Hours after President Trump said Sunday he had "second thoughts" about escalating the trade war with China, the White House sought to explain his remark because it was...Politicsread more
Clouding the G-7 gathering, which represents the world's major industrial economies, are the tit-for-tat tariffs between Washington and Beijing.Politicsread more
President Donald Trump said that he would have a major trade deal with U.K. after it leaves the European Union.Politicsread more
Despite Kudlow's expectations, China said on Saturday that it strongly opposes Trump's decision to levy additional tariffs on $550 billion worth of Chinese goods, and warned...Politicsread more
President Donald Trump said Sunday he was not happy after North Korea launched short-range ballistic missiles over the weekend.Politicsread more
Carl Medlock used to work at Tesla. Now he's one of the few people in the U.S. that can fix the company's original Roadster electric vehicles.Technologyread more
The Goldman Sachs technology M&A team, led by Sam Britton, has cashed in on its software focus and decades of experience to dominate 2019's biggest deals.Technologyread more
American small and medium-size companies that rely on China are scrambling to adjust their business plans in response to the escalating trade war.Traderead more
Here are the products that stand to be the most affected by China's new tariffs on $75 billion worth of U.S. goods.Marketsread more
The summit comes amid fears over a global economic slowdown, and U.S. tensions over trade allies, Iran and Russia.Politicsread more
The world's second biggest economy is past a point where it cannot ignore its enormous debt anymore, according to an analyst.China Economyread more
By the time you hear about a data breach, it's way too late to put measures in place to lock thieves out from using that data.
"If you post it, they will use it," concluded a Federal Trade Commission presentation on a new agency study. And quickly. When leaked consumer data like credit card numbers or email login details are made public, it's a matter of minutes (and at best, hours) before thieves make an unauthorized access attempt, it found.
"There's a real mystery of what happens to consumer data when it becomes public," said study co-author Dan Salsburg, chief counsel and acting chief of the FTC's Office of Technology Research and Investigation.
To see what happens to leaked data, researchers crafted a batch of 100 consumer profiles, each including a made-up name, an address from a national database, a phone number and email set up for the purpose of the study, and one payment mechanism also set up for the study — either an online payment account, a bitcoin wallet or a credit card. Each customer profile also included a password, although they didn't specify what the password was for.
"Our goal was to make this customer database look as realistic as possible," Salsburg said — as if it could have been stolen from a small business.
Researchers posted the faux database two times on a site they know thieves to frequent. Within 90 minutes of the first posting, thieves had started to try to access the email and payment accounts listed. On the second posting a week later — which a Twitter bot picked up — it took just nine minutes for thieves to start trying to use that data to make purchases and access accounts.
These three study insights on how thieves tried to use the leaked data could help consumers better protect themselves:
Thieves were most interested in the credit card numbers, with FTC researcher spotting frequent charge attempts even weeks after the data had been leaked. That's likely because card numbers were the only data that could immediately be converted into money, Salsburg said.
Setting up alerts for suspicious transactions — big purchases, those made abroad, etc. — can help, but don't stop there. Regularly reviewing your account for new charges might help you catch an early warning sign: small test charges.
The vast majority of the attempted charges in the FTC study were for less than $10, as thieves attempt to verify the account is usable before selling that data or trying for a bigger purchase, Salsburg said. (See chart above.)
(That's likely also why a few thieves tried the cards at charity sites, he said — because nonprofits may allow small-figure donations and offer quick feedback on whether a card was accepted. "Our identity thieves are unlikely to be big philanthropists," he said.)
Thieves in the FTC study were unsuccessful in their attempts to hack customers' emails.
"Every account was protected by a wrong password or two-factor authentication," Salsburg said.
Using two-factor authentication on not just your emails, but other bank accounts, social media accounts and others where available, can be a smart move, said Paul Stephens, director of policy and advocacy at the Privacy Rights Clearinghouse.
When that technology is in place, logging in requires not just a password, but a secondary point of ID – usually in the form of a texted code. In other words, unless the hacker also has access to your phone, he or she is out of luck.
The quick turnaround from the time researchers posted the data to the time thieves started to try to use it shows that it's better to be proactive rather than reactive about protecting your accounts and identity.
"The information is already out there by the time you find out about it," Stephens said. "Unless you've been proactive, it may be difficult to remediate the situation."
Smart steps include creating a unique and complex password for each account, he said. That keeps thieves from using one compromised password to crack your email, bank account or other retail logins.
Once you hear about a breach, best steps to limit the damage may include changing passwords, signing up for free credit monitoring or even placing an alert or freeze on your credit file. (See infographic below.)
"The nature of the data that has been leaked is going to determine what you can best do to protect yourself," Stephens said.