Monday, February 11, 2008

Identity Theft Greatest 2008 Threat From P2P File Sharing

While 2007 saw a record number of consumers negatively impacted,
2008 promises to continue with an abnormally high amount of data
breaches as identity thieves continue to adjust their tactics to match
evolving information security practices.


According to statistics published by the Identity Theft Resource
Center, Identity Theft Assistance Center & the SANS
Institute, popular P2P file sharing applications pose one of the
single most vulnerable internet security holes to be exploited
this year by identity thieves.

From a recent Help Net Security article on the topic, the
Associated Press reported that “more than 1 billion
searches are conducted daily over peer-to-peer systems.

A good number involved bank names, the word “password”
and other terms that appear to be attempts by would-be
thieves to dig up other people’s sensitive documents.”

Think this is just a warning only, think again as the
Help Net Security article pointed out how just 3 of the
top consumer data security breaches from 2007 were
attributed to file sharing applications:

November, 2007 - Thirty-five year old Seattle man
pleads guilty to using P2P file sharing programs to access
the computers of victims and steal their personal information
from tax returns, credit reports, bank statements and
student financial aid applications.

September, 2007 - Over 5,000 social security numbers
and other personal information on customers of
Citigroup’s ABN Amro Mortgage Group were
exposed over a P2P file sharing network. A
former business analyst joined a file sharing
network where people share music and video.
Work-related information that she had downloaded
onto her personal computer was inadvertently shared.

June, 2007 – Over 17,000 social security numbers of
current and former Pfizer employees were exposed
by a laptop owned by Pfizer and used by an employee.
The employee’s spouse used a P2P file sharing program
and inadvertently shared documents containing the
personal information.

So, our tip for today is directed to parents who let
their children utilize popular P2P file sharing applications
such as Limewire, etc.

You have two choices to protect yourself from inadvertent
identity theft exposure. First, you can simply delete the
P2P file sharing software from your hard drive and
make
sure your child does not have administrator
level rights
to reinstall it at some later date.

Or, secondly, you can backup any sensitive files to a
thumb
drive and then subsequently delete those
files off your
hard drive altogether.

Failure to do either of these two can result in your sensitive
personal information from being needlessly exposed to
identity thieves who could even by half way around the
world operating in some foreign country well beyond the
reach of our local law enforcement authorities.

9 Comments:

At 12:13 PM, Blogger agent99 said...

Just to satisfy the needs of our readers, we do not support illegal music downloading nor do we support the RIAA's attempts to squash legal file sharing.

Our intent here is purely for educational purposes within the context of identity theft prevention.

 
At 9:21 AM, Blogger Mike said...

Good article. I will say it is a timely one as well. Just Sunday there was an article that came out about a gov't. agency in Newfoundland that allowed one of their computers to be removed from their office by an outside consultant. Well, seems the consultant hooked the computer up to his network at home and installed Limewire. Apparently a security firm in New York discovered it and called the Gov't. agency to alert them of the breach. Needless to say, there are so many vulnerabilities out there, but to allow these things to go on from Gov't. agencies really is ridiculous. I'd love to hear your slant on Web 2.0 next. Thanks!

 
At 8:34 PM, Blogger Jack Payne said...

I write on identity theft all the time. You cover it well.

 
At 9:24 PM, Blogger agent99 said...

Mike said...

"I'd love to hear your slant on Web 2.0 next. Thanks!"

---

Web 2.0 and identity theft - hmmm, that is an interesting new twist.

Mike, care to elaborate a bit more on what you had in mind?

 
At 9:48 PM, Blogger agent99 said...

Jack Payne said...

I write on identity theft all the time. You cover it well.
---
Gee, {blush}, thank you very much
Jack for your kind words.

It is so gratifying to know your efforts, as a former identity theft victim, are making a positive impact.

Keep the comments and requests coming as our mission is simply to inform and educate those would be identity theft victims from unnecessarily becoming one.

 
At 3:48 AM, Blogger Mike said...

Well, I had read an article recently that said how unsafe Web 2.0 applications are. I've read other articles that said similar things, but this article said, "We're basically training our online users to be exploited." The article can be found at Internetnews.com: http://www.internetnews.com/search/article.php/3726496/Web+20+Unsafe+At+Any+Speed.htm

Also, it says that Web 2.0 is virtually impossible to secure. Sounds like we have a real problem.

 
At 1:46 PM, Blogger Mike said...

Great Video on the dangers of P2P is on youtube:

http://www.youtube.com/watch?v=XGw9MEURYiY

 
At 9:45 PM, Blogger agent99 said...

Mike said...

Great Video on the dangers of P2P is on youtube...

---

You are right, thanks!

Pretty scary that in less than 1 single day, your computer can become a total information security funnel to destinations unknown.

Products like Kazaa & Limewire make you wonder if music sharing is really worth it for those who do.

 
At 3:43 PM, Blogger joaquin said...

great article, i did not know.

 

Post a Comment

<< Home