February 23, 2010 10:24 AM
- Text
Protecting Yourself Against ID Theft
(CBS)
As you may have heard, the Justice Department on Tuesday indicted 11 people for hacking into nine major U.S. retailers' networks which resulted in the theft of 40 million credit and debit card numbers.
If you or your family shopped at TJ Maxx, BJ's Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever 21 or DSW your information could have been included in this online heist. The thieves broke into the stores' wireless networks using a technique called "war driving" whereby they simply drive or walk by the store using special equipment to detect vulnerable wireless networks. Once in they planted "sniffer" software which harvests credit cards and sends them to the hacker's own off-shore servers. It was an international effort involving criminals in the U.S. and Eastern Europe.
As a consumer of these stores there is little you can do to protect yourself other than perhaps only using cash. But cash has an even greater risk of loss or theft so I'm not suggesting you shred all of your plastic to protect yourself. Besides, federal law limits your liability if your credit card number is misused as long as you report the loss.
It's kind of scary when you think of it. You do everything you can do to protect your own PC and your own information and then you hand over your credit card to a store whose network inadvertently makes it vulnerable to thieves. You can't control other people's networks but it is a good idea to check your online credit card and bank statements regularly to see if there is any loss and to get your free annual credit reports from all three major credit bureaus. The only free credit service authorized by the Federal Trade Commission is AnnualCreditReport.com.
How to Secure Your Network
Of course there are things you can do to protect your own wireless WiFi network including using the encryption such as WPA (Wi-Fi Protected Access) to require users to enter a password before accessing your network. The older WEP (Wired Equivalent Privacy) is not as secure as WPA and its newest iteration, WPA2. The WiFi Alliance has a tip sheet on wireless security that recommends you use the WPA2 standard. You can also turn off the broadcast of your SSID network name to make it harder for thieves to find your network.
In an podcast I did for CBS News TrendMicro security expert David Perry said that stores with highly sensitive customer data such as credit card information should avoid wireless networking completely and use a more secure wired network. Kaspersky Lab's David Emm agreed "I guess you would see wireless networking as almost inherently more promiscuous so to speak than regular networks"
By Larry Magid
If you or your family shopped at TJ Maxx, BJ's Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever 21 or DSW your information could have been included in this online heist. The thieves broke into the stores' wireless networks using a technique called "war driving" whereby they simply drive or walk by the store using special equipment to detect vulnerable wireless networks. Once in they planted "sniffer" software which harvests credit cards and sends them to the hacker's own off-shore servers. It was an international effort involving criminals in the U.S. and Eastern Europe.
As a consumer of these stores there is little you can do to protect yourself other than perhaps only using cash. But cash has an even greater risk of loss or theft so I'm not suggesting you shred all of your plastic to protect yourself. Besides, federal law limits your liability if your credit card number is misused as long as you report the loss.
It's kind of scary when you think of it. You do everything you can do to protect your own PC and your own information and then you hand over your credit card to a store whose network inadvertently makes it vulnerable to thieves. You can't control other people's networks but it is a good idea to check your online credit card and bank statements regularly to see if there is any loss and to get your free annual credit reports from all three major credit bureaus. The only free credit service authorized by the Federal Trade Commission is AnnualCreditReport.com.
How to Secure Your Network
Of course there are things you can do to protect your own wireless WiFi network including using the encryption such as WPA (Wi-Fi Protected Access) to require users to enter a password before accessing your network. The older WEP (Wired Equivalent Privacy) is not as secure as WPA and its newest iteration, WPA2. The WiFi Alliance has a tip sheet on wireless security that recommends you use the WPA2 standard. You can also turn off the broadcast of your SSID network name to make it harder for thieves to find your network.
In an podcast I did for CBS News TrendMicro security expert David Perry said that stores with highly sensitive customer data such as credit card information should avoid wireless networking completely and use a more secure wired network. Kaspersky Lab's David Emm agreed "I guess you would see wireless networking as almost inherently more promiscuous so to speak than regular networks"
By Larry Magid
Popular Now in SciTech
- Google TV announcements slated for Monday
- Apple iPad 3 rumors: thicker, sharper, coming soon
- Apple iPhone 5 rumors, reports say June release
- Happy 50th to computer game Spacewar
- Steve Jobs honored with Trustees Grammy
- Tesla's Model X: Finally, an electric car we all want
- Apple iPad 3 rumors resurface, sources say March release
- Facebook required for Spotify account, here's a trick
- iPad 3 mini on the way, says analyst
- Shocking Stats on Texting While Driving
- How to get the Diablo III beta test
- Facebook graffiti artist David Choe, from homeless to millions
- World Helium Supply Could Be Gone in 30 Years
- Remember who you're talking to on Xbox Live
- SOPA is dead, Smith pulls bill
- Obama's 2012 campaign playlist now on Spotify
- Ethical iPhone 5 petitions head to Apple stores
Latest CBS News Headlines
on Facebook
on CBS News
- N.D. education board sues to keep Fighting Sioux
- 17 to hospital after Calif. hotel chemical spill
- Summary Box: Empire State Building owner plans IPO
- Houston's body taken to airport for trip to NJ
on Facebook
- Whitney Houston 1963-2012
- Diane Aulger induces labor weeks early to let dying husband Mark hold baby
- 2012 Grammys: Red-carpet arrivals
on CBS News
