Top Security Threats
Data Breaches
A data breach is a security incident in which sensitive, protected, or confidential data has been copied, transmitted, viewed, stolen, or otherwise used by someone who was not authorized to do so. Credit card data breaches and medical data breaches are two of the more harmful and costly data breaches.
Data Breaches Are Not Always Made Public
The news reports plenty of data breaches these days, from the Target and Wendy’s credit card breaches to the Anthem and Beacon Health System HIPAA data breaches. However, most data breaches never make the national news, which means the people whose personal information is compromised never find out about it. The Privacy Right Clearinghouse publishes a list of known breaches reported in the United States since 2005. In addition, the Privacy Rights Clearinghouse website provides information on dealing with security breaches.
Privacy Rights Clearinghouse: Chronology of Data Breaches
Privacy Rights Clearinghouse: How to Deal with a Security Breach
Phishing
Phishing is the attempt to acquire sensitive data (i.e., usernames, passwords, credit card information, etc.) by pretending to be a known and trusted entity via electronic form, such as email for a website. This is one of the most common IT security threats.
Information for Taxpayers
Taxpayers need to beware of phishing scams asking for any personal information. The IRS will never initiate emails to taxpayers about a bill or a refund out.
FTC’s Identity Theft Recovery Plan
Identity Protection: Prevention, Detection, and Victim Assistance
Reporting IRS Phishing and Online Scams
Requesting Copy of Fradulent Returns
Taxpayer Guide to Identity Theft
Amazon Order Cancellation
This is a phishing attempt leading users to click to view their cancelled order on Amazon, even though they did not place an order.
Identifying and Reporting Phishing Emails to Amazon
Ransomware
Ransomware is an access-denial type of attack that prevents legitimate users from accessing files. The user’s computer is infected with some form of malware. This software then encrypts files and requires payment (ransom) before the person is re-granted access to the restricted files. The user’s computer is often rendered useless until the ransom has been paid.
Trend Micro on Ransomware
Trend Micro has a webpage that includes the history and future of ransomware. This page also gives aliases and descriptions of known ransomware families.