IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [identity-theft]

Identity theft is the act of impersonating someone else on a computer system, for malicious purposes - i.e. without their knowledge or consent.

119 questions
151
votes
12 answers

Do I need to encrypt connections inside a corporate network?

Provided that I have a decent level of physical security in the office, I monitor the physical addresses of devices connected to the network and only give VPN access to trusted parties, do I need to encrypt access to intranet resources over HTTP?…
Robert Cutajar
  • 1,461
  • 2
  • 7
  • 7
140
votes
7 answers

Internet courtship: Why would a hacker buy me poker chips?

Believe me, I never expected to ever write a title like that on a Stack Exchange site either! Yesterday evening I got a call from my mother. She is quite tech savvy and generally knows her way around spam and viruses. However, yesterday she was…
Bram Vanroy
  • 991
  • 2
  • 6
  • 9
106
votes
11 answers

How dangerous is it to reveal your date of birth, and why?

At some point I told a friend that it's dangerous to reveal your birth date (kind of like your social security number or your mother's maiden name), because it's a crucial piece of information for identity theft. However, I'm not sure what exactly…
user541686
  • 2,502
  • 2
  • 21
  • 28
66
votes
6 answers

Should I be afraid of biometric IDs?

The Israeli Minister of the Interior is pushing legislation to introduce biometric IDs. On the one hand I hear his argument that it can help to prevent identity theft. On the other hand, something makes me very nervous about having my biometric…
Shaul Behr
  • 1,027
  • 1
  • 9
  • 16
57
votes
6 answers

How do I deal with companies that call and ask for personal information?

Several times I get a phone call from a company- my bank, utility companies etc. Many times they are just cold calling me, but once or twice they were calling for legitimate reasons (ie, something to do with my account). The problem is, all these…
Shantnu
  • 737
  • 1
  • 5
  • 8
27
votes
3 answers

Another domain is using our web app's IP address. How to prevent it?

Our web application is being mimicked by another domain, https://www.djjpl.com.sg. On ping, it gives the same IP address as ours. Every git push to our server reflects on that domain. We want to stop that domain from mimicking our app. How can we…
IamGhale
  • 323
  • 3
  • 6
23
votes
6 answers

How to be mean to some people that stole my phone

My iPhone was stolen a couple of weeks ago and I started receiving the following messages on my recovery secondary number that I provided with Find My iPhone: The URLs…
Lino Velev
  • 359
  • 2
  • 4
21
votes
7 answers

Unexpected email from Yorkshire Bank

I have started receiving unexpected emails from Yorkshire Bank. I have never been a customer. I don't recall applying for any of their products either, although maybe I did many years ago. The first of the strange emails reads: Your partial…
Stewart
  • 343
  • 1
  • 3
  • 8
20
votes
3 answers

Knowing when there has been a data breach from your database

How do companies know when there has been a data breach? For example, do they monitor event logs for login audits or do they wait until a paste is made of their data in a pastebin type site? Is it possible that many smaller companies never know that…
DomBat
  • 607
  • 1
  • 7
  • 13
19
votes
5 answers

419 Nigerian scam problem

I fell in a scamming trap. It took me a while to figure it out. Blinded like an idiot. But it is what it is. I can only do as much as I can now. Tell me if there is anything else I should do. After realizing, I scanned everything for viruses but…
eternalidiot
  • 209
  • 2
  • 4
19
votes
4 answers

Help! My information has been stolen! What do I do now?

This is an attempt to ask a canonical question to expand upon another post with a similar name. The goal is to create something helpful that can be used as a duplicate when non experts ask about personal credentials being stolen. Let's say that I…
CaffeineAddiction
  • 7,517
  • 2
  • 20
  • 40
12
votes
3 answers

Session Hijacking through sessionId brute-forcing possible?

cookies usually contain a sessionId to keep track of a logged user. What would prevent a malicious user to forge millions of requests with random sessionIds and send them to a server, hoping to luckily end up with an existing session Id, and…
niilzon
  • 1,587
  • 2
  • 10
  • 17
12
votes
2 answers

Are social security numbers useless by themselves?

453.7 million social security numbers have been issued to date. There are only 1 billion = 1000 million distinct 9 digit integers. This means that if I were to make up any 9 digits, I would have roughly a 45% chance of guessing someone else's valid…
jake192
  • 367
  • 2
  • 8
12
votes
2 answers

Is the image of the signature considered PII?

I wrote a pay app and as part of that, I have a HTML5 canvas where buyers can sign for credit card or goods received. I then ajax the base64 back to the server in a DB table (genius, I know). I also have a means of changing it to png for reporting…
Zuzlx
  • 235
  • 2
  • 8
12
votes
2 answers

Is it dangerous to delete my email account?

If I delete an email from a popular provider (Gmail), would it be possible for somebody to register a new email account under the same name and use it to steal my identity? For example, my email address is abc@gmail.com and after it is deleted the…
George
  • 271
  • 2
  • 6
1
2 3 4 5 6 7 8