You’ve heard the phrase, “Too big to fail,” right? It’s a term that basically says certain banks or financial institutions are so large and interconnected that their failure would be disastrous to everyone else. A similar attitude has been floating around cyberspace for some time. Much like the first term, which the financial crisis proved wrong, the business mentality of being “too small to hack” is also failing.

According to the Wall Street Journal article, “Hackers Shift Attacks to Small Firms,” as small businesses make the leap to computerized systems, they are becoming prime targets for cyber thieves.

Business owner Joe Agelastri, who runs a pair of magazine shops in the Chicago-area, found out the hard way. After cyber criminals planted a software program on his cash registers, which sent customer credit-card numbers to Russia, the breach cost him around $22,000, slicing his annual profits in half. Though somewhat puzzled, Agelastri is just one of a growing number of small business owners who have experienced firsthand how prolific a problem cyber fraud has become in the SMB community. (more…)

An excellent way to improve one’s level of security intelligence is to follow the writings of Robert X. Cringley, one of my favorite technology know-it-alls.

Anyway, Cringley’s credit card was recently hacked. And if his card can be hacked, anyone’s can. Like many cardholders, Cringley received a notification from his credit card company’s fraud department, informing him that his card data was being used overseas, on an online dating website.

A scammer used Cringley’s credit card number to create a fake profile, posing as a woman named Katya to lure desperate, unsuspecting men into dating scams. (more…)

When it comes to protecting online accounts, multi-factor authentication—especially the use of tokens—has been considered the strongest protection against password theft and account takeover. A recent article from the NY Times, How Hackers Snatch Real-Time Security ID Numbers, explains the lengths that online criminals will go to in order to steal personal information and takeover accounts.

In the article, they explain a scenario involving an infection called the Clampi trojan, but the success of an account theft or takeover isn’t dependent on any specific trojan. All it takes is some method of infecting a computer in order to provide real time data from that computer back to the online criminal. The NY Times article details the way a trojan spreads and watches for ideal account targets. (more…)