Monthly Archives: October 2014

Online Holiday Shopping Series #1

It’s November and the holiday shopping season is upon us again. The African American Cyber Report is launching a weekly series focusing on online holiday shopping. Each week through New Year’s Day we will investigate a different facet of online shopping from safe and secure payments to the apps and websites that get you the best bargain. If we hear of a special sale or online event we will let you know about that as well.

African-Americans are a powerful consumer segment. According to a report from The Nielsen Company entitled The State of the African-American Consumer,” black buying power is nearly $1 trillion. How’s that for a U.S. consumer market segment? Black people are not only a significant market segment but they shop more than other groups, spend less money per trip and spend more time investigating the product before buying. Research indicates black people are smart, savvy shoppers.

Before we examine the choice of credit versus debit cards for shopping online we need to take a quick look at black people and their credit cards. According to a report from the NAACP and public policy research firm Demos entitled “The Challenge of Credit Card Debt for the African-American Middle Class,” approximately 42 % of black households are in debt. These families are borrowing simply to make ends meet and to pay for basic expenses, such as groceries, rent and utilities. Overall black people face greater credit restrictions and are more likely to be subject to harsh credit collection tactics. Many black people pay higher interest rates and fees for alternative financial services that includes pre-paid debit cards and check cashing services. So the picture shows that we have a powerful market presence but we also have problems managing and retaining credit. And I might add that it is not always someone else’s fault.

Credit vs. Debit for Online Shopping

Right off the bat the credit card wins hands down for shopping online. But lets not ignore the benefits of the debit card. Especially if you have a tight budget and need to restrict the spending of yourself or someone else.

Credit cards offer distinct advantages over debit cards.  And if you are holding a credit card now is the time to get real familiar with the protections that come with that card. Make sure you understand what security measures the card offers against fraudulent charges as well as the method for disputing purchases. There are going to be black people who order something from an online store only to discover that it is not what was advertised. As an African-American consumer make sure you know the dispute process . Study it before you hit those online sales. Its your money we’re talking about.

Carrying around a credit card from the right company offers some awesome benefits. These benefits can vary from one card issuer to another so it’s a good idea to study your account agreements for the details. Study that thing and make sure you know it. It can save you some headaches and provide some surprising benefits on everything from buying airline tickets to renting a car to getting a warranty extended. If you’re planning to travel over the holidays then you need to investigate the travel benefits of your credit card. Some credit cards offer travel services like getting a seat upgrade or discounts on luggage fees. Other benefits include rental car upgrades or insurance or hotel discounts and upgrades. Travel insurance is also available from some cards free of charge. Some cards offer help finding a doctor or lawyer. If you buy a product that has a warranty you can actually get that warranty extended for up to a year depending on the credit card. But keep in mind that these benefits are sometimes automatic and others you have to ask for. So studying your card agreement is extremely important. Didn’t I say that before?

The beauty of credit cards is that there is an extra layer between your real money and other people. A debit card or pre-paid card is the same as cash and that is where you find additional, and unnecessary risk. As soon as you make a purchase that money is out of your account.  Any problem with the purchase and its just you and the merchant. And that is a very weak negotiating position. The Better Business Bureau or your bank may be able to help but not much.

By using a credit card, you have a powerful company on your side. This makes disputing charges and getting satisfaction when having to return an item much easier. With a credit card the purchase in dispute is not yet paid for. The card issuer can refuse to honor the demand for payment and that leaves the merchant in a lurch. So that merchant is more likely to respond favorably to your demands. CreditDonkey.com, a credit card comparison website, offers a list of the best credit cards for shopping online.

For all you out of control spenders, credit cards are still better than debit cards. A frequent complaint about using credit cards as a primary form of payment is that the advantages are outweighed by disadvantages for many people. As I stated above many African-American consumers simply can’t handle credit cards without spending more than they can afford. And what happens? Higher interest rates, ruined credit scores, all that.

But overdraft protection on a debit card is even worse. Yes, you can over spend with a debit card. Over charging on your debit card results in multiple overdraft fees which are more than credit card interest rates and late payments. And unlike a credit card bill that arrives once a month your bank account takes the hit immediately. With a credit card, you can close your account and work out a payment plan, but with a debit card you don’t get that option.

Many pre-paid debit cards a very popular in the black community. But being popular is far different from being a good option. Many pre-paid debit cards, while intended to help the African-American community are often doing just the opposite. Pre-paid cards have been criticized for exploiting poor and dis-advantaged black people by charging higher, sometimes exorbitant fees. This is especially so when people make the mistake of thinking of the card as a credit card. But the pre-paid card is a huge and profitable market to the tune of about 500 million cards in circulation channeling billions of dollars in sales. You can find a list of the best and worst pre-paid cards here.

Another payment method you need to consider for your holiday shopping is the retail card. Be aware that these store cards can carry some pretty high interest rates. But at the same time you can take advantage of some pretty good deals by using the store credit card. Some stores will give you as much as 10% off your purchase if you apply for the card at the register. Using these cards does not carry a lot benefits at all. And they are dangerous to your credit report. For example when you fill out that card application it shows up on your credit report and if you close the account it stays on your credit report. But if you are looking for the best retail cards to shop with this holiday season you can find the top ten here.

So as you start hunting for those holiday bargains and eagerly wait for Black Friday or Cyber Monday be aware that there is a difference between a credit and a debit card. Make wise purchases and know what tools and weapons you have at your disposal when using that credit card as you shop this holiday season.

Now you know

Halloween’s Most Horrible Hacks

ID-100197712

Courtesy of hyena reality

Halloween happens in just a few days. And on that frightful night some pretty horrifying little creatures will be knocking at your door. Terror and fright on Halloween is all fun and games. But real terror has become part of our lives in the digital age. We have come to fear identity theft, data breaches and other digital age terrors. Everyday someone has a bank account emptied. There are monsters in cyber space. Online digital demons commit evil acts and do horrible things using technology and the Internet. We all need to be aware of the evil that lurks in cyber space. But evil has no limit as hackers are always trying to out do one another. There is a threat in cyber space that could kill thousands and even cripple civilization. Here are some really terrifying Halloween hacks.

1) Aircraft hacking is real. What happened to Malaysian Airlines Flight 370? It disappeared without a trace. Was it hacked? No one knows. It simply disappeared.  IOActive’s Ruben Santamarta said it was possible to hack satellite communications equipment on passenger jets. This is done by hacking into the Wi-Fi and in-flight entertainment systems such as those found on Southwest Airlines. This attack was proven possible but only in a laboratory. Santamarta said a potential attacker could hack the plane’s avionics disrupting or altering satellite communications. The result would be a modification or disruption of the aircraft’s navigation and safety systems. Aviation experts disagree, calling such an attack impossible. But is it? PlaneSploit is an Android app that has demonstrated the ability to take over an aircraft. Created by security researcher and commercial pilot Hugo Teso, the app allows users to control a plane from the ground using an Android phone, a radio transmitter and flight management software. The app is not exactly highly technical but you need some hacking knowledge. PlaneSploit was demonstrated during the Hack In The Box conference in Amsterdam. Teso demonstrated how he could change the flight path of a plane to a crowd. You can use this system to modify approximately everything related to the navigation of the plane,” said Teso, adding, “that includes a lot of nasty things.”

2) Murder by hack! If someone has an implanted medical device an evil person could tamper with it and potentially kill them. Medical devices have the capability of being hacked. In 2012, the late New Zealand hacker Barnaby Jack discovered a way to hack an implanted insulin pump causing it to inject 45 days’ worth of insulin in one shot. He also figured out how to shut down a heart pacemaker. Needless to say either of these hacks would cause almost instant death.

An investigation by the US Department of Homeland Security is focusing on “two dozen cases of suspected cyber security flaws in medical devices and hospital equipment.” These flaws could cause serious injury or death in the recipient. Unnamed sources familiar with the investigation by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) report the devices under investigation include infusion pumps from Hospira Inc. and implantable heart devices from Medtronic Inc and St Jude Medical Inc.

Modern implanted medical devices were never designed to be “hacker proof”. This makes them easy targets for the evil hackers we know are out there. 

3) Disrupt civilization. How would you survive without electricity, water or telephones? What would life be like if you could not buy groceries or gas? What if the traffic lights suddenly stopped working? What if a nuclear power plant became unstable due to a hacker taking over the controls? All these are very, very real possibilities and would most likely create panic even anarchy. Civilization would come to a halt.

University of Michigan security researchers using  a standard laptop hacked nearly 100 wireless networked traffic lights and were able to change the state of the lights on command. A hacker could paralyze a city with this technology.

Research released by Automatak in 2013 revealed 25 vulnerabilities in power plants across North America. The flaws found at electrical substations, water utilities, and power stations left them open to attack. If a hacker so desired they could exploit these vulnerabilities to crash or hijack the servers at these facilities resulting in the loss of utilities for millions of people.  Hackers have also attacked the banking and financial network causing outages at ATMs and retail point of sale systems locations.

4) Are the babies safe?  The connected home is here. Everything in your home can be connected to the Internet and controlled through your mobile device or web browser. And this means that a hacker can hack into your home turn off alarms and open doors for burglars or worse. They could tamper with the thermostat, lighting, sprinklers or other home controls systems. A hacker could penetrate, even take over devices. In April of this year an Ohio couple were awakened by the voice of an unknown man shouting “wake up baby!” through their wireless baby monitor. A hacker had penetrated their home network and was harassing a sleeping child. Cameras throughout the home allowed the hacker to see the child in her bed.  Hackers have taken control of laptops with webcams and microphones and spied on families. Hackers have taken pictures of women nude, including Miss Teen USA, and blackmailed them. Its called sextortion. Smart televisions with cameras and Internet connections have also been hacked and used to spy on people. Devices in the modern connected home present significant security risks. Keep that in mind as we enter the frightening age of the Internet of Things.

5) Empty the prisons. Did you ever see that movie where a small town was overrun and terrorized by escaped convicts? Is this possible? The answer is yes! Modern prisons are now computer controlled. At a recent DEFCON conference in 2011 researcher John Strauchs demonstrated that it is indeed possible to open every cell door in a prison at once. He hacked into an industrial programmable logic controller. The same hack used to attack an Iranian nuclear facility. What would happen if a hacker could do this to prisons or local jails all over the country on the same day?

6) Your car is a death trap! The newest cars are Internet connected with WiFi and Bluetooth technology. New cars no longer use keys. They can be unlocked and operated  using a wireless key fob. You can get GPS directions and Internet radio and movies. But a hacker could decide to disable your brakes while you’re doing 70 mph on the interstate! Maybe a criminal just wants your car and decides to hack the door locks and just drive away…with you in it! Imagine the horror of discovering your steering is locked while driving with your family in the car. These things can happen with the new technology in cars today. Read all about it here in the AACR report “Hack My Ride”

What we are talking about is not an imaginary scenario. Technological terror is real and the next hack could seriously impact the entire nation. Cyber terrorism is the new frontier for terrorists and they are seeking a target. The intend to do damage far worst than the 9/11 attacks. Imagine if every person in the United States woke up to find that our electronic financial infrastructure was crippled and the banks were shut down? It could happen. Ask  the FBI who have an entire division that is dedicated to stopping a cyber terror attack. But most experts agree, it will happen.

Happy Halloween!

 

Websites that Empower Black Voters

Get Yo Black Ass Out and VoteElection season is here and on November 4th African-Americans are again offered the priceless opportunity to vote and flex our political muscles. And in this upcoming election cycle that is exactly what we need to do. The black vote is the key to Democrats holding the Senate.

According to a Washington Post report President Obama received a dire warning about the upcoming mid-term elections. A political pollster predicted  “crushing Democratic losses across the country” if the party did not do more to get black voters to the polls.

“African-American surge voters came out in force in 2008 and 2012, but they are not well positioned to do so again in 2014,” Cornell Belcher, the pollster, wrote in the memo, dated Oct. 1. “In fact, over half aren’t even sure when the midterm elections are taking place.”

“Anybody who looks at the data realizes that if the black vote, and the brown vote, doesn’t turn out, we can’t win. It’s just that simple,” said Representative Marcia L. Fudge of Ohio, the chairwoman of the Congressional Black Caucus, referring to African-American and Latino voters. “If we don’t turn out, we cannot hold the Senate.”

“It’s pretty clear that the black vote can, and does, decide elections.” 

According to the U.S. Census Bureau black voter turnout has surpassed that of white voters. African-Americans were the only race or ethnic group who’s turn out at the polls increased in 2012. Most of the increase was in the Midwest and Southeastern U.S. At the same time the number of white voters declined for the first time since 1996 despite an increase in the population.

Pew Black VoteResearch by the Pew Research Center showed that black people are turning out in greater numbers and this is not linked to a population increase. Pew Research also revealed that the black voter turn out had nothing to do with black candidates or President Obama. “Unlike other minority groups whose increasing electoral muscle has been driven mainly by population growth, black’s rising share of the vote in the past four presidential elections has been the result of rising turnout rates,” the report stated.

Even though black people have made great political progress over the last 50 years we still have the problem of fighting voter apathy. President Obama was asked about the efforts to restrict the voting rights of minorities. According to a report published on the TheHill.com President Obama believes that it’s voter apathy not voter ID efforts that is the greatest hindrance to minority voting.

“Most of these laws are not preventing the overwhelming majority of folks who don’t vote from voting,” Obama said during an interview with Rev. Al Sharpton. “Most people do have an ID. Most people do have a driver’s license. Most people can get to the polls. It may not be as convenient, it may be a little more difficult.”

The President went on to say; “The bottom line is, if less than half of our folks vote, these laws aren’t preventing the other half from not voting,” Obama said. “The reason we don’t vote is because people have been fed this notion that somehow it’s not going to make a difference. And it makes a huge difference.”

But being politically active requires more than just voting. Black people need to pay closer attention to what is happening in Washington D.C. as well as locally. Not only do we need to vote but hold our representatives accountable for their actions. It makes a difference in every aspect of African-American life.

There are many online resources for empowering the black voter. These sites get our message to our elected representative as well as monitor what that person is doing, how they vote and who is putting money in their coffers; black representatives as well as white.

In May of this year the AACR reported on a new website named Countable.us. Click here to see that report. Countable.us is a powerful website that monitors the bills currently working their way through Congress. Once you register the site will show you your representative if you don’t know who they are. Countable.us  will give you a short synopsis of the bill, the argument for and against, what it is is designed to do and who is sponsoring it. Countable.us gives black voters the chance to vote “YEA” or “NAY” on the bill and send that information directly to your elected representative via email. You can also find your elected representative by going to the U.S. House of Representatives website and entering your zip code.

Like all voters African-Americans have the right to see our elected representative. These people are there to represent you and they are obligated to at least acknowledge your view. So black people speak up. Its easy to get face-to-face with these politicians. You can get a lobby visit which is a meeting where you express to your elected representative  how you feel about about a certain issue or bill. And you don’t have to go to Washington either. Members of Congress may have one or more offices in their congressional district depending on its size. Your representative may not be there often but there are permanent staff members at each office with whom you can meet.  Elected representatives often visit their home districts during Congressional recess and often hold town hall meetings and office visits during this time. For more detailed information about meeting your elected representative visit the ACLU website.

Black voters have the right to know is who is putting money into the coffers of our elected representative. Lets be real; money equals access. If you want an elected representative to really hear you you need to speak in dollars and vote. It’s the reality of our democracy. You can get a good idea who is spending money and influencing your representative by visiting the OpenSecrets.org website. All the money that comes into political campaigns must be reported. You can see who gave what to whom just by searching that person’s name at the Federal Elections Commission website.

Other websites that expose the influence of money in politics include Maplight.org and Campaignmoney.com.

MapLight Big Social Logo 3

So who is your representative listening to? You can see who influences your representative and his campaign by visiting the SunlightFoundation.org website. This site offer a listing of websites that can help you track every dime your representatives takes in. The information is also available from the Federal Election Commission.

Another great site for black voters is Corporations.org. This website will reveal the campaign contributions and voting record of your elected representatives. As black people we don’t automatically trust politicians not even the black ones. That’s being real about it. So if you want to know who gave your representative money and how that money affected his or her vote then check this site. You can can see your representative’s voting record there. Govtrack.us is another site that allows you to see your representatives voting record. This site is up to to date and will show you the last major vote and who voted how. You can search votes by your district by entering your zip code.

Other sites that allow you to track and research your representatives voting record include;

Washington Post U.S. Congress Votes Database

The Library of Congress Thomas Roll Call Votes

OpenCongress.org

Elected members of Congress are held to a higher standard. Even the most junior member of Congress holds an immense amount of power and influence. But are these people trustworthy? Not always and that is why politicians are seen in such a negative light especially by black voters. All voters, not just African-Americans, need to know who is misbehaving in Washington. There are websites for that as well. You can see what representatives were, or are currently, being investigated for ethics violations by doing a little research at the Citizens for Responsible and Ethics in Washington or CREW website. Right now this site reveals on its homepage 17 members of Congress that are currently under investigation. The list contains 10 Republicans and 7 Democrats and some pretty well known names like former Republican presidential candidate Michelle Bachmann and Democrat Bobby Rush, civil rights activist and former Black Panther. By clicking any of the names you can get a synopsis of the charges and who is doing the investigating.  You can also see the latest legal filings by CREW aimed at members of Congress.

Other site that keep track of Congressional investigations include;

OpenCongress.orgGovtrack logo

Office of Congressional Ethics

House Committee on Ethics

Govtrack.us

 

The bottom line is you need to “Get Yo Black Ass Out and Vote!” Black votes count! It’s really too important to ignore when you see what is happening to black people everyday. Think about what we go through even to this day. We have a black President but is that really enough? We see how he is treated and dis-respected almost everyday. Part of the blame lies with us. What politician would dare do and say the things they have said about the President of The United States if they truly respected black voters? We are not asking  to be treated special just fairly. And the only way to get fair treatment and respect as citizens is to vote. Do you need to be reminded of the beatings and murders that took place so black people could vote? So why don’t you “Get Yo Black Ass Out and Vote!”?

Congress Not Interested in Cyber Security

President Obama SignatureIn a move to spur the move to pin and chip cards President Obama signed an executive order directing government agencies to shift to the use of chip-and-PIN cards. The order directs the use of the more secure cards for use in consumer benefits programs, including Social Security.

At the Oct. 17 appearance at the federal Consumer Financial Protection Bureau, the President also announced a cyber security and consumer protection summit that will be hosted at the White House. The summit will bring together cabinet members and key industry players  in the consumer financial sector to examine the best practices, advance adoption of stronger security standards and discuss next generation technologies.

“We are also calling on Congress to pass meaningful cyber security legislation that will help the government better protect federal networks and legislation that appropriately balances the need for greater information sharing and strong protection for privacy and civil liberties – respecting the longstanding responsibilities of civilian and military agencies,” Obama says.

President Obama also urged Congress to pass a national data breach notification law. According to the President the numerous differing state laws is unsustainable and benefits no one. “Today we are calling on Congress to act with urgency on data breach legislation, to bring clarity to the expectations consumers should have when their data has been breached, and to mandate steps companies must take to notify their customers of risks after such security breaches,” said the President.

Although the President is urging Congress to act Washington not changed. Many experts do not believe that a national data breach law is possible this year. Experts say that no bill has been introduced on Senate or House floors in the current Congress. Those familiar with the legislative process report that those who promote the law and those who would be subject to it cannot agree. Congress simply cannot agree on key provisions of data breach notification measures. Basically businesses want less stringent data breach notification rules than do consumer advocates.

“In some ways the inaction is remarkable,” says Peter Swire, senior fellow at the Future of Privacy Forum and professor at Georgia Tech’s Scheller College of Business. “We had spectacular data breaches involving tens of millions of consumers, and even that is not enough to prompt Congress into action.”

During the last four Congresses, the Senate Judiciary Committee has approved bipartisan data breach notification legislation. Sadly none of the bills ever came up for a vote. Chances of that happening in the current Congress don’t look good.

Even without federal data breach legislation data breach notification is regulated in most of the United States. Data breach law is enforced on a state-by-state basis. Currently 47 states have enacted data breach notification laws. You can examine your state data breach law at States Advance Breach Notification Laws. These state laws vary from one another and companies suffering data breaches can pick and choose what state laws they wish to follow. Many business groups would prefer to see a single, national statute to cut down on the paperwork involved in reporting data breaches.

Breaking it down

What President is saying is that the ones that are supposed to be working to protect us are clearly failing. Congress has exhibited a pathetic lack of desire to do what they are elected to do. In the past year we have seen massive data breaches that exposed the payment information of hundreds of millions of Americans. Does it look like Congress gives a damn? We have seen our government systems hacked and government employee personal information stolen. Has Congress done anythinh? We see our intellectual property stolen, medical records stolen and even military systems attacked and breached. And what are they doing in Washington? Nothing! Not a single data breach or cyber security law has even reached the floor for a vote. You might want to vote this election year. Why is Congress waiting for security advocates and companies to come to an agreement? We need our elected officials to act in the best interest of the citizens. They should have been up in arms about their constituents information being stolen. They should be but does it look that way to you?

 

Ebola Scams Hits Email In Boxes

Has Ebola hit your email inbox?  The latest Internet scams, malware and viruses come in the form of email related to the Ebola virus. These emails come from various sources claiming to be agencies of the federal government, health insurance companies, charities, and news services.  All claim to have vital information about the outbreak. Some claim to provide information about either avoiding the Ebola virus, what to do if you think you have it and how to buy insurance against a possible infection. Some emails claim that your medical insurance will not cover you if you get infected. But you can buy Ebola insurance. Many of the emails contain links or attachments that may download malware or viruses into a users computer. Some of the malware has locked up computers and demanded payment to release the computer back to the owner. Others install malware that copies user names and passwords.

Another email is being sent to people who have recently traveled stating that they may have been infected and they need to click on a link or complete a form to report their name, address and other sensitive information to health authorities. This is a classic phishing tactic.

People are sharing Ebola news via email so look out for email with links or attachments that come from friends. Many viruses and malware programs are designed to email themselves to all the names in the email contacts list. If your friend sends you an unexpected email with a link or attachment don’t open it. Call them and ask if they did indeed send it and what is it? 

The US-CERT (United States Computer Emergency Readiness Team) has issued warnings regarding Ebola scams. The organization has warned Internet users to be alert for fraudulent emails of this kind to avoid malicious cyber campaigns.

Internet users are warned to be careful if they receive these types of email messages, If you do receive an Ebola email keep yourself safe by taking the following steps:

Simple common sense will spot many of these scams. Many cyber criminals are not native English speakers.  So they give themselves away with poor writing and English with various typos, grammar mistakes, an odd sender’s email address or a link to a suspicious domain. These are among the most common signs of a scam.

“Ebola scams will continue to push strong emotional triggers, so we advise users to double check online warnings, news updates and videos. Getting news straight from reputable sources and media agencies is always the right thing to do,” said Bitdefender Chief Security Strategist Catalin Cosoi.

Another Ebola scam will tug at the heart of many victims. Fake charities are starting to pop up for Ebola victims and soliciting online donations. Some people have reported receiving calls from charities asking for donations. Before you give a dime to anybody verify the legitimacy of the charity or just donate to the good old Red Cross

Breaking It Down

Lets admit that some people have no qualms about doing whatever they have to do to rip you off. People are suffering and dying with this horrible disease but somebody is thinking about making money off it. Don’t play into that. Use caution when dealing with any email about the Ebola virus. Same for anyone calling asking for donations. As a matter of fact, treat both as if they do indeed have the virus. Keep your anti-virus software up to date. Make sure your friends and family are aware of the scams that are out there.  If you believe that you may have been exposed then stay at home and call 911 for help. And don’t buy Ebola insurance. C’mon; Ebola insurance? Really?

For more information about Ebola scams please see;

Better Business Bureau Warns of Ebola Scams

Scammers are Cashing in on Your Ebola Fears

FDA Warns of Ebola Scams

Ebola Scams Hit the Web

 

African-Americans and Data Breaches

national cyberWhy should black people worry about data breaches? Because the loss of data to cyber criminals is an exploding problem and awareness is the only way to protect yourself.

Data is everywhere. Wherever you have used your credit or debit card is a source of data. This is where information about you, your bank, credit records, buying habits and what cards you hold is stored and all with your name on it. If this information gets out “in the wild” people are now in your business and you know how black people feel about that and our money.

Lets look closer at where your information can be found. Here is a list of businesses that may hold information about you and your money. Add to this list any place you have used your credit or debit card.

  • Hotels and resorts
  • Restaurants
  • Ticket sellers
  • Entertainment companies
  • Sports teams
  • Fitness clubs
  • Salons and spas
  • Insurance companies
  • Mortgage companies
  • Utilities
  • Mobile phone providers
  • Internet providers
  • Money managers
  • Banks and credit unions
  • Credit card issuers
  • Hospitals
  • Pharmacies
  • Doctors and Dentist Offices
  • Auto repair shops
  • Hair and beauty salons
  • Daycare providers
  • Retail stores
  • Grocery stores
  • Gas stations

How serious are data breaches? According to USA Today 43% of businesses have suffered data breaches in the past year. Lets be real about that statistic; many of the large businesses will report a data breach especially when the breach involves millions of credit or debit cards. But smaller business may not report a data breach if they even realize they have had one. That’s why you should be concerned.

Not only are data breaches more frequent but they are increasing in size. The latest big data breaches at the big retailers have lost more than 300 million records. You are probably one of millions of black people who have shopped at Target, Kmart and Home Depot. Your data has been stolen.

If you want to see how serious this data problem has become here are a few frightening numbers from KrebsOnSecurity.com.

You would think with the ever increasing size and frequency of breaches businesses would be ready to act. But less than 30% of companies have a data breach response plan or team in place. That number is down from 39% of businesses that didn’t have them in the previous year. So the simple fact is that black people need to be concerned. We have to be knowledgeable and ready to act in the event of a data breach to protect our information.

But data breaches do not just strike retail businesses. Hospitals are big targets for hackers. According to Health IT & CIO Review since March there have been at least ten hospital data breaches. Los Angeles County Medical Facilities  alone lost nearly 170,000 patient medical records.

Director of Threat Intelligence at Phish Labs Don Jackson monitored underground hacking exchanges and found that cyber criminals can make 10 times as much money hacking hospital records than stealing your credit card data.  Hackers steal names, birth dates, and insurance policy numbers then use the data to create fake IDs to buy things like home medical equipment which can later be re-sold. The data is also used to file phony insurance claims. 

Now the question is what happens to all that stolen data. The new gold mine of the criminal world is data. AACR Rule #5, The currency and commodity of the digital age is called information. According to the RAND Corporation National Security Research Division  the stolen data black market has become more profitable than the drug trade. You read that correctly.

What black people should understand is that stolen data is far more than credit card numbers and personal information. Hackers can make money with pictures from your Facebook page and other social media outlets. Hackers see sites like LinkedIn and eHarmony as a treasure trove of passwords that can be used to update their “rainbow tables.” Rainbow Tables are huge databases hackers use to hack harder-to-crack encrypted passwords. Would you believe that hacked Twitter accounts are considered more profitable than stolen credit cards?

The bottom line is that black people are just as vulnerable as other Americans to hacks and data breaches. The difference is that collectively we may not be as savvy to what and how this information is used to steal from us or how to protect ourselves. Its strange because black people use mobile and online banking more than other groups. We need to step up our game.

 

How to Respond to a Data Breach

national cyberData breaches are becoming more and more frequent. And as an African-American you need to be afraid of this trend. Your information is being used to steal from you and others. Right now someone could be using your identity and credit to buy a new car or even a house. If this happens to you it could be a terrifying and life changing experience. And it all starts with a data breach.

How do you respond to protect yourself after a data breach? As I have said before, you need be ready, knowledgeable and focused on protecting yourself before and after a data breach. Here’s how.

1) First of all pay attention. Data breach fatigue is a serious issue. You cannot afford to dismiss or ignore any news of a data breach. Know who suffered the latest breach and how that could affect you. Ask yourself; have I done business with this company? What credit or debit card did I use? Have I checked my bank statement for suspicious charges? You should do that every night with all your bank and credit cards. And tell your friends and family. 

2)  Take action. If you discover that you have done business with a breached business call your bank or credit card provider and let them know right away. A good financial service provider may beat you to the punch and contact you first to issue a new card. If not ask for a new card and change all your PINs.

3) Accept help. Get the free identity and credit protection service that a breached company typically offers you.  This has become standard industry practice. Home Depot has offered any customer who paid by card at any of its stores since April 2014 free protection.

4) Watch carefully. Request a 90-day fraud alert from the big three credit bureaus, Experian, Equifax and Transunion. Especially if your Social Security number was stolen in a breach. Request a note on your file so any credit application is more thoroughly verified for proper identity. 

5) Put your information on lockdown. Put a security freeze on all your credit data. This means the credit bureaus can’t give it out without your permission. Again; this is especially important if your Social Security number was stolen.

6) Lock the doors. Change all your passwords and PINs. I said password didn’t I? Correction; use a pass phrase that looks like this ” 54%@Ed7HGb4r” Learn to do this and memorize it. And don’t use the same password at multiple sites, especially for accounts that involve your banking or credit card information.

7)Use  two-factor authentication. Especially for banking sites and other financial services. Step up your game by using your bank’s two factor authentication system. Be for real, its your money we’re talking about. This step will make you jump through another hoop to log in. In most cases the website will send a text message with a passcode for your phone.

8) Watch your money. Check your bank and credit card statements as often or more than you check your social media account. Make a practice of checking your accounts every night before bed. It will help you sleep better. And look for strange small charges. That’s how a thief tests the system.

9)  Set up alerts. Make sure to set up alerts with your bank or credit card provider for any unusual purchases. Set a purchase limit so that any large charge is immediately flagged and you are notified. Some banks offer out of area alerts as well. This way you can know immediately of any funny business.

Don’t pretend that data breaches don’t affect you. Its likely that your data has already been stolen and is sitting on a cyber black market somewhere waiting to be bought and sold. Learn what it takes to fight back after a data breach and be ready to act.

Now you know.

How Not to Buy Stolen Stuff

Everyone wants a good deal. Nothing feels better than getting a nice phone, tablet or laptop at a nicely reduced price. But on the other hand there are millions of these devices lost or stolen each year. Last year alone over 3 million smartphones were reported stolen. Would thieves continue to steal these devices if they were not easy to re-sell? I don’t think so.

So how can you avoid buying a stolen phone or other device? First let me tell you why you don’t want to buy a phone, tablet or computer from a dubious source. First of all you could be buying junk. If a smartphone is reported stolen you may be unable to activate it. Your service provider may have information that the phone is stolen and could report you as having it. Other times the service provider will simply refuse to activate the phone. You got a good deal on a useless product. Second, the device could be tracked and when the owner and the police catch up to it you get caught holding stolen property and could be charged. How do they know you aren’t the thief? Now you’re out the money and you need a lawyer.

A good deal is nice but let’s make sure you’re getting what you paid for and not a lot of regrets.

1) Be careful who you buy from. Make sure you are buying from an authorized re-seller. Cellphone service providers offer used and refurbished phones on their websites. These are nicely conditioned trade ins. You can also find good deals on Amazon, eBay, and Craigslist. But I would suggest being a little more careful on Craigslist since this is often the first stop for thieves to advertise their loot. Amazon and eBay offer profiles and seller reviews that make them more trustworthy than Craigslist. But even that is no guarantee so you have to do your homework. Check Swappa and Glyde for buying used phones as they have policies and safeguards in place for buyers.

2)Investigate. Regardless of the site investigate the device thoroughly. The ad should have basic information about the phone and its condition such as color, correct model number, and storage capacity. Also check the overall quality of the device. eBay will have conditions listed and you can see them here.   They are an excellent standard to go by. If possible make sure the picture is of the actual smartphone rather than an official photo taken from the Internet of that phone model. If you can contact the owner directly and they are not too far away ask to come by and see the phone. If they are too far away then ask for additional photos of the phone to make sure it matches the description. Ask for things like the original box it came in, manuals, the re-charger etc. If the seller does not have these things there is a problem; move on. Also ask for the original carrier if the phone is advertised as unlocked and  IMEI (International Mobile Station Equipment Identity) or the serial number of the device. Sometimes these numbers are altered. You can run a check on that number at the IMEI.info website. If the seller is unwilling to share this info then again; move on.

For buyers of Apple devices Apple offers  a new service on iCloud.com called Check Activation Lock Status. This lets the potential buyer quickly see if a device was reported stolen or missing. Just enter the IMEI or serial number of the device you’re thinking of buying. You will immediately know if someone used the Find My iPhone app to implement the Activation Lock. Activation Lock was first introduced in iOS 7 and it completely locks down the device rendering it useless until the proper Apple ID and password have been entered. So if you make the mistake of buying an Apple device that was stolen, you won’t be able to use it. And don’t even dream of getting your money back. You can also check the remaining warranty on the device using the serial number.

3) Can you return it?  Ok, you’ve done the homework and believe that the device is legit. Don’t hand over the money just yet. If you’re buying the phone off Craigslist ask the seller to meet in a public location like, say, the carrier store so you can activate it following your purchase, with the seller there. This the best final step. If the phone does not activate keep your cash. Another thing; if they already gave you an IMEI or ESN, you’ll want to double check that it matches up before handing over any cash. And if they didn’t give you that information before, you can check the serial number with one of the sites we mentioned above once you have it in hand. With Amazon and eBay they have strict requirements for the seller on their sites and the seller must provide a return policy or state all sales are final. If you see that then just go with another seller. Always make sure you have a safety net. Remember;  Caveat Emptor, let the buyer beware.

Now you now.

Ok, so now what do you do with the old phone?

AACR Joins the Fran Allen Show

Alexandria, VA- The African-American Cyber Report has joined forces with Baltimore’s ‘The Fran Allen Show’ to provide cyber news and information to her listening audience.

Entitled ‘You Don’t Know What You Don’t Know,’ the ten minute segment will provide AACR and Fran Allen Showthe latest Internet news and information tailored for the African-American community. The segment is designed to provide ‘The Fran Allen Show’ with a powerful new information asset for her audience as well as boost awareness of African-American Cyber Report news blog. ‘The Fran Allen Show’ is heard every Tuesday at 6:30 PM on www.buzzaboutitradio.com.

Tom Huskerson, founder of the African-American Cyber Report says; “Our objective is to be the leading source of Internet news for black people online. The African-American Cyber Report strives to provide information uniquely packaged and targeted at black people who use the Internet while keeping the language clear and easy to understand.”

Tom went on to say; “Joining with Fran is a great boost for the African-American Cyber report. We believe that we can appeal to and expand her audience with this segment. African-Americans are enthusiastic Internet users and are well served by the African-American Cyber Report and its partnership with the Fran Allen Show.”

Fran Allen, host of The Fran Allen Show shared, “I believe the addition of the “You Don’t Know What You Don’t Know” segment on my show with Tom Huskerson from the African American Cyber Report, is critically needed education for all of my listening audience.  I am pleased that we can focus on increasing awareness in the African American community and self development is key to finding your way in life for anyone.  Making an effort to learn what you don’t know is fundamental to that growth.

About Fran Allen

The Fran Allen Show is heard on BuzzAboutItRadio.com and is hosted by Fran herself. A native of Omaha, Nebraska Fran attended and graduated from Central High School. She then joined the United States Marines. After her military service she moved to Baltimore where she earned a Bachelor’s Degree in Business from Johns Hopkins University.  Since 1993 she has owned and operated a Personal and Professional Development business where she also managed several musical talents and served as the Deputy Campaign Manager for an inaugural congressional election campaign.  She is a motivational speaker, training facilitator, personal and professional development presenter, financial service educator and the author of three (3)  motivational books entitled, “How To Get An “A” In Life”; “Been Through…Going Through…The Journey” and “Words To Live By” with the 4th manuscript, “From Creativity to Creating Income: Turn What You Know Into Dough $$$”, in progress.

Presently, Fran is the owner of Self Development Success and provides personal and professional development services, including success coaching and financial/wealth generation seminars.” Through her business Fran works to create unrestricted streams of income for non-profit and community based organizations and programs to accomplish the mission of SDS, which is “to raise the quality of life for humanity.  Fran attributes all of her success in life to one undeniable fact – that she lives in the palm of God’s hand.  fran@selfdevelopmentsuccess.com

 

 

 

ALERT! Kmart & Dairy Queen Hacked ALERT!

Alasdair James, President and Chief Member Officer of Kmart, announced on Thursday that the company’s payment systems were hacked. Kmart’s IT team detected the breach of store payment systems. A preliminary investigation revealed a deliberate infection of the store’s system with a new form of malware  that compromised credit and debit cards numbers. Kmart says it does not believe personal information such as PIN numbers, email addresses or social security numbers were affected. The company’s website, Kmart.com, so far has not been affected by the breach.

A spokesman for Kmart said in a statement  “Our investigation to date indicates the breach started in early September. According to the security experts we’ve been working with our Kmart store payment data systems were infected with a form of malware that was undetectable by current anti-virus systems. We were able to quickly remove the malware. However we believe debit and credit card numbers have been compromised.”

According to Kmart the data breach was contained. Customers whose credit card information may have been stolen will not be held  liable for unauthorized charges.  A company spokesperson told SecurityWeek that they are not able to provide a figure on the number of customers impacted. Kmart is also offering free credit monitoring protection to any customer who made a purchase using a debit or credit card in any of its stores in September or October up to Thursday’s announcement. Kmart is currently working with federal law enforcement authorities, banking partners and security experts to solve the hack. The company did not reveal what security experts it was working with.

In another breach Dairy Queen reported that nearly 400 of its restaurants across the country have been hacked. The company blamed the ‘Backoff’ malware for the breach. According to Dairy Queen the malware entered the the company’s systems through a “third-party vendor’s compromised account credentials.” Dairy Queen said it has contained the malware. The hacked system contained customers names, payment card numbers and expiration dates, according to the company. Dairy Queen said the intrusion took place between August and October, but varies at each location.

Dairy Queen posted an online list of 395 restaurants including Orange Julius outlets where payment card data was compromised. Click here for the full list. Dairy Queen owns more than 4,000 stores.

For more information please see;

Kmart Registers Were Hacked, Credit and Debit Cards Numbers at Risk 

Kmart Hacked; Customers’ Card Numbers Exposed 

Malware Hack Dips Into Dairy Queen Customer Data