Unlucky Winners

The Identity Theft Assistance Center has released its most recent report on what fraud and security attacks will look like next year.

So what's on the slate for 2011?

More sophisticated "social engineering scams" are expected, in which criminals typically exploit fear to get people to fork over their user names and passwords. Rather than fear, criminals will try to exploit greed, the report said, predicting a rise in sweepstakes scams in which criminals send letters with fake checks bearing the logos of financial services companies.

Similar scams are headed to mobile phones in text-message form, the center said. It also expects an increase in using fake readers and cameras at automated teller machines to skim card data for cloned cards.

Small businesses are also likely to be targeted more often as criminal rings using stolen information create counterfeit checks.

In the Army Now

Members of the armed services are at heightened risk of identity theft, The New York Times reported Dec. 7.

This is because Social Security numbers are used as personal identifiers at bases around the world, for everything from getting health care to using gyms. The last four digits of military people's Social Security numbers are even stenciled on laundry bags as identifiers, according to a report written by Lt. Col. Gregory Conti, a former Army intelligence officer turned West Point professor, referred to in the Times.

The Department of Defense said that, starting in May, Social Security numbers would no longer appear on soldiers' identification cards, the Times reported.

Scam to the Slam

On Monday, Attorney General Eric Holder announced the results of the Justice Department's 2010 Operation Broken Trust program, carried out by its financial fraud enforcement task force. It prosecuted 343 criminal defendants and 189 civil defendants in frauds allegedly affecting more than 120,000 victims, he said.

The criminal cases caused $8 billion in damages; civil damages were $2 billion, according to the Department of Justice.

The crimes included Ponzi schemes, affinity fraud, prime bank and high-yield investment scams, foreign exchange frauds, business opportunity fraud and other scams, the department reported.

In the Cards

Real-time credit card and loyalty transaction data is regularly disclosed to law enforcement agencies to track potential criminal activity, Wired.com's "Threat Level" blog reported Dec. 2.

The information, recently obtained by a security researcher through a Freedom of Information Act request to the Department of Justice, details law enforcement's use of spending data from all major card brands.

Federal agents reportedly write their own subpoenas, followed up by a judge's order saying the surveillance should not be disclosed. Normal data acquisition is more time-consuming and requires a judge's previous permission to gather data. Law enforcement agents usually petition credit card companies for historical data on potential criminals and then can follow up with a request for a live data feed.

Who Am I?

Some Internet-use tracking companies are trying to play nice by offering people the opportunity to scrub the data collected about them, and they let users opt out of being tracked at all, The Wall Street Journal reported Dec. 3.

Such data is typically collected and sold to companies, including banks, which then create credit card or other product marketing campaigns around it.

Eight data tracking firms, including BlueKai Inc., Lotame Solutions Inc. and eXelate Inc., have formed the Open Data Partnership, which is to be introduced in January. More than 100 data tracking companies and the Internet information giants Google Inc. and Yahoo Inc. have opted out of the partnership, though some in the past made their own attempts to give customers access to their data.

The Federal Trade Commission has called for developing a tool that would let people prevent their online movements' being tracked, but Internet advertising companies are resisting this, the Journal reported.

Push the Envelope

A new twist on cyber-bullying involves a Brooklyn, N.Y., Web-only eyeglass merchant who abandoned all civility in customer disputes — until he was about to reach his monthly limit on credit card disputes.

Vitaly Borker told The New York Times that his bad manners were good for business since customer complaints made him more visible in online search results. On Monday, U.S. Postal Service inspection agents arrested Borker, 34, and charged him with mail fraud, wire fraud, making interstate threats and cyberstalking, according to a Dec. 7 article in the Times. The mail and wire fraud charges each carry a maximum sentence of 20 years in prison upon conviction, the Times reported.

In a profile of Borker published last month, the Times wrote: "The only real limit on his antics is imposed by Visa and MasterCard. If too many customers successfully dispute charges in a given month, he can be tossed out of their networks, he says. Precisely how many of these charge-backs is too many is one of the few business subjects that Mr. Borker deems off the record, but suffice it to say he tracks that figure carefully and dials down the animus if he's nearing his limit. Until the next month arrives, when he dials it back up again."

Swiss Bank Account

Swiss bankers, claiming that he lied about his official residence on his account opening papers, closed a bank account of WikiLeaks founder Julian Assange before his arrest in London Tuesday on charges of sexual assault.

Assange's bank was the financial arm of the Swiss post office. He gave his address as Geneva, though he could not give proof of Swiss citizenship. Assange has used the bank account to accept donations to fund his whistle-blower website.

The bank told the Associated Press that Assange would suffer no criminal consequences and would get his money back, according to a Dec. 6 report in the U.K. paper The Guardian.

Security Watch is a weekly roundup of news and developments in data security and their impact on financial services companies.
Please e-mail us any comments, ideas, and suggestions about this column.