<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0"
     xmlns:content="http://purl.org/rss/1.0/modules/content/"
     xmlns:dc="https://purl.org/dc/elements/1.1/"
     xmlns:dcterms="http://purl.org/dc/terms/"
     xmlns:media="http://search.yahoo.com/mrss/"
     xmlns:atom="http://www.w3.org/2005/Atom"
>
    <channel>
                    <atom:link href="https://www.itpro.com/feeds/tag/fraud" rel="self" type="application/rss+xml" />
                            <title><![CDATA[ Latest from ITPro in Fraud ]]></title>
                <link>https://www.itpro.com/tag/fraud</link>
        <description><![CDATA[ All the latest fraud content from the ITPro team ]]></description>
                                    <lastBuildDate>Thu, 07 May 2026 10:59:45 +0000</lastBuildDate>
                            <language>en</language>
                                <item>
                                                            <title><![CDATA[ UK workers are shockingly relaxed about selling access to company systems ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/uk-workers-are-shockingly-relaxed-about-selling-access-to-company-systems</link>
                                                                            <description>
                            <![CDATA[ Research from UK fraud prevention service Cifas shows that insider fraud is rife ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">vSmUzNaYN8imR4v6vrgyag</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/QGJdnzL5ujgBmZvWfYVyk7-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 07 May 2026 10:59:45 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Emma Woollacott ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/aWfskavxoVSMDy6cDWtYmJ.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/QGJdnzL5ujgBmZvWfYVyk7-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Ethical hacker concept image showing hands of a female pentester typing on a laptop keyboard.]]></media:description>                                                            <media:text><![CDATA[Ethical hacker concept image showing hands of a female pentester typing on a laptop keyboard.]]></media:text>
                                <media:title type="plain"><![CDATA[Ethical hacker concept image showing hands of a female pentester typing on a laptop keyboard.]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/QGJdnzL5ujgBmZvWfYVyk7-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>UK workers are shockingly casual about insider‑enabled fraud, with one-in-eight admitting to having sold company logins.</p><p>In the last 12 months alone, 13% said they had either sold their company login details to a former colleague, or that they knew someone who has.</p><p>The <a href="https://www.cifas.org.uk/workplace-fraud-trends-2025" target="_blank"><u>figures</u></a> from the UK’s fraud prevention service, Cifas, show that 13% of respondents believed selling access to company systems was ‘justifiable’. </p><p>That number was even higher for senior managers, at 32%, and directors at 36%.</p><p>Among C‑suite executives, this figure rose to 43% while for business owners themselves, the figure was an astonishing 81%.</p><p>“These findings point to an unsettling reality: for a meaningful minority of staff, selling company logins is no longer beyond the line – and that should concern every employer," commented Joby Carpenter, fraud and emerging threats lead at anti-financial crime certification and intelligence company ACAMS.</p><p>“Cifas’ survey suggests insider risk is not only persistent, but in some settings it’s becoming normalized. For firms, this underlines the need to treat insider threat as a core fraud and financial crime issue, supported by strong culture, proportionate controls, targeted training, and effective access governance.”</p><p>Researchers said effective fraud prevention relies not only on secure systems, but on strong access governance, regular staff training, and a clear organizational stance on the <a href="https://www.itpro.com/security/data-breaches/nearly-half-of-emea-data-breaches-were-due-to-internal-blunders-in-2023">misuse of credentials</a>.</p><p>“Selling login details might seem insignificant to those involved, but it can open the door to serious fraud and financial harm. These findings show how vital it is for organisations to build fraud‑aware cultures, where employees at all levels understand their responsibilities and the consequences of their actions," said Rachael Tiffen, director of learning at Cifas.</p><p>“Counter‑fraud training plays a central role in helping staff recognise manipulation, appreciate the risks associated with insider activity, and act with integrity when handling access to systems and data.”</p><h2 id="insider-threats-are-rising">Insider threats are rising</h2><p>A slew of studies over the last two years point toward rising insider threats. A <a href="https://arcticwolf.com/resource/aw/the-state-of-cybersecurity-2024-trends-report?lb-mode=overlay" target="_blank"><u>report from Arctic Wolf</u></a>, for example, found that 61% of organizations had spotted insider threats during 2024, with 29% of those leading to a leak.</p><p>Similar <a href="https://www.itpro.com/security/ai-means-cyber-teams-are-rethinking-their-approach-to-insider-threats"><u>research</u></a> last year from Exabeam concluded that two-thirds of European security professionals now see insider threats as a bigger risk than external threat actors. </p><p>More than half said they’d seen a measurable increase in insider incidents over the last year, with 54% saying they expect that growth to continue.</p><p>Cyber criminals are aware of the openness of many workers to fraud, and have been actively recruiting company insiders on the dark web, with researchers at NordStellar <a href="https://www.itpro.com/security/cyber-criminals-recruiting-insiders-at-specific-organizations"><u>saying</u></a> earlier this year they'd found 25 unique dark web posts attempting to recruit employees for fraud.</p><p>Aiming to target specific organizations, particularly social media or cryptocurrency platforms, they are hoping to carry out ransomware attacks, sell information on business agreements to competitors, or carry out sophisticated phishing scams.</p><h3 class="article-body__section" id="section-follow-us-on-social-media"><span>FOLLOW US ON SOCIAL MEDIA</span></h3>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ CEO faces $15 million bill and prison time for counterfeit Cisco hardware scam ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/infrastructure/networking/ceo-faces-dollar15-million-bill-and-prison-time-for-counterfeit-cisco-hardware-scam</link>
                                                                            <description>
                            <![CDATA[ Onur Aksoy could face a lengthy prison sentence for his involvement in the counterfeit scheme ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">9xCWM9AEgkbWQpBz8JZapS</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/GVPQr8hLYThnWWUzyZTKZi-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 07 Jun 2023 11:36:38 +0000</pubDate>                                                                                                                                <updated>Tue, 13 Jun 2023 09:36:08 +0000</updated>
                                                                                                                                            <category><![CDATA[Networking]]></category>
                                                    <category><![CDATA[Infrastructure]]></category>
                                                                                                <author><![CDATA[ itpro@futurenet.com (Ross Kelly) ]]></author>                    <dc:creator><![CDATA[ Ross Kelly ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/Y5vrV2V98Np6jHAGmAtCd3.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/GVPQr8hLYThnWWUzyZTKZi-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[A server room at the Cisco Systems Poland headquarters in Krakow, Poland]]></media:description>                                                            <media:text><![CDATA[A server room at the Cisco Systems Poland headquarters in Krakow, Poland]]></media:text>
                                <media:title type="plain"><![CDATA[A server room at the Cisco Systems Poland headquarters in Krakow, Poland]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/GVPQr8hLYThnWWUzyZTKZi-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>A US-based executive will be forced to return $15 million in illicit gains and could face a lengthy prison sentence after pleading guilty to a counterfeit Cisco hardware distribution scheme. </p><p>Onur Aksoy, CEO at the Pro Network Entities business group, pleaded guilty to running an “extensive operation” that saw counterfeit Cisco <a href="https://www.itpro.com/nas/27920/best-nas-drives"><u>networking equipment</u></a> sold to customers over the course of nearly a decade. </p><p>US court documents show that Aksoy, a joint US and Turkish national, led a scheme to import the fake equipment from suppliers in China and Hong Kong. </p><p>Officials described the counterfeit equipment as “low quality, modified computer <a href="https://www.itpro.com/infrastructure/network-internet/367848/what-is-a-network-switch"><u>networking devices</u></a>” that appeared legitimate and featured authentic-looking <a href="https://www.itpro.com/infrastructure/network-internet/368324/cisco-claims-its-solved-broken-hybrid-work-model"><u>Cisco</u></a> labels, stickers, boxes, documentation, and packaging. </p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="8pMENfShjyagv4exyBhc5b" name="Computing security is central to IT infrastructure transformation_listing.jpg" caption="" alt="Whitepaper covet with image of cityscape in front of water with people enjoying the sunset behind the buildings" src="https://cdn.mos.cms.futurecdn.net/8pMENfShjyagv4exyBhc5b.jpg" mos="" link="" align="" fullscreen="" width="" height="" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div><figcaption itemprop="caption description" class=""><span class="credit" itemprop="copyrightHolder">(Image credit: AMD)</span></figcaption></figure><p class="fancy-box__body-text"><strong>Hardware security and confidential computing in server platforms</strong></p><p class="fancy-box__body-text"><em>Computing security is central to IT infrastructure transformation</em></p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/hardware-security-and-confidential-computing-in-server-platforms"><strong>DOWNLOAD FOR FREE</strong></a></p></div></div><p>“The devices the Pro Network Entities imported from China and Hong Kong were typically older, lower-model products – some of which had been sold or discarded – which Chinese counterfeiters then modified to appear to be genuine versions of new, enhanced, and more expensive Cisco devices,” the US Department of Justice said in a statement. </p><p>“The Chinese counterfeiters often added pirated Cisco software and unauthorized, low-quality, or unreliable components – including components to circumvent technological measures added by Cisco to the software to check for software license compliance and to authenticate the hardware.” </p><p>The fake devices sold to customers had an estimated retail value of hundreds of millions of dollars, officials said. </p><p>Similarly, the Pro Network Entities group, comprised of more than 19 firms located in New Jersey and Florida, generated “over $100 million in revenue” through the scheme.  </p><p>Prosecutors described how the counterfeit products sold by the group often suffered from “numerous performance, functionality, and safety problems” and wrought havoc on users’ networks and operations. </p><p>In some instances, the malfunctioning <a href="https://www.itpro.com/hardware/358209/the-it-pro-podcast-hot-hardware"><u>hardware</u></a> cost customers tens of thousands of dollars due to business disruption and remediation attempts. </p><p>“Customer’s of Aksoy’s <a href="https://www.itpro.com/security/cyber-crime/354253/europol-seizes-more-than-30000-counterfeit-sites-on-cyber-monday"><u>fraudulent and counterfeit devices</u></a> included hospitals, schools, government agencies, and the military,” officials said.</p><h2 id="cisco-scam-forged-documents-and-seized-imports">Cisco scam: Forged documents and seized imports</h2><p>Around 180 shipments of counterfeit Cisco devices purchased by the Pro Network Entities group were seized by border agents between 2014 and 2022, according to the DoJ. </p><p>Cisco also sent repeated cease and desist notices to Aksoy between 2014 and 2019 after being made aware of the scheme. </p><p>Aksoy was found to have responded to “at least two” of these letters by providing the firm with forged documents, prosecutors revealed. </p><p>In July 2021, locations used by Aksoy were raided, with 1,156 counterfeit Cisco devices seized. Law enforcement officials said the devices had a retail value of over $7 million upon seizure. </p><h2 id="lengthy-prison-sentence-a-possibility">Lengthy prison sentence a possibility</h2><p>The DoJ revealed that Aksoy pleaded guilty on several counts, including “conspiring with others to traffic in counterfeit goods” and conspiracy to commit mail fraud. </p><p>He is expected to be sentenced on 6 November this year. Despite the acceptance of a plea deal by the court, Aksoy could still face between four to six-and-a-half years in prison for his involvement in the operation. </p><p>Aksoy must also forfeit $15 million in illicit gains and will be required to make full restitution to victims of the scheme. </p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ UK crypto fraud soars 32% to $270 million ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/technology/cryptocurrencies/369603/uk-crypto-fraud-soars-32-to-270-million-warns-crime-centre</link>
                                                                            <description>
                            <![CDATA[ Businesses facing recession slump may see cryptocurrencies as a quick return on investment, but are increasingly at risk of fraud ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">o2Lo2r8TtDDBr4Xtoh7UWq</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/QMmXMg54TnSXZCn8SjTVGY-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 28 Nov 2022 13:08:19 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Policy and Legislation]]></category>
                                                    <category><![CDATA[Business]]></category>
                                                                                                                    <dc:creator><![CDATA[ Rory Bathgate ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/DnNrFxEA7RRECVgFxXR4V7.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/QMmXMg54TnSXZCn8SjTVGY-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Stocks for the most well-known cryptocurrencies ]]></media:description>                                                            <media:text><![CDATA[Stocks for the most well-known cryptocurrencies ]]></media:text>
                                <media:title type="plain"><![CDATA[Stocks for the most well-known cryptocurrencies ]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/QMmXMg54TnSXZCn8SjTVGY-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Action Fraud, the UK's fraud and cyber crime reporting centre, has revealed a 32% increase in cryptocurrency fraud across the UK over the past year.</p><p>As reported in <em>The Financial Times</em>, Action Fraud stated that cryptocurrency scams have risen to £226 million ($273 million), representing a steep increase in such fraudulent activity across the period.</p><p>As the UK’s period of recession worsens, businesses and consumers may also see crypto as a route for quick returns on investments. In August, crypto bridge Binance claimed that <a href="https://www.itpro.com/technology/cryptocurrencies/368791/surging-inflation-driving-people-to-cryptocurrencies-binance" data-original-url="https://www.itpro.com/technology/cryptocurrencies/368791/surging-inflation-driving-people-to-cryptocurrencies-binance">rising inflation is driving people to invest</a> in cryptocurrencies, citing examples of countries such as Argentina where many citizens have poured life savings into <a href="https://www.itpro.com/strategy/28296/what-is-bitcoin" data-original-url="https://www.itpro.com/strategy/28296/what-is-bitcoin">Bitcoin</a>.</p><p>“Whenever times are tough, fraudsters always seek to prey on less experienced investors by promising huge returns," Hinesh Shah, forensic accountant at Pinsent Masons, told the <em>Financial Times</em>.</p><p>Businesses could fall victim to scams in which crypto investment in <a href="https://www.itpro.com/infrastructure/network-internet/367513/what-is-web3" data-original-url="https://www.itpro.com/infrastructure/network-internet/367513/what-is-web3">web3</a> tech, including <a href="https://www.itpro.com/business/business-strategy/369294/meta-deepens-metaverse-partnership-with-microsoft-and-accenture" data-original-url="https://www.itpro.com/business/business-strategy/369294/meta-deepens-metaverse-partnership-with-microsoft-and-accenture">metaverse technology</a>, is encouraged and then made off with by fraudsters with no product delivered.</p><p>In October, the platform <a href="https://www.itpro.com/security/hacking/369270/hacker-stole-566-million-from-binance-bridge-using-proof-forgery-exploit" data-original-url="https://www.itpro.com/security/hacking/369270/hacker-stole-566-million-from-binance-bridge-using-proof-forgery-exploit">lost $586 million to a hacking attack</a>, using a sophisticated method that allowed the threat actor to steal millions before Binance was able to detect any irregularity. Binance has been <a href="https://www.itpro.com/technology/cryptocurrencies/360019/uk-bans-binance-crypto-exchange" data-original-url="https://www.itpro.com/technology/cryptocurrencies/360019/uk-bans-binance-crypto-exchange">barred from operating in the UK</a> since 2021, and the Financial Conduct Authority (FCA) has warned against investing money in non-FCA authorised crypto companies, as this will not be covered by its financial compensation or help from the financial ombudsman service in the case of fraud.</p><p>"Crypto fraud is best tackled, I think, by increasing public/investor understanding of cryptocurrency generally and what sort of scams are commonly being seen," Daniel Seely, financial services regulatory lawyer and crypto expert at Freeths, told <em>IT Pro</em>.</p><p>"People need to know what the warning signs are, and the types of things that they should be looking out for (e.g. any red flags). People should be very cautious about anyone who offers to invest in crypto for them, and of anyone who asks for details of any of their ‘crypto keys’ or other such information.</p><p>"In terms of what the FCA and regulators can do, unfortunately they only have limited powers given that they do not formally regulate crypto (save for money laundering purposes), however they do post regular warnings on their website about firms who they believe are operating illegally and of scams that are being seen. Consumers can subscribe for daily ‘warning lists’, which may help people identify fraudsters."</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/business/business-strategy/369298/google-cloud-announces-coinbase-partnership-will-accept-crypto" data-original-url="/business/business-strategy/369298/google-cloud-announces-coinbase-partnership-will-accept-crypto">Google Cloud announces Coinbase partnership, will accept crypto payments</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/technology/cryptocurrencies/368791/surging-inflation-driving-people-to-cryptocurrencies-binance" data-original-url="/technology/cryptocurrencies/368791/surging-inflation-driving-people-to-cryptocurrencies-binance">Surging inflation is driving people to cryptocurrencies</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/technology/cryptocurrencies/369149/the-cryptocurrency-implosion-shows-were-heading-for-the-end" data-original-url="/technology/cryptocurrencies/369149/the-cryptocurrency-implosion-shows-were-heading-for-the-end">The cryptocurrency implosion shows we’re heading for the end</a></p></div></div><p>Cryptocurrencies have long been associated with fraud and a lack of transparency or security, with notable figures in the tech sector such as <a href="https://www.itpro.com/technology/cryptocurrencies/358801/john-mcafee-charged-with-cryptocurrency-laundering" data-original-url="https://www.itpro.com/technology/cryptocurrencies/358801/john-mcafee-charged-with-cryptocurrency-laundering">John McAfee having been charged</a> with conspiracy to commit fraud following his promotion of crypto such as ‘Dogecoin’.</p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="7482i6KDvixdNzMG9kSCyL" name="7482i6KDvixdNzMG9kSCyL.png" caption="" alt="" src="https://cdn.mos.cms.futurecdn.net/7482i6KDvixdNzMG9kSCyL.png" mos="https://cdn.mos.cms.futurecdn.net/7482i6KDvixdNzMG9kSCyL.png" link="" align="" fullscreen="" width="0" height="0" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div></figure><p class="fancy-box__body-text"><strong>The financial services survival guide</strong></p><p class="fancy-box__body-text">How uncertainty and disruption is forcing financial services to innovate</p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/business-operations/finance/369314/the-financial-services-survival-guide" data-original-url="/business-operations/finance/369314/the-financial-services-survival-guide">FREE DOWNLOAD</a></p></div></div><p>Despite this, the purported security benefits of the <a href="https://www.itpro.com/security/28031/what-is-blockchain" data-original-url="https://www.itpro.com/security/28031/what-is-blockchain">blockchain</a>, as well as the potential for cryptographically-secured data to be used for speeding up internal transactions, have led to some arguing that it has a <a href="https://www.itpro.com/strategy/27892/does-blockchain-have-a-place-in-business" data-original-url="https://www.itpro.com/strategy/27892/does-blockchain-have-a-place-in-business">strong business case</a>. Some of the sector’s largest firms continue to register their confidence in the technology, and in October, <a href="https://www.itpro.com/business/business-strategy/369298/google-cloud-announces-coinbase-partnership-will-accept-crypto" data-original-url="https://www.itpro.com/business/business-strategy/369298/google-cloud-announces-coinbase-partnership-will-accept-crypto">Google Cloud partnered with Coinbase</a> to allow enterprise customers to pay for cloud services using a number of popular cryptocurrencies.</p><p>The FCA has stated its <a href="https://www.itpro.com/business/business-operations/368562/fca-sets-out-goals-for-future-regulation" data-original-url="https://www.itpro.com/business/business-operations/368562/fca-sets-out-goals-for-future-regulation">interest in crypto regulation</a>, although this cannot be brought in by the regulatory body on its own. In 2021, the FCA <a href="https://www.itpro.com/technology/cryptocurrencies/358278/fca-bitcoin-investors-lose-money-warning" data-original-url="https://www.itpro.com/technology/cryptocurrencies/358278/fca-bitcoin-investors-lose-money-warning">warned those buying cryptocurrency</a> that they “should be prepared to lose all their money”, citing the extreme volatility and risks of the system, and has entered into an agreement with Google that will ensure crypto companies seeking to advertise on Google’s search platform have first been given FCA certification.</p><p>Financial regulators and governments have become increasingly involved in the oversight of crypto, and are likely to increase their hold over the system that has long supported illegal activity through its general lack of centralised oversight. In September, the US government participated in the <a href="https://www.itpro.com/security/cyber-attacks/369035/us-reclaims-30-million-in-crypto-from-lazarus-group" data-original-url="https://www.itpro.com/security/cyber-attacks/369035/us-reclaims-30-million-in-crypto-from-lazarus-group">seizure of $30 million worth of cryptocurrency</a> from North Korea backed threat group Lazarus, though this was just 10% of a $620 million stolen from gaming firm Sky Mavis.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ FBI warns scammers are using cryptocurrency ATMs to siphon cash ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/technology/cryptocurrencies/361468/scammers-using-more-cryptocurrency-atms-warns-fbi</link>
                                                                            <description>
                            <![CDATA[ Criminals will stay on phone with victims as they make payments, says advisory ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">q1xZ8RFDkjfXf8PZisbKhF</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/BS46uvuCpsJiPCMYzMqmnd-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 05 Nov 2021 17:56:16 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Attacks]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Danny Bradbury ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/BS46uvuCpsJiPCMYzMqmnd-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Monero cryptocurrency]]></media:description>                                                            <media:text><![CDATA[Monero cryptocurrency]]></media:text>
                                <media:title type="plain"><![CDATA[Monero cryptocurrency]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/BS46uvuCpsJiPCMYzMqmnd-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Scammers are increasingly using <a href="https://www.itpro.com/technology/cryptocurrencies/361286/cryptocurrency-should-you-invest" data-original-url="https://www.itpro.com/technology/cryptocurrencies/361286/cryptocurrency-should-you-invest">cryptocurrency</a> ATMs and <a href="https://www.itpro.com/marketing-comms/qr-codes/360864/are-qr-codes-safe" data-original-url="https://www.itpro.com/marketing-comms/qr-codes/360864/are-qr-codes-safe">QR codes</a> to siphon payments from victims, according to the FBI. </p><p>The FBI warned scammers have been instructing victims to withdraw money from their fiat accounts and then use the money to buy cryptocurrency from an ATM, in a <a href="https://www.ic3.gov/Media/Y2021/PSA211104">public service announcement</a>. </p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/malware/361371/fbi-raids-chinese-pos-terminal-business-after-reports-of-malware-in-devices" data-original-url="/security/malware/361371/fbi-raids-chinese-pos-terminal-business-after-reports-of-malware-in-devices">FBI raids Chinese POS business following cyber attack claims</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/technology/cryptocurrencies/361286/cryptocurrency-should-you-invest" data-original-url="/technology/cryptocurrencies/361286/cryptocurrency-should-you-invest">Cryptocurrency: Should you invest?</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/ransomware/361351/blackmatter-ransomware-victims-reclaim-data-using-secret-decryptor" data-original-url="/security/ransomware/361351/blackmatter-ransomware-victims-reclaim-data-using-secret-decryptor">BlackMatter ransomware victims reclaim data using secret decryptor</a></p></div></div><p>When the victim uses the machine to buy virtual currency, it asks them to scan a QR code representing a destination address for the funds. The machine offers to print out a paper wallet - a QR code the victim can scan and use to store their withdrawn cryptocurrency.</p><p>However, the scammers generate a QR code representing a cryptocurrency address in their own wallet and give this to the victim to scan instead. </p><p>"Often the scammer is in constant online communication with the victim and provides step-by-step instructions until the payment is completed," the announcement said. </p><p>The approach works for any <a href="https://www.itpro.com/security/cyber-attacks/361152/justice-department-unveils-civil-cyber-fraud-initiative-to-battle" data-original-url="https://www.itpro.com/security/cyber-attacks/361152/justice-department-unveils-civil-cyber-fraud-initiative-to-battle">online scam</a> requiring payments between victims and gives the scammer three advantages. </p><p>First, it's relatively frictionless compared with older methods, such as sending money via Western Union or obtaining gift cards. </p><p>Second, scammers can receive the payments anonymously anywhere in the world. </p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="NeFDhiupASoeoyipbhF9uf" name="NeFDhiupASoeoyipbhF9uf.jpg" caption="" alt="" src="https://cdn.mos.cms.futurecdn.net/NeFDhiupASoeoyipbhF9uf.jpg" mos="https://cdn.mos.cms.futurecdn.net/NeFDhiupASoeoyipbhF9uf.jpg" link="" align="" fullscreen="" width="0" height="0" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div></figure><p class="fancy-box__body-text"><strong>The state of brand protection 2021</strong></p><p class="fancy-box__body-text">A new front opens up in the war for brand safety</p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-security/360246/the-state-of-brand-protection-2021" data-original-url="/security/cyber-security/360246/the-state-of-brand-protection-2021">FREE DOWNLOAD</a></p></div></div><p>Finally, the payments are irreversible. "Once a victim makes the payment, the recipient instantly owns the cryptocurrency, and often immediately transfers the funds into an account overseas," said the Bureau. "This differs from traditional bank transfers or wires where a payment transaction can remain pending for one to two days before settlement." </p><p>The FBI said criminals use this approach in scams, including online impersonation, in which they pretend to be an institution demanding payment. They also use it for romance schemes, where they build a personal relationship with the victim and ask them to send money. </p><p>Another common attack is lottery fraud, where victims believe they won a lottery prize and send fraudulent administrative fees to the scammer in a bid to retrieve their fake prize. </p><p>The <a href="https://www.itpro.com/it-regulation/34479/what-is-the-federal-trade-commission-ftc" data-original-url="https://www.itpro.com/it-regulation/34479/what-is-the-federal-trade-commission-ftc">Federal Trade Commission (FTC)</a> warned earlier this year of an <a href="https://www.itpro.com/technology/cryptocurrencies/359593/ftc-sees-cryptocurrency-fraud-soar-in-the-last-six-months" data-original-url="https://www.itpro.com/technology/cryptocurrencies/359593/ftc-sees-cryptocurrency-fraud-soar-in-the-last-six-months">uptick in cryptocurrency fraud</a>, with losses almost tripling in the fourth quarter last year. </p><p>The FBI's <a href="https://www.ic3.gov/Media/PDF/AnnualReport/2020_IC3Report.pdf">2020 Internet Crime Report</a> tracked $246.2 million in fraudulent virtual currency payments last year. That was an increase of 54.5% from $159.2 million in 2019.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Hackers fake DocuSign and offer fraudulent signing methods ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/software/document-management-systems-dms/361240/hackers-fake-docusign-and-offer-fraudulent-signing</link>
                                                                            <description>
                            <![CDATA[ Criminals impersonate the e-signing company to steal credentials ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">g27y1489W7vAXtWP7txgAR</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/BwJjavbd8ximbevS7Pyxs7-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 14 Oct 2021 14:46:19 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Phishing]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Rene Millman ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/vwWuTPNRCuw9vEaWzuXYnR.png ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/BwJjavbd8ximbevS7Pyxs7-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[A magnifying glass focusing on the DocuSign logo as seen on its website]]></media:description>                                                            <media:text><![CDATA[A magnifying glass focusing on the DocuSign logo as seen on its website]]></media:text>
                                <media:title type="plain"><![CDATA[A magnifying glass focusing on the DocuSign logo as seen on its website]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/BwJjavbd8ximbevS7Pyxs7-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p><a href="https://www.itpro.com/security" data-original-url="https://www.itpro.com/security">Security</a> researchers have revealed criminals’ new tactics to impersonate major brands to steal and harvest victims’ credentials.</p><p><a href="https://www.avanan.com/blog/how-impersonation-attacks-fool-users">Researchers at Avanan, a Check Point company, said</a> hackers impersonate major brands to perform <a href="https://www.itpro.com/security/29093/what-is-phishing" data-original-url="https://www.itpro.com/security/29093/what-is-phishing">phishing</a> attempts. One frequently seen attempt mimics legit communications from DocuSign.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/business-strategy/mergers-and-acquisitions/359710/docusign-acquires-smart-agreements-startup-clause" data-original-url="/business-strategy/mergers-and-acquisitions/359710/docusign-acquires-smart-agreements-startup-clause">DocuSign acquires ‘smart agreements’ startup Clause</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/business-operations/business-management/358151/docusigns-new-service-leverages-text-messages-to-get" data-original-url="/business-operations/business-management/358151/docusigns-new-service-leverages-text-messages-to-get">DocuSign’s new service leverages text messages to get signatures</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/marketing-comms/customer-relationship-management-crm/357760/integrating-docusign-for-a-seamless" data-original-url="/marketing-comms/customer-relationship-management-crm/357760/integrating-docusign-for-a-seamless">Integrating DocuSign for a seamless digital experience</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/marketing-comms/communications/357328/slack-and-docusign-integration-eases-document-signing-and" data-original-url="/marketing-comms/communications/357328/slack-and-docusign-integration-eases-document-signing-and">Slack and DocuSign integration eases document signing and sharing</a></p></div></div><p>When DocuSign sends an <a href="https://www.itpro.com/tag/email-clients" data-original-url="https://www.itpro.com/tags/email-clients">email</a>, it offers recipients an “Alternative Signing Method.” DocuSign prompts the recipient to visit https://www.docusign.com and enter a security code the company generates. This site then offers users more than one option to access and electronically sign their documents.</p><p>In a recent campaign researchers are following, hackers send an email that impersonates DocuSign from a <a href="http://docusign.net">docusign.net</a> address that appears to be on behalf of an administrator. In this email, the attackers request the user view and sign a document and offer an alternative signing method. </p><p>The link to the alternative method leads users to a fake website where they must enter their password. Hackers then steal the email address and password as part of a credential harvesting campaign.</p><p>Researchers revealed other commonly impersonated brands, which tend to be trusted and popular ones. The top three most impersonated brands are Microsoft, which is related to 45% of all brand phishing attempts globally, DHL (26%), and Amazon (11%).</p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="NeFDhiupASoeoyipbhF9uf" name="NeFDhiupASoeoyipbhF9uf.jpg" caption="" alt="" src="https://cdn.mos.cms.futurecdn.net/NeFDhiupASoeoyipbhF9uf.jpg" mos="https://cdn.mos.cms.futurecdn.net/NeFDhiupASoeoyipbhF9uf.jpg" link="" align="" fullscreen="" width="0" height="0" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div></figure><p class="fancy-box__body-text"><strong>The state of brand protection 2021</strong></p><p class="fancy-box__body-text">A new front opens up in the war for brand safety</p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-security/360246/the-state-of-brand-protection-2021" data-original-url="/security/cyber-security/360246/the-state-of-brand-protection-2021">FREE DOWNLOAD</a></p></div></div><p>Other research carried out by the company found that 51.9% of all impersonation emails attempted to impersonate a non-executive in the organization. Non-executives are targeted 77% more often than other members of an organization.</p><p>“There are a few reasons behind this. One, security admins might be spending a lot of time providing extra attention to the C-Suite and hackers have adjusted. Two, non-executives still hold sensitive information and have access to financial data. There is no need to go all the way up the food chain,” said Jeremy Fuchs, content manager at Avanan.</p><p>Fraudulent digital signature use has led some companies to increase security surrounding e-signatures. For example, <a href="https://www.itpro.com/security/360594/esign-genie-adds-fraud-detection-to-its-digital-signature-software" data-original-url="https://www.itpro.com/security/360594/esign-genie-adds-fraud-detection-to-its-digital-signature-software">ESign Genie announced</a> its digital signature platform would support knowledge-based authentication by adding an extra layer of security through authenticating document recipients’ identities before issuing viewing or editing rights. Esign Genie’s feature improves the security of sensitive, private, or protected documents by mandating a Social Security number.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Account takeovers rise nearly threefold during pandemic  ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/cyber-attacks/361074/account-takeovers-rise-nearly-threefold-during-pandemic</link>
                                                                            <description>
                            <![CDATA[ Financial services hit hardest by account hijackers, says Sift report ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">sNhpXzLVbpVh4uMBMDBQyn</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/qKxoxbyQZKxzzWvaKgTb8S-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 30 Sep 2021 14:47:16 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Attacks]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Danny Bradbury ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/qKxoxbyQZKxzzWvaKgTb8S-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[&amp;quot;Fraud Alert&amp;quot; on a computer screen]]></media:description>                                                            <media:text><![CDATA[&amp;quot;Fraud Alert&amp;quot; on a computer screen]]></media:text>
                                <media:title type="plain"><![CDATA[&amp;quot;Fraud Alert&amp;quot; on a computer screen]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/qKxoxbyQZKxzzWvaKgTb8S-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Account takeover fraud has soared during the pandemic, according to a report released today by anti-fraud company Sift. </p><p>Sift’s <a href="https://resources.sift.com/ebook/q3-2021-digital-trust-safety-index-battling-new-breed-account-takeover">Q3 2021 Digital Trust & Safety Index</a> claims account takeovers increased threefold between Q2 2019 and Q2 2021. It now represents 39% of all fraud the company blocks. </p><p>Most of this increase happened during the pandemic, with attacks rising approximately 2.8 times in the past year alone. The rise is ongoing, the report said, having failed to revert to pre-pandemic levels. </p><p>Financial services were the hardest hit, with <a href="https://www.itpro.com/security/internet-security/359469/security-awareness-training-strategies-for-account-takeover" data-original-url="https://www.itpro.com/security/internet-security/359469/security-awareness-training-strategies-for-account-takeover">account takeovers</a> increasing 850% between Q2 2020 and Q2 2021. However, most of these attacks focused on cryptocurrency wallets and accounts, which are a <a href="https://www.itpro.com/technology/cryptocurrencies/359959/cryptocurrency-crimes-increased-12-fold-since-2016-foi-finds" data-original-url="https://www.itpro.com/technology/cryptocurrencies/359959/cryptocurrency-crimes-increased-12-fold-since-2016-foi-finds">well-known target for scammers</a>. </p><p>Criminals don't always do anything immediately obvious to stolen accounts, such as changing passwords. Instead, they test the account credentials on other services — an attack known as credential stuffing — to see if they can access the victim's other accounts too. </p><p>Hackers will also mine the accounts for credit card information, personal information, and password hints. This is perhaps why there are so many repeat victims, as half of them have had accounts hijacked multiple times. </p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="Ufma8ctzWCAf8nxVLiPaxX" name="Ufma8ctzWCAf8nxVLiPaxX.png" caption="" alt="" src="https://cdn.mos.cms.futurecdn.net/Ufma8ctzWCAf8nxVLiPaxX.png" mos="https://cdn.mos.cms.futurecdn.net/Ufma8ctzWCAf8nxVLiPaxX.png" link="" align="" fullscreen="" width="0" height="0" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div></figure><p class="fancy-box__body-text"><strong>Transforming specialty retail with AI</strong></p><p class="fancy-box__body-text">Future proof your retail business with AI</p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/business-strategy/digital-transformation/361025/transforming-specialty-retail-with-ai" data-original-url="/business-strategy/digital-transformation/361025/transforming-specialty-retail-with-ai">FREE DOWNLOAD</a></p></div></div><p>Sift found that thieves stole money directly from 45% of victims, and 42% of account takeovers resulted in unauthorized purchases with a stored credit card. A quarter of victims lost loyalty and rewards points, and one in five were unsure of the total impact of the account takeover attack. </p><p>Automation is becoming a bigger factor in account takeover fraud, Sift warned. Attackers use bots to attempt credential stuffing attacks using large lists of login credentials purchased on the dark web. </p><p>They often use lists of servers that attempt to log in from different IP addresses to make their activities less suspicious. Sift correlates the addresses and servers to form clusters of known bad addresses. The number of IP addresses in the largest known IP cluster grew 50-fold between Q1 and Q2 2021, thanks to an automated account takeover fraud group called Proxy Phantom. </p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Cyber criminals leak one million credit cards on the dark web ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/cyber-crime/360534/cyber-criminals-leak-one-million-credit-cards-on-the-dark-web</link>
                                                                            <description>
                            <![CDATA[ Among the stolen hoard are customer details from US and Canadian banks ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">vCqaAucSmK2bWiTuw8D9Dr</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/G6HXtgrMFBePhZHkXbhXQH-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 10 Aug 2021 13:32:18 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Hacking]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Rene Millman ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/vwWuTPNRCuw9vEaWzuXYnR.png ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/G6HXtgrMFBePhZHkXbhXQH-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Hand holding an assortment of credit cards]]></media:description>                                                            <media:text><![CDATA[Hand holding an assortment of credit cards]]></media:text>
                                <media:title type="plain"><![CDATA[Hand holding an assortment of credit cards]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/G6HXtgrMFBePhZHkXbhXQH-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Hackers have given away the details of over a million stolen credit cards in a bid to promote a new cyber criminal carding marketplace on the dark web.</p><p>The cards were stolen between 2018 and 2019 and have appeared on a stolen card market called AllWord.Cards.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/data-breaches/32393/attackers-steal-credit-card-details-in-vision-direct-data-breach" data-original-url="/data-breaches/32393/attackers-steal-credit-card-details-in-vision-direct-data-breach">Attackers steal credit card details in Vision Direct data breach</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/network-internet/web-browser/354317/hundreds-of-counterfeit-shoe-sites-hit-by-magecart-credit-card" data-original-url="/network-internet/web-browser/354317/hundreds-of-counterfeit-shoe-sites-hit-by-magecart-credit-card">Hundreds of counterfeit shoe sites hit by Magecart credit card scam</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/cyber-attacks/31949/newegg-users-credit-card-info-breached-in-month-long-data-hack" data-original-url="/cyber-attacks/31949/newegg-users-credit-card-info-breached-in-month-long-data-hack">Newegg users’ credit card info breached in month-long data hack</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/29583/whole-foods-is-hacked-exposing-credit-card-details" data-original-url="/security/29583/whole-foods-is-hacked-exposing-credit-card-details">Whole Foods is hacked, exposing credit card details</a></p></div></div><p><a href="https://blog.cyble.com/2021/08/08/one-million-credits-cards-leaked-in-a-cybercrime-forum-for-free">According to researchers at Cyble</a>, the hackers unleashed these details to promote their cyber crime marketplace and over 20% of the credit cards are still valid. The marketplace has been around since May 2021 and is available on a Tor channel too.</p><p>The leaked details contain credit card numbers, expiry dates, CVV numbers, names, addresses, zip codes, email addresses, and phone details.</p><p>The leak affects up to 500 banks, including JP Morgan and Toronto-Dominion Bank (TD Bank). Around 83,433 of the cards were from the US.</p><p>The leak has also been analyzed by Italian <a href="https://www.itpro.com/security/28133/what-is-cyber-security" data-original-url="https://www.itpro.com/security/28133/what-is-cyber-security">cyber security</a> company D3 Lab. It found that over 50% of the cards were still valid.</p><p>“At present, the feedback returned to our analysis team is still limited, but they are showing an incidence close to 50% of cards still operational, not yet identified as compromised,” <a href="https://www.d3lab.net/un-milione-di-carte-di-credito-condivise-nel-deep-web">researchers said</a>.</p><p>“The cards marketed on carding sites usually have different origins: skimmers at petrol stations or in supermarket Point of Sale, cards from phishing, from databases of compromised sites, etc.”</p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="4BCvbZowg9SJqNeQxYKsxk" name="4BCvbZowg9SJqNeQxYKsxk.jpg" caption="" alt="" src="https://cdn.mos.cms.futurecdn.net/4BCvbZowg9SJqNeQxYKsxk.jpg" mos="https://cdn.mos.cms.futurecdn.net/4BCvbZowg9SJqNeQxYKsxk.jpg" link="" align="" fullscreen="" width="0" height="0" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div></figure><p class="fancy-box__body-text"><strong>2021 IBM Security X-Force Insider Threat Report</strong></p><p class="fancy-box__body-text">Top discovery methods and recommendations for insider attacks</p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-security/360176/2021-ibm-security-x-force-insider-threat-report" data-original-url="/security/cyber-security/360176/2021-ibm-security-x-force-insider-threat-report">FREE DOWNLOAD</a></p></div></div><p>D3 Lab researchers said the All World Cards curators began advertising their services on carding sites in early June.</p><p>“It is conceivable that the data was shared for free to entice other criminal actors to frequent their website by purchasing additional stolen data from unsuspecting victims,” said researchers.</p><p>Javvad Malik, security awareness advocate at KnowBe4, told <em>ITPro</em> that as these were stolen some years ago, it can be difficult to determine where they came from and if they were from a single source or multiple sources. </p><p>“It goes to show that even if a breach isn't apparent or noticed, criminals can take advantage of lax security controls many years after the fact. So all organizations should remain vigilant at all times,” he said.</p><p>“The good news is that banking has tried and tested controls in place to deal with stolen credit cards and fraudulent transactions. Consumers should always check their bank statements carefully and ensure that there are no unknown transactions and contact their bank as soon as possible if there is any suspicious activity to get the card blocked and a new one issued."</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ SentiLink raises $70 million for its identity verification platform ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/identity-theft/360488/sentilink-raises-70-million-for-its-identity-verification-platform</link>
                                                                            <description>
                            <![CDATA[ SentiLink’s ID Theft Score helps businesses combat synthetic fraud ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">bYvZrPQGsff3asCugWDz3i</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/Xa8grchEzV9sYX23atEPEW-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 05 Aug 2021 15:05:37 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Praharsha Anand ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/Xa8grchEzV9sYX23atEPEW-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Man entering fake ID information onto a computer]]></media:description>                                                            <media:text><![CDATA[Man entering fake ID information onto a computer]]></media:text>
                                <media:title type="plain"><![CDATA[Man entering fake ID information onto a computer]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/Xa8grchEzV9sYX23atEPEW-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Identity verification startup SentiLink has secured $70 million in a funding round led by Craft Ventures, bringing its valuation to $85 million.</p><p>The Series B funding round also saw participation from Felicis Ventures, Andreessen Horowitz, and NYCA. Per reports, Victoria Treyger and David Sacks from Felicis will serve as observers on SentiLink's board. </p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/identity-and-access-management-iam/359603/acuant-and-airside-target-pre-covid-normalcy" data-original-url="/security/identity-and-access-management-iam/359603/acuant-and-airside-target-pre-covid-normalcy">Acuant and Airside target pre-COVID normalcy with new identity verification solution</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/business-strategy/mergers-and-acquisitions/359416/acuant-acquires-identity-verification-provider" data-original-url="/business-strategy/mergers-and-acquisitions/359416/acuant-acquires-identity-verification-provider">Acuant acquires identity verification provider Hello Soda</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/identity-and-access-management-iam/358838/five-critical-questions-to-ask-your-identity" data-original-url="/security/identity-and-access-management-iam/358838/five-critical-questions-to-ask-your-identity">Five critical questions to ask your identity provider</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/358623/sontiqs-intelligent-identity-security-platform-will-combat-online-fraud" data-original-url="/security/358623/sontiqs-intelligent-identity-security-platform-will-combat-online-fraud">Sontiq's Intelligent Identity Security platform will combat online fraud</a></p></div></div><p>SentiLink will use the funds to combat identity fraud in the US by expanding its product line and workforce.</p><p>“SentiLink’s growth trajectory is one of the fastest I've ever seen and their traction with companies from new startups to major US banks is impressive,” said David Sacks, co-founder and general partner at Craft Ventures. </p><p>“All of this stems from the team’s deep understanding of fraud and identity. I learned about fraud attacks I didn't even think were possible from talking with Naftali and Max. We're excited to lead SentiLink's Series B and to support them as they transform how identity verification works in the US.”</p><p>SentiLink integrates disparate data sources to identify synthetic identities with unparalleled accuracy. Its ID Complete module matches the Social Security number (SSN) data across US identities to fill in incomplete or missing data. Synthetic Fraud and ID Theft Scores indicate the likelihood of application fraud. </p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="wpisCxWXSAxa5ebmXGsbRE" name="wpisCxWXSAxa5ebmXGsbRE.jpg" caption="" alt="" src="https://cdn.mos.cms.futurecdn.net/wpisCxWXSAxa5ebmXGsbRE.jpg" mos="https://cdn.mos.cms.futurecdn.net/wpisCxWXSAxa5ebmXGsbRE.jpg" link="" align="" fullscreen="" width="0" height="0" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div></figure><p class="fancy-box__body-text"><strong>Preparing for AI-enabled cyber attacks</strong></p><p class="fancy-box__body-text">MIT technology review insights</p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/technology/artificial-intelligence-ai/360324/preparing-for-ai-enabled-cyber-attacks" data-original-url="/technology/artificial-intelligence-ai/360324/preparing-for-ai-enabled-cyber-attacks">FREE DOWNLOAD</a></p></div></div><p>What’s more, SentiLink’s Risk Operations team continuously monitors synthetic identities to develop consistent and accurate fraud labels.</p><p>“SentiLink is reinventing identity verification in the US. Despite businesses spending large amounts of time and money trying to figure out if people are who they say they are, identity fraud is rampant and real customers suffer from false positives and unnecessary friction,” said Naftali Harris, co-founder and <a href="https://www.itpro.com/strategy/28224/ceo-job-description-what-does-a-ceo-do" data-original-url="https://www.itpro.com/strategy/28224/ceo-job-description-what-does-a-ceo-do">CEO</a> of SentiLink. </p><p>Commenting on prerequisites, SentiLink said its real-time fraud detection solutions only require name, address, DOB, SSN, email, and phone number for assessing identity fraud.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Content fraud levels continue to rise in 2021 ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/360049/content-fraud-levels-continue-to-rise-in-q1</link>
                                                                            <description>
                            <![CDATA[ The pandemic has ushered in a new level of scams and misinformation ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">uGgFm7tENvC2DLNLbGr1pf</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/qKxoxbyQZKxzzWvaKgTb8S-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 29 Jun 2021 18:10:46 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Danny Bradbury ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/qKxoxbyQZKxzzWvaKgTb8S-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[&amp;quot;Fraud Alert&amp;quot; on a computer screen]]></media:description>                                                            <media:text><![CDATA[&amp;quot;Fraud Alert&amp;quot; on a computer screen]]></media:text>
                                <media:title type="plain"><![CDATA[&amp;quot;Fraud Alert&amp;quot; on a computer screen]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/qKxoxbyQZKxzzWvaKgTb8S-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Content fraud levels that spiked at the start of the COVID-19 pandemic aren't dropping off as the world recovers. In fact, they're getting worse, <a href="https://resources.sift.com/ebook/q2-2021-digital-trust-safety-index-spam-scams-fraud-economy">according to a report</a> released today by fraud prevention company Sift. </p><p>The company analyzed content that it blocked on over 34,000 websites, including forums, marketplaces, and social media channels. It found that while fraudulent content spiked by 77% in Q1 last year, just as the pandemic took hold, it did not revert this quarter. Year-on-year figures for Q1 2021 show the average rate of fraudulent content it blocked rose another 18%. </p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/technology/cryptocurrencies/359593/ftc-sees-cryptocurrency-fraud-soar-in-the-last-six-months" data-original-url="/technology/cryptocurrencies/359593/ftc-sees-cryptocurrency-fraud-soar-in-the-last-six-months">FTC warns of rising cryptocurrency fraud</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-security/359475/prevent-fraud-and-phishing-attacks-with-dmarc" data-original-url="/security/cyber-security/359475/prevent-fraud-and-phishing-attacks-with-dmarc">Prevent fraud and phishing attacks with DMARC</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/359337/e-commerce-fraud-to-surpass-20-billion-this-year" data-original-url="/security/359337/e-commerce-fraud-to-surpass-20-billion-this-year">E-commerce fraud to surpass $20 billion this year</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-crime/359013/fintech-startup-raises-200-million-to-fight-digital-banking-fraud" data-original-url="/security/cyber-crime/359013/fintech-startup-raises-200-million-to-fight-digital-banking-fraud">Fintech startup raises $200 million to fight digital banking fraud</a></p></div></div><p>The continuing rise in online fraud stems in part from changing commerce patterns as transactions move online, the company said in its report. This has accelerated as retailers and other businesses find ways to survive during the pandemic. </p><p>Sift, which also polled adults nationwide in May, found that 59.4% of blocked posts attempted to scam users, while 22.2% were marked “irrelevant.” Almost one in five (18.3%) posts were labeled toxic, meaning they harassed other users and often contained hate speech. </p><p>User-generated content has become a go-to method for defrauding consumers, the company warned, as criminals use various online channels to post scam content. The fraud ranges from romance and employment scams to fake marketplace listings and artificially boosted reviews. </p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="ZfHmNsBsJgaYTE7zQPB4WS" name="ZfHmNsBsJgaYTE7zQPB4WS.jpg" caption="" alt="" src="https://cdn.mos.cms.futurecdn.net/ZfHmNsBsJgaYTE7zQPB4WS.jpg" mos="https://cdn.mos.cms.futurecdn.net/ZfHmNsBsJgaYTE7zQPB4WS.jpg" link="" align="" fullscreen="" width="0" height="0" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div></figure><p class="fancy-box__body-text"><strong>Empowering the dynamic worker</strong></p><p class="fancy-box__body-text">How CIOs and IT teams can support a distributed workforce</p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/business-strategy/flexible-working/359989/empowering-the-dynamic-worker" data-original-url="/business-strategy/flexible-working/359989/empowering-the-dynamic-worker">FREE DOWNLOAD</a></p></div></div><p>Social media channels were the most popular avenue for content fraud, as 61% of respondents ranked it highly. Next came online classifieds at 28%, dating sites at 24%, marketplaces at 21%, and crowdfunding sites at 15%. These figures also include misinformation, such as anti-vaccination conspiracy theories. </p><p>Over a quarter of respondents said they have run across fraudulent content at least weekly. The types of fraudulent content encountered most frequently were spam and scam at around 50% each. <a href="https://www.itpro.com/business/policy-legislation/359045/congressional-leaders-grill-tech-ceos-over-misinformation" data-original-url="https://www.itpro.com/business/policy-legislation/359045/congressional-leaders-grill-tech-ceos-over-misinformation">Misinformation</a> was a close third at 43%. </p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ What is DMARC and how can it improve your email security? ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/phishing/359702/what-is-dmarc-and-how-can-it-improve-your-email-security</link>
                                                                            <description>
                            <![CDATA[ Protect your customers and brand rep with this email authentication protocol for domain spoofing ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">w9zh9iSHMmiaE2bPkdno8K</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/LaMvqLmzZVNuQCbVf6R4C9-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 28 May 2021 07:15:13 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Phishing]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Gabriella Buckner ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/LaMvqLmzZVNuQCbVf6R4C9-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Person at laptop with a coffee with animations of envelopes on the background ]]></media:description>                                                            <media:text><![CDATA[Person at laptop with a coffee with animations of envelopes on the background ]]></media:text>
                                <media:title type="plain"><![CDATA[Person at laptop with a coffee with animations of envelopes on the background ]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/LaMvqLmzZVNuQCbVf6R4C9-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>The threat landscape is constantly evolving, with hackers finding new and ingenious ways to attack businesses. One constant, however, is the prevalence of <a href="https://www.itpro.com/security/phishing/358767/high-risk-email-security-threats-increased-by-32-last-year" data-original-url="https://www.itpro.com/security/phishing/358767/high-risk-email-security-threats-increased-by-32-last-year">email as an attack vector</a>, ever since its rise in popularity in the 1990s.</p><p>The wide usage of email has made it a ripe target for hackers, and today, <a href="https://www.dmarcanalyzer.com/dmarc">95%</a> of all hacking attacks and data breaches involve email. Domain spoofing, in which an attacker pretends to send an email from a legitimate domain, is a tactic often used in <a href="https://www.itpro.com/security/29093/what-is-phishing" data-original-url="https://www.itpro.com/security/29093/what-is-phishing">phishing</a> - which accounts for <a href="https://www.idagent.com/blog/10-alarming-facts-about-phishing-you-need-to-see">80% of cyber attacks</a>.</p><p>With email a vital form of communication not only between and within organisations, but with consumers in our digital age, we explain how you can defend your organisation against domain spoofing and the benefits you'll see from doing so.</p><h3 class="article-body__section" id="section-what-is-dmarc"><span>What is DMARC? </span></h3><p>DMARC – which stands for domain-based message authentication, reporting, and conformance – is an email authentication protocol that helps protect against spoofing activity.</p><p>Through DMARC, domain owners can monitor what emails are sent using their domain and receivers have a clear way of reporting illegitimate emails.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/network-internet/email-providers/358887/the-most-secure-email-services" data-original-url="/network-internet/email-providers/358887/the-most-secure-email-services">The most secure email services of 2023</a></p></div></div><p>The domain owners confirm their messages are protected by two existing authentication techniques, SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail). On the receiving end, emails that don't use SPF and DKIM are rejected or put in the junk or spam folders.</p><p>An organisation's DMARC record is published alongside its <a href="https://www.itpro.com/domain-name-system-dns/30228/what-is-dns" data-original-url="https://www.itpro.com/domain-name-system-dns/30228/what-is-dns">DNS</a> records. These records help the organisation see who is sending emails through their domain and make it easier for internet service providers to perform a DMARC check and stop malicious messages.</p><h3 class="article-body__section" id="section-growth-of-dmarc"><span>Growth of DMARC</span></h3><p>The DMARC guidelines were first published by PayPal, Google, Microsoft, and Yahoo! In 2012.</p><p>Security experts in the financial industry were the first to adopt DMARC more widely, and since then it has grown in popularity. A <a href="https://www.valimail.com/blog/major-milestone-1-million-dmarc-records">report from Valimail</a> showed that the number of domains using DMARC rose from 125,000 in January 2017 to almost a million in January 2020.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-security/354601/email-archiving-systems-the-forgotten-element-of-cyber-security" data-original-url="/security/cyber-security/354601/email-archiving-systems-the-forgotten-element-of-cyber-security">Email archiving systems: The forgotten element of cyber security</a></p></div></div><p>Currently, the protocol is awaiting approval by the <a href="https://www.ietf.org">Internet Engineering Task Force</a> to become an open standard in the US, and is included in the <a href="https://www.gov.uk/guidance/set-up-government-email-services-securely">UK government's official guidance</a> for secure email setup.</p><h3 class="article-body__section" id="section-pros-and-cons-of-dmarc"><span>Pros and cons of DMARC</span></h3><p>DMARC is a powerful tool that improves the deliverability of a business' emails. Without it, your domain is <a href="https://www.prnewswire.com/news-releases/valimail-report-reveals-3-billion-spoofed-emails-are-sent-every-day-301251164.html">4.75 times</a> more likely to be a <a href="https://www.itpro.com/network-internet/email-delivery/358981/3-billion-emails-sent-in-2020-showed-signs-of-sender-fraud" data-original-url="https://www.itpro.com/network-internet/email-delivery/358981/3-billion-emails-sent-in-2020-showed-signs-of-sender-fraud">spoofing target</a>.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/scams/355013/10-quick-tips-for-identifying-phishing-emails" data-original-url="/security/scams/355013/10-quick-tips-for-identifying-phishing-emails">10 quick tips for identifying phishing emails</a></p></div></div><p>SPF and DKIM are more siloed methods of domain authentication, which DMARC is meant to address, combining the use of these methods and adding a reporting function.</p><p>DMARC is beneficial at a small scale, improving your reputation and increasing your visibility into your email programme, but it also benefits the wider email community by setting a consistent standard that increases the overall trustworthiness of email communications.</p><p>However, DMARC is slightly limited in what it can do. It only protects against direct domain spoofing, in which someone is saying they are sending from a legitimate domain, rather than 'cousin' domain attacks that originate from domains that are, say, only one letter off from a legitimate domain.</p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="TgYwXSHV6efgCB2UrGXGXc" name="TgYwXSHV6efgCB2UrGXGXc.png" caption="" alt="" src="https://cdn.mos.cms.futurecdn.net/TgYwXSHV6efgCB2UrGXGXc.png" mos="https://cdn.mos.cms.futurecdn.net/TgYwXSHV6efgCB2UrGXGXc.png" link="" align="" fullscreen="" width="0" height="0" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div></figure><p class="fancy-box__body-text"><strong>Prevent fraud and phishing attacks with DMARC</strong></p><p class="fancy-box__body-text">How to use domain-based message authentication, reporting, and conformance for email security</p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-security/359475/prevent-fraud-and-phishing-attacks-with-dmarc" data-original-url="/security/cyber-security/359475/prevent-fraud-and-phishing-attacks-with-dmarc">FREE DOWNLOAD</a></p></div></div><p>In addition, DMARC only really offers protection against impersonation when it's combined with an enforcement policy. When purely used for visibility, it gives an organisation great insights but doesn't do anything to stop impersonators. Through enforcement, you can set policies to deal with unauthorised emails that stop them before they are even sent out.</p><p>With <a href="https://www.prnewswire.com/news-releases/valimail-report-reveals-3-billion-spoofed-emails-are-sent-every-day-301251164.html">three billion messages per day</a> still including a spoof of the sender's identity, DMARC is by no means a conclusive solution to email attacks, but it is still an important tool that all organisations can easily enact to protect themselves, their customers and partners, and their reputation as a trustworthy, safe business.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ FTC warns of rising cryptocurrency fraud ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/technology/cryptocurrencies/359593/ftc-sees-cryptocurrency-fraud-soar-in-the-last-six-months</link>
                                                                            <description>
                            <![CDATA[ Marked rise in cryptocurrency losses began just as pandemic took hold ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">c6FqeQZoTt9oasq6jxJDEa</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/i6QApFt7msc72CttVLArpB-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 18 May 2021 19:44:47 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Danny Bradbury ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/i6QApFt7msc72CttVLArpB-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[An image of cryptocurrency stock markets on a screen]]></media:description>                                                            <media:text><![CDATA[An image of cryptocurrency stock markets on a screen]]></media:text>
                                <media:title type="plain"><![CDATA[An image of cryptocurrency stock markets on a screen]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/i6QApFt7msc72CttVLArpB-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Cryptocurrency scams have escalated dramatically in the last six months, according to a Federal Trade Commission (FTC) report. </p><p>The FTC's <a href="https://www.ftc.gov/news-events/blogs/data-spotlight/2021/05/cryptocurrency-buzz-drives-record-investment-scam-losses">Cryptocurrency Spotlight</a> report, published Monday, warned that losses to cryptocurrency scams have soared in recent months, almost tripling in Q4 to nearly $30 million. Losses topped $50 million in the first quarter of 2021, the FTC found, with the median loss reaching $1,900 - a 1,000% increase compared to 2020. </p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/technology/cryptocurrencies/359552/worlds-biggest-crypto-exchange-under-federal-investigation" data-original-url="/technology/cryptocurrencies/359552/worlds-biggest-crypto-exchange-under-federal-investigation">World’s biggest crypto exchange under federal investigation</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/technology/cryptocurrencies/359380/government-and-industry-look-to-cryptocurrency-regulation-to" data-original-url="/technology/cryptocurrencies/359380/government-and-industry-look-to-cryptocurrency-regulation-to">Government and industry look to cryptocurrency regulation to slow ransomware</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-security/359340/microsoft-and-intel-team-up-to-defend-against-cryptojacking" data-original-url="/security/cyber-security/359340/microsoft-and-intel-team-up-to-defend-against-cryptojacking">Microsoft and Intel join forces to defend against cryptojacking</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/technology/cryptocurrencies/359242/hackboss-malware-is-using-telegram-to-steal-cryptocurrency-from" data-original-url="/technology/cryptocurrencies/359242/hackboss-malware-is-using-telegram-to-steal-cryptocurrency-from">HackBoss malware is using Telegram to steal cryptocurrency from other hackers</a></p></div></div><p>Losses are unevenly distributed, with consumers aged between 20 and 49 five times more likely to report losing money to a cryptocurrency investment scam. Those between 20 and 30 were especially vulnerable, the report said. Conversely, consumers aged 50 and up were less likely to lose money to cryptocurrency crooks, but when they did, the median loss was higher, at $3,250.</p><p>Fraud masquerading as investment tips is a common way to reel in victims, warned the FTC. Many of these investment tips are Ponzi schemes that rely on 'investors' bringing in more people, creating long referral chains.</p><p>Another reason for the rise in cryptocurrency-related losses is that other scammers use the electronic payment method as an easy way to fleece victims. </p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="TgYwXSHV6efgCB2UrGXGXc" name="TgYwXSHV6efgCB2UrGXGXc.png" caption="" alt="" src="https://cdn.mos.cms.futurecdn.net/TgYwXSHV6efgCB2UrGXGXc.png" mos="https://cdn.mos.cms.futurecdn.net/TgYwXSHV6efgCB2UrGXGXc.png" link="" align="" fullscreen="" width="0" height="0" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div></figure><p class="fancy-box__body-text"><strong>Prevent fraud and phishing attacks with DMARC</strong></p><p class="fancy-box__body-text">How to use domain-based message authentication, reporting, and conformance for email security</p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-security/359475/prevent-fraud-and-phishing-attacks-with-dmarc" data-original-url="/security/cyber-security/359475/prevent-fraud-and-phishing-attacks-with-dmarc">FREE DOWNLOAD</a></p></div></div><p>For example, in the past, romance scammers have relied on more conventional forms of payment from their victims. Romance scam perpetrators often ask for money from the victim to pay for a supposed visit. In the last six months, however, 20% of the money lost to romance scammers was sent in cryptocurrency, with many of the victims reporting they thought they were investing in something on the scammer's recommendation.</p><p>Other crypto investment scams include “giveaway” fraud. The scammer impersonates a famous figure <a href="https://www.itpro.com/security/data-breaches/356472/twitter-targeted-by-social-engineering-attack-as-hackers-launch" data-original-url="https://www.itpro.com/security/data-breaches/356472/twitter-targeted-by-social-engineering-attack-as-hackers-launch">or takes over their account directly</a> and makes a social media post inviting victims to send cryptocurrency with the promise of more in return.</p><p>According to the FTC, scammers impersonated Elon Musk, who advocated for <a href="https://www.itpro.com/strategy/28296/what-is-bitcoin" data-original-url="https://www.itpro.com/strategy/28296/what-is-bitcoin">Bitcoin</a> but subsequently <a href="https://www.itpro.com/technology/cryptocurrencies/359518/tesla-no-longer-accepts-bitcoin" data-original-url="https://www.itpro.com/technology/cryptocurrencies/359518/tesla-no-longer-accepts-bitcoin">stopped accepting payments</a> for Tesla vehicles amid energy consumption concerns. The FTC said that scammers impersonated him to steal $2 million from victims in the past six months.</p><p>Impersonating others is a common way to steal cryptocurrency, with 14% of imposter scam victims reporting they used cryptocurrency as their form of payment. Scammers have posted as cryptocurrency exchange Coinbase, which became the first cryptocurrency exchange to go public in mid-April.</p><p>Although the FTC focuses on the rise in cryptocurrency losses over the last six months, it's worth noting that losses also rose substantially in Q3 2020, when they more than doubled from the $5 million lost in Q2. This aligns with the onset of the pandemic, which attracted large numbers of new retail investors <a href="https://www.cnbc.com/2021/04/08/a-large-chunk-of-the-retail-investing-crowd-got-their-start-during-the-pandemic-schwab-survey-shows.html">according to last month’s Charles Schwab survey</a>.</p><p>US broker-dealer regulator FINRA found the same in its February <a href="https://www.finra.org/media-center/newsreleases/2021/new-research-global-pandemic-brings-surge-new-and-experienced-retail">survey</a>. Younger, less experienced investors flocked to the markets, research has found.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ E-commerce fraud to surpass $20 billion this year ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/359337/e-commerce-fraud-to-surpass-20-billion-this-year</link>
                                                                            <description>
                            <![CDATA[ Research finds merchants need to do more to implement fraud prevention ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">c2Lpifz8G5jXXV7VD3nqVZ</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/pDBeU6E6JwgBGXPW3m8MXh-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 26 Apr 2021 16:17:23 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Rene Millman ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/vwWuTPNRCuw9vEaWzuXYnR.png ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/pDBeU6E6JwgBGXPW3m8MXh-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Computer showing e-commerce transaction]]></media:description>                                                            <media:text><![CDATA[Computer showing e-commerce transaction]]></media:text>
                                <media:title type="plain"><![CDATA[Computer showing e-commerce transaction]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/pDBeU6E6JwgBGXPW3m8MXh-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>E-commerce fraud has increased by almost a fifth in a single year, according to the latest from Juniper Research. </p><p>Between 2020 and 2021, e-commerce fraud grew by 18% from $17.5 billion to over $20 billion as criminals focused on the COVID-19-fueled surge in online shopping.</p><p><a href="https://www.juniperresearch.com/researchstore/fintech-payments/online-payment-fraud-research-report?utm_campaign=pr1_onlinepaymentfraud_financial_fintech_apr21&utm_source=businesswire&utm_medium=pr">According to the report</a>, this means fraudsters exposed insecure fraud-mitigation processes from unfamiliar and unprepared merchants for the continuing challenges in this market.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/business-strategy/business-transformation/358914/adobe-report-says-pandemic-e-commerce-growth-is" data-original-url="/business-strategy/business-transformation/358914/adobe-report-says-pandemic-e-commerce-growth-is">Pandemic-fueled e-commerce growth is here to stay</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/business-operations/sales-crm/355091/whats-next-for-e-commerce" data-original-url="/business-operations/sales-crm/355091/whats-next-for-e-commerce">What’s next for e-commerce?</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/business/354724/what-do-you-need-to-start-an-e-commerce-business" data-original-url="/business/354724/what-do-you-need-to-start-an-e-commerce-business">What do you need to start an e-commerce business?</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/strategy/26032/top-tech-execs-to-mentor-early-stage-e-commerce-startups" data-original-url="/strategy/26032/top-tech-execs-to-mentor-early-stage-e-commerce-startups">Top tech execs to mentor early stage e-commerce startups</a></p></div></div><p>The research found that while merchants want to reduce fraud rates from their current levels, they’ve been reluctant to introduce extra friction into the checkout process. The report identified that clear messaging around security checks and automated behavioral analytics leveraging artificial intelligence (AI) is key to preserving the user experience.</p><p>“While the need for <a href="https://www.itpro.com/security" data-original-url="https://www.itpro.com/security">security</a> is greater than ever, the competitive e-commerce environment means merchants will need to ensure that extra security checks are justified to the user, or they risk higher cart abandonment rates,” said co-author, Susan Morrow.</p><p>Researchers claimed China will be the largest single e-commerce fraud market in the world, accounting for over 40% of the worldwide e-commerce fraud losses in 2025. That would amount to over $12 billion in fraud. The report’s authors cited China’s massive e-commerce market and relative lack of fraud detection and prevention platform deployment as the key drivers.</p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="jfMfftdRc8Sostbdck8Fqk" name="jfMfftdRc8Sostbdck8Fqk.png" caption="" alt="" src="https://cdn.mos.cms.futurecdn.net/jfMfftdRc8Sostbdck8Fqk.png" mos="https://cdn.mos.cms.futurecdn.net/jfMfftdRc8Sostbdck8Fqk.png" link="" align="" fullscreen="" width="0" height="0" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div></figure><p class="fancy-box__body-text"><strong>NETSCOUT threat intelligence report</strong></p><p class="fancy-box__body-text">Cyber crime: Exploiting a pandemic</p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-crime/359329/netscout-threat-intelligence-report" data-original-url="/security/cyber-crime/359329/netscout-threat-intelligence-report">FREE DOWNLOAD</a></p></div></div><p>Juniper Research also recommended merchants operating in China should invest in fraud detection and prevention now. Otherwise, they’ll increasingly face damage to their already slim operating margins.</p><p>The research echoes similar findings by fraud-detection company Ravelin. According to its Retail Ecommerce Fraud & Payments <a href="https://pages.ravelin.com/hubfs/All%20shareable%20content%20/Retail%20report%20final%20checks.pdf?utm_campaign=General&utm_medium=email&_hsmi=113928287&_hsenc=p2ANqtz-9v3TNb3eV11pjdlNjy_f2durzW3-j1GWlDyyN4FOLl3mg7ri4fW0-Yzc0XD6SCvvy1UbrS1r2MH2HkvOARybMY2XwCPQ&utm_content=113928287&utm_source=hs_automation">Survey</a> released earlier this month, 76% of retailers predict their budget to tackle fraud will increase in the next 12 months, with one in five anticipating a “significant” increase.</p><p>Ravelin CIO Mairtin O’Riada said the COVID-19 pandemic created a “petri dish” that is growing volumes of fraud.</p><p>“Retailers are scrambling to drive e-commerce and are handling extremely high volumes of transactions online, while also trying to fulfill a growing number of online deliveries. At the same time, honest consumers and avid fraudsters are feeling the pinch of a shrunken economy — many have lost their jobs and money is tight,” <a href="https://www.helpnetsecurity.com/2021/04/05/retail-brands-fraud-teams">O’Riada told <em>HelpNetSecurity</em></a>.</p><p>“Trying to detect fraud manually under these conditions is a difficult and expensive undertaking. Technology that can be built specifically to your needs can help detect fraud at the moment and help retailers to mitigate the effects of fraud significantly — helping to protect profit margins at a time they’re needed most.”</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Nokia partners with Hiya to stop spam calls ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/scams/358436/exclusive-nokia-partners-with-hiya-to-stop-spam-calls</link>
                                                                            <description>
                            <![CDATA[ Machine learning could end the barrage aggravating fraudulent and spam phone calls ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">4qiG6Psj1Mq1q4MkhhB3kc</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/yoeDcDYgVAQCuwqiafUDX3-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 27 Jan 2021 07:35:22 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[SaaS]]></category>
                                                    <category><![CDATA[Cloud]]></category>
                                                                                                                    <dc:creator><![CDATA[ Rene Millman ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/vwWuTPNRCuw9vEaWzuXYnR.png ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/yoeDcDYgVAQCuwqiafUDX3-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Scam caller ID]]></media:description>                                                            <media:text><![CDATA[Scam caller ID]]></media:text>
                                <media:title type="plain"><![CDATA[Scam caller ID]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/yoeDcDYgVAQCuwqiafUDX3-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Nokia has successfully tested a new real-time spam and fraud detection service that could end nuisance telephone calls. Nokia worked on the trial with Hiya, a Seattle-based identity verification platform that helps analyze over 13 billion calls each month.</p><p>The telecoms company has integrated Hiya Protect on its <a href="https://www.itpro.com/cloud" data-original-url="https://www.itpro.com/cloud">cloud</a>-native Telephony Application Server. Hiya Protect uses <a href="https://www.itpro.com/strategy/28071/what-is-machine-learning" data-original-url="https://www.itpro.com/strategy/28071/what-is-machine-learning">machine learning</a> models to analyze calling events in real-time around the world for fraudulent behavior and new scams. Hiya serves more than 130 million businesses and customers worldwide.</p><p>The test marks the industry’s first VoLTE network integration through a public cloud service to a major European carrier. The company claimed that Hiya Protect could accurately detect various legitimate and illegitimate calls to keep subscribers protected from the unwanted ones plaguing the telephony industry.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/91564/nigeria-moves-to-shut-down-spam-scam" data-original-url="/91564/nigeria-moves-to-shut-down-spam-scam">Nigeria moves to shut down spam scam</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/92452/spammers-charged-for-pump-and-dump-scam" data-original-url="/92452/spammers-charged-for-pump-and-dump-scam">Spammers charged for pump and dump scam</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/102936/public-official-arrested-after-falling-for-419-scam" data-original-url="/102936/public-official-arrested-after-falling-for-419-scam">Public official arrested after falling for 419 scam</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/608115/nigerian-scammers-ditch-email-for-facebook" data-original-url="/608115/nigerian-scammers-ditch-email-for-facebook">Nigerian scammers ditch email for Facebook</a></p></div></div><p>The test involved Hiya's SaaS cloud interworking with Nokia’s cloud-native, IMS based Telephony Application Server. Hiya said the test not only proved the success of its detection and alerting capabilities, including fraud, spam, legitimate callers, and verified businesses, but it also proved the integration of Nokia core solution with Hiya’s cloud. As a result, Nokia’s Telephony Application Server is properly issuing call events and enforcing Hiya’s call instructions, the firm claimed.</p><p>Hiya’s integration also showed minimal impact on call set-up time to meet industry-standard service requirements. </p><p>Alex Algard, CEO at Hiya, said the project was a critical step in addressing carriers’ needs to integrate a cloud-based solution at the network level.</p><p>“Fraudsters and spammers are sophisticated and constantly change their tactics, so our solutions must outsmart them to stay a step ahead, which is why integrating at the network level and pushing the application to the Edge is such an important accomplishment,” he said.</p><p>Jitin Bhandari, vice president of core network products at Nokia, said proving open solutions like this can be effectively integrated and accurately detect spam calls is a “big step in pushing the industry forward.”</p><p>“This is the type of open cloud-based innovation and collaboration that is needed to solve nuisance/spam calls in networks and make the communication experience better for users across the globe,” he added.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Gift card fraud is rising, and Target is a favorite of scammers ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/cyber-crime/358084/gift-card-fraud-is-on-the-rise-and-target-is-a-scammer-favorite</link>
                                                                            <description>
                            <![CDATA[ The holiday season has led to increased gift card fraud, and scammers see Target’s online success as a gold mine ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">exgfzK27wHkveLbFNG2waN</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/xnazpz7q5epQG4sBrrJmuF-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 10 Dec 2020 13:47:07 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Attacks]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Rene Millman ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/vwWuTPNRCuw9vEaWzuXYnR.png ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/xnazpz7q5epQG4sBrrJmuF-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Target sign on the front of a store]]></media:description>                                                            <media:text><![CDATA[Target sign on the front of a store]]></media:text>
                                <media:title type="plain"><![CDATA[Target sign on the front of a store]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/xnazpz7q5epQG4sBrrJmuF-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>According to online fraud prevention firm Bolster, there has been a dramatic rise in the number of gift card scams affecting shoppers. One of the most popular brands involved is retail chain <a href="https://www.itpro.com/hacking/23684/target-guilty-of-massive-30m-data-breach" data-original-url="https://www.itpro.com/hacking/23684/target-guilty-of-massive-30m-data-breach">Target</a>. </p><p>The research team at Bolster noted a recent gift card fraud website that impersonates Target's gift card balance checking page. The layout, text, and colors are identical to the authentic Target gift card balance checking site, so unsuspecting users can easily be tricked to enter their gift card numbers. </p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/101223/fighting-fraud-with-technology" data-original-url="/101223/fighting-fraud-with-technology">Fighting fraud with technology</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/617158/banking-customers-offered-free-online-fraud-protection" data-original-url="/617158/banking-customers-offered-free-online-fraud-protection">Banking customers offered free online fraud protection</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/103333/stolen-tk-maxx-credit-card-details-used-to-commit-fraud" data-original-url="/103333/stolen-tk-maxx-credit-card-details-used-to-commit-fraud">Stolen TK Maxx credit card details used to commit fraud</a></p></div></div><p>Once the victim enters the gift card numbers on the fake site, it displays a never-ending “checking balance” status or some sort of error that makes users think the site is malfunctioning. “In reality, the valid gift card numbers are harvested by the criminals and monetized by either reselling them on other sites or using them to make purchases,” said researchers.</p><p>Researchers added that Target experienced a dramatic increase in e-commerce sales during the pandemic. In August, the company announced its digital sales tripled with online purchases and curbside pickup jumping by over 700%.</p><p><a href="https://bolster.ai/blog/gift-card-scams-explode-in-upcoming-holiday-shopping-season">According to Bolster's research</a>, Target isn’t the only organization experiencing gift card fraud. There was an initial spike in gift card fraud earlier in the year, but coronavirus-induced shelter-in-place orders created a brief lull in activity. The lull was short-lived. </p><p>A new gift card fraud spike began in September and continued into November, corresponding with the early start of the holiday shopping season, including mid-October’s Amazon Prime Day.</p><p>Researchers said November saw the highest rate of new gift card scams with 6,881 total new scam sites, over 229 new sites per day, and nearly 10 times more new gift card scam sites created than in January.</p><p>Retail and gaming are gift card scammers’ favorite targets heading into the holiday season. In November, these categories accounted for 59% of all gift card scams online. </p><p>Paul Bischoff, a privacy advocate at <em>Comparitech.com</em>, told <em>ITPro</em> that gift cards are attractive targets for <a href="https://www.itpro.com/security/357769/cyber-crime-to-cost-businesses-105-trillion-per-year-by-2025" data-original-url="https://www.itpro.com/security/357769/cyber-crime-to-cost-businesses-105-trillion-per-year-by-2025">cyber criminals</a> for a few reasons. </p><p>First, gift cards can act as a difficult-to-trace currency because they usually aren’t tied to anyone.</p><p>“Second, the potential revenue stream for fraudsters is twofold. Scammers can trick users into handing over card numbers and other info, which they in turn use to make purchases or sell on the dark web. On top of that, phishing sites can trick cardholders into reloading a card with more money. That money, along with the victim's payment information, goes to the scammer,” he said.</p><p>Chris Hauk, consumer privacy champion at Pixel Privacy, told <em>IT Pro</em> that users must remember that Target, Taco Bell, and any other merchant or restaurant that offers gift cards won’t volunteer to help you check your gift card balance. </p><p>“They'd rather that you forget about the balances on your gift cards because in five years they can expire the card balance and keep the money. After one year passes, merchants can begin deducting from the card balance in the form of "non-use fees." This is free money for the retailer,” Hauk said.</p><p>“To avoid gift card scams, only use the retailer's official website to check a gift card balance (most retailers offer this on their website or look for a URL on the back of the gift card).”</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Why deepfakes could threaten everything from biometrics to democracy ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/357591/why-deepfakes-could-threaten-everything-from-biometrics-to-democracy</link>
                                                                            <description>
                            <![CDATA[ Deepfake technology has been rated the most serious AI crime threat, but there are ways to fight back ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">c85gB1e2UEesd1XqjgTkKh</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/Ktjm3XF6485BG9WAXyVR7N-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 30 Oct 2020 07:19:42 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Keri Allan ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/Ktjm3XF6485BG9WAXyVR7N-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[A smartphone showing the download screen for FaceApp, an AI face-swapper]]></media:description>                                                            <media:text><![CDATA[A smartphone showing the download screen for FaceApp, an AI face-swapper]]></media:text>
                                <media:title type="plain"><![CDATA[A smartphone showing the download screen for FaceApp, an AI face-swapper]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/Ktjm3XF6485BG9WAXyVR7N-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p><em>This article originally appeared in Issue 9 of IT Pro 20/20, <a href="https://www.itpro.com/technology/augmented-reality-ar/357294/it-pro-2020-augmenting-the-future" data-original-url="https://www.itpro.com/technology/augmented-reality-ar/357294/it-pro-2020-augmenting-the-future">available here</a>. To sign up to receive each new issue in your inbox, <a href="https://www.itpro.com/magazine-signup" data-original-url="https://www.itpro.com/magazine-signup">click here</a>.</em></p><p><a href="https://www.itpro.com/security/cyber-security/357015/banks-and-fintech-firms-using-tech-firms-to-fight-deepfake-fraud" data-original-url="https://www.itpro.com/security/cyber-security/357015/banks-and-fintech-firms-using-tech-firms-to-fight-deepfake-fraud">Deepfakes</a>, also known as synthetic media, are spreading. Today, deepfake technology is most commonly used to create more realistic fake images or videos, but it can also be used to develop <a href="https://www.itpro.com/security/biometrics/356107/only-skin-deep-the-state-of-biometric-security" data-original-url="https://www.itpro.com/security/biometrics/356107/only-skin-deep-the-state-of-biometric-security">fake biometric identifiers</a> such as voice and fingerprints.</p><p>Most of us will have likely watched a film, tv show or advert that uses this technology, and we’ve probably all come across a ‘deepfaked’ photo or video – either knowingly or unknowingly – on social media. Some of us may even have played around with creating our own deepfakes using apps that let you superimpose your face onto that of your favourite actors. </p><p>“Until recently you needed the sophisticated technology of a Hollywood studio to create convincing deepfakes. Not anymore. The technology has become so advanced and readily available that one guy in his bedroom can create a very realistic deepfake,” says Andrew Bud, ceo and founder of fintech firm iProov. “A lot of people are using it for entertainment content, plus there’s legitimate firms whose entire business is creating synthetic video and audio content for advertising or marketing purposes.”</p><h3 class="article-body__section" id="section-the-dark-side-of-deepfakes"><span>The dark side of deepfakes </span></h3><p>But deepfake technology also has a dark side. For some time now it’s been used to create photos or videos to spread misinformation and influence public opinion or political discourse, often by attempting to discredit individuals or groups. </p><p>“Recent history has shown a proliferation of attacks to manipulate democratic elections and destabilise entire regions,” says Marc Rogers, VP of cybersecurity at technology firm Okta and co-founder of international cyberthreat intelligence group The CTI League. “The implication being a deepfake from a trusted authority could artificially enhance or destroy public confidence in a candidate, leader or perception of a public issue – such as Brexit, global warming, COVID-19 or Black Lives Matter – to influence an outcome beneficial to a malicious state or actor.”</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/34784/the-future-of-spam-is-scary" data-original-url="/security/34784/the-future-of-spam-is-scary">The future of spam is scary</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/biometrics/356107/only-skin-deep-the-state-of-biometric-security" data-original-url="/security/biometrics/356107/only-skin-deep-the-state-of-biometric-security">Only skin deep: The state of biometric security</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/technology/augmented-reality-ar/357294/it-pro-2020-augmenting-the-future" data-original-url="/technology/augmented-reality-ar/357294/it-pro-2020-augmenting-the-future">IT Pro 20/20: The future of augmentation</a></p></div></div><p>IDC senior research analyst, Jack Vernon, notes: “With the US presidential election drawing closer, this will be <a href="https://www.itpro.com/marketing-comms/social-media/354471/facebook-bans-deepfakes-ahead-of-us-election" data-original-url="https://www.itpro.com/marketing-comms/social-media/354471/facebook-bans-deepfakes-ahead-of-us-election">an obvious arena</a> in which we may see them deployed.”</p><p>Deepfake pornography is another rapidly growing phenomenon, often used as <a href="https://www.itpro.com/ransomware/34432/deepfake-ransomware-among-experts-list-of-cyber-fears" data-original-url="https://www.itpro.com/ransomware/34432/deepfake-ransomware-among-experts-list-of-cyber-fears">blackmail</a>, while another risk comes from criminals using faked biometric identifiers to carry out fraud. </p><p>“One notable example took place last year when attackers used deepfake technology to imitate the voice of a UK ceo in order to carry out financial fraud,” Rogers highlights. </p><p>It’s unsurprising, then, that last month the Dawes Centre for Future Crime at UCL published a report citing deepfakes as the most serious artificial intelligence (AI) crime threat. Ranked in order of concern, the technology was rated the most worrying use of AI in terms of its potential applications for crime or terrorism. </p><h3 class="article-body__section" id="section-who-s-most-at-risk-from-deepfake-crime"><span>Who’s most at risk from deepfake crime? </span></h3><p>Bud believes the areas most at risk from deepfake crime include the <a href="https://www.itpro.com/security/cyber-security/357015/banks-and-fintech-firms-using-tech-firms-to-fight-deepfake-fraud" data-original-url="https://www.itpro.com/security/cyber-security/357015/banks-and-fintech-firms-using-tech-firms-to-fight-deepfake-fraud">banking industry</a>, governments, healthcare and media. </p><p>“Banking’s definitely at risk – that’s where the opportunity for money laundering is greatest. The government is also at risk: Benefits, pensions, visas and permits can all be defrauded. Access to someone’s medical records could be used against them and social media is at risk of weaponisation. It’s already being used for intimidation, fake news, conspiracy theories, destabilisation and destruction of trust.” </p><p>Experts say we can expect things to get worse before they get better, as the quality of deepfakes is only likely to improve. This will make it harder to distinguish which media is real, and the technology may get better at fooling our security systems.</p><h3 class="article-body__section" id="section-fighting-back"><span>Fighting back</span></h3><p>The good news is the technology industry is fighting back, and we’re seeing deepfake detection technology emerge from a number of research fields, says Nick McQuire, senior vice president at Enterprise Research.</p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="H6HJdq6HoneniLZWYxSbUK" name="H6HJdq6HoneniLZWYxSbUK.jpg" caption="" alt="" src="https://cdn.mos.cms.futurecdn.net/H6HJdq6HoneniLZWYxSbUK.jpg" mos="https://cdn.mos.cms.futurecdn.net/H6HJdq6HoneniLZWYxSbUK.jpg" link="" align="" fullscreen="" width="0" height="0" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div></figure><p class="fancy-box__body-text"><strong>IT Pro 20/20: The future of augmentation</strong></p><p class="fancy-box__body-text">The ninth issue of IT Pro 20/20 looks at our changing relationship with augmentation technology</p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/technology/augmented-reality-ar/357294/it-pro-2020-augmenting-the-future" data-original-url="/technology/augmented-reality-ar/357294/it-pro-2020-augmenting-the-future">FREE DOWNLOAD</a></p></div></div><p>“This is an area we’ve long predicted would emerge because firms like Microsoft, Google and Facebook are looking at ways to use neural networks and generative adversarial approaches (GANs) to analyse deepfakes to detect statistical signatures in their models.”</p><p>There are many initiatives to identify deepfakes, “for example the FaceForensics++ and Deepfake Detection Challenge (DFDC) dataset,” says Hoi Lam, a member of the Institution of Engineering and Technology’s (IET) Digital Panel. </p><p>Then there’s facial recognition cross-referencing, which is increasingly being used by video hosting services. “Various techniques are also being explored that implement digital watermarking,” explains Matt Lewis, research director at NCC Group. “This can help prove the origin and integrity of content creation.”</p><p>A number of the big tech firms have begun to promote tools in this area. Microsoft, for example, recently unveiled a new tool to help spot deepfakes and <a href="https://www.itpro.com/software/356786/adobe-battles-fake-photos-with-editing-tags" data-original-url="https://www.itpro.com/software/356786/adobe-battles-fake-photos-with-editing-tags">in August Adobe announced</a> it would start tagging Photoshopped images as having been edited in an attempt to fight back against misinformation. </p><p>GCHQ also recently acknowledged deepfakes as a cybersecurity priority, launching a research fellowship set to delve into fake news and misinformation and AI. “New technologies present fresh challenges and this fellowship provides us with a great opportunity to work with the many experts in these fields,” a spokesperson said. </p><p>Businesses are also starting to understand the risk from deepfakes and implementing new technologies designed to detect fraudulent biometric identifiers. Banks in particular are ahead of the game, with HSBC, Chase,Caixa Bank and Mastercard just some of those who’ve signed up to <a href="https://www.itpro.com/security/cyber-security/357015/banks-and-fintech-firms-using-tech-firms-to-fight-deepfake-fraud" data-original-url="https://www.itpro.com/security/cyber-security/357015/banks-and-fintech-firms-using-tech-firms-to-fight-deepfake-fraud">a new biometric identification system</a>.</p><h3 class="article-body__section" id="section-we-re-in-an-arms-race"><span>We’re in an arms race</span></h3><p>As malicious actors innovate to stay a step ahead of security teams, technologists being drawn into an arms race, and the work to identify deepfakes is ongoing. </p><p>“As security teams innovate new technology to identify deepfakes, techniques to circumvent this will proliferate and unfortunately serve to make deepfake creation more realistic and harder to detect,” notes Rogers. “There’s a feedback loop with all emerging technologies like these. The more they generate success the more that success is fed back into the technology, rapidly improving it and increasing its availability.” </p><div  class="fancy-box"><div class="fancy_box-title">RELATED RESOURCE</div><div class="fancy_box_body"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' ><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="xhyAuhULTEsSRSAAhsf54M" name="xhyAuhULTEsSRSAAhsf54M.jpg" caption="" alt="" src="https://cdn.mos.cms.futurecdn.net/xhyAuhULTEsSRSAAhsf54M.jpg" mos="https://cdn.mos.cms.futurecdn.net/xhyAuhULTEsSRSAAhsf54M.jpg" link="" align="" fullscreen="" width="0" height="0" attribution="" endorsement="" class="pinterest-pin-exclude"></p></div></div></figure><p class="fancy-box__body-text"><strong>2020 Cyber Threat Intelligence (CTI) survey</strong></p><p class="fancy-box__body-text">How to measure the effectiveness of your CTI programme</p><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/cyber-crime/357410/2020-cyber-threat-intelligence-cti-survey" data-original-url="/security/cyber-crime/357410/2020-cyber-threat-intelligence-cti-survey">FREE DOWNLOAD</a></p></div></div><p>While the technologists fight the good fight, the other important tool in the war against devious deepfakes is education. </p><p>The more aware the public is of the technology the more they’ll be able to critically think about their media consumption and apply caution where needed, says Nick Nigram, a principal at Samsung NEXT Europe. “After all, manipulation of media using technology is nothing new,” he concludes.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Ribbon launches robocall-fighting managed service ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/marketing-comms/communications/357522/ribbon-launches-robocall-and-fraud-fighting-managed-service</link>
                                                                            <description>
                            <![CDATA[ As-a-service offerings help providers adhere to telephone laws without large upfront expenses ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">nZ3EH9pGsiyW5EVCJKV4EA</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/VjseAEW7zn2c58ob9FNS8N-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 22 Oct 2020 18:50:59 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Justin Cupler ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/VjseAEW7zn2c58ob9FNS8N-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Scam caller ID]]></media:description>                                                            <media:text><![CDATA[Scam caller ID]]></media:text>
                                <media:title type="plain"><![CDATA[Scam caller ID]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/VjseAEW7zn2c58ob9FNS8N-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Ribbon Communications, real-time <a href="https://www.itpro.com/software" data-original-url="https://www.itpro.com/software">software</a> and packet and optical transportation solution provider, has announced two new managed as-a-service features to its Ribbon Call Trust portfolio: STIR/SHAKEN-as-a-Service and Reputation Scoring. These services will help reduce robocalls and phone-based <a href="https://www.itpro.com/security/phishing/356488/phishing-and-fraud-report" data-original-url="https://www.itpro.com/security/phishing/356488/phishing-and-fraud-report">fraud</a> attacks. </p><p>Everyone’s just about fed up with robocalls and phone fraudsters, such as those posing as car warranty administrators trying to separate you from your money. Ribbon’s new services look to mitigate these annoying calls at the service provider.</p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/101223/fighting-fraud-with-technology" data-original-url="/101223/fighting-fraud-with-technology">Fighting fraud with technology</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/608667/how-to-be-a-successful-online-fraudster" data-original-url="/608667/how-to-be-a-successful-online-fraudster">How to be a successful online fraudster</a></p></div></div><p>STIR/SHAKEN is actually an acronym that stands for Secure Telephony Identity Revisited (STIR) and Signature-based Handling of Asserted information using toKENs (SHAKEN), a caller authentication, signing and verification process required in the US and Canada to prevent call spoofing. </p><p>Ribbon’s STIR/SHAKEN-as-a-Service aims to help service providers comply with its namesake regulations without the cost of implementing it in their own networks.</p><p>The Reputation Screening offering improves upon STIR/SHAKEN-as-a-Service with real-time, multidimensional scoring of calls to help mitigate fraud and nuisance calls. It does so by using in-call insight and actionable intelligence that allows the service provider to decide how to act. With this information, the service provider can choose to let the call complete as normal, send it to voicemail, modify the caller name to “Scam,” Fraud” or another name, or outright block the call.</p><p>"Fraud and unwanted robocalls are undermining consumer confidence in voice communications services in a number of markets around the world," said Patrick Donegan, founder & principal analyst at HardenStance. </p><p>"Service providers that commit to mitigating these risks should be investing in a cloud-based, managed solution like Ribbon's STIR/SHAKEN-as-a-Service and Reputation Scoring. Service providers should find these a lot more cost-effective than building out their own dedicated identity assurance infrastructure."</p><p>STIR/SHAKEN-as-a-Service and Reputation Scoring are available as part of <a href="https://ribboncommunications.com/solutions/service-provider-solutions/cloud-and-edge/identity-assurance">Ribbon Call Trust</a> portfolio and run on Ribbon’s cloud-based Identity Hub. </p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Four arrested in UK over scam Microsoft calls ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/28944/four-arrested-in-uk-over-scam-microsoft-calls</link>
                                                                            <description>
                            <![CDATA[ Scammers would call victims pretending to be from Microsoft IT support ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">nTXWaC6rNYqJ4GML6LkB24</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/FkTDJSeCMXjKpVbRSuNXvm-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 28 Jun 2017 11:28:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Dale Walker ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/YhUVp3rWtcZPM5XznPeTmX.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/FkTDJSeCMXjKpVbRSuNXvm-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/FkTDJSeCMXjKpVbRSuNXvm-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Four people have been arrested in the UK following an investigation into scam calls from fraudsters claiming to be able to fix IT issues for a fee.</p><p>The arrests follow a two-year long joint investigation by the City of London Police and Microsoft, which aimed to tackle the global problem of computer software service fraud.</p><p>The scheme, which is thought to cost users hundreds of millions of pounds every year, involves a victim being contacted and told that their computer is either infected with a virus or is not working correctly. The victim is then told that for a fee, the caller will be able to fix the problems.</p><p>Instead the fraudsters will trick the user into installing malicious software on their machine, granting access to the victim's computer, as well as obtain payment details so that a large sum of money can be stolen. The investigation also revealed that some victims would be called again later and told they are due a refund, which allows scammers to steal even more money.</p><p>While the inquiry found that most calls originated in India, two men and two women have been accused of involvement in the UK. A 29-year-old man and 31-year-old woman from Woking in Surrey were arrested on Tuesday, while a 37-year-old man and 31-year-old woman were arrested in South Shields, Tyneside.</p><p>The Surrey pair has since been released on bail, while the two from Tyneside have been released pending further inquiries.</p><p>These scams typically happen through cold calling, with fraudsters pretending to be members of Microsoft IT support, or similar technology companies, but there has been a recent increase in the use of pop-up notifications, which prompt the victim to call a number.</p><p>According to the investigation, there were 34,504 instances of computer software service fraud in the 2016/17 financial year, resulting in losses of almost 21 million.</p><p>Victims would lose on average up to 600 in a single scam, with the majority of those targeted being the elderly.</p><p>Commander Dave Clark, City of London Police and national coordinator for economic crime said: "These arrests are just the beginning of our work, making the best use of specialist skills and expertise from Microsoft, local police forces and international partners to tackle a crime that often targets the most vulnerable in our society."</p><p>Users have been advised to remain vigilant to suspicious calls. Computer companies do not make unsolicited calls to help you fix your machine, and Microsoft does not request payment information to validate copies of Windows. Users are also advised to be on the look out for anything related to a 'Microsoft Lottery', a scam that claims you have won a cash prize.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ NHS IT director and tech vendor jailed for corrupt contracts ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/public-sector/27889/nhs-it-director-and-tech-vendor-jailed-for-corrupt-contracts</link>
                                                                            <description>
                            <![CDATA[ NHS's Peter Lewis took bribes in exchange for lucrative IT contracts ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">nFFhbApbDtTcLKnWMryLS2</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/xsihYtV25FM8ZT2q9MKtGK-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 10 Jan 2017 10:31:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Data and Insights]]></category>
                                                    <category><![CDATA[Business]]></category>
                                                                                                                    <dc:creator><![CDATA[ Dale Walker ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/YhUVp3rWtcZPM5XznPeTmX.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/xsihYtV25FM8ZT2q9MKtGK-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/xsihYtV25FM8ZT2q9MKtGK-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>A corrupt NHS IT director who accepted bribes in exchange for IT contracts has been sentenced to three and a half years in prison.</p><p>Sentenced on Friday, 6 January, Peter Lewis, 57, admitted to receiving 80,000 in corrupt payments in exchange for lucrative IT software contracts, valued at 950,000 in the first year.</p><p>Richard Moxon, the supplier of software that recorded accident and emergency data at the Royal Surrey County Hospital in Guildford, also admitted to bribing the NHS official and has been jailed for 14 months.</p><p>Moxon, 41, of Wybunbury in Cheshire, transferred nine payments totaling 73,770 to Lewis between January and December 2011, as well as a single payment of 7,200 to settle a debt Lewis had at a local stables.</p><p>Lewis, of Windlesham, Surrey, had been director of infomatics at the Royal Surrey County Hospital NHS Foundation Trust since 2009, and was responsible for management of finances and the awarding of contracts.</p><p>Each month, Moxon would hide the bribes through multiple invoices from different companies under his control, all valued at 15,000 so they could be signed off without oversight.</p><p>The fraud came to light after the trust conducted a disciplinary investigation into his relationship with another supplier.</p><p>"Peter Lewis sought to greedily divert money from the NHS into his own pockets," said detective superintendent Karen Mizzi, head of Proactive Crime for Surrey Police. "While I am glad to see justice being served through his custodial sentence, my team is now focusing on recovering the money Lewis made from his crime, and returning it to the NHS."</p><p>An investigation by Surrey Police found that 40% of the ICT products supplied by Moxon did not fulfill the needs of the trust. As a result of the scam, the trust declared losses for the 2011-12 financial year of 433,000.</p><p>The hospital was able to recuperate some of the lost money by integrating software supplied by Moxon into a new system in August 2012, however direct fraud against the Royal Surrey hospital amounted to almost 81,000.</p><p>"Royal Surrey expects its staff to act with honesty and integrity at all times and will fully investigate any suspicions of wrong-doing," said Alf Turner, deputy chief executive of the Royal Surrey County Hospital Trust.</p><p>"Mr Lewis broke these fundamentals and we are pleased that, although it has taken a long time, justice will be served. We would like to thank the police for their ongoing support in pursuing this matter to its positive resolution," added Turner.</p><p><em>Picture: (l-r) Peter Lewis and Richard Moxon</em></p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/security/27524/police-investigate-after-hack-shuts-nhs-hospitals" data-original-url="/security/27524/police-investigate-after-hack-shuts-nhs-hospitals">Police investigate after hack shuts NHS hospitals</a> <a data-analytics-id="inline-link" href="https://www.itpro.com/security/27368/nhs-trusts-targeted-in-ransomware-strikes" data-original-url="/security/27368/nhs-trusts-targeted-in-ransomware-strikes">NHS trusts targeted in ransomware strikes</a></p></div></div>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ IT admin fleeced Expedia for $330k in insider trading scam ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/27735/it-admin-fleeced-expedia-for-330k-in-insider-trading-scam</link>
                                                                            <description>
                            <![CDATA[ Support technician admits using network credentials to access execs' confidential files ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">oB2DVJA3E3trpLKeEh8E39</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/PAs7NShVt83zH3HUca9cmC-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 07 Dec 2016 12:20:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Jane McCallion ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/PAs7NShVt83zH3HUca9cmC-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/PAs7NShVt83zH3HUca9cmC-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>A former Expedia senior IT support technician has pleaded guilty to accessing confidential company files and illegally using the information within for insider trading that netted him over $300,000.</p><p>Jonathan Ly, 28, pleaded guilty to securities fraud, which began in 2013 and continued even after he left the company in 2015.</p><p>FBI special agent in charge Jay S Tabb Jr <a href="https://www.justice.gov/usao-wdwa/pr/former-expedia-it-support-worker-pleads-guilty-insider-trading" target="_blank">said</a> Ly's behaviour was was "particularly egregious because [he] abused his special access privileges as an IT administrator". </p><p>"On top of violating the trust of the public and his company, he violated the privacy of fellow employees by surreptitiously accessing their files," Tabb continued.</p><p>A <a href="https://www.scribd.com/document/333302387/USA-v-Jonathan-Ly" target="_blank">court document</a> detailing the case against Ly notes that, as part of his role as a senior IT support technician, he was given "certain administrative access privileges that could be used to remotely access electronic files on Expedia employees' electronic devices", as well as, from time to time, being given corporate network passwords.</p><p>In a summary of how the scheme worked, the document states that between 2013 and 2015 Ly "secretly and fraudulently accessed the contents of Expedia executives' computer files and corporate email accounts to ... [collect information] in order to execute a series of well-timed and lucrative securities trades in Expedia options".</p><p>Ly left Expedia in April 2015, but, unknown to the company, took with him an Expedia laptop that he used to continue accessing corporate systems and email and carry out his insider trading.</p><p>Commenting on the case, Rui Melo Biscaia, director of product management at Watchful Software, said: "This case demonstrates how much damage malicious insiders can cause, especially when armed with a high level of privilege and little oversight.</p><p>"The threat of trusted insiders abusing their positions can be greatly reduced by ensuring that confidential files can only be access by the authorised user themselves. Internal support staff that are able to access other users' machines should only be able to access files and network areas relevant to their current job, rather than having free reign over information that would normally be highly restricted. Classifying and encrypting all confidential files against unauthorised access will also help protect against external attackers that are able to gain control of a system."</p><p>The US Department of Justice praised Expedia for its "quick reporting" of the intrusion once it was detected, which made it easier for the FBI to trace the malicious behaviour back to Ly.</p><p>In total, Ly made over $331,000 from the fraudulent trades. He is scheduled to be sentenced on 28 February next year and could face up to 25 years in prison and a $250,000 fine.</p><p><em>Main image credit: Bigstock</em></p><div  class="fancy-box"><div class="fancy_box-title"></div><div class="fancy_box_body"><p class="fancy-box__body-text"><a data-analytics-id="inline-link" href="https://www.itpro.com/strategy/24573/ex-staff-pose-massive-risks-to-company-security" data-original-url="/strategy/24573/ex-staff-pose-massive-risks-to-company-security">Ex-staff pose massive risks to company security</a></p></div></div>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Toshiba faces $60m accounting scandal fine ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/strategy/25246/toshiba-faces-60m-accounting-scandal-fine</link>
                                                                            <description>
                            <![CDATA[ Penalty comes as shareholders file lawsuit against company and ex-chiefs ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">fWAYKYvbqvMvTb9PWT61E6</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/vEuqUcs6ENyrqEqh4K6AmG-1280-80.png" type="image/png" length="0"></enclosure>
                                                                        <pubDate>Mon, 07 Dec 2015 12:37:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Rene Millman ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/vwWuTPNRCuw9vEaWzuXYnR.png ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/png" url="https://cdn.mos.cms.futurecdn.net/vEuqUcs6ENyrqEqh4K6AmG-1280-80.png">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Accounting]]></media:description>                                                            <media:text><![CDATA[Accounting]]></media:text>
                                <media:title type="plain"><![CDATA[Accounting]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/vEuqUcs6ENyrqEqh4K6AmG-1280-80.png" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p><strong>07/12/2015: </strong>Toshiba could face a fine of $60 million (39 million) after committing accounting fraud that misrepresented its financial health by more than a billion dollars.</p><p>Over a period of seven years, the Japanese tech giant claimed its profits were $1.3 billion higher than they really were.</p><p>As a result, Japan's Securities and Exchange Surveillance Commission has recommended the $60 million penalty to the country's Financial Services Agency (FSA). It would be the largest accounting violations fine in Japan's history.</p><p>Toshiba has already set aside 8.4 billion Yen ($68 million) to pay such a fine, which would have to be approved by the FSA, but it comes as 50 shareholders filed a lawsuit today demanding $2.45 million damages from the company, three former CEOs and two former CFOs.</p><p>They are pursuing the claim because Toshiba's share value dropped dramatically after the scandal came out, declining 40 per cent since April.</p><p>It comes after the company revealed $318 million losses for the year to March 2015 after it was expected to post a 1.2 billion profit.</p><p><strong>07/09/2015: </strong>Toshiba has posted losses of $318 million and drastically reduced its earnings for the past seven years after a scandal in which it was found to have overstated years of profit-making.</p><p>The announcement has been delayed repeatedly after numerous disclosures of far-reaching irregularities in its accounting, amounting to $1.3 billion of overstated profits over seven years.</p><p>The 140-year-old firm said its annual loss for the year to March 2015 stands at $318 million, a catastrophic outcome after experts had predicted a 1.2 billion annual profit.</p><p>Toshiba's president and vice-president left the company earlier in July after an independent panel found the company had overstated profits for the past six years, around triple an initial estimate from the company.</p><p>The firm was forced to issue an apology and said it will now move to avoid further irregularities in its accounting procedures.</p><p>Toshiba <a href="http://www.toshiba.co.jp/about/ir/en/finance/er/er2014/q4/ter2014q4e.pdf">said</a> that while the US economy had lost some momentum in the second half of 2014, the UK had witnessed a strong performance and the Eurozone had sustained a gradual recovery.</p><p>It added that despite China's slowdown, solid growth was seen in South East Asia and India.</p><p>The firm has now set up a "management revitalisation" committee to undertake negotiations on a new management team. Former Shiseido president Shinzo Maeda will be the head of a revamped 11-member board, the majority of which are external directors, the company announced.</p><p>"Toshiba will not announce an FY2015 forecast at this point, as the company continues to carefully evaluate the operational impacts of inappropriate accounting," the firm added.</p><p>It said its plans now will include speeding up business selection and concentration, reformulating its business and financial structure with appropriate measures.</p><p>Toshiba could now face a fine from regulators over the financial scandal, which is the biggest in Japan since 2011 when Olympus was discovered to be involved in a $1.7 billion scheme to conceal over 20 years of investment losses.</p><p><em><strong>This article was originally published on 7 September 2015 but was subsequently updated to reflect the latest developments (most recently on 7 December 2015).</strong></em></p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ US lottery security head 'fixed results' ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/24392/us-lottery-security-head-fixed-results</link>
                                                                            <description>
                            <![CDATA[ Eddie Raymond Tipton allegedly hacked into the draw's computer to ensure he won the jackpot ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">iWuSeWpZwn5ekL9QT7v484</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/J4wG2PuKJ2uJwj6dxBh2xd-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 15 Apr 2015 06:27:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Clare Hopping ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/J4wG2PuKJ2uJwj6dxBh2xd-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[fraud]]></media:description>                                                            <media:text><![CDATA[fraud]]></media:text>
                                <media:title type="plain"><![CDATA[fraud]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/J4wG2PuKJ2uJwj6dxBh2xd-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>The US lottery's former head of security has been accused of hacking into the system to make sure his ticket won the draw, although he never actually claimed his winnings.</p><p>Eddie Raymond Tipton was the security director for the Multi-State Lottery Association in Iowa, but was arrested in March on two counts of fraud.</p><p>The court papers suggested he used a thumb drive loaded with a rootkit in the computer set up to randomly generate the winning numbers. The rootkit was designed to predetermine the numbers for the lottery and then erase itself, leaving no trace of the hack.</p><p>The computer was situated in glass room, is not connected to the internet to avoid hacks and the rules for access to the computer state that two people must be present in order for it to work. CCTV also covers it 24 hours a day, seven days a week.</p><p>However, Tipton also allegedly changed the CCTV camera settings to only record one second out of every minute so he wouldn't be caught.</p><p>Mike McLaughlin, senior analyst at computer security company First Base told the BBC: "It is entirely possible to code a rootkit on a USB drive which could interfere with software on a computer then delete itself.</p><p>"It would only take a second to run once plugged in. However, this can leave traces on the infected machine if you know where to look."</p><p>Lottery employees are not allowed to win the lottery, although a company based in Belize, the day it was due to expire, attempted a claim with the ticket. This triggered an investigation into the ticket, during which Tipton's actions were questioned.</p><p>Prosecutors wrote in the filing: "There is sufficient evidence for a jury to reasonably conclude from the evidence that Defendant tampered with lottery equipment."</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ City of London Police knock 2,000 counterfeit good sites offline ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/24045/city-of-london-police-knock-2000-counterfeit-good-sites-offline</link>
                                                                            <description>
                            <![CDATA[ City of London Police's IP enforcement unit hails latest work to shut down sites selling fake goods ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">4YaMG3g1C2onzcKG7ZQXK9</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/2e6mMAsYTawssyVLRfKHMV-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 13 Feb 2015 10:18:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Caroline Donnelly ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/2e6mMAsYTawssyVLRfKHMV-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Offline]]></media:description>                                                            <media:text><![CDATA[Offline]]></media:text>
                                <media:title type="plain"><![CDATA[Offline]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/2e6mMAsYTawssyVLRfKHMV-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>The City of London Police has shut down 2,000 websites selling fake luxury goods since the New Year, as part of its ongoing quest to clampdown on counterfeit product sales.</p><p>The sites in question were selling knock-off versions of products from popular, high-end fashion brands including Burberry, Longchamp, Oakley and Tiffany.</p><p>Along with fake products, some of these sites also housed malware and viruses, the City of London Police has warned.</p><p>However, with the help of the City of London Police's Intellectual Property Crime Unit (PIPCU), brand protection organisations and internet domain name registrars, they have now been taken offline.</p><p>This co-ordinated enforcement effort falls under the remit of PIPCU's Operation Ashiko initiative and since its launch in October 2013 - a total of 5,500 websites have been shut down.</p><p>Danny Medlycott, detective chief inspector and head of PIPCU, said he hopes the operation will make consumers aware of the dangers of buying counterfeit goods online.</p><p>"When shopping online you need to be extremely vigilant that you are not misled into buying fakes. Many sites claim to be selling genuine items, but in fact they are just cheap imitations.</p><p>"In some cases, such as with electrical items, these products can be extremely dangerous as they aren't subjected to the vigorous safety checks that legit items are."</p><p>"The criminals behind these websites will often take advantage of your personal details, such as financial information and so people may find their card has been compromised and used for other fraudulent scams," he added.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ UK Government research shows 1/2 of Britons are cybercrime victims ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/23344/uk-government-research-shows-12-of-britons-are-cybercrime-victims</link>
                                                                            <description>
                            <![CDATA[ Despite this, only a third actually report offences to the authorities, government research finds ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">nMb9oD8eQLqPEEDB87AyM9</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/sXjwE3fyKUXREN2jnpYZRk-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 22 Oct 2014 09:00:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Hacking]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Rene Millman ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/vwWuTPNRCuw9vEaWzuXYnR.png ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/sXjwE3fyKUXREN2jnpYZRk-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Cybercrime]]></media:description>                                                            <media:text><![CDATA[Cybercrime]]></media:text>
                                <media:title type="plain"><![CDATA[Cybercrime]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/sXjwE3fyKUXREN2jnpYZRk-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Around half of British web users have been victims of cybercrime, according to figures from the Cabinet Office, and a significant number of them have no idea how to report the crime.</p><p>According to a survey commissioned to coincide with Get Safe Online Week, which runs this week, 51 per cent of people have been a victim of online crime resulting in a financial loss.</p><p>The crimes include identity theft, hacking or deliberate distribution of viruses, but the study found that less than a third (32 per cent) reported these crimes.</p><p>Around half (47 per cent) of victims did not report a crime as they had no idea who to contact in the event of such a crime.</p><p>Cabinet Office minister Francis Maude said raising public awareness would help people avoid becoming a victims of cybercrime.</p><p>"The UK cyber market is worth over 80 billion a year and rising. The internet is undoubtedly a force for good but we cannot stand still in the face of these threats, which already cost our economy billions every year," he said.</p><p>"As part of this government's long-term economic plan, we want to make the UK one of the most secure places to do business in cyberspace. We have a 860 million Cyber Security Programme which supports law enforcement's response to cybercrime and we are working with the private sector to help all businesses protect vital information assets.</p><p>"Our Get Safe Online and Cyber Streetwise campaigns provide easy to understand information for the public on how and why they should protect themselves. Cyber security is not an issue for government alone - we must all take action to defend ourselves against threats," he added.</p><p>The study found cybercrime victims did take steps to improve their internet behaviour afterwards. Nearly half (45 per cent) opted for stronger passwords and 42 per cent became extra vigilant when shopping online. Over a third (37 per cent) always logged out of accounts when they go offline and nearly a fifth (18 per cent) have changed their security settings on their social media accounts.</p><p>"Cheap and easy access to the internet is changing the world and transforming our lives. What many of us may be less aware of is that financial crime has moved online and poses a major threat to people of all ages and from all walks of life living in the UK today," said Detective Superintendent Pete O'Doherty, head of the City of London Police's NFIB.</p><p>"I would also call on anyone who has fallen victim to an online fraud to report to Action Fraud," he added.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ High Court instructs ISPs to block counterfeit sites ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/strategy/23326/high-court-instructs-isps-to-block-counterfeit-sites</link>
                                                                            <description>
                            <![CDATA[ Virgin Media, BT, EE, BSkyB and TalkTalk have all been directed to block access to the sites selling fake goods ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">9ygnPaRHpT2DjjE6rEWJkC</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/txCBiv2Hp5EYRMza75nDDc-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 20 Oct 2014 08:31:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Clare Hopping ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/txCBiv2Hp5EYRMza75nDDc-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Court]]></media:description>                                                            <media:text><![CDATA[Court]]></media:text>
                                <media:title type="plain"><![CDATA[Court]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/txCBiv2Hp5EYRMza75nDDc-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Five of the country's biggest ISPs have been asked to prevent access to six websites selling counterfeit goods in a High Court ruling - the first of its kind in this country.</p><p>Virgin, BT, EE, BSkyB and TalkTalk have been told to add an 'access denied' notice on the websites believed to be selling fake goods claiming to be authentic Montblanc-Simplo and Cartier International (collectively part of the Compagnie Financire Richemont group) products.</p><p>Judge Mr Justice Richard Arnold said: "The page should not merely state that access to the website has been blocked by court order, but also should identify the party or parties which obtained the order and state that affected users have the right to apply to the Court to discharge or vary the order."</p><p>The second part of the ruling is that the injunction issued by the Richemont group will expire after a certain amount of time unless they re-submit a request for extention of the ISPs agree to prolong the directive.</p><p>"This will enable the practical operation of the orders to be reviewed in the light of experience," Arnold said.</p><p>The websites in question are cartierloveonline.com, hotcartierwatch.com, iwcwatchtop.com, replicawatchesiwc.com, 1iwc.com, montblancpensonlineuk.com and ukmontblancoutlet.co.uk, all of whom are selling high-value items such as watches and pens.</p><p>Richemont told <em><a href="http://torrentfreak.com/high-court-orders-isps-to-block-counterfeiting-websites-141017">Torrentfreak</a></em>: "We are pleased by this judgment and welcome the Court's recognition that there is a public interest in preventing trade mark infringement, particularly where counterfeit goods are involved. The Courts had already granted orders requiring ISPs to block sites for infringement of copyright in relation to pirated content. This decision is a logical extension of that principle to trade marks."</p><p>It said it will add more websites flogging fake goods to its list if it finds they are infringing copyright.</p><p>The company's representing law firm said: "In a comprehensive judgment, the court has considered the enforcement methods that are presently available to trade mark owners when tackling infringement online. The court has concluded that Internet Service Providers play an essential role' and that the court can and should apply Article 11 of the Enforcement Directive to require the application of technical measures to impede infringement of trade marks."</p><p>Following take-down requests by other industries, including the <a href="https://www.itpro.com/public-sector/22343/torrentz-site-blocked-in-uk-as-part-of-operation-creative" data-original-url="https://www.itpro.com/public-sector/22343/torrentz-site-blocked-in-uk-as-part-of-operation-creative">entertainment industry</a>, it seems these types of requests will not become uncommon in the coming months.</p><p>In December last year, the <a href="https://www.itpro.com/strategy/21153/uk-police-take-down-90-websites-selling-fake-goods" data-original-url="https://www.itpro.com/strategy/21153/uk-police-take-down-90-websites-selling-fake-goods">Police Intellectual Property Crime Unit (PIPCU)</a>, Europol and the US authorities closed down 90 websites selling counterfeit goods as part of its worldwide crackdown.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Transport select committee warns drivers of fake websites ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/strategy/23254/transport-select-committee-warns-drivers-of-fake-websites</link>
                                                                            <description>
                            <![CDATA[ MPs are calling for the government to advise motorists of the damage using fake websites to sign up for services like tax can do ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">ay8k8Phnmm9Ur5g7DAaQx5</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/QYau57DCPDhmx9b5GEdxT-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 08 Oct 2014 07:15:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Public Sector]]></category>
                                                    <category><![CDATA[Business]]></category>
                                                                                                                    <dc:creator><![CDATA[ Clare Hopping ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/QYau57DCPDhmx9b5GEdxT-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[fake and genuine on keyboard keys]]></media:description>                                                            <media:text><![CDATA[fake and genuine on keyboard keys]]></media:text>
                                <media:title type="plain"><![CDATA[fake and genuine on keyboard keys]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/QYau57DCPDhmx9b5GEdxT-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>MPs have rallied for the government to do more to stop innocent motorists using fraudulent websites to pay for essential services such as road tax.</p><p>The transport select committee appealed for higher powers to regulate illegal websites that are being set up to impersonate official websites such as the Driver and Vehicle Licensing Agency, the Driver and Vehicle Standards Agency and the Vehicle Certification Agency.</p><p>The AA has also voiced its concerns, saying it had received complaints from customers, saying impersonator websites claiming to speed up the application process and charging huge fees to motorists need to be stopped.</p><p>The DVLA said it had been contacted directly by Transport for London (TfL), asking the authority to send out letters to drivers who had used an unofficial website to pay the congestion charge, warning them that their fine had not been paid.</p><p>Labour chairwoman Louise Ellman said: "The Department for Transport must ensure that its current re-organisation programme for these agencies delivers high quality services that benefit everyone.</p><p>"We welcome greater information sharing across the motoring agencies and the expansion of online services that we found were well-liked by many customers."</p><p>Shadow transport secretary Mary Creagh agreed the onus should not be on driver groups identifying these fake websites, but on the government. "David Cameron's incompetent government has presided over digital tax disc chaos, delays to driving tests and rip-off copycat websites," she said.</p><p>"Drivers deserve better, and this report is clear that ministers need to stamp out copycat websites and ensure motoring agencies have the tools they need to keep rogues off our roads."</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Google to pay back $19m of in-app purchases made by kids ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/strategy/23046/google-to-pay-back-19m-of-in-app-purchases-made-by-kids</link>
                                                                            <description>
                            <![CDATA[ Search giant settles with FTC over unfair bills to parents ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">8pE28HnJKQWAPvyu5m23UA</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/J4wG2PuKJ2uJwj6dxBh2xd-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 05 Sep 2014 10:14:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Google]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Rene Millman ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/vwWuTPNRCuw9vEaWzuXYnR.png ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/J4wG2PuKJ2uJwj6dxBh2xd-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[fraud]]></media:description>                                                            <media:text><![CDATA[fraud]]></media:text>
                                <media:title type="plain"><![CDATA[fraud]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/J4wG2PuKJ2uJwj6dxBh2xd-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Google is set to pay around $19 million to settle a US Federal Trade Commission (FTC) complaint that it unfairly billed parents for in-app purchases made by their children on Android devices.</p><p>The search giant will give a full refund to any parent affected by the problem. It will also change its billing practices to ensure it gets informed consent from Android owners before charging them for items purchased within apps.</p><p>"It's vital to remind companies that time-tested consumer protections still apply, including that consumers should not be charged for purchases they did not authorise," said FTC Chairwoman Edith Ramirez.</p><p>According to the complaint, in-app purchases made through the Google Play store in 2011 did not require approval. In 2012, changes were made that added a requirement for the account holder's password.</p><p>Google also did not inform consumers that entering the password opened up a 30-minute window in which a password was no longer required, allowing children to rack up unlimited charges during that time.</p><p>The complaint also highlighted Google's collusion in the matter. An internal email in 2012 from a project manager at Google referred to kids' unauthorised in-app charges as "friendly fraud" and "family fraud".</p><p>The complaint further alleges that Google's practice has been to refer consumers seeking refunds first to the app developer. </p><p>According to the settlement, Google must let anyone who made an in-app purchase know how to get a refund for unauthorised purchases by children within 15 days of the finalised order.</p><p>The FTC has given the firm a year to pay back the $19 million, otherwise the FTC will take the remaining money and distribute it to consumers themselves or to the US Treasury.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ 25 fake government websites closed down ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/22658/25-fake-government-websites-closed-down</link>
                                                                            <description>
                            <![CDATA[ Five people have been arrested for running fake scam websites, imitating government services ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">n4v52L9oDVmg2j7oUhiMRC</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/2e6mMAsYTawssyVLRfKHMV-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 08 Jul 2014 08:21:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Public Sector]]></category>
                                                    <category><![CDATA[Business]]></category>
                                                                                                                    <dc:creator><![CDATA[ Clare Hopping ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/2e6mMAsYTawssyVLRfKHMV-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Offline]]></media:description>                                                            <media:text><![CDATA[Offline]]></media:text>
                                <media:title type="plain"><![CDATA[Offline]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/2e6mMAsYTawssyVLRfKHMV-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Five people have been arrested for operating websites offering to help web users pay tax or apply for driving licences and passports.</p><p>The operatives were actually scamming the visitors, taking their money and identities but not providing the goods and were arrested under the Fraud Act.</p><p>The Advertising Standards Authority and Citizens Advice received 5,700 complaints about the websites, which all included misleading web addresses, ending in variations of the 'gov.uk' domain suffix, such as 'govuk' and 'directgov'.</p><p>Jo Swinson, Minister for Consumer Affairs, said: "The enforcement action which the National Trading Standards eCrime team has taken demonstrates the government's commitment to tackling these scammers. We will not let them get away with misleading consumers."</p><p>In total, 25 websites offering the services have now also been closed down, saving thousands of people from falling into the scam traps.</p><p>Swinson said: "It's great that it's becoming easier and more common to use the internet to order official documents such as passports or tax discs, but people should be aware of rogue websites that are out there trying to exploit them and take their hard-earned cash and even put them at risk of identity theft.</p><p>"The enforcement action which the National Trading Standards eCrime team has taken demonstrates the government's commitment to tackling these scammers. We will not let them get away with misleading consumers."</p><p>Adverts promoting the fake websites have also been removed, with the help of Google and Bing.</p><p>The National Trading Standards Board's chairman Lord Harris said: "We have been working with search engines such as Google and Bing to remove adverts from online search results and we continue to gather intelligence across the country to help tackle this issue. We urge you to avoid unofficial websites which could leave you out of pocket or at risk of identity theft."</p><p>The manhunt was part of the government's campaign to educate people about using misleading websites, including those pretending to be part of the government's online services.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Nearly 200 websites touting counterfeit goods seized by law enforcers ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/intellectual-property/22537/nearly-200-websites-touting-counterfeit-goods-seized-by-law-enforcers</link>
                                                                            <description>
                            <![CDATA[ Europol, City of London Police and US law enforcers lead charge against websites selling counterfeit goods. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">eet3zdQA2WGTB3KNgnxLyw</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/zsdA6h9uQKavbESUEbxTjL-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 23 Jun 2014 09:15:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Policy and Legislation]]></category>
                                                    <category><![CDATA[Business]]></category>
                                                                                                                    <dc:creator><![CDATA[ Caroline Donnelly ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/zsdA6h9uQKavbESUEbxTjL-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Offline]]></media:description>                                                            <media:text><![CDATA[Offline]]></media:text>
                                <media:title type="plain"><![CDATA[Offline]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/zsdA6h9uQKavbESUEbxTjL-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Nearly 200 websites selling counterfeit merchandise online have been seized in an international swoop by Europol, the City of London Police and US law enforcers.</p><p>A total of 188 domain names were seized last week, as part of a collective clampdown dubbed "In Our Sites (IOS) Transatlantic 4".</p><p>This brings the total number of domain names seized under the project to 1349 since it began in November 2012.</p><div><blockquote><p>Not only are fake goods likely to be shoddy copies of the original and potentially dangerous, but consumers are also putting their personal and financial information at risk.</p></blockquote></div><p>The project's aim is to close down website that dupe people into unwittingly buying counterfeit goods, including headphones, sports clothing, designer shoes, toys, luxury goods and electronics.</p><p>The operation has been co-ordinated by Europol, the City of London Police Intellectual Property Crime Unit (PIPCU) and the US Immigration and Customs Enforcement Homeland Security Investigations.</p><p>They were prompted to take action after being tipped-off by the copyright holders about the activities of the copyright-infringing websites.</p><p>Anyone who attempts to access the seized websites will now be greeted by a message that notifies them about unlawfulness of copyright infringement.</p><p>Rob Stirling, detective inspector of PIPCU, said City of London was pleased with its ability to help out other overseas crime-fighting bodies with tackling the online sale of counterfeit goods</p><p>"It is important that we make sure the public is aware of the risks of buying counterfeits; not only are fake goods likely to be shoddy copies of the original and potentially dangerous, but consumers are also putting their personal and financial information at risk," said Stirling.</p><p>"Consumers need to be cautious when shopping online. If you think an offer seems too good to be true, then it probably is. Do not rush and be fooled into thinking you are getting a good deal."</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Microsoft shuts down a $2.7m a month click fraud botnet ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/security/21167/microsoft-shuts-down-a-27m-a-month-click-fraud-botnet</link>
                                                                            <description>
                            <![CDATA[ Botnet suspected to originate in Russia was using 2 million machines. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">urFVVFqudFr63BaxFsafPL</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/J4wG2PuKJ2uJwj6dxBh2xd-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 06 Dec 2013 09:33:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Microsoft]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                <author><![CDATA[ itpro@futurenet.com (ITPro) ]]></author>                    <dc:creator><![CDATA[ ITPro ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/J4wG2PuKJ2uJwj6dxBh2xd-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[fraud]]></media:description>                                                            <media:text><![CDATA[fraud]]></media:text>
                                <media:title type="plain"><![CDATA[fraud]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/J4wG2PuKJ2uJwj6dxBh2xd-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Microsoft continues to fight against botnets by smashing a network which was using 2 million machines around the world.</p><p>The software giant filed a lawsuit in Texas and won a judge's order directing internet service providers to block all traffic to 18 internet addresses that were used to direct fraudulent activity to the infected machines.</p><p>Law enforcement in many European countries served warrants at the same time, seizing servers expected to contain more evidence about the leaders of the ZeroAccess crime ring, which was devoted to "click fraud."</p><div><blockquote><p>Microsoft said the botnet had been costing advertisers on Bing, Google and Yahoo an estimated $2.7 million monthly.</p></blockquote></div><p>Such rings use networks of captive machines, known as botnets, in complicated schemes that force them to click on ads without the computer owners' knowledge. The schemes cheat advertisers on search engines including Microsoft's Bing by making them pay for interactions that have no chance of leading to a sale. Microsoft said the botnet had been costing advertisers on Bing, Google and Yahoo an estimated $2.7 million monthly.</p><p>The coordinated effort marks the eighth time Microsoft has moved against a botnet and a rare instance of it doing serious damage to one that is controlled with a peer-to-peer mechanism, where infected machines give each other instructions instead of relying on a central server that defenders can hunt down and disable.</p><p>But the ZeroAccess botnet still had a weakness. The code in the infected machines told them to reach out to one of the 18 numeric Internet addresses for details on which ads to click.</p><p>Microsoft recently opened a new Cybercrime Center in Redmond and is using new tools in its efforts. They are helped by a provision in trademark that allows pretrial seizure of suspected counterfeit goods, including websites that, as in the present case, are spreading tainted versions of the Internet Explorer browser.</p><p>The company is working with national computer security authorities in various countries and with Internet service providers to notify individual computer owners with infected machines, hoping to reach most of them before the fraudsters can spread new instructions.</p><p>Microsoft has been sharing evidence with the FBI and Europol, the continent's law enforcement coordinating service. National agencies took part in seizure actions in Germany, Switzerland, Latvia, Luxembourg, and the Netherlands.</p><p>For now, at least, the fraud by this network has stopped, said Microsoft Assistant General Counsel Richard Boscovich.</p><p>The operators of the botnet are believed to be in Russia, while the author of the malicious software distributed on it could be based elsewhere, Boscovich said.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ UK police take down 90 websites selling fake goods ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/strategy/21153/uk-police-take-down-90-websites-selling-fake-goods</link>
                                                                            <description>
                            <![CDATA[ Cross-party effort sees sites selling counterfeit goods shutdown in pre-Christmas blitz. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">hM2GPY2beqcFyhYMr6Phoh</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/uAk9ePEFFVsXTCZ4ToYefM-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 04 Dec 2013 12:37:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Rene Millman ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/vwWuTPNRCuw9vEaWzuXYnR.png ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/uAk9ePEFFVsXTCZ4ToYefM-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/uAk9ePEFFVsXTCZ4ToYefM-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>The City of London Police has shut down 90 websites as part of a worldwide crackdown on the sale of counterfeit goods.</p><p>The operation was a collaboration between the Police Intellectual Property Crime Unit (PIPCU), Europol and the US authorities, and has led to the suspension of hundreds of websites selling counterfeit merchandise to unsuspecting consumers.</p><p>The police confirmed that 690 domains had been closed in total as part of the "In Our Sites - Transatlantic 3" operation.</p><div><blockquote><p>The 90 websites we have suspended sends a clear warning out to anyone else who thinks they can sell counterfeit goods on the internet with little fear of ever being stopped.</p></blockquote></div><p>"PIPCU is proud to be a part of this cross-party worldwide operation, which is committed to combating online intellectual property crime," said PIPCU superintendent Bob Wishart.</p><p>"The 90 websites we have suspended sends a clear warning out to anyone else who thinks they can sell counterfeit goods on the internet with little fear of ever being stopped."</p><p>PIPCU, representing the UK for Europol, suspended 90 domains, with Europol Member States, Belgium, Denmark, France, Hungary, Romania and Spain suspending a further 303. The US ICE IPR Center accounted for 297 domain name seizures in the US.</p><p>The City of London Police said the websites involved were selling goods including headphones, sports clothing, personal care products, shoes, toys, luxury goods, mobile phones and electronic accessories.</p><p>Visitors to the seized domains will now see a seizure notification instead of the usual home page.</p><p>"Working with our international partners on operations like this shows the true global impact of (intellectual property) crime," said John Sandweg, acting director of the US Immigration and Customs Enforcement.</p><p>"Counterfeiters take advantage of the holiday spirit of shoppers around the world and sell cheap fakes to unsuspecting consumers everywhere. Consumers need to protect themselves, their families, and their personal financial information from the criminal networks operating these bogus sites," he added.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Credit card and debit card details are being stored unencrypted ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/643879/credit-card-and-debit-card-details-are-being-stored-unencrypted</link>
                                                                            <description>
                            <![CDATA[ Companies are unwittingly storing payment information, leaving them open to fraud, Ground Labs claims. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">wvDEZNVKmderyTKNUYNNA9</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/gi2VoMyjLPiReAhq4Dvc43-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 31 Oct 2012 14:30:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Hacking]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Jane McCallion ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/gi2VoMyjLPiReAhq4Dvc43-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[digital padlocks]]></media:description>                                                            <media:text><![CDATA[digital padlocks]]></media:text>
                                <media:title type="plain"><![CDATA[digital padlocks]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/gi2VoMyjLPiReAhq4Dvc43-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>UK businesses are taking inadequate steps to safeguard customers' credit and debit card details, storing them in unencrypted files where they are at risk of being stolen.</p><p>Data security firm Ground Labs, discovered that each respondent was, on average, holding in excess of 1,000 customer credit card records in basic, unsecured files, such as Excel spreadsheets, pdfs and PSTs. Worryingly, the organisations in most cases had no idea they had the data stored.</p><p>A routine check (to see if card data is being stored) should be as frequent as anti-virus checks.</p><p>Storing data in this way increases the risk of a data breach, Ground Labs claims, and is a contravention of Payment Card Industry Data Security Standards compliance obligations. If customer data were to be accessed by an outside agent, or accidentally published or lost, it could also result in a 500,000 fine for the company in question.</p><p>The findings come just one month after the publication of a report by Financial Fraud Action UK, which showed 341 million was stolen from UK credit and debit cards over the course of 2011.</p><p>Mohamed Zouine, European director for Ground Labs, said: "There are many ways in which card details can remain on business's IT infrastructure unwittingly. Transaction logs sent back from banks, browser caches, email duplications and more can hold sensitive data that has a black market value in the wrong hands and can be used to defraud consumers."</p><p>"Even those businesses that believe that their systems are clean are carrying records that could be easily acquired by hackers. We believe a routine check [to see if card data is being stored] should be as frequent as anti-virus checks," he said.</p><p>An ICO spokesperson told <em>IT Pro</em> that Organisations must keep track of the personal data they are processing, otherwise they may risk breaching the Data Protection Act.</p><p>"Good information handling makes good business sense: it is in a business's best interests that they get it right when it comes to looking after people's information," it added.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Ex-Lloyds Bank online security chief admits fraud ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/642181/ex-lloyds-bank-online-security-chief-admits-fraud</link>
                                                                            <description>
                            <![CDATA[ Jessica Harper pleads guilty to £2.4 million fraud and could face up to 10 years in prison. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">jMWwBAhish3G1AzZ1k1urS</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/tkVZ2q6Pn8agFs3awKkWrh-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 08 Aug 2012 14:09:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Caroline Donnelly ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/tkVZ2q6Pn8agFs3awKkWrh-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Hacking]]></media:description>                                                            <media:text><![CDATA[Hacking]]></media:text>
                                <media:title type="plain"><![CDATA[Hacking]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/tkVZ2q6Pn8agFs3awKkWrh-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>The former head of online security at Lloyds Bank has pleaded guilty to defrauding the financial institution by more than 2.4 million.</p><p>Jessica Harper, the former head of fraud and security for digital banking at Lloyds, has been accused of submitting false invoices to claim back payments totalling 2,463,750 between 2007 and 2011.</p><p>According to a report in the <em>Financial Times</em>, no customers were affected by the fraud, which was picked up by the bank and reported to police.</p><p>Harper appeared at Southwark Crown Court yesterday and will be sentenced on 21 September. She could face up to 10 years in prison.</p><p>During yesterday's court appearance, she admitted abusing her position to carry out fraud and pleaded guilty to money laundering.</p><p>Prosecutor Anthony Swift said Harper has already repaid 300,000 and was in the throes of raising a further 700,000 by selling her house.</p><p>"That will be some 1m out of 2.5m that's gone missing," Swift told the judge.</p><p>Sue Patten, head of the Crown Prosecution Service's anti-fraud unit, added: "Jessica Harper has been convicted of the type of crime the bank employed her to combat.</p><p>"The evidence in the case was clear and left Harper with little choice but to plead guilty."</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Trusteer flags up Facebook malware scam ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/641887/trusteer-flags-up-facebook-malware-scam</link>
                                                                            <description>
                            <![CDATA[ Security software vendor uncovers malware aimed at charity-minded Facebook users. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">eS5CNJfkaYRzJH3g263pYF</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/JKwsd5oVLaaDUBUjdbYDfT-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 24 Jul 2012 09:26:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Malware]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Cassie Daum ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/JKwsd5oVLaaDUBUjdbYDfT-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Facebook key]]></media:description>                                                            <media:text><![CDATA[Facebook key]]></media:text>
                                <media:title type="plain"><![CDATA[Facebook key]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/JKwsd5oVLaaDUBUjdbYDfT-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Trusteer has discovered a Citadel malware configuration that targets Facebook users with fake requests for donations to children's charities.</p><p>The security software firm said the aim of the scam is to steal credit card data from charity-minded members of the social networking site.</p><p>Once Facebook users have logged in, the Citadel injection displays a pop up that asks for a $1 donation to a children's charity. The unsuspecting user is then asked for his or her credit card information.</p><p>The malware is effective because it targets users by language. It also poses as legitimate, well-known charities in targeted countries.</p><p>The company said the malware has web-injection pages in five languages: English, Italian, Spanish, German and Dutch.</p><p>In the English-language version, the malware poses as a charity for impoverished Haitian children.</p><p>Meanwhile, the Italian version uses the Red Balloon campaign, which was set up to help fight child mortality in Italy.</p><p>"This attack illustrates the continuing customisation of financial malware and harvesting of credit card data from the global base of Facebook users," said Trusteer's chief technology officer, Amit Klein.</p><p>"Using children's charities as a scam makes this attack believable and effective. Meanwhile, the one dollar donation amount is low enough that virtually anyone can contribute if they chose. This is a well-designed method for stealing credit and debit card data on a massive scale," he added.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ European CyberCrime Centre set to tackle online fraud ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/639814/european-cybercrime-centre-set-to-tackle-online-fraud</link>
                                                                            <description>
                            <![CDATA[ The specialised unit at The Hague will be a hub for co-operation between member states. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">fCjKXUk8a1b9Kb6V7NrN8m</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/fXzTWXPKuDwxokpgr2CmSF-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 28 Mar 2012 14:15:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Khidr Suleman ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/fXzTWXPKuDwxokpgr2CmSF-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Hacking]]></media:description>                                                            <media:text><![CDATA[Hacking]]></media:text>
                                <media:title type="plain"><![CDATA[Hacking]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/fXzTWXPKuDwxokpgr2CmSF-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>The European Commission (EC) has given the green light to the creation of a specialised CyberCrime Centre, aiming to combat the growing threat of illegal online activity across the EU.</p><p>The European CyberCrime Centre is set to start operating in January 2013 and will be based at the Europol office in The Hague. The focus will be on tackling large scale organised cybercrime and preventing cyber-attacks on critical infrastructure and information systems in the EU.</p><p>Resources will be dedicated to help make e-banking and online purchasing more secure, as well as stamping out online child sexual exploitation.</p><p>The CyberCrime Centre also plans to help cut down identity theft via social networking sites such as Facebook where 600,000 accounts are already blocked every day due to malicious activity.</p><p>Member States will be warned about about large scale fraudulent activity and the Centre will make resources available to national police.</p><p>Operational support will be provided during investigations and the centre is expected to liaise with cybercrime investigators, prosecutors, judges and businesses that are affected, the EC said.</p><p>"Millions of Europeans use the internet for home banking, online shopping and planning holidays, or to stay in touch with family and friends via online social networks," said Cecilia Malmstrm, European Commissioner for Home Affairs.</p><p>"But as the online part of our everyday lives grows, organised crime is following suit - and these crimes affect each and every one of us,"</p><p>She added: "We can't let cybercriminals disrupt our digital lives. A European Cybercrime Centre within Europol will become a hub for cooperation in defending an internet that is free, open and safe."</p><p>The EC is keen to safeguard citizens as nearly 75 per cent of households now have access to the internet and 36 per cent carry out online banking.</p><p>The Commission estimates one million people become victims of cybercrime every day and the cost of cybercrime is approaching $388 billion worldwide.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ PCeU shuts down 2,000 fraudulent sites ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/637456/pceu-shuts-down-2000-fraudulent-sites</link>
                                                                            <description>
                            <![CDATA[ On the run up to Christmas, the PCeU cuts off 2,000 fraudulent websites. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">9SjpW2bvtFyYCYCJSANoea</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/hStGL5hVv2za9xVgRaur3E-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 18 Nov 2011 12:22:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Data Breaches]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Tom Brewster ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/hStGL5hVv2za9xVgRaur3E-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Fraud]]></media:description>                                                            <media:text><![CDATA[Fraud]]></media:text>
                                <media:title type="plain"><![CDATA[Fraud]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/hStGL5hVv2za9xVgRaur3E-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>The Met's Police Central e-Crime Unit (PCeU) has shut down over 2,000 fraudulent websites which were either flogging knock-off gear or selling nothing at all.</p><p>Online shoppers had been duped into paying fraudsters for purported designer goods from the likes of Nike and Ugg. Items either didn't show up or consumers were sent counterfeit goods.</p><p>In the run up to Christmas the PCeU will continue to work with Nominet and other registries to disable as many such sites as possible.</p><p>The PCeU worked in conjunction with registrars to find and close the websites, which were generating criminals "millions of pounds," the Met said today.</p><p>"The sites suspended are registered in bulk by crime groups with the sole intention of duping consumers into parting with their money for, at best, poor quality counterfeit goods, at worst, nothing at all," said DI Paul Hoare, from the PCeU.</p><p>"In the run up to Christmas the PCeU will continue to work with Nominet and other registries to disable as many such sites as possible but I would urge customers to take all precautions to ensure they buy from legitimate sites only."</p><p>Registrants were notified before having their sites shut down, Nominet revealed.</p><p>".uk deserves its reputation as a trusted online space for British consumers, and we are committed to tackling cybercrime to keep it that way. The .uk domain name industry has come together to protect consumers and maintain their trust in the .uk internet space," said Lesley Cowley, Nominet CEO.</p><p>The Met warned those affected by the scams could have had their identities stolen, or their bank details used for "criminal activity elsewhere."</p><p>No arrests were made in connection with the websites.</p><p>In other recent law enforcement, arrests have been made. The shutdown of the DNS Changer <a href="https://www.itpro.com/637312/the-war-on-botnets" target="_blank" data-original-url="https://www.itpro.com/637312/the-war-on-botnets">botnet</a> recently saw <a href="https://www.itpro.com/637270/dns-changer-botnet-smashed-in-major-cyber-crime-bust" target="_blank" data-original-url="https://www.itpro.com/637270/dns-changer-botnet-smashed-in-major-cyber-crime-bust">six men arrested</a>, with one man still on the loose.</p><p>In that case, the suspects were not warned before their operations were crippled.</p><p>Security experts have noted the need to catch the criminals, as if they remain on the prowl they will only continue to carry out illicit acts.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Data transparency backfires as councils lose £7 million ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/637276/data-transparency-backfires-as-councils-lose-7-million</link>
                                                                            <description>
                            <![CDATA[ The Government's drive for transparency has given fraudsters a helping hand in duping councils out of their money. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">63pXqq5nA544WVoscgLyvE</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/KktYyNqdBaEjv9TtNzroiQ-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 10 Nov 2011 11:59:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Data Breaches]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Tom Brewster ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/KktYyNqdBaEjv9TtNzroiQ-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Fraud]]></media:description>                                                            <media:text><![CDATA[Fraud]]></media:text>
                                <media:title type="plain"><![CDATA[Fraud]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/KktYyNqdBaEjv9TtNzroiQ-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Local councils have lost 7 million in the space of a year, after data published on their own websites was used by scammers against local authorities.</p><p>The <a href="https://www.itpro.com/623890/prime-minister-reveals-plans-for-opening-up-public-data" target="_blank" data-original-url="https://www.itpro.com/623890/prime-minister-reveals-plans-for-opening-up-public-data">Coalition has pushed for greater transparency</a> across Government bodies and many have responded by posting data online.</p><p>That strategy appears to have backfired on councils, costing them millions in <a href="https://www.itpro.com/637270/dns-changer-botnet-smashed-in-major-cyber-crime-bust" target="_blank" data-original-url="https://www.itpro.com/637270/dns-changer-botnet-smashed-in-major-cyber-crime-bust">fraud</a>.</p><p>"Fraudsters have sent letters to council finance teams that appear legitimate and often follow them up with phone calls to chase payments," a report from the Audit Commission read.</p><p>"The fraudsters gather the details about key creditors from the information that councils now publish on their websites. In our 2010/11 survey, councils reported several detected frauds of this type amounting to some 7 million."</p><p>Local public bodies have become increasingly successful at preventing these frauds by applying sound internal controls.</p><p>In one case, a fraudster contacted a local authority posing as an employee of a council supplier, asking the local authority to change payment details for that company.</p><p>Using a supplier invoice published on the council's website, the fraudster tried to dupe the local authority into sending 5 million to their own account.</p><p>In that case, thanks to additional protections installed by the council, the transfer was stopped.</p><p>"Local public bodies have become increasingly successful at preventing these frauds by applying sound internal controls," the report added.</p><p>"They have prevented about 20 million of such attempted fraud. Fraud warnings, such as those issued by the National Anti-Fraud Network, have helped raise awareness of the risks. However, fraudsters continue to target local public bodies."</p><p>Whose data is it anyway?</p><p>The financial losses were revealed a week after the Government launched its 'Midata' campaign, another part of its drive for greater transparency.</p><p>The initiative will see companies including Google, MasterCard and Visa enabling customers to ask for data on them held by companies. Citizens who ask for their information should receive it back in a standardised format.</p><p>Some have raised concerns Midata would backfire too, worried that businesses which sign up to the scheme would share data with one another for marketing purposes.</p><p>"Getting your data back is good. But Midata must be accompanied by a stronger Data Protection Act, with a right to delete your data, or consumers could be victims of parasitic data or finance companies tempting people to share more than is good for them," said Jim Killock, executive director of the Open Rights Group.</p><p>The Information Commissioner's Office (ICO), the UK's Data Protection Act enforcer, welcomed the Midata project.</p><p>"Midata presents an innovative and empowering opportunity for consumers," said information commissioner Christopher Graham. "It goes without saying that privacy and data security principles must continue to be upheld and I'm pleased that consumer data security has been a key strand from the outset."</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Online bank fraud down, phone scams up ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/636544/online-bank-fraud-down-phone-scams-up</link>
                                                                            <description>
                            <![CDATA[ Technology remains a key tool for fraudsters, with traditional phone tricks rising sharply. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">ukZidMj5oBoAQfNTiSEzLe</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/LXekTJj84En25CwuWhHYsg-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 05 Oct 2011 10:01:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Tom Brewster ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/LXekTJj84En25CwuWhHYsg-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Fraud]]></media:description>                                                            <media:text><![CDATA[Fraud]]></media:text>
                                <media:title type="plain"><![CDATA[Fraud]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/LXekTJj84En25CwuWhHYsg-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Online <a href="https://www.itpro.com/629854/visa-tech-claims-15-billion-fraud-savings" target="_blank" data-original-url="https://www.itpro.com/629854/visa-tech-claims-15-billion-fraud-savings">banking fraud</a> fell 32 per cent in the first half of 2011, as consumers and financial institutions upped their security game.</p><p>Losses resulting from online bank fraud hit 16.9 million between January and June 2011, the UK Cards Association found.</p><p>However, phone banking fraud losses rose to 8.6 million, representing a rise of almost 50 per cent.</p><p>Losses are appreciably lower than they were a few years ago and everyone involved in tackling fraud has reason to be encouraged.</p><p>Telephone scammers have been using standard tricks, such as pretending to be a bank or police representative to dupe victims into handing over financial information.</p><p>Overall there was a nine per cent reduction in fraud losses, hitting an 11-year low of 169.8 million.</p><p>"Losses are appreciably lower than they were a few years ago and everyone involved in tackling fraud has reason to be encouraged by this and that includes bank customers who, as their own front-line of defence, have certainly played their part too," said DCI Paul Barnard, head of the Dedicated Cheque and Plastic Crime Unit.</p><p>"However, there has been an increase in old fashioned scams criminals using distraction techniques and social engineering methods to get hold of people's cards or phone banking details. We are urging everyone to be on their guard."</p><p>The UK Cards Association said the overall drop in fraud was caused by a number of factors, including use of better fraud detection software and the roll-out of updated chip cards.</p><p>A KPMG study from earlier this year showed <a href="https://www.itpro.com/629878/fraud-cases-hit-record-levels-in-2010" target="_blank" data-original-url="https://www.itpro.com/629878/fraud-cases-hit-record-levels-in-2010">2010 was the worst year ever for fraud</a>.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Ofcom's ex-IT boss to serve jail time ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/634075/ofcoms-ex-it-boss-to-serve-jail-time</link>
                                                                            <description>
                            <![CDATA[ The former Ofcom IT head will be imprisoned for defrauding the communications watchdog. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">BWw7ZgL7NBC4An4RNnhHf</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/ehydxnGAwp2ZmAN4zbQRpd-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 09 Jun 2011 08:59:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Public Sector]]></category>
                                                    <category><![CDATA[Business]]></category>
                                                                                                                    <dc:creator><![CDATA[ Stewart Mitchell ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/ehydxnGAwp2ZmAN4zbQRpd-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Prison]]></media:description>                                                            <media:text><![CDATA[Prison]]></media:text>
                                <media:title type="plain"><![CDATA[Prison]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/ehydxnGAwp2ZmAN4zbQRpd-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Communications regulator Ofcom's former IT services chief has been sentenced to two and a half years in prison for defrauding the body out of more that 500,000.</p><p>Jurgen Whitehouse, a 37-year-old from Kent, pleaded guilty after he was reported to the police by the financial controller at Ofcom and investigated by officers from the Metropolitan Police Service's Economic and Specialist Crime Unit.</p><p>Neither the police nor Ofcom have given any details on exactly how Whitehouse managed to squeeze more than half a million pounds from a public body before anyone noticed.</p><p>"This was a premeditated and calculated fraud on a public body which was conducted over a prolonged period," said investigating officer Detective Constable Elliott Toms.</p><p>The fraud was as a consequence of the abuse of position by a particular employee rather than as a consequence of a weakness in Ofcom's processes.</p><p>"He exploited his expert knowledge of systems in place at Ofcom in order to steal in excess of half a million pounds. This sentence will hopefully serve as a deterrent to others who are similarly tempted to abuse their positions of responsibility."</p><p>Whitehouse was sentenced after pleading guilty at Southwark Crown Court on 10 May to one count of fraud where he admitted to abusing his senior position in IT to defraud his employer. He has also since repaid some of the money.</p><p>Ofcom defends controls</p><p>Ofcom defended its internal controls despite the fraud taking place over nearly a year between July 2008 and April 2009.</p><p>"In 2009 Jurgen Whitehouse was dismissed by Ofcom for gross misconduct," Ofcom said in a statement.</p><p>"The matter of suspected fraud was reported immediately to the police. Jurgen Whitehouse pleaded guilty to Fraudulent Abuse of Position under the Fraud Act. The majority of the funds have already been returned to Ofcom and we are confident that we will recover the full amount."</p><p>"Our financial controls are robust, appropriate and proportionate. The fraud was as a consequence of the abuse of position by a particular employee rather than as a consequence of a weakness in Ofcom's processes."</p><p>Ofcom said Whitehouse was sacked in October 2009 for gross misconduct over inappropriate use of equipment, while the fraud was discovered later and reported immediately to the police in March 2010.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Government bets on tech to cut £21 billion fraud ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/634051/government-bets-on-tech-to-cut-21-billion-fraud</link>
                                                                            <description>
                            <![CDATA[ Francis Maude outlines plans to harness the power of technology to reduce the £21 billion of yearly losses to fraud in the public sector. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">dYJByRYgMmbS8ASUCLKTEB</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/SxL5K5kxee3QDGTtjHGFmn-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 08 Jun 2011 09:11:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Data Centres]]></category>
                                                    <category><![CDATA[Infrastructure]]></category>
                                                                                                                    <dc:creator><![CDATA[ Tom Brewster ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/SxL5K5kxee3QDGTtjHGFmn-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Government]]></media:description>                                                            <media:text><![CDATA[Government]]></media:text>
                                <media:title type="plain"><![CDATA[Government]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/SxL5K5kxee3QDGTtjHGFmn-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>The Government has revealed plans to use various kinds of technology to tackle the 21 billion bill caused by <a href="https://www.itpro.com/630148/fraud-management-budgets-to-remain-stagnant" target="_blank" data-original-url="https://www.itpro.com/630148/fraud-management-budgets-to-remain-stagnant">fraud</a> every year in the public sector.</p><p>Minister for the Cabinet Office Francis Maude outlined plans today to take forward proposals outlined in a report from the Counter Fraud Taskforce.</p><p>The Taskforce has carried out a number of pilots to cut fraud, which have already delivered savings of 12 million in just a few months, according to the Government.</p><p>Every pound defrauded from the Government means that there is less to spend on frontline services like healthcare, education, policing and defence.</p><p>One notable success was the use of data analytics to assess the likelihood of a tax application being fraudulent. This technique, used in a pilot between September 2010 and March 2011, provided 10.63 million of savings, according to the Cabinet Office.</p><p>To give people a nudge on paying tax, the Taskforce also sent text messages with reminders to those people more likely to miss payments.</p><p>The changes will form part of the Government's "zero-tolerance approach to tackling fraud," Maude said.</p><p>"Every pound defrauded from the Government means that there is less to spend on frontline services like healthcare, education, policing and defence," he said.</p><p>"The Taskforce has made a good start and has already demonstrated that immediate cashable savings can be made from doing fairly simple common sense checks. Going forward we must take this further and work together to combat fraud across all public sector organisations."</p><p>Security firm Detica welcomed the report, in particular praising the Government's adoption of data analytics capabilities.</p><p>"As Government increasingly takes its services online, it will be important that criminal behaviour is better understood drawing on expertise and existing data from across sectors can spot suspicious activity early on and successfully prevent fraud before it occurs," said Vicki Chauhan, director for Government practice at Detica.</p><p>"Being able to assess the risk of an application for a benefit, or a request for a tax rebate in real-time is the nirvana for both great citizen service and effective fraud prevention. This is the norm within industries such as banking and insurance, and will ensure that public sector investigators don't waste time and money investigating false positives."</p><p>The Cabinet Office also talked up the need for greater collaboration across departments in tackling fraud. Removing silos was a key point in Maude's recent IT strategy report, which notably did not include a mention of the G-Cloud project.</p><p>Last week, HP's UK managing director Nick Wilson told <em>IT PRO</em> the <a href="https://www.itpro.com/633898/updated-government-g-cloud-is-dead-says-hp" target="_blank" data-original-url="https://www.itpro.com/633898/updated-government-g-cloud-is-dead-says-hp">programme had been dropped</a>.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Secondhand smartphones sold with bank details ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/632113/secondhand-smartphones-sold-with-bank-details</link>
                                                                            <description>
                            <![CDATA[ Many people are flogging their mobiles but leaving valuable data, such as bank account details, on the device. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">u18ctyTFPRphgyZM7YJf8U</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/RRVm58ShqW3S4vy86mihs-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 22 Mar 2011 10:56:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Social Media]]></category>
                                                    <category><![CDATA[Technology]]></category>
                                                                                                                    <dc:creator><![CDATA[ Tom Brewster ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/RRVm58ShqW3S4vy86mihs-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Smartphone]]></media:description>                                                            <media:text><![CDATA[Smartphone]]></media:text>
                                <media:title type="plain"><![CDATA[Smartphone]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/RRVm58ShqW3S4vy86mihs-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Over half of secondhand mobile phones retain important personal data of the original owner, research has shown.</p><p>The investigation, from advisory body CPP, found 247 separate pieces of personal data on a range of mobile phones and SIM cards which had been sold either online or through secondhand electronics shops.</p><p>The data included credit card PIN numbers, bank account details, passwords, company information and login details to social networking sites like Facebook and LinkedIn.</p><p>A survey conducted as part of the research found half of secondhand mobile owners had discovered personal data from previous users on their devices.</p><p>"This report is a shocking wake up call and shows how mobile phones can inadvertently cause people to be careless with their personal data," said CPP's mobile data expert, Danny Harrison.</p><p>"With the rapid technology advancements in the smartphone market and new models released by manufactures multiple times a year, consumers are upgrading their mobiles more than ever and it is imperative people take personal responsibility to properly manage their own data."</p><p>Jason Hart, who was commissioned by CPP to carry out the experiment, said the best way to remove data from a SIM is simply to destroy it completely.</p><p>He recommended users double checked all their information had been removed before selling a device on.</p><p>"With new technology does come new risks and our experiment found that newer smartphones have more capabilities to store information and that information is much easier to recover than on traditional mobiles due to the increase of applications," Hart added.</p><p>Managing what data employees are storing on mobile devices has been a growing issue for businesses.</p><p>In recent research from Symantec, nearly two thirds of surveyed firms said they <a href="https://www.itpro.com/632047/data-breach-cost-hits-19-million" target="_blank" data-original-url="https://www.itpro.com/632047/data-breach-cost-hits-19-million">recognised the risk of insecure mobile devices</a> connecting to company networks - up 13 per cent from 2009.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Fraud management budgets to remain 'stagnant' ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/630148/fraud-management-budgets-to-remain-stagnant</link>
                                                                            <description>
                            <![CDATA[ Even though businesses expect to see e-commerce revenues jump, many won't be spending any more on fraud management, a report finds. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">hvpPm1Cg4BHfoEPg2GvTiB</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/rXerPhDDbze6d8UUE9kTXb-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 18 Jan 2011 13:08:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Tom Brewster ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/rXerPhDDbze6d8UUE9kTXb-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Fraud]]></media:description>                                                            <media:text><![CDATA[Fraud]]></media:text>
                                <media:title type="plain"><![CDATA[Fraud]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/rXerPhDDbze6d8UUE9kTXb-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Fraud could be an increasingly big problem for companies, as many firms prevention budgets look likely to remain stagnant in 2011.</p><p>More than three-quarters of organisations responding to a <a href="http://www.cybersource.com" target="_blank">CyberSource</a> survey said they expected online revenues to increase in 2011.</p><p>Yet the signs are not so encouraging when it comes to fraud, as 1.9 per cent of orders accepted in 2010 resulted in fraud, up from 1.6 per cent in 2009.</p><p>Furthermore, the majority of respondents said they expected fraud management budgets to remain stable in 2011.</p><p>Not only will budgets stay flat for spending on management systems, but on related personnel as well, the report indicated.</p><p>One in 10 said they expected to have less money to spend on managing fraud in 2011.</p><p>"As organisations look to drive more online revenue, it is vital that they address any vulnerabilities to protect themselves from fraud," said Dr Akif Khan, director for products and services at CyberSource.</p><p>"With the majority of merchants not allocating any additional budget to manage the issue, businesses should focus on designing sustainable strategies that not only reduce fraud losses, but streamline the entire process."</p><p>In more encouraging signs from the report, a third of respondents said they believe losses from fraud would not increase this year.</p><p>Firms also appeared to have recognised the cyber crime issue, with more than half (59 per cent) ranking online fraud as the greatest business threat.</p><p>Systems uptime was named as one of the top two business concerns as well.</p><p>"To capitalise on the eCommerce opportunity, businesses should focus on streamlining internal fraud management processes," Dr Khan added.</p><p>"Improving automated detection and bolstering case management can help reduce the inefficiencies and enable merchants to make more accurate decisions."</p><p>In a geographical breakdown, respondents ranked Nigeria and Ghana as the most likely sources of fraud, with the US in third.</p><p>Almost 60 per cent of UK merchants now took online orders from abroad, the report found.</p><p>"Expanding into new geographies can be very attractive from a revenue perspective," Khan added.</p><p>"However, merchants need to exercise due diligence and arm themselves with the right anti-fraud tools."</p><p>Fraud cases <a href="https://www.itpro.com/629878/fraud-cases-hit-record-levels-in-2010" target="_blank" data-original-url="https://www.itpro.com/629878/fraud-cases-hit-record-levels-in-2010">hit record levels</a> in 2010, according to KPMG research.</p><p>Added up, the value of the cases came to 1.374 billion, of which criminals tried to steal 571 million from public funds.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Sainsbury’s IT pro busted for Nectar points scam ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/630109/sainsburys-it-pro-busted-for-nectar-points-scam</link>
                                                                            <description>
                            <![CDATA[ A Sainsbury's IT worker stole over 17 million Nectar card points worth over £80,000. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">nW1i9SAsCL5ZkUo1niN8jH</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/84xCLYdZ7QmQ6dwe3bB6K8-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 17 Jan 2011 14:49:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Tom Brewster ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/84xCLYdZ7QmQ6dwe3bB6K8-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Arrest]]></media:description>                                                            <media:text><![CDATA[Arrest]]></media:text>
                                <media:title type="plain"><![CDATA[Arrest]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/84xCLYdZ7QmQ6dwe3bB6K8-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>A Sainsbury's IT manager has been jailed after he stole over 17 million Nectar points from the supermarket chain, it has been reported.</p><p>James Stevenson was able to create numerous fake accounts in order to transfer points to his own card, the Old Bailey has heard.</p><p>Stevenson used his knowledge of the IT systems to exploit the scheme for his own gain, the <a href="http://www.bbc.co.uk/news/uk-england-12193215" target="_blank">BBC</a> reported.</p><p>The number of points he transferred had a value of more than 80,000 between November 2003 and May 2004.</p><p>It wasn't until seven years later, however, that Stevenson was caught when he used the points to buy groceries.</p><p>To have amassed the amount of points Stevenson did, he would have had to have spent 1 million at Sainsbury's every month.</p><p>"Our internal systems to prevent fraud are very robust," Sainsbury's said in a statement.</p><p>"When the actions of Mr Stevenson came to light we took appropriate action and we are pleased that the legal process has come to an end."</p><p>Stevenson admitted to the charges of theft and fraud. He has been sentenced to 20 months in prison but will be allowed out in half that time on licence.</p><p>Earlier this month, a KPMG report revealed there were <a href="https://www.itpro.com/629878/fraud-cases-hit-record-levels-in-2010" target="_blank" data-original-url="https://www.itpro.com/629878/fraud-cases-hit-record-levels-in-2010">more fraud cases last year than ever before</a>.</p><p>There were a total of 314 incidents reported, up 16 per cent on 2009.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ ‘Snapshot’ survey reveals extent of online piracy ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/629959/snapshot-survey-reveals-extent-of-online-piracy</link>
                                                                            <description>
                            <![CDATA[ A new study shows billions of visits to illegal filesharing sites, but represents only a fraction of the real issue. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">7svBR1bHTVTW9ZkcWUZfQo</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/FGqDbQbvYufTqxNfc2zoQB-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 11 Jan 2011 16:53:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Jennifer Scott ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/FGqDbQbvYufTqxNfc2zoQB-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Online piracy]]></media:description>                                                            <media:text><![CDATA[Online piracy]]></media:text>
                                <media:title type="plain"><![CDATA[Online piracy]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/FGqDbQbvYufTqxNfc2zoQB-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>The issue of <a href="https://www.itpro.com/622135/piracy-no-problem-for-a-third-of-brits" target="_blank" data-original-url="https://www.itpro.com/622135/piracy-no-problem-for-a-third-of-brits">online piracy</a> is a growing one, with a new study showing billions of people visited illegal filesharing sites every year.</p><p>However, the new study by anti-fraud company <a href="http://www.markmonitor.com" target="_blank">MarkMonitor</a> only showed a portion of the global phenomena.</p><p>The firm examined 22 brands from a range of product categories, including music, films and pharmaceuticals. It discovered more than 10,000 suspicious sites stocking the downloads or counterfeit goods and found out the urls had received over 53 billion hits in a year.</p><p>The most popular were sites offering entertainment downloads such as music or films but sites selling counterfeit items, such as prescription drugs, clocked up a massive 92 million hits in just 12 months. Most of the sites were hosted in either Western Europe or the US.</p><p>Yet, this could just be the tip of the iceberg. MarkMonitor admitted surveying 22 brands was only a "small sample" so could only provide "a snapshot of the scope of online theft of intellectual property and illicit e-commerce."</p><p>Despite the relative size of the sample though, the company concluded online piracy and counterfeiting could cost the worldwide economy a massive $200 billion (128 billion) each year.</p><p>The study was launched after the US Chamber of Commerce (CoC) approached MarkMonitor with growing concerns around online piracy and counterfeit goods.</p><p>However, Frederick Felman, chief marketing officer of MarkMonitor, urged caution in the way to approach the problem.</p><p>"In the online world, unlike the physical world, supply and demand are virtually limitless so it is imperative to understand both online distribution channels as well as digital promotional vehicles in order to develop effective mitigation strategies," he said.</p><p>"Examining traffic patterns and geographic information are vital in identifying and prioritising enforcement actions rather than playing whack-a-mole' with egregious offenders."</p><p>Also, the number of visits to the site does not necessarily correlate with the number of downloads or goods purchased. But with such a large volume of hits, the US CoC was very concerned.</p><p>"We have known for a long time that rogue websites, those dedicated to piracy and counterfeiting, were flourishing at our expense [and] now we begin to see the staggering scope of this problem," said Steve Tepp, senior director of internet counterfeiting and piracy at the US CoC.</p><p>"The MarkMonitor study is just the tip of the iceberg, identifying only a portion of the colossal amount of internet traffic related to online counterfeiting and digital piracy. The study's findings underscore the urgency to address this epidemic in order to protect consumers, allow the legitimate internet marketplace to flourish, and create jobs."</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Fraud cases hit record levels in 2010 ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/629878/fraud-cases-hit-record-levels-in-2010</link>
                                                                            <description>
                            <![CDATA[ There were 314 reported incidents of fraud in the UK in 2010, a KPMG study shows. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">bqdW86SQ1yeSM9h8NCep64</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/ZB9GmfaBr2yQe2cFB3eqXh-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 10 Jan 2011 10:55:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Apple]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Tom Brewster ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/ZB9GmfaBr2yQe2cFB3eqXh-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[fraud]]></media:description>                                                            <media:text><![CDATA[fraud]]></media:text>
                                <media:title type="plain"><![CDATA[fraud]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/ZB9GmfaBr2yQe2cFB3eqXh-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>There were more UK fraud cases in 2010 than ever before and technology was at the centre of many of them, new research has shown.</p><p>A total of 314 incidents were reported, up 16 per cent on 2009, <a href="http://rd.kpmg.co.uk" target="_blank">KPMG</a> has discovered.</p><p>Added up, the worth of the cases came to 1.374 billion, of which criminals tried to steal 571 million from public funds.</p><p>Indeed, one of the most significant cases was worth 103 million and centred on a man who claimed a notable number of fraudulent bids for tax breaks on research into green technologies.</p><p>"Government agencies, like commercial businesses, have been increasingly vulnerable to the threat of fraud," said Hitesh Patel, KPMG forensic partner.</p><p>"In a year of austerity measures implemented by Government, tax increases, the threat of rising unemployment, and significant structural change it is hardly surprising that the long fingers of the fraudster have reached into the public purse."</p><p>iTunes incidents</p><p>Another major problem in 2010 was the continued use of new technology for fraudulent means.</p><p>In one case, a DJ was accused of plotting a credit card scam on Apple's iTunes website.</p><p>It was claimed a man and 10 others had placed 20 songs on the Apple and Amazon sites, using around 1,500 stolen credit cards to purchase the tunes.</p><p>They then claimed back almost 469,000 in royalties.</p><p>"The online universe has opened up a whole new world for innovative fraudsters," Patel added.</p><p>"While credit card and data theft remain common tools from which they are able to profit, the need for ever more effective techniques to combat fraud grow greater by the day. Unfortunately anti-fraud measures do not always keep pace with professional criminal activity."</p><p>Last week, Visa <a href="https://www.itpro.com/629854/visa-tech-claims-15-billion-fraud-savings" target="_blank" data-original-url="https://www.itpro.com/629854/visa-tech-claims-15-billion-fraud-savings">announced an update</a> of its ant-fraud technology, claiming the enhanced speed and detection capabilities could help save the financial behemoth $1.5 billion (968 million) in fraud losses.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Visa tech claims $1.5 billion fraud savings ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/629854/visa-tech-claims-15-billion-fraud-savings</link>
                                                                            <description>
                            <![CDATA[ Visa believes its updated fraud detection technology will provide some big returns. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">7FMVuF3AUerjzSTKJtnQu9</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/MrHVAA8Kx9BFTGo4UyvthB-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 07 Jan 2011 14:43:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Tom Brewster ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/MrHVAA8Kx9BFTGo4UyvthB-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Fraud]]></media:description>                                                            <media:text><![CDATA[Fraud]]></media:text>
                                <media:title type="plain"><![CDATA[Fraud]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/MrHVAA8Kx9BFTGo4UyvthB-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Visa has introduced technology which it believes could save an extra $1.5 billion (968 million) in fraud losses.</p><p>A major update of the Visa Advanced Authentication, a real-time risk scoring technology, should improve overall fraud detection by around 29 per cent, the credit card giant said.</p><p>Detection of the riskiest transactions has been improved by a whopping 122 per cent, according to Visa.</p><p>In particular, the updates mean the detection systems can better identify "high-speed fraud" where criminals try to make numerous transactions in one fell swoop.</p><p>The enhancements come thanks to tweaks in fraud detection algorithms and better architecture to allow for wide-scale analysis of even highly complex transactions, all in real time, Visa said.</p><p>"The growth of digital currency has yielded vast benefits to consumers, merchants and entire economies around the world," said Jim McCarthy, global product executive at Visa.</p><p>"Continued success requires that every time a consumer uses their Visa card, there's confidence that the purchase will be convenient and secure."</p><p>The improvements should help reduce the fraud rate even further, which has been flat within the Visa system since historic lows were seen in recent months.</p><p>"Visa's continuous investments in the most sophisticated fraud-fighting systems have helped us to stay a step ahead of the criminals," McCarthy added.</p><p>Visa determines risk scores by looking at a global view of fraud and spending patterns across the company's entire network.</p><p>No doubt Visa will be hoping to prevent cyber criminals using the Zeus Trojan as well, which has caused havoc for financial institutions in recent times.</p><p>The prevalent Trojan <a href="https://www.itpro.com/629617/top-10-security-threats-of-2010" target="_blank" data-original-url="https://www.itpro.com/629617/top-10-security-threats-of-2010">was ranked third</a> in our top 10 threats for 2010.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Fake anti-virus cold calling warning issued ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/628579/fake-anti-virus-cold-calling-warning-issued</link>
                                                                            <description>
                            <![CDATA[ One in four people have been contacted by gangs trying to flog fake IT security services, Get Safe Online says. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">uvoUDTMrjgjqxY21oskuSz</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/UwpbnWic4L2DizdokoYCVk-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 15 Nov 2010 11:04:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Tom Brewster ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/UwpbnWic4L2DizdokoYCVk-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Fake AV]]></media:description>                                                            <media:text><![CDATA[Fake AV]]></media:text>
                                <media:title type="plain"><![CDATA[Fake AV]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/UwpbnWic4L2DizdokoYCVk-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Criminal gangs have been busy cold calling UK web users trying to sell them fake anti-virus software, a campaign group has warned.</p><p>One in four British adults have been contacted by people purporting to be from legitimate IT companies and promising to fix computers for a price, <a href="http://www.getsafeonline.org/nqcontent.cfm?a_id=1" target="_blank">Get Safe Online</a> has warned.</p><p>A typical fee is around 30, but the cyber criminals are after more than a one-time payment they also want credit card details or remote control of the victim's computer.</p><p>To do this they will tempt the user into downloading fake anti-virus software, which will then infect the victim's system and steal their data.</p><p>Recent cases have seen between 300-400 people working on such an operation, using "call centre scale set ups," explained Sharon Lemon, deputy director for cyber crime at the Serious and Organised Crime Agency (SOCA).</p><p>"They can also be paying out as much as $150,000 (93,300) a month (on a pay per download basis) to individual webmasters who are unwittingly advertising their fake software this level of investment from criminals indicates that the returns are much heftier than this," Lemon added.</p><p>"Given that our latest research indicates 80 per cent of UK internet users have never heard of these IT helpdesk' scams, yet almost a quarter have been approached by them, it is vital that we make people aware of this threat," said Baroness Neville-Jones, minister of state for security.</p><p>Get Safe Online research also discovered 48 per cent of UK web users had seen a pop-up window appear on their screen warning them their computer was infected.</p><p>While gangs use the internet as a launchpad for their attacks, the use of telephones has signalled a shift in their tactics.</p><p>"The one-to-one nature of the telephone calls also signals a more invasive approach," said Dr Emily Finch, criminologist at the University of Surrey.</p><p>"Telephone calls use the personal touch to gain trust. By knowing just a little bit of information about someone (e.g. date of birth, full name, address easily obtainable by fraudsters who know where to go), criminals begin to sound credible and plausible in their approach."</p><p>The research comes at the start of the Get Safe Online awareness week designed to help people use the internet safely and protect their PCs.</p><p>Fake anti-virus has been a growing problem of late. Earlier this year, Google research showed fake anti-virus accounts for <a href="https://www.itpro.com/622801/google-15-per-cent-of-malware-is-fake-anti-virus-software" target="_blank" data-original-url="https://www.itpro.com/622801/google-15-per-cent-of-malware-is-fake-anti-virus-software">15 per cent of all malware on the web</a>.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ British online fraud diligence dropping ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/628486/british-online-fraud-diligence-dropping</link>
                                                                            <description>
                            <![CDATA[ British people are getting worse at protecting themselves from online fraud, a report indicates. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">7fQUhVgcfvp6sYpmNsE5XS</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/mEFT3MipcPQf3A5GkZ32TS-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 10 Nov 2010 14:55:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Tom Brewster ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/mEFT3MipcPQf3A5GkZ32TS-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Online fraud]]></media:description>                                                            <media:text><![CDATA[Online fraud]]></media:text>
                                <media:title type="plain"><![CDATA[Online fraud]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/mEFT3MipcPQf3A5GkZ32TS-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>British adults lost almost twice as much money to online fraud between April and September, in comparison to the previous six months.</p><p>The average amount lost to online fraud stood at 697 per victim during the last six months, compared to an average of 352 over the same period leading up to March, according to a report from <a href="http://www.verisign.co.uk" target="_blank">VeriSign</a>.</p><p>The research discovered 80 per cent of UK online consumers would never use a website not displaying enhanced security credentials, representing a fall from 82 per cent and thus a decline in security diligence, VeriSign's owner Symantec said.</p><p>Matthew Bruun, EMEA sales director for VeriSign authentication at Symantec, said the report showed how lucrative online fraud had become.</p><p>"All online businesses have a responsibility to protect their customers," Bruun said.</p><p>"If companies aren't encouraging trust through measures like strong authentication or EV [Extended Validation] SSL which turns the URL bar green to indicate a secure site they risk losing customers to web sites that are more proactive when it comes to security."</p><p>In terms of a Geographic breakdown, the Scots had the best record for the fewest online fraud cases, while Northern Ireland was the most hit.</p><p>The Welsh took the unenviable crown of the least diligent UK citizens when it came to online safety. Just 69 per cent said they only buy from sites with enhanced safety measures.</p><p>"It's vital for consumers to appreciate how skillful these criminals are and take the appropriate measures to protect themselves online," Bruun added.</p><p>Other results released this week, taken from data provided by the 265 member organisations of CIFAS - The UK's Fraud Prevention Service, found overall fraud had fallen slightly.</p><p>In the first nine months of 2010 there were almost 158,000 cases of fraud confirmed by members, representing a 4.52 per cent decrease from the same period in 2009.</p><p>"In a year where the 'age of austerity' has become a catch all term (and applications for products and services may decrease as a result) it is perhaps unsurprising to see such a reduction," said CIFAS communications manager Richard Hurley.</p><p>"The fact, however, that fraud has increased by over six per cent during a two-year period only serves to underline how the fraud threat is just as potent and widespread as ever."</p><p>The sixth <a href="https://www.itpro.com/627802/nidfpw-id-fraud-costs-uk-27-billion-a-year" target="_blank" data-original-url="https://www.itpro.com/627802/nidfpw-id-fraud-costs-uk-27-billion-a-year">National Identity Fraud Prevention Week was held last month</a> in a bid to help heighten awareness and get British people protecting themselves better.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ NIDFPW: Lack of trust in business data handling ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/627760/nidfpw-lack-of-trust-in-business-data-handling</link>
                                                                            <description>
                            <![CDATA[ Less than 10 per cent of British citizens completely trust how companies handle their sensitive data, a report shows. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">bUrCtoufEGqPgJbETandGN</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/LKKGRvzPWZYKUuKzR9d9Lg-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 18 Oct 2010 10:20:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Big Data]]></category>
                                                    <category><![CDATA[Technology]]></category>
                                                                                                                    <dc:creator><![CDATA[ Tom Brewster ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/LKKGRvzPWZYKUuKzR9d9Lg-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Fraud]]></media:description>                                                            <media:text><![CDATA[Fraud]]></media:text>
                                <media:title type="plain"><![CDATA[Fraud]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/LKKGRvzPWZYKUuKzR9d9Lg-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Less than one in ten British people have complete faith in how organisations handle their personal data, a report has shown.</p><p>Over eight in 10 British people believed their employer did not take identity fraud seriously enough, while 94 per cent believed they were at risk from identity fraud, according to a Fellowes study.</p><p>The research has been released in support of the sixth <a href="http://www.stop-idfraud.co.uk" target="_blank">National Identity Fraud Prevention Week</a> (NIDFPW), which kicked off today.</p><p>Sports presenter John Inverdale has been selected as NIDFPW's spokesperson for this year and will try to educate individuals and businesses on the importance of protecting themselves and customers.</p><p>Inverdale himself has been on the wrong end of identity theft and will use his experience to spread the word.</p><p>"I discovered from my postman that my mail had been illegally redirected to a house in North London and I was shocked to think that someone had had access to all my mail and credit card details for four weeks," he said.</p><p>"It became more worrying when I started to receive credit card statements in my name from organisations that I had never heard of. Although I resolved the situation in the end, it was extremely stressful."</p><p>Inverdale recommended regularly checking credit reports, being careful about what data people place on social networks and never handing out personal information.</p><p>"Businesses can also take simple steps to protect themselves such as creating an anti-fraud policy, as well as having a comprehensive IT security policy and securely destroying all sensitive documents," Inverdale added.</p><p>NIDFPW partners have also launched a guide on how to prevent identity fraud. It is free to download and can be accessed from the campaign's <a href="http://www.stop-idfraud.co.uk" target="_blank">website</a>.</p><p>Campaign partners include the Metropolitan Police, the National Fraud Authority, the Federation of Small Businesses and the Home Office.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Phishers jump on HMRC tax blooper ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/626728/phishers-jump-on-hmrc-tax-blooper</link>
                                                                            <description>
                            <![CDATA[ Phishers have been sending out emails based on the tax blunder affecting millions in the UK. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">76nLG64JxAXCxEMDULks9j</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/krkCdX4HrHTAvL75AQH8Bn-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 08 Sep 2010 12:45:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Phishing]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Tom Brewster ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/krkCdX4HrHTAvL75AQH8Bn-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Phishing]]></media:description>                                                            <media:text><![CDATA[Phishing]]></media:text>
                                <media:title type="plain"><![CDATA[Phishing]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/krkCdX4HrHTAvL75AQH8Bn-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Fraudsters have leapt on the chance to initiate a phishing scam based around the tax error debacle.</p><p>Millions are thought to have paid the wrong tax and HM Revenue and Customs (HMRC) will be contacting the affected people this month, but only via post.</p><p>Phishers, as is often the case, have made the most of a big news story and sent out messages pretending to be from the HMRC.</p><p>"Tax refund scam mails have been popular for a long time, but in the current climate of our tax office has screwed up in spectacular fashion' it seems phishers will be giving it some serious attention," said Christopher Boyd, Sunbelt Software's senior threat researcher, in a <a href="http://sunbeltblog.blogspot.com/2010/09/uk-tax-debacle-becomes-target-for.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SunbeltBlog+%28Sunbelt+BLOG%29" target="_blank">blog post</a>.</p><p>One email intercepted by Sunbelt took the target to a fake HMRC website, asking for personal data, including a full name, address, phone number and mother's maiden name.</p><p>The page also auto-filled a tax file number box in its bid to convince users of the site's supposed legitimacy.</p><p>Boyd said people can expect a "deluge of spam mail with infectious attachments," noting the UK tax office does not send "random emails asking for personal information."</p><p>A fraudulent file</p><p>Sophos has also spotted similar emails, many containing the subject line "You Have An HMRC Refund" and an attached form that asks for data such as credit card details.</p><p>"If you do make the mistake of filling in the form, your confidential data is uploaded to a Chinese server," said Graham Cluley, senior technology consultant at <a href="http://www.sophos.com" target="_blank">Sophos</a>.</p><p>"You're not going to receive a windfall because of this form - you've just been phished."</p><p>HMRC told <em>IT PRO</em> affected people will not be contacted by email or phone, and will not be asked to send personal information to anyone.</p><p>Last month, <a href="https://www.itpro.com/626008/hmrc-reports-phishing-surge" target="_blank" data-original-url="https://www.itpro.com/626008/hmrc-reports-phishing-surge">HMRC reported a spike in tax scam phishing emails</a> being reported to the Government body.</p><p>It had shut down over 180 websites sending out fake tax rebate messages over a three-month period.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ iTunes and Amazon 'royalty scammers' charged ]]></title>
                                                                                                                                                                                                <link>https://www.itpro.com/626320/itunes-and-amazon-royalty-scammers-charged</link>
                                                                            <description>
                            <![CDATA[ The PCeU has charged 12 people alleged to have placed songs on iTunes and Amazon to buy them with stolen credit cards. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">tJMQ2SXhoWZJzP1ph4zumg</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/ydjshLTxVeu7mrSeq2U5pn-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 24 Aug 2010 11:32:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Cyber Crime]]></category>
                                                    <category><![CDATA[Security]]></category>
                                                                                                                    <dc:creator><![CDATA[ Tom Brewster ]]></dc:creator>                                                                                    <dc:source><![CDATA[ null ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/ydjshLTxVeu7mrSeq2U5pn-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Court]]></media:description>                                                            <media:text><![CDATA[Court]]></media:text>
                                <media:title type="plain"><![CDATA[Court]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/ydjshLTxVeu7mrSeq2U5pn-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>The Metropolitan Police Service's Police Central eCrime Unit (PCeU) has charged 12 in relation to an illicit online music sales operation.</p><p>The alleged crimes involved creating songs to be sold on iTunes and Amazon, which were then purchased with stolen credit cards, according to reports.</p><p>Royalties would then be passed onto the gang, who are thought to have acquired hundreds of thousands of pounds through the operation.</p><p>The 12 suspects were caught following an investigation by the PCeU, with assistance from the FBI.</p><p>All will appear on bail at the City of Westminster Magistrates' Court on 15 September.</p><p>Eight have been charged with conspiracy to defraud.</p><p>They were Denver White, 24, care worker of Helming Drive, Wolverhampton; Rajan Aheer, 20, librarian of Wellington Road, Wolverhampton; Craig Anderson, 23, unemployed of Edwin Road, Dartford; Arran Jassi, 20, postal worker of Denmore Gardens, Wolverhampton; Sandeep Aheer, 22, unemployed of Wellington Road, Wolverhampton; Colton Johnson, 19, unemployed of Deansfield Road, Wolverhampton; Lamar Johnson, 19, of Birmingham; and James Batchelor, 27, teacher of Stone Hill Road, Derby.</p><p>The four charged with money laundering were: Siobhan Clarke, 23, a hairdresser of Limes Avenue, Carshalton; Sheahan Steele, 41, a drugs counsellor of Pakfield Walk, Aston, Birmingham; Matthew Clarke, 31, unemployed of Cross Farm Road, Birmingham; Leon Miles, 19, unemployed of Brooklands Parade, Wolverhampton.</p><p>Earlier this year, eight men were locked up for their involvement in an <a href="https://www.itpro.com/623356/eight-jailed-in-750000-itunes-fraud" target="_blank" data-original-url="https://www.itpro.com/623356/eight-jailed-in-750000-itunes-fraud">iTunes gift certificate scam</a>, spending more than 750,000 of other people's money in the process.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
            </channel>
</rss>