Information Protection and Security

When scammers go “phishing,” the bait they often use to hook victims into identity theft is the Internal Revenue Service. The reality: The IRS as a rule doesn’t send e-mail—especially on personal tax issues—so any incoming message alleging to be from the IRS is likely to be a scam.

Social engineering is the attempt to manipulate or trick a person into providing information or access to a system's information, by bypassing network security. A social engineering compromise can provide information on background, credit rating, medical history, and driving record, most of which is confidential. Colleges and universities are sometimes targeted for social engineering compromises due to inexperience of large numbers of students serving as part-time employees.

Credit card and online banking sites are convenient and easy ways to purchase and handle financial transactions. They are also the most often spoofed sites for phishing scams.

You knew some chuckleheads somewhere would hop on the economic stimulus plan with a way to scam it online.  Indeed the Federal Trade Commission today in a press conference said the problem has quickly become serious.

Email is insecure.  Sensitive information should not be send via email.  Any email (including those claiming to be private) is often compared to a postcard in that anyone who comes in contact with it can read it.  Email may also be read when it is stored on servers.

E-mails attempt to lure victims to dummy e-commerce sites in hopes of gleaning credit card numbers and passwords, the FBI says. By mimicking legitimate sites, they lull unsuspecting shoppers into giving up the information as they make what they think are legitimate purchases.
Article link

E-mails attempt to lure victims to dummy e-commerce sites in hopes of gleaning credit card numbers and passwords, the FBI says. By mimicking legitimate sites, they lull unsuspecting shoppers into giving up the information as they make what they think are legitimate purchases.
Article link