the customer accounts, according to the FCC complaint.

Cheap could be expensive for customers

Using overseas call centers opens AT&T to criticisms of “penny pinching,” added Richard Blech, CEO and co-founder of encryption vendor Secure Channels.

“By outsourcing their call center to foreign countries to save money, AT&T has exposed Americans’ sensitive data to peril,” he added by email. If AT&T had encrypted the data, it would have been protected, he said.

It’s “alarming” that AT&T allowed contractor workers to have access to unencrypted customer records, Blech added. “There should no longer be any debate as to whether sensitive customer data should be encrypted or not,” he said.

Why not the FTC?

It’s interesting that the data breach settlement came through the FCC, when the U.S. Federal Trade Commission has been the agency that often pursues companies for data breaches, said Robert Cattanach, a partner at law firm Dorsey & Whitney, focusing on cybersecurity and other regulatory litigation.

The FCC settlement, the largest in agency history for a data breach, “ups the ante” for penalties, but the FCC may still have been a better option for AT&T, Cattanach said.

“It’s no secret that the regulated community — especially a large player — enjoys, relatively speaking, a much more cozy relationship with the FCC than is the case with FTC,” he said by email. “The FCC is not a push-over to be sure, but it does not project the attack dog mentality that the FTC prides itself in conveying.”

Protection still less costly than settlement

Companies should consider that the cost of protecting the data at the three contract call centers would be a fraction of the cost of the settlement, said Philip Lieberman, president of Lieberman Software, another cybersecurity vendor.

New protections, however, would require a change in process, “which is generally harder than the purchase of any technology,” he added by email. “The C-level staff will have to explain this to the board as to why they did not implement a control when the cost would be trivial.”

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real time customer driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

 

 

 

 

 

Anthem and Premera Healthcare Breaches Were Preventable

Posted on April 16th, 2015 by Dan Rampe

Standard-Header-AF[1]

Protection Beyond Encryption: ThreatMetrix Strategies for Preventing Cybercrime in Healthcare and Other Industries

ThreatMetrix observes that the Anthem and Premera data breaches that exposed tens of millions to fraud, ID theft and other crimes could have been prevented through the use of real-time digital identity intelligence.

Hacking healthcare is relatively easy and highly profitable

Stolen health credentials can sell for $10 apiece on the black market or around 10 to 20 times what a U.S. credit card number goes for.

Between them, in just the first few months of 2015, the Anthem and Premera hacks exposed the health records of more than 90 million individuals. It’s a clear sign the healthcare industry has become a leading target for cybercriminals. One good reason is healthcare providers are still using antiquated authentication and fraud prevention solutions.

Reed Taussig, ThreatMetrix president and CEO, on anonymized global intelligence sharing

“The most valuable data stores for fraudsters are stolen patient records that are associated with a valid health insurance policy. While most enterprises continue to focus on securing their internal networks, what is really required is broad adoption and use of secure, anonymized global shared intelligence that will identify what for and where those 90 million stolen identities are being used.”

ThreatMetrix strategies to help prevent healthcare breaches:

  • Implement unified fraud prevention that leverages a digital identity network to detect and prevent mobile and online fraud while, at the same time, remaining agile and responsive to the needs of customers, agents, brokers and others.
  • Implement advanced device and malware detection capabilities to ensure insurance providers’ systems are not breached as a result of stolen or third-party credentials.
  • Leverage anonymized shared intelligence on personas (digital identities) to connect users with their online activities and device-related behavior patterns outside the company’s network.

Alisdair Faulkner, ThreatMetrix chief products officer, on improving risk intelligence

“When Anthem and Premera sneezed, the cybersecurity industry caught a cold. Most organizations are focusing purely within their own networks, but the board room needs to be aware that these massive data breaches are just a precursor to the main event – a systemic and continuous attack on their customer and employee authentication, fraud and identity systems. To do a credible job defending against stolen identities, organizations need better risk intelligence based on anonymized shared intelligence to differentiate between trusted users and cyber threats.”

More than encryption, hackers have to be stopped before they get started

The data stolen in the Anthem breach was encrypted, but encryption alone wasn’t enough to protect employees’ and customers’ personal information. Hackers began infiltrating Anthem’s systems 10 months prior to the announcement of the attack. What Anthem needed was real-time intelligence to stop these hackers in their tracks.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time customer-driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

In the Wake of Major Anthem and Premera Healthcare Breaches, ThreatMetrix Provides Strategies for Prevention

Posted on April 16th, 2015 by Dan Rampe

Standard-Header-AF[1]

As the Healthcare Industry Continues to be a Major Target for Cybercrime, ThreatMetrix Calls for the Need for Protection Beyond Encryption

San Jose, CA – April 16, 2015 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced strategies for cybercrime prevention in the healthcare industry following the high profile data breaches of Anthem and Premera in recent months. According to ThreatMetrix, the Anthem and Premera breaches could have been prevented through the use of real-time digital identity intelligence.

Stolen health credentials can sell for $10 each on the black market—about 10 or 20 times the value of a U.S. credit card number. The Anthem hack exposed the health records of more than 80 million personal identities, and the numbers for the more recent Premera breach rose above 11 million. With more than 90 million healthcare records exposed in the first few months of 2015, it’s clear that the healthcare industry is a growing target for cybercriminals. However, healthcare providers are still using antiquated authentication and fraud prevention solutions.

“The most valuable data stores for fraudsters are stolen patient records that are associated with a valid health insurance policy,” said Reed Taussig, president and CEO at ThreatMetrix. “While most enterprises continue to focus on securing their internal networks, what is really required is broad adoption and use of secure, anonymized global shared intelligence that will identify what for and where those 90 million stolen identities are being used.”

Increased attacks on healthcare and other insurance organizations are likely due to the high value of stolen health information. To help prevent these massive healthcare breaches and their far-reaching implications, ThreatMetrix offers the following preventative strategies:

  • Implement unified fraud prevention that leverages a digital identity network to detect and prevent mobile and online fraud while remaining agile and responsive for customers, agents, brokers and others.
  • Implement advanced device and malware detection capabilities to ensure insurance providers’ systems are not breached due to stolen or third-party credentials.
  • Leverage anonymized shared intelligence on personas (digital identities) to connect users with their online activity and device-related behavior patterns beyond the confines of a company’s network.

“When Anthem and Premera sneezed, the cybersecurity industry caught a cold,” said Alisdair Faulkner, chief products officer at ThreatMetrix. “Most organizations are focusing purely within their own networks, but the board room needs to be aware that these massive data breaches are just a precursor to the main event – a systemic and continuous attack on their customer and employee authentication, fraud and identity systems. To do a credible job defending against stolen identities, organizations need better risk intelligence based on anonymized shared intelligence to differentiate between trusted users and cyber threats.”

The data that was stolen in the Anthem breach was encrypted, but it’s clear that encryption alone isn’t enough to protect employees’ and customers’ personal information. Hackers began infiltrating Anthem’s systems 10 months prior to the announcement of the attack and Anthem needed real-time intelligence to stop these hackers in their tracks.

ThreatMetrix Resources

About ThreatMetrix

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time customer-driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

© 2015 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts

Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Beth Kempton
Walker Sands Communications
Tel: 312-241-1178
Email: beth.kempton@walkersands.com

 

Don’t Mess with the IRS. ID Theft a Top Priority.

Posted on April 15th, 2015 by Dan Rampe

IRS

The Annual Report of the Internal Revenue Service’s Criminal Investigation Division Shows Progress against a Host of Crimes

The Criminal Investigation Division or CI had staff reductions of 11 percent, putting it at 1970 staffing levels. Despite that, the annual report notes that CI has made progress in fighting ID theft, international tax fraud, tax return preparer and questionable tax refund fraud, public corruption, Bank Secrecy Act violations, money-laundering investigations and terrorist-financing cases.

In his article on accountingtoday.com, Michael Cohn relies on the annual report and a conference call between the media and IRS Criminal Investigation Division chief Richard Weber to highlight key areas of the report. The following has been excerpted from Cohn’s story and edited to fit our format. You may find the complete article by clicking on this link.

ID theft a top priority

“Generally speaking, ID theft continues to be one of our top priorities,” said IRS Criminal Investigation Division chief Richard Weber….”Over the past year we’ve spent about 17 to 18 percent of our investigative time just working on ID theft and tax refund fraud investigations. We’re around the same rate of investigative time that we spent in the past year as we did last year.”

Stiff sentences meted out

[Weber says that in] “terms of the criminal investigations, I think we’ve made tremendous progress as well. We had a lot of significant cases that really highlight the sentences of some of these ID theft criminals. We’ve had sentences ranging from 40 months to over 240 months.”

Breaches a problem

“The reason why [breaches are] of great concern to us in CI is because if someone is going to end up stealing real information from either funeral services or software companies, or [other] legitimate businesses, it’s going to be difficult for our filters to catch that type of fraud,” said Weber.

Florida is a hotspot

While on a national basis, the average is about 18 percent of IRS CI’s investigative time spent on identity theft and tax refund fraud investigations, in areas such as Tampa and Miami, Fla., where identity theft-related tax fraud has been rampant, nearly 50 percent of IRS CI’s time is spent working on ID theft cases.

Two high profile investigations of note

Two of the highest-profile cases this year, involving Credit Suisse and Bank Leumi, are included in the report. In the largest criminal tax case ever filed, Credit Suisse pleaded guilty to conspiracy to aid and assist U.S. taxpayers in filing false income tax returns and agreed to pay a total of $2.6 billion.

Following the Credit Suisse investigation, CI led the case against Bank Leumi Group, a major Israeli international bank that admitted to conspiring to aid and assist U.S. taxpayers to prepare and present false tax returns. The agreement marks the first time an Israeli bank has admitted to such criminal conduct. Bank Leumi Group will pay the U.S. a total of $270 million and cease to provide banking and investment services for all accounts held or beneficially owned by U.S. taxpayers.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real time customer driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

 

Bullish on Breaches

Posted on April 14th, 2015 by Dan Rampe

Data Breach

Why Don’t Data Breaches Drive Down Stock prices?

Maybe we should begin with a disclaimer. Okay, if you didn’t already know it (and chances are you did), the stock market is about as logical as a game of Russian roulette with an automatic pistol (Too violent?) How about a game of badminton with a bowling ball? The point is, while the market makes some people dollars, it doesn’t always make a whole lot of sense. A recent example is the sharp drop in the price of a barrel of oil. Stock market analysts said it would be good for the economy because what people were saving on energy would be spent on goods and services causing a sharp upturn. Market analysts said it would be bad for the economy because oil from shale would be priced out of the market and jobs lost in the energy sector would send the economy into a downturn.

Writing on hbr.org, Elena Kvochko and Rajiv Pant attempt to bring logic to bear as to why data breaches — even major ones that have cost organizations big bucks and cost senior executives (including at least one CEO) their jobs — seem to have no affect on how the stock market values the organization.

The following has been excerpted from Kvochko and Pant’s piece and edited to fit our format. You may find the full article by clicking on this link. After the Kvochko and Pant article, Alisdair Faulkner, chief products officer at ThreatMetrix®, explains why the stock market may not give breached organizations a free pass in the future.

Shareholders numb?

[Even] the most significant recent breaches had very little impact on [a] company’s stock price. Industry analysts have inferred that shareholders are numb to news of data breaches.

It may not be today or tomorrow, but someday…

A widely accepted notion goes that there are only two types of companies: those that have been breached and those that don’t know they have. It is true that breaches are expected and have become a regular cost of doing business, but there are deeper reasons for the market’s failure to respond to these incidents.

Not enough info for an informed decision

Today, shareholders have neither enough information about security incidents nor sufficient tools to measure their impact…The long and mid-term effects of lost intellectual property, disclosure of sensitive data, and loss of customer confidence may result in loss of market share, but these effects are difficult to quantify. Therefore, shareholders only react to breach news when it has direct impact on business operations, such as litigation charges (for example, in the case of Target) or results in immediate changes to a company’s expected profitability.

Late disclosures

Delays in disclosing information security incidents often contribute to shareholders’ hesitation and uncertainty with regard to how to factor in the effects of the breaches.

Taking stock of stock prices

Overall, stock prices during and following the high profile security data breaches in the past several years have decreased slightly or quickly recovered following the breach.

Some famous breaches and their effect on stock prices

Home Depot’s hack, compromised 65 million customer credit and debit card accounts. Breach-related costs are estimated to be around $62 million. The company’s stock price decreased slightly one week after the announcement. In the third quarter of 2014, Home Depot showed a 21% increase in earnings per share.

Target was the object of the then biggest cyber attack on a retailer. Credit and debit card data of 40 million customers and personal information of about 70 million were said to be affected by the breach. The stock experienced a 10% drop in price in the aftermath of the security breach, but by the end of February, Target had experienced the highest percentage stock price regain in five years.

Three years after the 2011 hack that compromised payment data of millions of Sony gaming users, Sony had to deal with a massive data breach targeting its pictures industry. The personal data of producers, actors, and current and former employees dating back to 2000 was compromised. Attackers have collected over a Terabyte of data and records of 47,000 employees. The stock price kept growing following the announcement, [then] decreased slightly three weeks after the breach. By now, it has long surpassed its one-year maximum.

In the beginning of October 2014, the largest U.S. bank in assets, JP Morgan Chase, announced that in August, hackers had accessed its security system and that approximately seven million small businesses and 76 million households had been affected by a data breach. The company unveiled that data that was compromised included contact information such as names, addresses, telephone numbers, and email addresses, but account numbers, passwords, dates of birth, and social security numbers were protected…. Stock prices for JP Morgan Chase were stable following the announcement and then rose by the beginning of November.

Almost impossible for shareholders to assess the impact of breaches

This mismatch between the stock price and the medium and long-term impact on companies’ profitability should be addressed through better data. Shareholders still don’t have good metrics, tools, and approaches to measure the impact of cyber attacks on businesses and translate that into a dollar value. In most cases, at the time a security breach is disclosed, it is almost impossible for shareholders to assess its full implications. Shareholders should look beyond short-term effects and examine the impact on other factors, such as overall security plans, profitability, cash flow, cost of capital, legal fees associated with the breach, and potential changes in management. .

Companies should improve protection

Now that major security breaches have become an inevitability in doing business, companies should put strong data security systems in place, just as they protect against other types of business and operational risks.

Alisdair Faulkner on changes in accountability and notifications that have kept stockholders “In the dark” about the affects of breaches

In a news release titled ThreatMetrix Shares Strategies for Businesses to Protect Privacy, Safeguard Data and Build Trust on the Internet in Alignment with Data Privacy Day, Faulkner notes, “Any company that uses some form of online user authentication is now going to be held accountable for at least a minimal level of protecting customer privacy. The proposed Privacy Bill of Rights requires customers be notified by businesses about a data breach within 30 days, but cybercriminals can take data in the blink of an eye. Thirty days gives cybercriminals an eternity to monetize that information. Ideally, businesses need to be able to measure unauthorized access in real time, address the problem and notify customers immediately.”

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real time customer driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

ThreatMetrix Financial Institution Authentication Strategies for Stopping Malware and Compromised IDs

Posted on April 9th, 2015 by Dan Rampe

 

Standard-Header-AF

ThreatMetrix Outlines a New Approach in Line with FFIEC’s Joint Statements on Authenticating Customers and Employees

The Federal Financial Institutions Examination Council (FFIEC) has released joint statements dealing with stolen identities and malware that, combined, represent a threat not only to business, but to the entire financial system.

Alisdair Faulkner, ThreatMetrix chief products officer, on a new approach to authentication

“We’re not even halfway through the year and we’ve already seen data breaches of two major healthcare providers, Anthem and Premera, compromise the information of more than 90 million people. As the prevalence of personal data being breached continues to grow, financial institutions need a new approach to authentication and digital identity assessment.”

A summary of key FFIEC joint statements

  • Compromised Credentials – Whether an employee or administrator (and this is especially true for customers), banks can no longer trust the static identity of a user login or transaction. Even if a bank’s internal systems can’t be compromised, a bank’s customers and employees can be.
  • Destructive Malware – Banks have to continuously evaluate the health and risk of devices being used to access data or perform transactions. The same holds true for an employee accessing services remotely from his or her tablet, or for a sanctioned locked-down PC.
  • Shared Intelligence – To defeat malware and compromised credential threats, financial institutions have to look beyond their firewalls and share actionable threat intelligence about unauthorized account access attempts and attack patterns.

Faulkner notes that digital identities power the underworld

“Forget Bitcoin, our digital identities are the cybercurrency that powers the underworld. Unlike credit cards that can be replaced, stolen identities and compromised devices are the gift that keeps on giving – pieces of a user’s digital identity can be used over and over again, with each attack increasing in sophistication on a daily basis. Combining stolen identities, compromised devices and newer device spoofing tools like Anti Detect and Fraud Fox, hackers can routinely bypass first generation authentication technologies still installed at banks. Financial institutions need new ways of assessing digital identities by leveraging global shared intelligence to detect when personal information and devices are being used illegitimately. When one financial institution’s network is breached, every financial institution becomes the target of the digital debris.”

The ThreatMetrix Global Trust Intelligence Network (The Network) offers features to help financial institutions protect themselves from compromised credentials and malware

  • Persona ID – Persona ID enables financial institutions to connect users with their related attributes and activities. Included in these attributes and activities are email addresses, payment details, past transactions, accounts, devices, location, proxies etc. These details are tied to digital “personas.” And, incoming transactions are evaluated against the corresponding digital identities in real-time and enables ThreatMetrix to distinguish legitimate users and cybercriminals.
  • Layered Approach – Rather than providing “Bigger Data,” which creates too many alerts to act on quickly, The Network uses pin-point decision analytics to assess devices, threats, personas and behavior across its anonymized digital identity network. This makes it possible to accurately identify cybercriminals in real time without added customer friction.

The Network: real-time intelligence

In an environment where financial institutions must assume digital identities and devices are compromised before authenticating logins or transactions, The Network delivers real-time intelligence, providing businesses with consistent risk assessments of data and creating unique digital identities for users by mapping their online behaviors and devices to protect customers from fraudulent transactions.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time customer-driven analytics platform. These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.
ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.
Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

Grand Canyon-Sized Breach Hits Grand Canyon State

Posted on April 8th, 2015 by Dan Rampe

Grand Canyon

418,640 Arizonans Had Data Compromised in the Anthem Breach That Affected 80 Million. ThreatMetrix CEO Calls Breach the “Tipping Point.”

In his blog, The Anthem Tipping Point, Reed Taussig, President and CEO of ThreatMetrix® notes that the Anthem Breach might finally be the cataclysmic event, the tipping point, that gets “the attention of senior management and boards of directors to recognize that cybersecurity is just as important to the enterprise as the operations of their customer-facing Internet applications themselves.”

And Anthem was not the only healthcare company attacked. Approximately the same time Anthem was breached — and very possibly by the same cybercriminals — Premera Blue Cross, which operates in Arizona, Alaska and Washington State, was also breached, compromising sensitive personal, financial and medical claims information for about 11 million of its customers nationwide. Other Anthem companies affected by the breach include Amerigroup, Anthem and Empire Blue Cross Blue Shield, CareMore and UniCare.

In his story on azcentral.com, Ken Alltucker, reporter for The Republic, details the cyberattack that left many Arizonans and Americans in general at risk of becoming victims of identity theft and other crimes. The following has been excerpted from Alltucker’s piece and edited to fit our format. You may find his complete account by clicking on this link.

Unaffected by breach, Blue Cross Blue Shield customers still at risk

The computer hackers did not breach Blue Cross Blue Shield of Arizona’s computer systems, company officials said, but customers of the Arizona insurer could be affected if they used their insurance plans to access doctors, hospitals or other health services in states where Anthem and Premera operate.

Anthem’s 14 states include California, Colorado, Connecticut, Georgia, Indiana, Kentucky, Maine, Missouri, Nevada, New Hampshire, New York, Ohio, Virginia and Wisconsin.

Healthcare a hot, easy target

“Nowadays, it’s all about the money,” said Shaun Murphy, founder of PrivateGiant, an Orlando-based consulting firm. Murphy said there is a black market for such data, and cyberthieves who recover such detailed personal, financial and medical information on individuals can get lucrative payments.

Murphy said health-care insurers are a prime target because their security systems are typically not as robust as financial institutions. And if a hacker is able to piece together Social Security numbers, birth dates and medical-claims information about an individual, that creates the type of detailed profile about a person that black-market buyers covet. “When you start to aggregate this information, it can bring in a ton of money.”

Small comfort

The insurance companies have offered [breached] customers two years of credit monitoring and identity-theft protection services. Anthem consumers can get more information about these services at anthem.allclearid.com. Premera’s identify-theft protection will be offered through Experian. Visit premeraupdate.com for more information.

Still attempting to find all potential victims

Premera spokesman Eric Earling said the company still is attempting to pinpoint all customers who may have been affected by the data breach in Arizona and other states.

Compromised records may go back to 2002

The insurer said the sophisticated cyberattack may have accessed records dating to 2002. That means customers who once held Premera’s LifeWise plans, discontinued in Arizona last decade, may be affected.

26 healthcare data breaches in Arizona since 2010

In Arizona, there have been 26 health data breaches that have each affected 500 or more people [in each breach] since 2010, according to the U.S. Department of Health and Human Services.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real time customer driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

 

 

Apple Watch Could Be a Real Steal

Posted on March 25th, 2015 by Dan Rampe

Apple Watch

Time Will Tell Whether Apple Watch Increases Fraud by Making It Easier and Cheaper to Use Stolen Data for In-Store Purchases

Using Apple Pay on iPhone 6 and stolen credit card numbers, cybercriminals have been buying high-end goods at brick-and-mortar stores, especially Apple stores. Experts have a one word description for this fraud — “rampant.”

If things look bad now, Al Sacco in his piece on cio.com says just wait until Apple Watch is released in April. The following has been excerpted from Sacco article and edited to fit our format. You may find the full unedited story by clicking on this link.

For cheap crooks

[Apple Watch], when it’s released in April, could take [the hike in fraud using Apple Pay] further, because it also supports Apple Pay and offers a cheaper option than buying a new iPhone, at least without a carrier subsidy.

How Apple Pay works Apple Watch

To add payment cards to Apple Watch, you simply open up the companion iOS app, which is now available in iOS 8.2, and use the Passbook & Apple Pay option to enter credit card data. After you save the information, and Apple runs a quick check for potential red flags, you’re good to go. (It’s unclear whether or not the Watch will automatically import payment information iPhone 6 users already store in Passbook.)

Next, you head on over to a local retailer with NFC-compatible POS terminals, pick up some goodies, head to the cashier, double-tap the bottom button on the side of the Watch and then hold it close to the payment terminal.

Security

For security purposes, you have to authenticate yourself via a passcode anytime you remove and replace the Watch and then try to access Apple Pay.

[While] Touch ID authenticates Apple Pay purchases when you use an iPhone 6, a passcode protects your card information when you pay via Apple Watch. After you type in your code once, you don’t have to retype it to make additional payments — as long as you don’t remove the device, causing it to break contact with your skin.

Apple Watch and Apple Pay fraud

[You] need an iPhone to do just about anything on the Apple Watch. It is, after all, a companion device, and without an iPhone buddy it does little more than track your steps and, you know, tell time.

Apple Watch and cheap iPhone cost less than iPhone 6

[Cybercriminals] who exploit Apple Pay to make fraudulent purchases don’t steal iPhones to use owners’ payment information. Rather, they buy or steal card data from another source and then add it to their own iPhones and use Apple Pay to turn that data into something physical that can be used in stores.

Today, you need an iPhone 6 or iPhone 6 Plus to perpetrate such a crime, because they’re the only Apple devices that support in-store Apple Pay. Both of these devices are relatively expensive….However, the Apple Watch works with earlier iPhones, including the 5 and 5s. Starting on April 10, bad guys will be able to purchase the cheapest version of Apple Watch for $349 and then jump on eBay (or some similar site) and snag a used iPhone 5 or 5s for as little as 99 cents.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real time customer driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.