Home > IT Blogs > Regulatory Reality/

Regulatory Reality:

phishing

1
August 21, 2012  2:21 PM

Has PayPal lost its collective mind?



Posted by: David Schneier
checking account, checks, credit, credit card, cyber security, data security, hack, hacker, hackers, hacking, identify theft, identity management, identity theft, information security, NPPI, password, password theft, phish, phishing, PII, privacy, regulation, regulations

I'm not much of a shopper.  I decide what it is I need/want to buy, assess the market place to determine quality and price and once I have a generally strong sense for both make a decision and move forward.  My wife on the other hand loves the constant trolling, scouring and scouting of just...

  Bookmark and Share     2 Comments     RSS Feed     Email a friend

November 11, 2011  7:41 PM

Vishing, Smishing and Phishing: No end in sight.



Posted by: David Schneier
assessment, Audit, compliance, GLBA, hack, hacker, NCUA, phish, phishing, red flags, red flags identity theft, regulatory, Regulatory Compliance, scam, smish, smishing, vish, vishing

This is something akin to my annual public service announcement (PSA) for anyone who has cash-on-hand, a bank account, an investment account or perhaps even a piggy bank:  As long as you have money there's someone out there right now scheming to try and take it away from you. I'm having that...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

April 8, 2010  2:24 PM

Online identify theft: One victim’s story



Posted by: David Schneier
cyber security, id theft, information security, password, password theft, phish, phishing, Regulatory Compliance, scam, Security, security awareness

Last month I blogged about a phishing attempt that landed in my inbox.  The email account belonged to someone named Rebecca Keen who I had never heard of before (or so I believed at the time).  As I was finishing writing that post, I received a follow-up email from the same person indicating...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 2, 2010  8:18 PM

Something smells phishy



Posted by: David Schneier
email, fraud, GLBA, phish, phishing, Regulatory Compliance, scam, scammer, Security, spam, theft

I received an email from Rebecca Keen this morning asking for help.  You see, Rebecca took an unexpected trip to the UK and while there lost her wallet and all of her financial resources and was hoping I could help.  She asked if I could float her a temporary loan of $1,540 so she could settle...

  Bookmark and Share     1 Comment     RSS Feed     Email a friend

February 5, 2010  3:57 AM

How security aware is your organization?



Posted by: David Schneier
Audit, GLBA, information security, NCUA, phish, phishing, Regulatory Compliance, risk, risk assessment, Security, security testing, social engineering

Consider this post to be something of a (banking) community service announcement. It's February 2010, do you know when the last time was that your organization conducted a social engineering exercise? I come across instances almost all of the time where financial institutions have obvious...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

September 10, 2009  4:16 AM

Test what makes sense, not headlines



Posted by: David Schneier
assessment, Audit, phishing, Regulatory Compliance, social engineering

The recent news about a social engineering exercise gone awry serves as a lesson on how not to conduct these kinds of tests. An information security firm had sent a credit union NCUA-branded media to install in order to test if the employees would react...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

May 20, 2009  7:31 PM

IT Security: Something has to give.



Posted by: David Schneier
Audit, FDIC, FFIEC, fraud, GLBA, NCUA, phishing, Regulatory Compliance

My practice has been busy lately helping a number of clients catch up on required tasks before their scheduled exams (it's a case of the old "if it wasn't for the last minute nothing would ever happen" philosophy).  And in authoring some of our reports we're identifying issues and gaps that are in...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

1