Are the PlayStation Hackers Running up Debt?

This could very well be the first case of many we’ll see where the PlayStation hackers are using the credit card information they obtained. Rory Spreckley is one of more than 77 million people who had a credit card on file with Sony in order to access their PlayStation Network. He also is apparently now the victim of credit card fraud. The Adelaide man logged into his bank account earlier today only to find more than $2,000.00 worth of charges that he didn’t run up.

Sony claims that there is no solid evidence that any credit card information was stolen. The company firmly stated that this type of info is encrypted. We all know how fail-safe that is, right? At this point in time, the gaming giant isn’t even sure how many – and which – databases were accessed. Therefore, it cannot be sure. With the news of Mr. Spreckley’s unauthorized charges surfacing, I’d think it’s safe to say the hackers may just have gotten their hands on your financial stuff after all.

“There was a number of early transactions on the 23rd of amounts under $1, which they say is the usual kind of test run that fraudsters do and then there’s been a number of transactions of larger amounts, including domestic flights within Australia, bookings at Best Westerns [hotels] and what not,” the Australian man stated.

Most galling to me is that someone is telling these consumers NOT to cancel their credit cards. They should instead simply watch for unauthorized charges to their accounts. Uh… right. Who the hell thought this up? I’m sorry, but if my credit card information was taken by anyone other than myself, I would be on the phone to cancel it faster than you can blink your eyes. That’s absolutely ludicrous as far as I’m concerned.

Security experts agree that there needs to be MUCH more done on the part of the compromised companies. They agree that disclosure needs to be much sooner – even if all details aren’t clear. Customers deserve to be warned that something could be up, so that they can take proper precautions. These experts would even like to see a disclosure law in place: “It would require a company to contact and inform customers within one day or two days of the event occurring so that those customers can take action to cancel credit cards or change passwords or other private information and also to be aware that their information has actually been stolen,” said Mark Gregory of RMIT.

If you were a PlayStation Network subscriber, do yourself a favor: take action. Don’t sit around and wait to see if hackers will run up your accounts. Be proactive. Discuss with your bank or financial adviser the best steps to take in order to keep yourself – and your credit score – safe. Yes, you can get charges reversed if you have your cards stolen. But doing so can sometimes be a long and painful process.

Does LifeLock Promote Identity Theft?

LifeLock CEO Todd Davis has sworn for years that his product was good enough to keep your identity safe. He was so sure of this fact that he prominently displayed his own social security number on the website and in television commercials. The problem is that Todd was wrong. His own identity has been stolen at least thirteen times, and the FTC isn’t happy.

The FTC fined Davis and LifeLock back in March to the tune of twelve million bucks. The Federal Trade Commission said that LifeLock’s claims were completely untrue and accused the company of operating a scam and con job. The commission announced with 35 state attorneys general that they had thrown the fine at LifeLock for deceptive business practices and failing to secure customer data. Nearly all of the fine was earmarked to be paid in refunds to customers who had subscribed to the service.

Todd and company are making headlines again today, but for a very different reason. This time it wasn’t customers who had their information stolen out from under the supposed “guaranteed” safety of LifeLock’s nose… it is the CEO himself. In June, 2007, someone used Davis’s identity to obtain a check-cashing loan in the amount of $500.00. That was never paid back, of course. The CEO only learned of this debt when the company called his wife’s phone to attempt to collect on the bill. Four months later, someone in Atlanta used his information to obtain AT&T service in his name. This person racked up over two grand in charges which were never paid. Davis only found out about these charges more than a year later when AT&T handed him over to a collection agency.

Last year, he found several more discrepancies on his credit report. There are several outstanding debts to companies from all over the country… places Davis has never done business with. He has credit bureaus climbing out of the woodwork to get the money that they are owed.

The problem in all of this is that at least one police department is quite ticked off. It’s not only his own identity that he put into danger, according to a spokeswoman for the Albany police department. By putting this information out there and daring people to try and use it, he has hurt the companies who now will never be able to collect on the debts for services and goods rendered. Those are the ones who are hurt most in all of this. The only thing Davis has lost is his credibility, and the time it takes him to refute the charges on his credit report. Those companies have to swallow the monies that they are entitled to.. and which many people feel that Davis himself should be paying.

The company has claimed for years that they guarantee your information is safe if you use their service. In fact, they back that guarantee with one million dollars should they fail. It would be mighty interesting to see if they’ve ever had to fork that money over to any customers… or if they’ve refused and have customers fighting them for it. If Davis’ own information was so easily used without his knowing it, who knows how many customers have had their identities compromised… and they sadly may not even know it yet.

This sure doesn’t give me the warm fuzzies and make me want to rush out to purchase this service for myself. I’m not saying it never works… but if it didn’t work for the CEO, there’s no way in hell I’m trusting it to work for me.

How to Protect Your Privacy Online

Everyone is talking about privacy these days, and no one is happy with the state of things… especially when it comes to Facebook. I told you yesterday on Twitter: There are only two steps you need to follow in order to protect your privacy.

  • Step 1 – STOP SHARING SHIT YOU DON’T WANT THE WORLD TO DISCOVER.
  • Step 2 – See Step 1.

It really is that simple, folks. If you don’t want everyone, their brother and their mother to know something about you, why the hell are you posting it online to begin with? How many of the people who are screaming about having their privacy invaded are the ones who don’t want their bosses (or significant others) to see the pictures from their drunken night in Cancun? If you have secrets you don’t want the rest of civilization to discover, then you should keep that junk to yourself.

How often have you said something on Twitter or Facebook, only to regret it later? Perhaps your boss read your rant about work last week. Or maybe your mom stumbled across something you flippantly tweeted regarding the upcoming family reunion. Whatever the case may be, I have to repeat this again: If you don’t want everyone to know something, then sit down and close your pie hole. That may sound harsh, but apparently harsh is what it takes to get through to some people. There is no undo button on the Internet.

It was interesting to read some of the feedback on my FriendFeed page about this:

In other words, trust no company, trust no person. – Akiva Moskovitz

Side Bar: If you are going to share shit, make sure you know who can see it and take full advantage of any privacy tools. If you can’t lock it down to your liking, see somewhere you can and share there. Failing that, see Step 1. Never assume, it makes an ASS out of U and ME – Johnny Worthington

I’ve been saying this for years – Jesse Stay

Not that what I say matters – Jesse Stay

Or: Even vaults and safety deposit boxes can be broken into. It’s about risk and trust… and know each of them – Johnny Worthington

It’s not about the Sharing. It’s about the Basic Personal Info. – Christopher Galtenberg

If you don’t want Basic Personal Info shared online, don’t put it there. Again, it’s about risk. There is risk in leaving your credit card statements sitting in your letterbox or leaving your wallet on a counter for more that a sec. Risk Assessment. – Johnny Worthington

If the internet can’t deal with personal private data, it won’t work. I thought you felt this way too, JW. – Christopher Galtenberg

Christopher, the phone company can’t guarantee 100% security on calls (fixed lines or cellular), the mail can be tampered with, offices can be bugged, your baggage is scanned at the airport and your wallet can be stolen. No system, physical or digital, is 100% secure. China hacked Gmail. Shit, courier pigeons can be shot down. Since EVERYTHING is <100%, each person must undertake a risk assessment when sharing critical data. If you must have 100%, then a communication channel that is run by a series of commercial entities and less than stellar governments probably isn’t for you. That doesn’t mean it’s 0% secure (probably more like 90-95% secure) but looking for a perfect solution is futile unless you control every point, A to B. – Johnny Worthington

By your logic, JW, everything is actually safe (equally trustworthy, relatively) – Christopher Galtenberg

Not exactly. I trust my bank more than I do Facebook or Gmail… but I don’t assume my bank is just 100% safe. Levels of trust. I have performed risk assessments on each online entity and determined what I would feel comfortable about disclosing. – Johnny Worthington

Anything can be hacked. Anything can leak. Trust is a risk and some levels adjust over time, usually down to lower levels. – manielse (Mark Nielsen)

Back to the original post: that’s how I’ve always treated the Internet. Those MySpace/Facebook kiddies who have to show the whole world the most embarrassing stuff they do always appalled me. I’ve always been careful what I share online, even if I sometimes use my blogs or Twitter as a soapbox. – Dennis Jernberg

Indeed! *thinks back to the DYSP video* – Johnny Worthington

@Chris: And that, of course, is why we have to be so careful. Forethought… – Dennis Jernberg

What are your thoughts regarding privacy online? What measures do you take to make sure your information – and life – is secure?

Malware Delivered by Any Means

It is really despicable. There is no low to which hackers and criminals won’t stoop to deliver malware to you. As many of you know, recently there was a tragedy at the Vancouver Winter Olympics. Nodar Kumaritashvili, a luger from the former Soviet republic of Georgia, died in a crash during a training run. Criminals have used that incident to deliver malware through bogus tribute sites, news sites, videos and so forth.

These people have no scruples.

During the Olympics, you may want to keep up with your favorite Olympic sport. That works to the hackers’ advantage. You may want to follow a news item of some recent political story. That works to the hackers’ advantage. Whatever generates traffic, these criminals will take advantage of the opportunity.

We want our readers to protect themselves. This malware junk is intended to ambush people online. It does not matter where you go now online. Simply being online is a danger, and security precautions should be taken. And every machine that you use should be protected.

Every machine that you use to go online, no matter how briefly, has to be protected. Even if you have a machine that you do not put online, it should be protected. You may sync your other computers to this machine that you keep offline and some malware may slip onto your system. Because we strongly recommend protecting all your machines, we are recommending the award winning security offered by Spyware Doctor.

“Spyware Doctor with AntiVirus is a top-rated malware, spyware & virus removal utility that detects, removes and protects your PC from thousands of potential spyware, adware, trojans, viruses, keyloggers, spybots and tracking threats.” It has won numerous awards and Spyware Doctor is good for “Microsoft Windows 7 (32bit, 64bit), Windows Vista SP1+ (32bit, 64bit), Windows XP SP2+ (32bit).”

This is one of the premier, well recognized security programs. And PC Tools is allowing three computers to be protected under one license. That means that, for under seventeen dollars each, three computers can be protected from viruses, spyware, malware and other security threats:

This is a bargain to protect every online computer in the house. This means every desktop, laptop, and netbook – everything. This is a bargain to do so. And when you use Spyware Doctor, update the security definitions regularly. It is doubtful that malware will decrease any time soon. Security measures are absolutely necessary – unfortunately.

Common Web Sites Compromised with Malware

Today, one security firm reported that there were about 5.5 million pages infected with malware in the last three months of 2009. Some of those pages were commonly visited sites: “In those three months, sites for Fox Sports, technology blog Gizmodo, and the Gerald R. Ford International Airport in Grand Rapids, Michigan, were exploited to deliver malware to unsuspecting visitors.”

There was a commonly held belief that if you avoid “bad” sites and limit yourself to popular sites, then you would be safe from malware. Obviously, this is not the case. Hackers are becoming very sophisticated and they will go where they can find the most traffic to exploit. That means some very popular sites have been targeted and will be targeted in the future.

It is no longer some teenager wanting to cause some problems and showing off for a limited number of friends. This is organized crime. These criminals want to exploit computers for identity theft, for spamming, for developing a bot network, and for other criminal intent.

The dark side of the Internet is that everyone is a target, and we remind our readers to protect themselves and their personal information. These Internet crimes are silent; it may take months or years, for example, before you realize that your identity has been stolen and exploited. If you are online, you must pay attention to Internet security. That is why we recommend security programs such as Webroot Internet Security Essentials (WISE).

“… With unmatched anti-virus, anti-spyware, and firewall security, WISE provides blockbuster protection for your PC. In fact, the technologies in WISE have won a combined 11 PC Magazine Editors’ Choice awards! These technologies provide more complete protection than competing products to proactively block: viruses, spyware, worms, trojans, data theft, rootkits, hackers, intrusions, keyloggers…”

Webroot is allowing up to three computers to be protected and with a ten dollar discount. This works out to an amount under seventeen dollars per computer. It is a huge bargain.

Protect yourself with an award-winning program. If you have more than one computer, you need to protect all of them. We want you to be safe online and just securing one machine is not enough. You do not want to be spreading malware when you synchronize your machines or share files between the machines.

This Webroot offer would be an exceptional gift to any friend or family member who does not pay much attention to Internet security. This is an easy to use program that you can give for year round computer security. And remember, this offer allows you to protect three computers.