Various problems in the existing industry and the solution

TaxScams – An identity theft

One of the major growing problems prevailing is Tax identity theft which is not a stolen credit card or a compromised bank account. But many people don’t realize that tax identity theft is becoming increasingly common. As per the IRS reports tax identity theft is No. 1 on its annual list of “Dirty Dozen Tax Scams” which delayed  many refunds in the 2012 filing season. When the IRS cannot detect and prevent tax identity theft, it becomes a complex post-filing issue for you and your client.

Core Problem to scale:

 In 2010, the Congressional Research Service noted that there were 8.1 million victims of identity theft in the United States. In 2011, the Federal Trade Commission reported that one out of four identity theft complaints received were related to tax identity theft, and the IRS detected 940,000 tax returns involving identity theft out of 141 million total returns filed.

In 2009, the IRS implemented its identity theft indicator system, which places a “marker” indicating identity theft on affected taxpayer accounts at the IRS. In just two years, the number of indicators created increased 153%, from 254,079 in 2009 to 641,052 in 2011. The IRS Identity Protection Specialized Unit (IPSU) tracked more than 254,000 new cases in 2011, and numbers for 2012 are even higher. The Taxpayer Advocate Office’s workload for identity theft cases has almost doubled in 2012, indicating that internal IRS systems are not sufficiently handling the caseload.

2-way tax identity theft:

There are two forms of tax identity theft: refund theft and employment theft.

Intentional use of another person’s Social Security Number (SSN) to file a false tax return to acquire an illegal refund leads to refund theft. Usually, this is detected when the IRS rejects an electronic tax return as a duplicate filing or rejects a paper return and sends a notice to the taxpayer. At this point, the identity theft victim has already lost the money and must confirm his or her identity with the IRS to process the return and, if applicable, receive the refund. The majority (85%) of identity theft incidents reported to the IRS involve refund theft.

Employment theft occurs when a thief uses another person’s SSN to obtain employment. The wages are then reported to the IRS under the victim’s SSN. Employment theft is particularly troublesome because it is often discovered months after the return was filed, and it can take several months to clear up.

Cyber Security Law congestions:

Law congestions are warned as potentially catastrophic consequences if congress doesn't pass cybersecurity legislation this year.

"Think about how many people could die if a cyber terrorist attacked our air traffic control system and planes slammed into one another," Sen. Jay Rockefeller (D-W. Va.) testified at a Homeland Security and Government Affairs Committee hearing last month. "Or if rail-switching networks were hacked — causing trains carrying people, or hazardous materials — to derail and collide in the midst of some of our most populated urban areas, like Chicago, New York, San Francisco or Washington."

At the hearing, committee Chairman Joe Lieberman (I-Conn.) said he feels like it's Sept. 10 2001, on the eve of a devastating terrorist attack. 

"The system is blinking red – again. Yet, we are failing to connect the dots – again," Lieberman said. Senior administration officials, including Homeland Security Secretary Janet Napolitano and FBI Director Robert Mueller, performed a classified demonstration of how the government would respond to a cyber attack on the New York City electrical grid in front of dozens of senators earlier this month.

“The simulation was realistic and illustrated just how dangerous inaction on cybersecurity legislation can be,” Rockefeller said. "If we don’t take these steps now, we’ll be back at this again at some point in the future, only it won’t be an exercise.”

The hearing and demonstration were part of a push for Congress to pass the Cybersecurity Act, a bill authored by Sens. Lieberman and Susan Collins (R-Maine) that would give the Homeland Security Department the authority to require that critical private computer systems meet certain security standards. The bill would also encourage private companies to share information about cyber threats with the government. Sen. John McCain (R-Ariz.) agrees about the threat of a cyber attack, but says the Lieberman-Collins bill would impose burdensome regulations on businesses. He has introduced an alternative bill, the Secure IT Act, that focuses on information sharing.

Jerry Brito, director of the Technology Policy Program at George Mason University, said the "rhetoric does not match the reality" on cybersecurity.

"When members of Congress talk about [cybersecurity] they conflate the different threats," Brito said. He explained that cyber espionage is a "very real" problem that is "happening right now." Companies and foreign governments are hacking into the computer systems of American companies to steal their trade secrets and gain a competitive advantage.

 

News on linkedin security issues:

LinkedIn's professional networking website has security flaws that makes users' accounts vulnerable to attack by hackers who could break in without ever needing passwords, according to a security researcher who identified the problem.

News of the vulnerability surfaced over the weekend, only days after LinkedIn Corp (LNKD.N) went public last week with a trading debut that saw the value of its shares more than double, evoking memories of the dot.com investment boom of the late 1990s. Rishi Narang -- an independent Internet security researcher based near New Delhi, India, who discovered the security flaw -- told Reuters on Sunday that the problem is related to the way LinkedIn manages a commonly used type of data file known as a cookie.

After a user enters the proper username and password to access an account, LinkedIn's system creates a cookie "LEO_AUTH_TOKEN" on the user's computer that serves as a key to gain access to the account. Lots of websites use such cookies, but what makes the LinkedIn cookie unusual is that it does not expire for a full year from the date it is created, Narang said.

He detailed the vulnerability in a posting on his blog at www.wtfuzz.com on Saturday.

Most commercial websites would typically design their access token cookies to expire in 24 hours, or even earlier if a user were to first log off the account, Narang said.

There are some exceptions: Banking sites often log users off after 5 or 10 minutes of inactivity. Google gives its users the option of using cookies that keep them logged on for several weeks, but it lets the user decide first. The long life of the LinkedIn cookie means that anybody who gets hold of that file can load it on to a PC and easily gain access to the original user's account for as much as a year.

The company issued a statement saying that it already takes steps to secure the accounts of its customers. "LinkedIn takes the privacy and security of our members seriously," the statement said. "Whether you are on LinkedIn or any other site, it's always a good idea to choose trusted and encrypted WiFi networks or VPNs (virtual private networks) whenever possible."

The company said that it currently supports SSL, or secure sockets layer, technology for encrypting certain "sensitive" data, including account logins.

But those access token cookies are not yet scrambled with SSL. That makes it possible for hackers to steal the cookies using widely available tools for sniffing Internet traffic, Narang said. LinkedIn said in its statement that it is preparing to offer "opt-in" SSL support for other parts of the site, an option that would cover encryption of those cookies. The company said it expected that to be available "in the coming months."

But LinkedIn officials declined to respond to Narang's critique of the company's use of a cookie with a one-year expiration.

Narang said that problem is particularly acute because LinkedIn's users are not aware of the problem and have no idea that they should be protecting those cookies.

He said he found four cookies with valid LinkedIn access tokens had been uploaded to a LinkedIn developer forum by users who were posting questions about their use.

He said he downloaded those cookies and was able to access the accounts of the four LinkedIn subscribers.

CITI-Bank Hacked IBSS On-Demand Biometric Security Products:

Banking giant Citibank has confirmed that credit card data of about 200,000 of its North American customers have been hacked, the latest in a string of cyber attacks. However, CITI said other information such as credit card security codes, social security numbers, birth dates, card expiration dates were not compromised. The news was first reported by Financial Times. "We are contacting customers whose information was impacted.

CITI has implemented enhanced procedures to prevent a recurrence of this type of event," Citigroup spokesman, said in an emailed statement to Reuters. "For the security of these customers, we are not disclosing further details," the statement added. Hacking groups have really become a big headache not only for governments but also for corporate giants as well as media organizations. In December 2010, groups like Anonymous attacked the websites of Master Card and Paypal in retaliation of their decision to freeze the account of WikiLeaks. Sony's PlayStation Network was hacked in April and put offline due to a "compromise of personal information as a result of an illegal intrusion". At the time of the intrusion, the network consisted of "approximately 130 servers, 50 software programs and 77 million registered accounts. The attack is expected to cost Sony more than $170 million. The lack of cyber security has emboldened serious institutional cyber criminals to hack companies like Google and Lockheed Martin. In Google's case, the cyber attackers were able to gain access to personal information on Chinese political dissidents and presumably feed that information to the Chinese government. Lockheed Martin, one of the biggest defense contractors, detected a significant and tenacious attack on its information systems network on May 21. However, the company said no customer, program or employee personal data has been compromised. The websites of Public Broadcasting Service (PBS) has been hacked and hackers have also posted a hoax story claiming that rapper Tupac Shakur was still alive and living in New Zealand. Such hack attacks show the pervasive lack of preparedness against cyber attacks, so much so that a loosely-organized group of enthusiasts can deface and embarrass the largest corporations and media organizations in the world.

 

Google Gmail Accounts Hacked From China:

Google (GOOG) disclosed Wednesday that hundreds of Gmail accounts, including those of senior U.S. officials and Chinese political activists, were targeted in a concerted hacking campaign originating from Jinan, China. Unlike a series of cyber attacks from China last year, Google said the goal this time was not its own central systems, but the individual accounts of users of its email service. The attacks, which Google said also targeted government officials in South Korea and other Asian nations, military personnel and journalists, were likely the result of "phishing" attempts, in which the attacker dupes users into sharing passwords.

There were no indications Wednesday that the latest round of attacks would prompt any change in Google's operations in China. Nor was there evidence of Chinese government involvement, although some analysts speculated Chinese officials could be indirectly involved.
"We have more than 500 employees and hundreds of partners in China and we plan to continue to work there," Google said in a written statement provided to this newspaper. Google said the latest attacks, which gained access to an undisclosed number of accounts before they were detected, intended to spy on the private email conversations of U.S. and foreign government officials, political dissidents, journalists and others. The phishing campaign is being investigated by the FBI and other federal agencies.
"We are working with Google and other U.S. government agencies to review this matter further to identify the origin of this campaign and to see what information may have been compromised," the FBI said in a written statement released Wednesday. Neither Google nor an FBI spokeswoman would comment on which senior U.S. officials were targeted. Some of the same targets of last year's Gmail attacks may have been targeted again. Tenzin Seldon, a Stanford student and Tibetan activist, said she noticed that someone improperly commandeered her email account in March and managed to send messages under her name to other Tibetan leaders.
This particular attack used a method called "spear phishing," in which the attacker uses small bits of real information to trick someone into sharing access to their email account. In this case, government officials received a message in their personal Gmail account that appeared to come from the address of a close associate or collaborating government agency, according to an analysis cited by Google as one way it discovered the latest Chinese attacks.
The messages were crafted to appear as though they had an attachment with links such as "View Download" and a name of the supposed attachment. However, the bogus link led to a fake Gmail login page, which the cybercriminals used to obtain passwords. Google "did their own extensive investigation," said Mila Parkour, who wrote the malicious software analysis cited by Google. "The attack started probably a year before if not longer." Google said in a posting to its official blog Wednesday afternoon that it had detected and disrupted "this campaign to take users' passwords and monitor their emails," and had already "notified victims and secured their accounts," as well as alerting authorities. "The goal of this effort seems to have been to monitor the contents of these users' emails, with the perpetrators apparently using stolen passwords" to gain access to Gmail accounts, the company said in its post. Google said it was not accusing the Chinese government: "We can't say for sure who is responsible," a Google spokesman said. Last year's cyber attacks broke into Google's computer security infrastructure and resulted in the theft of the company's intellectual property, allowing the attackers to gain access to the Gmail accounts of Chinese activists in the U.S. and other countries.
According to an investigation by The New York Times, the attacks originated in several schools in Jinan province. That intrusion helped precipitate Google's decision that it would no longer comply with the Chinese government's rules that it censor politically sensitive results from its Internet search results. It moved its search service to Hong Kong. Chinese government officials have vehemently denied involvement in earlier attacks. Security experts who specialize in protection against cyber attacks that originate in other countries said that even though the latest attacks targeted political activists, it may be impossible to ever prove whether the Chinese government played any role in the latest attacks. In some cases, said Larry Ponemon of the Ponemon Institute, a Michigan-based computer security consulting company, the governments of China and other nations may shelter cybercriminals in exchange for the information they steal from U.S. networks or individual accounts. While many phishing campaigns target large groups in hopes of finding a few victims, these attacks targeted specific high-value targets.
"It could be a dark alliance where the syndicate is allowed to operate, reminiscent of the (historical) privateers that became pirates," Ponemon said. "China is pretty bold. They are actually educating people to be really good hackers, to be really good cybercriminals." Typically, Ponemon said, people may be slightly less guarded about their personal email accounts. "They are going after people of consequence whose information might be valuable. That's the scary part. " Parkour also believes it is likely the Chinese government was involved.
The same people "are after sensitive corporate, military and government data," she said in an email message. "They might be foreign government sponsored directly, on payroll, or indirectly, selling what they find to willing buyers."
Google on Wednesday urged its users to take safety precautions such as using its two-step verification feature for Gmail, and to use a password that they would not use for any other account but Gmail. 

 

Social Networks become latest window for cyber attacks:

When Remya, a Facebook user saw an application on her wall saying Click here to check who viewed your profile curious she clicked on the link. An hour later she realized her account had being hacked after friends complained that she had posted malicious links on their Facebook walls. With Remya, her 250 friends also became victims of the malicious software. With the growing popularity of social networking in India, perpetrators are increasingly using easy mediums such Facebook and Twitter for conducting illicit activities.

Facebook with around 12 million users in India has played host to a string of malicious attacks: The last minutes of Osama Bin Laden, What are you doing in this video?, You know who just got a new iPad2 for no cost, etc. These are just a few of the recent malicious campaigns that hit the Facebook walls. According to security experts, the reason for targeting Facebook is the burgeoning number of users, users age and their profile. Most spams or links have attractive headlines that make the user curious. Since Facebook does not provide a system to view the visitors of your profile, when an application appears on the Facebook wall its natural that you might click, says Vinoo Thomas, technical product manager, McAfee Labs. Apart from this, according to a report from Trend Micro, there was another attack on Facebook which claims to have the ability to verify the security of users accounts. It said, by clicking the link users can avoid Facebook spam. However, in reality, accessing the site is just another ploy to instigate the very same threat that the user wants to prevent. Most social networking sites have two basic application types: Social plug-ins that allow the integration of basic features onto any websites and canvas applications that interact with the profile and can send updated messages or open new pages. Another reason cited for increased attacks on Facebook is there easy access. Some of these applications can access public information, profile information, access posts in the newsfeed, access photos and videos, access data any time. Also, an application can request off-line access privileges from a user. If they are granted, the application can access the user information at any time, regardless of whether the user is actually interacting with the application or even logged into the social networking sites, Abhijit Limaye, Director, security response, Symantec said. Twitter is another social media platform that is becoming the tool for cyber criminals. Every tweet in Twitter is restricted to 148 characters and this is becoming an advantage for criminals. Twitter is becoming a mass-medium for information circulation and most posts in Twitter uses shortened Uniform Resource Locator (URLs). Cyber criminals use this embedded URL as an easy tool, they follow you and learn your interests and post attacks with similar topics and a shortened link of malicious content. These links can make your computer a botnet. Security experts recommend not to use unknown applications or URLs which can compromise your security. It is always better to take precautions than falling prey for somebody. Recently, leveraging on global events, criminals are making more attacks on the recent events and it is expected to grow. Experts says users has to be cautious as they become more curious for gathering information, as criminals are defining various ploys to steal information.

Follow Me