Commentaries and Analyses

Study: One group responsible for 2/3 of all phishing attacks

The Anti-Phishing Working Group (APWG) recently released its report, Global Phishing Survey: Trends and Domain Name Use in 2H2009. From the Overview: Phishing has always been attractive to criminals because it has low start-up costs and few barriers to entry. But by mid-2009, phishing was dominated by one player as never before—the ―Avalanche‖ phishing...

IRS Divulges Personal Taxpayer Information

The Internal Revenue Service does not always properly authenticate the identity of taxpayers calling its toll-free assistance lines before providing them with confidential tax account information, according to a new government report. The report, by the Treasury Inspector General for Tax Administration, found that taxpayers who call the IRS-toll-free lines are at risk of...

Announce A Data Breach And Say It’s No Big Deal?

Evan Schuman comments on the recent Blippy breach and lessons that should be learned: Data Breach Etiquette Rule #8: The moment you announce you screwed up and exposed customers’ payment data to cyberthieves is a really bad time to lecture customers that “it’s a lot less bad than it looks” and that “it’s important...

Podcast: Inside the TJX/Heartland Investigations

Tom Field of BankInfoSecurity interviews Kim Peretti, former Senior Counsel in the Computer Crime and Intellectual Property Section of the Criminal Division of the United States Department of Justice, about the investigation of Albert Gonzalez and his co-conspirators, including How the investigations unfolded from beginning to end; The significance of the conspirators’ sentences; Lessons...