Stolen Identity Refund Fraud repost from FBI site

Each year, criminal actors target US persons and visa holders for Stolen Identity Refund Fraud (SIRF). SIRF is defined as the fraudulent acquisition and use of the Personally Identifiable Information (PII) of US persons or visa holders to file tax returns.

The fraudulent tax returns are sent to bank accounts or pre-paid cards that are held under their control. SIRF is relatively easy to commit and extremely lucrative for criminal actors. While all U.S. taxpayers are susceptible to SIRF, over the past year, criminal actors have targeted specific portions of the population, including: temporary visa holders, the homeless, prisoners, the deceased, low-income individuals, children, senior citizens, and military personnel deployed overseas. This may be due to the perception by criminal actors that these individuals are less likely to be aware of or receive notification that their identity has been stolen. 

 
After criminal actors steal PII, they use corrupt tax preparation companies or online tax software to file fraudulent tax returns with the stolen identity information at the federal and state level. The only legitimate information needed to file a fraudulent tax return is a name and social security number. This information is obtained by criminal actors through a variety of techniques, including computer intrusions, the online purchase of stolen PII, the physical theft of data from individuals or third parties, the impersonation of government officials through both phishing and cold-calling techniques, the exploitation of PII obtained through one’s place of employment, the theft of electronic medical records, and searching multiple publicly available Web sites and social media. After the criminal actors electronically file fraudulent tax returns, they use pre-paid debit cards or bank accounts under their control to route fraudulent returns. The balances on the pre-paid cards and bank accounts are depleted shortly after the tax refund is issued.
 
Additionally, investigative information shows cyber criminals compromised legitimate online tax software accounts during the 2015 tax season. Cyber criminals modified victims’ online tax software account information, diverting tax refunds to bank accounts or pre-paid cards under their control.
Many victims of SIRF do not know they have been targeted until they try to file their legitimate tax return. Many also receive notifications in the mail that their returns are being audited or are under review before they have even filed their tax returns.
 
If you believe you are a victim of SIRF, contact your local FBI or IRS field office. You may consult www.identitytheft.gov which can help you report and recover from identity theft. Additional resources are available at https://www.irs.gov/Individuals/Identity-Protection.
 
Tips to protect yourself:
  • File tax returns as early as possible.


  • Monitor your bank account statements regularly, as well and as your credit report at least once a year for any fraudulent activity.


  • Report unauthorized transactions to your bank or credit card provider as soon as possible.


  • Be cautious of telephone calls or e-mails that require you to provide your personal information, especially your birth date or social security number. If you are in doubt, do not provide the requested information.


  • Do not open e-mail or attachments from unknown individuals. Additionally, do not click on links embedded in e-mails from unknown individuals.


  • Never provide personal information of any sort via e-mail. Be aware, many e-mails requesting your personal information appear to be legitimate.


  • If you use online tax services, ensure your bank account is accurately listed before and after you file your tax return.


  • Ensure sensitive information is permanently removed from online tax software accounts that are no longer being used. Allowing online accounts to become dormant can be risky and make you more susceptible to tax fraud schemes.


  • If you feel you are a victim, immediately contact the three major credit bureaus to place a fraud alert on your credit records.


  • If you are a victim, file an Identity Theft Affidavit (IRS Form 14039). This form is available for download from www.identitytheft.gov.

Apple Ends Support for QuickTime for Windows; New Vulnerabilities Announced

 Systems Affected

Microsoft Windows with Apple QuickTime installed

Overview

According to Trend Micro, Apple will no longer be providing security updates for QuickTime for Windows, leaving this software vulnerable to exploitation.

Description

All software products have a lifecycle. Apple will no longer be providing security updates for QuickTime for Windows.
The Zero Day Initiative has issued advisories for two vulnerabilities found in QuickTime for Windows, look Here

Impact

Computer systems running unsupported software are exposed to elevated cybersecurity dangers, such as increased risks of malicious attacks or electronic data loss. Exploitation of QuickTime for Windows vulnerabilities could allow remote attackers to take control of affected systems.

Solution

Computers running QuickTime for Windows will continue to work after support ends. However, using unsupported software may increase the risks from viruses and other security threats. Potential negative consequences include loss of confidentiality, integrity, or availability of data, as well as damage to system resources or business assets. The only mitigation available is to uninstall QuickTime for Windows. Users can find instructions for uninstalling QuickTime for Windows on the Apple Uninstall QuickTime page.

Malvertising – Ransomware that is installed by clickable ads.

Ransomware is a type of malware that restricts access to the infected computer system in some way, and demands that the user pay a ransom to the malware operators to remove the restriction.  The usual way one get infected is by open an email with an attachment. But now there is a new way.

Malvertising hits global news sites.

Some site on the internet including the NY Times, the BBC, AOL and a host of other major news and entertainment websites inadvertently ran malicious ads that attempted to hijack the computers of visitors and demand a ransom, according to security researchers Malwarebytes and Trend Micro.

Your best protection is to have a GOOD, Current Backup of your systems. Get and use a backup solution that you trust and then verify that you can restore your data.
.

Examining Windows 10 Security at ISACA’s North America CACS Conference

Rolling Meadows, IL,
USA (March 17 2016)—Jay Ferron will discuss Windows 10 Security at ISACA’s
ISACA’s
North America CACS conference 2-4 May 2016 in New Orleans, Louisiana, USA.
Attendees will gain discuss solutions and strategies in assurance, risk and
security, including how assurance professionals can advance their careers and
impact their enterprises.
 

In Jays presentation, titled “Windows 10 Security,” Jay will discuss;

 Understand
the new features that protect data at rest, and controlling the
configurations of the operating system
  • Discover
    new features that protect the operating system from virus and malware, and
    limit applications from running
  • Learn New
    method of using 2 factor authentication
  • Understand
    the upgrade path

ISACA, a
global association serving more than 140,000 members and certification holders
in 180 countries, will offer more than 60 sessions in seven tracks for the
North America Computer Audit, Control and Security (CACS) Conference: IS Audit & Assurance; Data Governance; Security/Cybersecurity;
Privacy; GRC; Career & Communications Management; and Industry Trends &
Insights.

The conference will feature valuable
career guidance from renowned keynote speakers:

·      
Tim Sanders, Internet pioneer, best-selling author of Love
Is the Killer App: How to Win Business & Influence Friends, who
will present “Multiply Your Value, Starting Here and Now.” He will explain how
sharing knowledge with colleagues builds trust and lays the groundwork to
produce outstanding results for the enterprise.

·      
Simon T.
Bailey, global influencer and author, who will present “Shift Your
Brilliance—Harness the Power of You, Inc.” He will share strategies to produce
real-life results and achieve individual goals through a shift in mindset.

Pre- and
post-conference workshops will offer hands-on training on privacy programs,
database security and audit, risk strategies and data analysis. Additionally, a
cybersecurity workshop will help attendees
prepare for the Cybersecurity Fundamentals Certificate exam.

 
Attendees can earn up to 39
continuing professional education (CPE) hours, and an early-bird registration
rate is available through 24 February 2016. Additional details, registration
and venue information can be found at www.isaca.org/NA-CACS2016.

Video for helping pass Microsoft Exams

The MCP exam prep sessions you know and love at Microsoft conferences, now available on Channel 9! In these hour-long videos, Microsoft Certified Trainers and MVPs take you through the exam objectives and get you ready for test day
 
Prepare for Microsoft Exam 70-697: Configuring Windows Devices with MVP/MCT Chris Rhodes. Passing this exam earns you a Microsoft Specialist certification. 
 
Prepare for Microsoft Exam 70-347: Enabling Office 365 Services with MVP/MCT Andy Malone
 
Prepare for Microsoft Exam 70-346: Managing Office 365 Identities and Requirements with MVP/MCT Andy Malone
 
Prepare for Microsoft Exam 70-532: Developing Microsoft Azure Solutions with Sidney Andrews, Microsoft Certified Trainer.
 
Prepare for Microsoft Exam 70-534: Architecting Microsoft Azure Solutions with Sidney Andrews, Microsoft Certified Trainer
 
Prepare for Microsoft Exams 70-695 + 70-696 MCSE: Enterprise Devices and Apps with MVP/MCT Chris Rhodes and Michael Bender. This is part one of two exam prep sessions
 
Prepare for Microsoft Exams 70-695 + 70-696 MCSE: Enterprise Devices and Apps with MVP/MCT Chris Rhodes and Michael Bender. This is part two of two exam prep session
 
Prepare for Microsoft Exam 70-480: Programming in HTML5 with JavaScript and CSS3 with Christopher Harrison,
 
Prepare for Microsoft Exam 70-483: Programming in C# with Christopher Harrison
 

NIST Released the following Draft Special Publications (SP) Your Comments are Welcome

NIST Released the following Draft Special
Publications (SP):
(1) Draft Special Publication (SP) 800-175B, Guideline for Using
Cryptographic Standards in the Federal Government: Cryptographic Mechanisms
(2) Draft SP 800-46 Revision 2, Guide to Enterprise Telework, Remote
Access, and Bring Your Own Device (BYOD) Security
(3) Draft SP 800-114 Revision 1, User’s Guide to Telework and Bring Your
Own Device (BYOD) Security
(4) Draft SP 800-154, Guide to
Data-Centric System Threat Modeling, and
(5) PRE-DRAFT SP 800-53 (Revision 5), Security and Privacy Controls for
Federal Information Systems and Organizations

All 4 of these Draft and 1 PRE-Draft SPs are
available for public comment and can be found on the NIST CSRC website. 
See below for further details on these 5 draft documents.

 1. Draft SP 800-175B:
Information and links to Draft SP 800-175B can be found on the NIST CSRC Draft
publications page. Below is the link to this Draft:
http://csrc.nist.gov/publications/PubsDrafts.html#800-175B

Deadline
to submit comments: Friday,
April 29, 2016

Email
comments or questions about this draft document to:
[email protected]

2. Draft SP 800-46 Revision 2
Information and links to Draft SP 800-46 Revision 2 can be found on the
NIST CSRC Draft publications page. There is also a comment template available
to use to submit comments. Below is the link to this Draft: 
http://csrc.nist.gov/publications/PubsDrafts.html#800-46r2

Deadline
to submit comments: April
15, 2016

Email
comments or questions about this draft document to:
[email protected]

NIST
Public Affairs Office issued a press release about this draft and also for
Draft SP 800-114 Revision 1:
http://www.nist.gov/itl/csd/attackers-honing-in-on-teleworkers-how-organizations-can-secure-their-datata.cfm

3. Draft SP 800-114 Revision 1
Information and links to Draft SP 800-114 Revision 1 can be found on the
NIST CSRC Draft publications page. There is also a comment template available
to use to submit comments. Below is the link to this Draft: 
http://csrc.nist.gov/publications/PubsDrafts.html#800-114r1

Deadline
to submit comments: April
15, 2016

Email
comments or questions about this draft document to:
[email protected]

4. Draft SP 800-154
Information and links to Draft SP 800-154 can be found on the NIST CSRC Draft
publications page. There is also a comment template available to use to submit
comments. Below is the link to this Draft: 
http://csrc.nist.gov/publications/PubsDrafts.html#800-154

Deadline
to submit comments: April
15, 2016

Email
comments or questions about this draft document to:
[email protected]

5. (PRE-DRAFT) NIST SP 800-53 Revision 5

Full
details can be found on the CSRC website:
http://csrc.nist.gov/groups/SMA/fisma/sp800-53r5_pre-draft.html

Please
respond by April 1st 2016
to the call for comments to:
[email protected]

**Important
Note:  There is no actual document for Revision 5 as
yet.  To submit your comments / suggestions, you will need to refer to and
reference from SP 800-53 Revision 4 to formulate your feedback to potentially
help improve this document  to a Revision 5. Click the 1st link
above to this Pre-Draft to learn all the details on this exercise.

Free Cyber Security & Ethical Hacking Training Course

I found this on LinkedIn and thought this might be of interest to others.
 
The exponential growth in Cybercrime has created an emergency situation, the infosec community has also realized that we don’t have enough workforce to work and counter the increasing hacking attacks. People from every corner of the world has started to learn the cyber security principles and ethical hacking techniques,

The free cyber security and ethical hacking training is the course that teaches the principle of penetration testing, attacking methodologies and techniques. The aim of this course is to prepare beginners to conduct the penetration testing. This is an idea course for beginners to learn the practice and be ready to learn some advance techniques in future.
This course goes from basic to advance where you will get a chance to learn:
  • Information gathering
  • Scanning enumeration & footprinting
  • Open source intelligence gathering
  • Utilizing opensource tools to find the information
  • System hacking
  • Proxy server and chaining
  • Keyloggers, Trojan and other viruses
  • Networking sniffing and session hijacking
  • SQL Injection and cross site scripting
  • Buffer overflow and exploit writing
  • Reverse engineering
  • Cryptography
  • And more…
To learn more go here

Free Ebook on Windows 10 for IT Pro

 
 
Introducing Windows 10 for IT
Professionals, Technical Overview
Get information what will help you get more
out of your evaluation of Windows 10. This free e-book will walk you through
the enterprise-focused features that are different from the Windows versions
you and your organization are using today so that you can start planning for
deployment.

Great Resource on Windows 10 Device Guard and Credential Guard Demystified

While helping Windows Enterprise customers deploy and realize the benefits of Windows 10, I’ve observed there’s still a lot of confusion regarding the security features of the operating system. This is a shame since some of the key benefits of Windows 10 involve these deep security features. This post serves to detail the Device Guard and Credential Guard feature sets, and their relationship to each other.
 
First, let’s set the foundation by thinking about the purpose of each feature:
 
Device Guard is a group of key features, designed to harden a computer system against malware. Its focus is preventing malicious code from running by ensuring only known good code can run.
 
Credential Guard is a specific feature that is not part of Device Guard that aims to isolate and harden key system and user secrets against compromise, helping to minimize the impact and breadth of a Pass the Hash style attack in the event that malicious code is already running via a local or network based vector.
 
The two are different, but complimentary as they offer different protections against different types of threats. Let’s dive in and take a logical approach to understanding each.
It’s worth noting here that these are enterprise features, and as such are included only in the Windows Enterprise client.
 
The rest of the article can be found here.
 
 

IRS Alerts Payroll and HR Professionals to Phishing Scheme Involving W-2s

WASHINGTON   The
Internal Revenue Service today issued an alert to payroll and human resources
professionals to beware of an emerging phishing email scheme that purports to
be from company executives and requests personal information on employees.

 The IRS has learned this scheme   part of the surge in phishing emails seen
this year   already has claimed several
victims as payroll and human resources offices mistakenly email payroll data
including Forms

W-2 that contain Social Security numbers and other
personally identifiable information to cybercriminals posing as company
executives.

  This is a new
twist on an old scheme using the cover of the tax season and W-2 filings to try
tricking people into sharing personal data. Now the criminals are focusing
their schemes on company payroll departments, 
said IRS Commissioner John Koskinen. 
If your CEO appears to be emailing you for a list of company employees,
check it out before you respond. Everyone has a responsibility to remain
diligent about confirming the identity of people requesting personal
information about employees.

IRS Criminal Investigation already is reviewing several
cases in which people have been tricked into sharing SSNs with what turned out
to be cybercriminals. Criminals using personal information stolen elsewhere
seek to monetize data, including by filing fraudulent tax returns for refunds.

This phishing variation is known as a  spoofing 
email. It will contain, for example, the actual name of the company
chief executive officer. In this variation, the 
CEO  sends an email to a company
payroll office employee and requests a list of employees and information
including SSNs.

The following are some of the details contained in the
e-mails:

               Kindly send me the individual 2015
W-2 (PDF) and earnings summary of

all W-2 of our company staff for a quick review.

               Can you send me the updated list
of employees with full details

(Name, Social Security Number, Date of Birth, Home
Address, Salary).

               I want you to send me the list of
W-2 copy of employees wage and tax

statement for 2015, I need them in PDF file type, you can
send it as an attachment. Kindly prepare the lists and email them to me asap.

 
The IRS recently renewed a wider consumer alert for
e-mail schemes after seeing an approximate 400 percent surge in phishing and
malware incidents so far this tax season and other reports of scams targeting
others in a wider tax community.

 The emails are designed to trick taxpayers into thinking
these are official communications from the IRS or others in the tax industry,
including tax software companies. The phishing schemes can ask taxpayers about
a wide range of topics. E-mails can seek information related to refunds, filing
status, confirming personal information, ordering transcripts and verifying PIN
information.

 Go here for more information…..

 
FYI  this is a repost that  i believe is interest to readers of my blog.