Identities of More Than 80 Americans Stolen for North Korean IT Worker Scams
https://www.wired.com/story/identities-of-80-plus-americans-stolen-for-north-korean-it-worker-scams/
Wir brauchen endlich einen kryptografisch sicheren und privatsphärefreundlichen #EPerso.
Und weg von dem ganzen unverschlüsselten Kram wie Telefon, SMS, Fax oder Email. Jede Nachricht muss mit einem privaten Key signiert sein, das geht schon, juckt aber kein Schwein. Keine Behörde, Arztpraxis etc. unterstützt #PGP.
@slashdot If there's money involved there's crime. If everyone froze their credit at the three major credit bureaus it would likely reduce several types of identity fraud. I suggest US residents check out identitytheft.gov for more details on securing your credit. Unfortunately, this means more work for the consumer. As for the higher education facilities it's more time spent vetting students and less time providing a quality education.
DNIP Briefing #20: ID auf Knopfdruck - Das Netz ist politisch https://dnip.ch/2025/04/08/dnip-briefing-20-id-auf-knopfdruck/ #DNIPbriefing #Digitalisierung #digitalization #Cybersecurity #Datenleck #DataLeak #ArtificialIntelligence #ChatGPT #IdentityTheft #OpenSource #Llama #DigitalIdentity #Strava #Datenschutz #pvivacy #Medienkompetenz #DigitaleGesellschaft #FakeID #OpenAI #Bellingcat #DigitalHistory
A ripe target for identity thieves: Prisoners on death row
https://www.nbcnews.com/tech/security/ripe-target-identity-thieves-prisoners-death-row-rcna205932
Researcher creates convincing fake #passport using #ChatGPT - https://boingboing.net/2025/04/07/researcher-creates-convincing-fake-passport-using-chatgpt.html oh goody... #identitytheft
Noah Urban, aka "King Bob" and a suspected member of Scattered Spider, pleaded guilty this week in a case involving wire fraud, cryptocurrency theft, phishing, and simswapping. He had cases against him in Florida and California. Other people indicted with him have yet to be tried or to make plea deals, and one young man from Scotland has been detained in Spain pending determination of extradition request (I haven't found any update on the extradition case).
or jump directly to Urban's plea agreement:
https://storage.courtlistener.com/recap/gov.uscourts.flmd.422789/gov.uscourts.flmd.422789.66.0.pdf
#wirefraud, #cryptocurrency, #phishing, #simswapping, #identitytheft
#Trump on Friday commuted the sentence & probation of #CarlosWatson, a co-founder of the now-defunct #digital #media company Ozy Media, on the day he was set to surrender to prison.
Watson was sentenced in Dec to almost 10yrs in #prison for #fraud, #IdentityTheft, #SecuritiesFraud, & #WireFraud.
Watson & Ozy were also ordered to pay $96M in restitution & forfeiture. As part of Trump’s commutation, they will no longer have to pay.
#law #felon47 #CFPB #SEC #corruption
https://www.cnbc.com/2025/03/28/trump-commutes-sentences-of-ozy-media-founder-carlos-watson-and-company.html
@briankrebs is there any evidence that #DOGE is releasing citizens #PII intentionally or otherwise that is being used by #cybercriminals to engage in #identitytheft?
This is the first I’ve heard of a “#BrushingScam,” where scammers “brush up” the reviews and trustworthiness of their online storefronts by using your personal data to order and review something on your behalf. They even send you the thing in hopes of #phishing more to commit #IdentityTheft.
https://proton.me/blog/brushing-scam
So now you have to treat the receipt of unordered merchandise the same as any other unsolicited commercial communication: a data #breach signal.
European Court of Human Rights Confirms: Weakening Encryption Violates Fundamental Rights
In a milestone judgment—Podchasov v. Russia—the #European Court of #HumanRights ( #ECtHR) has ruled that weakening of #encryption can lead to general and indiscriminate #surveillance of the #communications of all users and violates the #HumanRight to #privacy.
With #musk having access to all kinds of data now it seems like a lot of folks are recommending putting a freeze on your #credit to help avoid #IdentityTheft. I went through that today and while it was pretty painless creating an account with Equifax and Experian, Transunion really buries and hides the info as it seems like they would really like you to sign up and pay them a monthly fee. You don't have to by the way, they are required to do this for free. Anyway, for folks looking to do this themselves, I thought I'd type up the links and the various contact information:
TransUnion: https://service.transunion.com/dss/orderStep1_form.page
Experian: https://www.experian.com/help/login.html
Equifax: https://my.equifax.com/consumer-registration/UCSC/#/personal-info
Having the online accounts are a double-edged sword in that someone could technically gain access to that and request your credit be unfrozen. You can still freeze your credit if you do not wish to create accounts with the three agencies. This can be done either by mail or by phone. By mail you need to provide your full name, social security number, address history for the past two years, date of birth, a copy of a utility bill or bank statement from the last 60 days, and a copy of a government issued identification card with your address on it (note that passports generally do not contain that so you'll want to use a driver's license or state-issued ID). Again here's the info you need:
TransUnion:
1-800-916-8800
TransUnion Credit Freeze
P.O. Box 160
Woodlyn, PA 19094
Experian:
1-888-397-3742
Experian Security Freeze
P.O. Box 9554
Allen, TX 75013
Equifax:
1-888-298-0045
Fill out the form here: https://assets.equifax.com/assets/personal/Security_Freeze_Request_Form.pdf and then mail to:
Equifax Information Services LLC
P.O. Box 105788
Atlanta, GA 30348-5788
If you have online accounts or you call, they are required by law to freeze your credit within 1 business day of you requesting it and unfreeze it within 1 hour. By mail it needs to be frozen within 3 business days of receipt of your mailing and unfrozen likewise within 3 business days of receiving your mailing.
Please note, you'll need to unfreeze your credit when applying for a loan, mortgage, etc.
I suspect the links and the required information changes with time so the above links may not work if you're finding this information and it's a long time past February 2025. So if it is, just confirm the above is still correct before going through the process.
The #USTreasury data has been compromised (if not, it's pretty damn close) so here's a #PSA:
FREEZE YOUR #CREDIT REPORTS.
NOW.
The #Treasury data is either going to be sold to thieves or used to f people over because that's what Those People do.
Lock your credit down before you get calls from collection agencies wondering why you haven't made any payments on [something] you didn't know you bought. If your credit can't be freely checked, they can't open new lines of credit to buy swastikas on Etsy or whatever the f they buy.
https://bricksandclicks.marketing/security/how-to-freeze-your-credit-reports/
”Nothing short of an administrative coup“— @theatlantic.com
“Elon Musk is not the president, but it does appear that he—a foreign-born, unelected billionaire who was not confirmed by Congress—is exercising profound influence over the federal government of the United States, seizing control of information, payments systems, and personnel management. It is nothing short of an administrative coup.”
https://www.theatlantic.com/technology/archive/2025/02/elon-musk-bureaucratic-coup/681559/?gift=hQypVy1QFAo5EmYao55mN7VPjX2p4KE1k3asARb4PDE&utm_source=copy-link&utm_medium=social&utm_campaign=share #musk #coup #IdentityTheft
Personal Data of Rhode Island Residents Breached in Large Cyberattack - An “international cybercriminal group” harvested the personal data of potentially hundred... - https://www.nytimes.com/2024/12/14/us/cyberattack-rhode-island-ribridges-snap-medicaid.html #healthinsuranceandmanagedcare #deloittetouchetohmatsultd #cyberattacksandhackers #extortionandblackmail #computersecurity #healthsourceri #identitytheft #rhodeisland #ribridges #privacy
Here's today's example of how all the #identityProtection companies are incompetent.
This is a screenshot from the enrollment process at #identityDefense.com.
Notice that the first field is asking me for a date but not telling me what date I'm supposed to enter.
I'm guessing they're asking for my birth-date, but I shouldn't have to guess.
Did anybody test this before they released it, and if so, are the testers so incompetent that they failed to flag this issue?
#infosec #privacy #identityTheft
They say no foul play, but the #IdentityTheft she mentioned is, in MY EXPERIENCE, for some reason common among schizophrenic women, but not males. Dunno why. She is endangered. Either schizophrenia, or see: https://my.clevelandclinic.org/health/symptoms/22836-dissociative-fugue
"The update comes amid a massive search after her family said she sent them cryptic and bizarre messages about her money and identity being stolen."
Hawaii woman Hannah Kobayashi spotted entering Mexico - police
https://www.bbc.com/news/articles/c5y7819j500o
Warning: identity thieves are filling out the U.S. Free Application for Federal Student Aid ("FAFSA") form using other people's information in order to fraudulently obtain FAFSA money. The victim I heard this from didn't even fill out the FAFSA the year their identity was stolen, nor did they have a child in college at that time. They only discovered the fraud this year when filling out the FAFSA for their child.
Malicious commits target GitHub projects! A Texas researcher claims someone is impersonating him to sabotage his reputation. 
#GitHub #CyberSecurity #MaliciousCode #TechNews #Hacking #DataBreach #OpenSource #IdentityTheft #CyberAttack #ResearchNews
Public Warning.
If you EVER, and I do mean EVER see a QR code for anything... not just some things, ANYTHING.
Treat it as a scam, do not scan it, they can easily be covered up with malicious redirects to fake sites to steal your financial details. Direct you to malware sites to try and infect your device.
Treat them all the same... as toxic, potential harmful to your identity and security.
Never trust them... EVER!!!
If you 100% must use one, do what you should be doing at any (ATM) cash machine, check for devices that have been installed by crooks. See if you can peel the code off, not just at the area around the code, but the whole sign... look for anything unusual and if you have any doubts... even if it's 1% doubt... DON'T USE IT
This isn't scaremongering, scammers and thieves are out there every day, placing fake QR codes on signs all over the place. No where is safe from them. The way to win is not to play. Don;t buy into the enshitification of everything, don;t be told that you can ONLY do it one specific way (legally they have to offer more than one way to pay for a service).
Please boost and spread the word.
