When you think of protecting your data, does it occur to you that your data also needs physical protection? This article gives valuable insight into what to do when your data is in danger due to physical accidents.
Your mobile device. In a scenario where your phone goes missing, assume your accounts and passwords have been compromised. Login to your accounts and change all passwords stored on that device, alert your banker, and obtain a police report to assist dispute possible fraudulent charges. If “Find my phone” can’t help you quickly recover the device – remotely wipe the drive. To prevent personal data loss, turn on your “Auto Backup” feature.
Furthermore, do not leave your devices unattended. Always use a password and lock screen, turn off Bluetooth and WiFi when not using them, don’t set your device to be discoverable, keep laptops in a locked office or use a cable lock, and don’t store sensitive data on any mobile device.
Related: New Skimming Trend: Injecting Malicious Scripts into Routers
How Does Data Theft Happen?
Credit/Debit Cards. There are two primary methods of credit and debit card fraud: skimming and shimming.
Skimming is a long-term method of collecting card data that has been used by scammers for quite some time. An example of “skimming” would be attaching a device over the card reader of an ATM or gas pump. The point? Every customer who slides his card gets their magstripe data copied.
On the other hand, shimmers slip a thin device inside of card readers to collect chip data. However, shimmers can only copy limited data – the same card info as magstripe skimmers.
Of course, skimming and shimming aren’t the only methods scammers get by with. Video surveillance is a major helping hand for those who commit fraud. For example, hidden cameras or number pad overlays are often used to collect consumer PINs in addition to their card data. PIN-access opens up an entirely new window of opportunity for a scammer: universal use – online and in-person.
With this information, scammers typically create spoofed duplicates of these cards, selling them on the black market. One single stolen credit or debit card number sells for an average of $5 on the dark web. Throw in the bank (routing and accounting) info, the product value triples.
True Story
2013 in Brazil, locals found two entirely fake ATMs installed on top of existing machines. Both fake ATMs were equipped with a display, PIN pad, and 3G Internet to store the stolen data. Even more, disassembled laptops and card readers were found left in the fake ATMs.
Related: Which Information Are Cybercriminals After and What Do They Do with It?
How Often Does Data Theft Happen?
First off, less than 5% of Americans are concerned about the security of their chip card. However, credit and debit card fraud resulted in losses of nearly $28 billion in 2018. Merchants who switched to chip readers noticed a 76% drop in the fraudulent payments they received from 2015 to 2018. Simultaneously, the entire nation was relieved with a 49% decrease in counterfeit payments. In 2019, 99% of American payment transactions were processed on chip debit or credit cards. By October 2020, all brick-and-mortar merchants across the nation will be mandated to use chip transactions. If not, the business will be legally liable for any fraud the consumer endures as a result of shopping there.
Outside of financial theft – device loss and theft is a major contributor to data loss.
25% of laptops are stolen from either the office or a car. In a different setting, 14% are lost in airports or on airplanes.
Another story – a laptop and external hard drive were stolen in 2006 from the home of a Veterans Affairs employee. The devices gave the thieves access to unencrypted, private data – including 26.5 million names, social security numbers, and birthdates; as well as 2.6 million disability ratings – including health information.
Overall, 25% of stolen or lost laptops are recovered. Interestingly, laptop left costs 8x more to a business than just replacing the device would – because of the data loss. If a device is lost or stolen, thieves can easily gain access. For example, mobile devices commonly store sensitive data such as passwords and account numbers.
Are Chip Cards Safe?
Safer than magstripes. Chip cards can still be hacked, and duplicated – it’s technology. However, chip cards are much harder to collect data from at large, making them less profitable than the now-rare magstripe.
It’s also important to note that all chip cards are not of equal security. There are many credit and debit card issuers around the world who offer cards with much higher security than the American chip. For example, the chip-and-PIN authentication that is used throughout Europe. Only a few issuers in the U.S. offer the chip-and-PIN card.
What Else Can I Do?
Keep an eye peeled for red flags – trust your gut. Any loose pieces, mismatch materials, or obscured markings on your debit or credit card could be an indicator of tampering.
Turn on Fraud Alerts. This is something many do not take advantage of, and most financial institutions offer, via mobile app or text message alerts. Consider saving your bank’s number to your contact for swift communication, and avoiding the possibility of mistaking them for a telemarketer. If your bank reaches out to you about potential fraud, responding quickly is in the best interest of your data’s protection.
Choose your ATM wisely. Use an ATM on a busy, well-lit street. Even better- an indoor ATM, which provides greater security.
Finally, hide your PIN. This should come by default. Never share your PIN, regardless of the relationship. Moreover, cover your hand to avoid a hidden camera recording and stealing your PIN.
Nearly 1 in 5 security incidents involved device theft or loss in 2017 – accident loss and device theft are the biggest physical threats to your data. You can discover more helpful information and facts in this infographic on data theft from Computer Science Degree Hub.
Demetrius has been a tech-lover since 2013. Demetrius currently writes tech news for Robotics Business Review & 21stCenTech, and has also conducted hands-on ISEF research from 2013-2016. Recently, Demetrius found an interest in SEO tech and halfway through completing his undergraduate’s degree. In the meantime, he is the Jr. Promotions Specialist at NowSourcing, Inc- a premier, award-winning design agency. Connect with Demetrius @demeharrison on social sites.
