Once again, the vulnerability of RFID cards is demonstrated while the payment industry insists that it can’t happen.

At a recent hacker conference in Washington, DC one of the speakers, a security researcher, demonstrated the vulnerability of these cards by actually scanning the information of a volunteer’s card, writing it to a bland magnetic strip, and paying herself $15.00

Those of us tat follow this sort of thing have known this for quite some time – it’s no surprise. What concerns me more than the vulnerability is the fact that so many people attending this conference didn’t realize they had RFID cards that needed to be protected. These are security specialists and real hackers. If they don’t know, do you?

Take a look at the logos at the top of this post. Take a look at your credit and debit cards. Look for the words PayWave, PayPass, Zip, Blink or ExpressPay. If you see any of these on any of your cards, you need to protect them now. It can be as simple as a piece of tin foil or a commercially available protector. Just enter “rfid wallet” in your favorite search engine and spring a few bucks.

Article Source

Identity theft is on the rise, fueled in part by the crackdown on credit card fraud. You need to protect yourself in a multi-layer approach. In August I reported a serious increase in ID theft related fraud as reported by the Internet Crime Complaint Center. That trend continues.

Security is not a goal, it’s a journey, and you need to do everything you can in an on-going approach to protecting yourself against the scams, especially online. FaceBook, pop-up ads, fake websites, file sharing utilities, phishing email, instant messaging and more are all making you vulnerable whenever you’re connected to the Internet. Right now your computer is giving away more information than you even want to think about. Whenever you use it, you’re leaving behind a trail of information just waiting for an Internet thief.

If you’ve ever bought anything online… If you’ve ever used file-sharing software, such as Limewire or Kazaa… If you’ve ever had popups appear on your screen… If you’ve ever downloaded software from the Internet… If you’ve ever signed up for a PayPal account… Then your computer may contain private information, or be infected by spyware.

We’re all familiar with virus protection software and pop-up blockers. Most of them do an excellent job of what they are designed for, but they can’t protect you completely. Nothing can. You need to take a multi-pronged approach to security.

There is an affordable software package that will help protect you against identity theft. It’s got a pretty straight forward name, “Anti Identity Theft,” and it does what it does very well. It kills adware. It removes tracking cookies. It deletes temporary Windows files and empties your Recycle Bin. It protects critical data such as your credit card details, mother’s maiden name, and full address – and stops Internet thieves, hackers and even nosy family members from accessing your private information.

Why not take a look at Anti Identity Theft and decide for yourself?

A recent article on the FBI news site indicates that ATM card skimming is on the rise. The bad guys are getting very sophisticated and building skimmers that are virtually undetectable unless you are looking for them. The article tells how it’s done and how to detect if the ATM you’re using is fitted with skimming devices.

Data breach at Epsilon

Epsilon is a company you probably never heard of but they almost certainly are an influence on you. You need to know what just happened to them.

How big was Epsilon’s breach?

Epsilon is a huge player in the email marketing game. And you can almost bet that they know about you and one of your email addresses. I feel confident in saying that because they provide the email marketing services for so many big companies that you’ve probably done business with at least one of them.

Earlier this week the news broke that Epsilon’s email system had been breached by persons yet unknown. The extent of the breach and which of their customer databases were hacked is still not public and probably not known. They may never know. According to their own Press Release, only 2% of their client base was impacted and only names and email addresses were affected. But, as the press release states, “… rigorous internal and external reviews continue to confirm that only email addresses and/or names were compromised.” To me, that means that they aren’t sure yet.

To give you an idea of the potential problem, here’s a partial list of Epsilon’s client base: CitiBank, JP Morgan Chase, Capital One, U.S. Bank, Barclays Bank, Verizon, Walgreens, Visa, Kroger, Best Buy, Home Shopping Network, Hilton WorldWide, Marriott International, Disney, Target, 1-800 flowers, AmeriTrade, RedRoof Inns, Ameriprise Financial, Dell Computer, TIAA-CREF.

If you haven’t done business with at least one of these companies I’d be surprised.

What does Epsilon’s breach mean to you?

You may have already gotten an email from one or more of the Epsilon clients. At this point we don’t know if emails were sent out by all their clients or just ones that they’ve confirmed as being affected. I’ve gotten two of them myself.

Names and emails being breached doesn’t sound very ominous when other breaches have involved credit card numbers or even Social Security numbers. But remember they are still trying to confirm the extent of the breach. IF they are correct and only names and emails are affected, this could still have a huge impact.

Phishing emails will start going out to the breached addresses and, since we can assume that the breach was perpetrated by sophisticated criminals, you can count on those phishing emails to look genuine. I hate to say it but a lot of people still fall for these scams. And then there’s the malware – viruses and trojans that could be aboard these emails!

Don’t fall victim to phishing!

I’ve been warning about the RFID cards since I first heard about them. Here is more proof that they’re dangerous. A television reporter goes out on the street and accesses credit and debit card information while the victim’s cards are still in their pockets or purses.

Pay attention please folks. These things are dangerous to your finances but the banks are insisting on putting them out there for all of you. And while they are doing it, they lie about how insecure they really are. And they say that even if thieves could read the cards, they couldn’t do anything with the information. Again, it’s been proven to be a flat out lie.

There are shielding sleeves and wallets available at low prices. I urge you to invest, yes, it’s an investment, in one. I also encourage you to look at your credit card statements on line at least weekly.

Take a look at your cards. If any of them have a similar logo, don’t leave home with it, at least not without a protective sleeve