Gaming site Sega Pass was hacked. On the Sega Pass website it states, “we had identified that unauthorized entry was gained to our Sega Pass database.” Numerous outlets report hackers stole Sega Pass members’ email addresses, dates of birth, and encrypted passwords.

The recent Epsilon data breach resulted in a similar loss of data. Epsilon is a marketing company that sends over 40 billion emails a year, and keeps millions of consumer email addresses on file. When hackers breached Epsilon’s database, the email subscriber lists for over 100 major companies were compromised.

Consumers received breach notifications from financial institutions including Citigroup, Capital One, and JPMorgan Chase, and from hotels such as the Marriot and the Hilton.

All of these organizations customers are eternally susceptible to spear phish scams.

The Wall Street Journal reports that GlaxoSmithKline sent email notifications to consumers who had registered with any of GlaxoSmithKline’s websites for prescription or nonprescription drugs and products, warning that consumers’ names and email addresses had been hacked, and that the stolen data may have included the specific product websites where consumers registered.

GlaxoSmithKline provides medications that help victims of HIV and mental health disorders. The possibility of the stolen data being used to target the ill with spear phishing attacks is a major concern.

These kinds of breaches will have long-lasting effects on the public.

Never disclose personal information or login credentials in response to an unsolicited email. Never click links in an unsolicited email. Instead, use your bookmarks menu or type the address into your browser’s address bar. If your email address has been compromised, consider switching to a new address. Create new, unique passwords, without repeating the same password for multiple accounts.

With more than 11 million victims just last year identity theft is a serious concern.  McAfee Identity Protection offers proactive identity surveillance, lost wallet protection, and alerts when suspicious activity is detected on your financial accounts. Educate and protect yourself – please visit http://www.counteridentitytheft.com.

Robert Siciliano is a McAfee consultant and identity theft expert. See him explain how a person becomes an identity theft victim on CounterIdentityTheft.com (Disclosures)

This means there were fewer large-scale data breaches compromised of multimillions of records, and many more data breaches that compromised fewer records at a time.

Criminals have shifted their focus away from large corporations that have implemented multilayered security measures to protect mass amounts of data, and are now targeting smaller companies with smaller databases, who have yet to implement strong security measures.

Verizon’s study further shows that in 2010, 92% of data breaches were external hack attacks, a 22% increase from 2009. Nearly 80% of the stolen data was accessed via malware that gave attackers back door computer access.

This shift from bigger to smaller breaches may also indicate that hackers are realizing that big breaches get more attention, and therefore increase their chances of being caught. Furthermore, a breach of 100 million credit card numbers might be discovered quickly, and all those credit numbers would immediately be cancelled. A breach of just 10,000 credit card numbers would be more likely to stay under the radar, meaning those cards would remain active for longer.

There are now multiple breach lists, and not all define a data breach the same way. According to the Identity Theft Resource Center, there were at least 662 data breaches in 2010, which exposed more than 16 million records. Nearly two-thirds of breaches exposed Social Security numbers, and 26% involved credit or debit card data.

The ITRC elaborated, “Other than breaches reported by the media and a few progressive state websites, there is little or no information available on many data breach events that occur. It is clear that without a mandatory national reporting requirement, many data breaches will continue to be unreported, or under-reported.”

Identity theft can happen to anyone.  McAfee Identity Protection, offers proactive identity surveillance, lost wallet protection, and alerts when suspicious activity is detected on your accounts. McAfee Identity Protection puts victims first and provides live access to fraud resolution agents who work with the victim to help restore their identity even from past theft events. For additional tips, please visit http://www.counteridentitytheft.com.

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss identity theft on YouTube. (Disclosures)

TechNewsWorld reports LastPass, the password manager was under attack last week. “Users rely on it to store the myriad user names and passwords they inevitably collect as they go about their business on the Web. With LastPass, they only have to remember one single master password. LastPass handles the rest — including, presumably, security.”

Simon Cowells X-Factor show was hit too. The Daily Star reports “Closely guarded secrets about media mogul Simon Cowell and his new US ­ X Factor show have been “stolen” by sneaky cyber crooks. The personal information and act ­details of more than 250,000 wannabes have also been exposed”.

In an email to the victims of the breach it stated: “This week, we learned that computer hackers illegally accessed information you and others submitted to us to receive information about The X Factor auditions It is possible, however, that the information you did provide to us, which included your name, email address, zip code, phone number (which was optional), date of birth, and gender, may have been accessed”.

Cybercrooks are jumping on the news of Osama Bin Laden’s demise. Spam campaigns and malware that piggy back on the news and seek to trick unwitting computer users into clicking links or opening attachments are making the rounds and McAfee Labs expects to see more over the coming days. Computer users should be cautious and especially on guard when they receive messages that purport to offer photos of Bin Laden’s body, funeral at sea or any additional details.

It is important to observe basic security precautions to protect your identity. However, the safety of your information with corporations and other entities that you transact business with is very often beyond your control. Consumers should consider an identity theft protection product that offer daily credit monitoring, proactive identity surveillance, lost wallet protection, and alerts when suspicious activity is detected on your accounts. McAfee Identity Protection includes all these features in addition to live help from fraud resolution agents if your identity is ever compromised. For more tips on protecting yourself, please visit http://www.counteridentitytheft.com

Robert Siciliano is a McAfee Consultant and Identity Theft Expert. See him discussing how a person becomes an identity theft victim on CounterIdentityTheft.com (Disclosures)

Pauly the Pickpocket & Sally Sticky Fingers work as a team to lift wallets and mobile devices from pockets and purses, often in broad daylight. Sally creates a distraction by dropping a shopping bag, crying for help, or stopping suddenly in your path, and then Pauly bumps into you from behind and picks your pocket.

To avoid having your pocket picked, keep your wallet in your front pocket, or keep your purse closed and hold it in front of you. Thin out your wallet and skip the backpack. Lock your cell phone with a password. And consider investing in McAfee’s Lost Wallet Protection service.

Trojan Sea Biscuit is a two-faced liar who sneaks malicious files into emails and hides viruses in PDFs and other downloadable files. He’s the champion ringleader in the ultimate identity theft derby of phishers, hackers, botmasters, and keyloggers.

To avoid a Trojan infiltration, use comprehensive security software, and be sure it’s set to update automatically. If a popup window prompts you to update software, hit escape or shut down the program. Go directly to the manufacturer’s website for the update.

Tim “The Skim” McCash is known for installing skimming devices and tiny cameras that can read your card data and PIN code. He targets ATMs at banks, concerts, arenas, convenience stores, and gas stations with the goal of draining your account of cash or credit before you or your bank recognizes the fraud.

To avoid having your credit or debit card data skimmed, use the same, familiar ATM whenever possible, and beware of ATMs with devices covering the card slot. Look for external devices like mirrors, brochure holders, or light bars that may hide a camera. Always cover the keypad with your other hand as you enter your PIN. And check your bank and credit card statements online at least once a week.

McAfee, the most trusted name in digital security includes proactive identity surveillance to monitor subscribers’ credit and personal information and access to live fraud resolution agents who can help subscribers work through the process of resolving identity theft issues. For additional tips, please visit http://www.counteridentitytheft.com

Robert Siciliano is a McAfee consultant and identity theft expert. See him explain how to protect yourself from identity theft on CounterIdentityTheft.com. (Disclosures)

Whether you are alive or even if you are dead, as long as you have a Social Security number, you are a potential identity theft victim.

Reporters tend to be fairly savvy and well informed. Identity theft, however, is a complicated issue, and anyone can be stumped, regardless of your level of security intelligence.

One reporter received an alert about “irregular check card activity.” It was sent late one weeknight, and she didn’t see the email until the following night. At first, she couldn’t believe her bank account could have been compromised, and suspected it was a phishing email designed to trick her into disclosing her account information. But when she called her bank, she learned that nearly all her money had already been stolen.

“I soon discovered I was a victim of identity theft and that a woman posing as me in California was allowed to spend and withdraw all of my family’s money in two linked accounts from my bank, without stealing my debit or credit cards. She took more than $40,000.”

The thief used a fake driver’s license, which replaced the victim’s ID in the bank’s computer, signed documents with a signature that looked nothing like the victim’s, and gave the bank a new phone number and address. She took over and cleaned out two accounts, one of which was a checking account used for family expenses, and the other was an investment account.

After a great deal of stress and aggravation, the victim and her husband managed to get their stolen savings reimbursed by their bank. She still doesn’t know how the thief managed to steal her identity, or if she was ever caught.

Identity theft can happen to anyone. McAfee Identity Protection offers proactive identity surveillance, lost wallet protection, and alerts when suspicious activity is detected on your accounts. McAfee puts victims first and provides live access to fraud resolution agents who work with victims to help restore stolen identities, even from thefts that occurred prior to subscribing to McAfee’s service.

For additional tips, visit CounterIdentityTheft.com.

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss scambaiting on Fox News. (Disclosures)

Most of them make their presence felt in the form of a charge on your credit card statement, and that’s about it. One thing I like about McAfee is the fact that, when you get an alert, they’ll hold your hand through the process.

When a check was made on my credit file, I received the following message:

Dear Robert Siciliano,

As a McAfee Identity Protection member, you are receiving this automatic notification email because activity recently has been posted to your account through one or more of our industry leading services:

A. 3-Bureau Credit Monitoring

B. Internet Scanning, including chat rooms

C. Change of Address monitoring

Posted account activity doesn’t necessarily indicate identity theft. However, it can be an early indication of fraudulent activity. That’s why it’s important to always review any alerts you receive from us.

Please take the following steps immediately to examine this information and determine if this activity is authorized.

Check Your Alert – To view your complete alert report, please login here and click on “Unviewed Alerts.”

Verify The Activity – If you are aware of the change(s) and agree with the items on your alert, no action is needed on your part.

Contact Us – If you have any questions or concerns regarding your alert, including information you believe to be either inaccurate or fraudulent, please contact Customer Support immediately at 1-866-622-3911. For your convenience we are here for you daily from 6:00 AM – 6:00 PM (Pacific Time).

Remember, McAfee Identity Protection is with you every the step of the way. In the event you suspect identity theft, our dedicated Fraud Resolution Team will work closely with you to help you understand and investigate your alerts immediately.

Thank you for choosing McAfee Identity Protection to help protect your identity.

Sincerely,

McAfee, Inc.

This alert was triggered when a mortgage broker checked my credit report, with permission. I got this alert within a day of the credit check. When I logged into my McAfee account, I was able to see the actual credit check on McAfee’s dashboard.

Had the alert been triggered by anything other than a legitimate credit check, I would have called McAfee’s fraud resolution agents, who would have immediately begun a process of alerting any creditors to possible fraud. That’s comforting.

To ensure peace of mind, subscribe to an identity theft protection service, such as McAfee Identity Protection, which offers proactive identity surveillance, lost wallet protection, and alerts when suspicious activity is detected on your accounts.

For additional tips, visit CounterIdentityTheft.com.

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss how to protect yourself from identity theft on CounterIdentityTheft.com. (Disclosures)

Pickpockets whisper through society, undetected and undeterred. They are subtle and brazen at the same time. They are like bed bugs, crawling on you and injecting numbing venom that prevents you from detecting their bite until it’s much too late. They aren’t violent like a drug-crazed mugger, or confrontational like a stick-up robber. They have more gumption than criminal hackers, since they don’t hide behind the anonymity of the Internet.

NPR reports that nowadays, picking pockets has become a rare and increasingly difficult crime, thanks to “stepped-up surveillance in most public places,” the dismantling of systems of apprenticeship, heftier sentences, and the widespread use of debit cards.

One pickpocket is quoted as saying, “When people stopped carrying money, that was the beginning of the end of pickpocketing…Pickpockets have no respect for thugs or robbers. We consider them ancient. Prehistoric. We feel that anybody can stick a gun in a person’s face — that’s not hard to do. But to take a person’s money and them not knowing it’s gone — that’s the art of it. That’s the cleverness of it.”

Identity thieves serve as the modern incarnation of pickpockets. They slip into your mailbox or hack into your PC while you sleep. They are daring, cunning, and have ample choice of targets.

There was a time when pickpockets could make a couple thousand dollars in a day. Identity thieves can now make tens of thousands of dollars in a single day.

To ensure peace of mind, subscribe to an identity theft protection service, such as McAfee Identity Protection, which offers proactive identity surveillance and lost wallet protection. If your credit or debit cards are ever lost, stolen or misused without your authorization, McAfee will help you cancel them and order new ones. If their product fails, you’ll be reimbursed for any stolen funds not covered by your bank or credit card company. (See McAfee’s guarantee for details.)

For additional tips, visit CounterIdentityTheft.com.

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss identity theft on YouTube. (Disclosures)

For the first time, “imposter scams,” in which imposters pose as friends, family, respected companies, or government agencies in order to persuade consumers to send money, made the top ten. The FTC has issued a new consumer alert to help consumers avoid imposter scams.

FTC spokeswoman Claudia Bourne Farrell commented, “Most people don’t know how their identity was stolen. If you lose your wallet on Monday and Tuesday someone starts using your cards, you have a pretty good educated guess. Otherwise you don’t. And how would you know if someone stole your identity on the Internet?”

More than half of complaints to the FTC involved some other type of fraud. 45% of those scams were initiated via email, including phishing emails. 11% of the scams originated from websites, and 19% were initiated over the phone.

Protect yourself from identity theft and other varieties of fraud by locking your mailbox to prevent stolen mail, storing sensitive paperwork in a locked file cabinet, and shredding any documents that include a name or account number before discarding them.

Protect your PC by installing antivirus and spyware removal software, and keeping your PC’s critical security patches updated.

To ensure peace of mind, subscribe to an identity theft protection service, such as McAfee Identity Protection, which offers proactive identity surveillance and lost wallet protection. If your credit or debit cards are ever lost, stolen or misused without your authorization, you can call McAfee Identity Protection and they’ll help you cancel them and order new ones. If their product fails, you’ll be reimbursed for any stolen funds not covered by your bank or credit card company. (See McAfee’s guarantee for details.)

For additional tips, visit CounterIdentityTheft.com.

Robert Siciliano is a McAfee consultant and identity theft expert. See him explain how to protect yourself from identity theft on CounterIdentityTheft.com. (Disclosures)

This is all perfectly legal as long as the PC’s owner installs the software. It is illegal to install spyware on a computer that is not your own.

Spyware can be great if, for example, you want to monitor your twelve-year-old daughter who obsessively chats online, or your employees whose lack of productivity has you wondering if they’re watching YouTube all day.

Spyware also comes in the form of a virus, which essentially does the same thing. When you click a malicious link or install a program that is infected with malicious software, several different types of spyware can be installed as well.

Spyware can also take the form of a keylogger or keycatcher, a USB device similar to a USB flash drive, which can connect to a PC and piggyback the keyboard connection. Keycatchers have a made a splash in schools, where students plug them into the back of teachers’ PCs, trying to get test information ahead of time.

In England, two keyloggers were found plugged into public library computers. This would have allowed whoever planted the USB devices to access a record of activity on the compromised computers. “It’s unclear who placed the snooping devices on the machines but the likely purpose was to capture banking login credentials on the devices prior to their retrieval and use in banking fraud.”

Keep in mind that anyone with special access to a computer, including friends, family, and employees, poses the main threat. A cleaning person or security guard could always be paid to install spyware in order to record sensitive data.

Check your USB ports to make sure there are no mysterious devices attached to your PC. Prevent unauthorized password installation by password protecting the administrator account on your PC.

Only download files from trusted websites, and avoid torrents and software cracks, which are often seeded with spyware.

Never click “Agree,” “OK,” “No,” or “Yes” in a popup. Instead, hit the red X or shut down your browser by hitting Ctrl-Alt-Delete.

Keep your operating system’s security patches updated, and be sure to install the latest, most secure version of your browser. And Run McAfee Total Protection, including spyware removal.

McAfee Identity Protection includes proactive identity surveillance to monitor subscribers’ credit and personal information and access to live fraud resolution agents who can help subscribers work through the process of resolving identity theft issues. For additional tips, please visit http://www.counteridentitytheft.com

Robert Siciliano is a McAfee Consultant and Identity Theft Expert. See him discussing spyware on Fox Boston (Disclosures)

The little girl isn’t a signer on the account, but the bank cashed the check for $29.95 made out to a porn company in her name.

“Somebody took money from me, somebody took my account number, somebody used my daughter’s name for porn,” the mother says.

According to the Colorado Banker’s Association, “any company you send a check to has enough information to steal from you… Online bill pay isn’t any safer because criminals have been known to hack into computers.”

That’s a serious statement from a bank representative. I can’t help but wonder if it was translated correctly? She went on to note that many checks were being cashed for small amounts, which doesn’t send a red flag to banks.

Consumers often overlook these smaller transactions, or “microcharges,” which are fraudulent charges ranging from 20 cents to $10. The victims of this particular scam would see the fictional merchant’s name and toll-free number on their debit or credit card statements. If they called to dispute a charge, the phone numbers would be disconnected or go straight to voicemail. Many frustrated consumers don’t even bother to dispute the charges.

This scam can often be fixed by paying attention to your statements and refuting charges within a specified time frame. You have up to 60 days, at most, depending on the nature of the card. Check with your bank.

McAfee Identity Protection includes proactive identity surveillance to monitor subscribers’ credit and personal information and access to live fraud resolution agents who can help subscribers work through the process of resolving identity theft issues. For additional tips, please visit http://www.counteridentitytheft.com

Robert Siciliano is a McAfee Consultant and Identity Theft Expert. See him discussing child identity theft on NBC Boston (Disclosures)