Apr 2, 2014|
Angela talks with Jason Glassberg of Casaba Security about how to keep your identity from getting stolen.
We're discussing the hot topics of the day with co-host of First Take, Todd Menesses.
Angela discusses the shooting in Lafayette and says farewell to WWL as she hands her timeslot off to Scoot.
What's trending in sports, news, and entertainment?
Angela talks with WWL-TV investigative reporter Katie Moore and Tulane law professor Tania Tetlow about the city's backlog of uninvestigated rape cases.
Automatically Generated Transcript (may not be 100% accurate)
Well it is tax time and that means the seeds are out those that want your tax refund. The route to steal your Social Security numbers. In the last three years the IRS has flagged over fourteen million. Suspicious tax returns blocking more than fifty billion dollars in fraudulent refunds. So to talk about identity theft in all of its forms and how to protect yourself is Jason glass -- co-founder. Of cassava. A full service cyber security company. He is going to be with this for the entire hour so if you have any questions please give us a call at 2601870. Doesn't nationally have to be about tax return. Even though that's what we're gonna focus on initially. -- any thoughts at all about identity theft this is your chance this man is -- supreme expert 2601870. A Jason thank you so very much for joining us. Well thank you for having me. Let's talk about the the biggest tax time scams I was reading over some of the notes that you would -- incredible. And I the words I'd never seen. Spoofing click jacking in Google to working. All tricks of the trade you'd have to explain. Yet -- are all terms that are used. From these kinds of of attacks. And you need to come up with a catchy phrase let's suppose for all these techniques. And they each one of them my. Kind of refers to the message in which their use so for example Phishing spelled PA each and you. Is exactly like -- like -- or -- in the lake. With some data on it hoping to catch a fish. People are allowed information -- you will. Trying. To and here you into giving up your personal information. And this would refer to things like getting an email from a bank or getting an email from someone who pretends or purports to be your friends says. Hey I need some money I'm stuck here in Nigeria or this is your bank we've had some activity in your account we need you to re launch in the and researcher count but of course that mental being fake. If they re direct you to a malicious web site. That web site would collect disinformation. And basically you had given up your username and password for for you -- that would be considered efficient attack. Do you literally when you get something like that ten just say you know what. I'm not doing this I'm going to go to the bank myself. Well that's exactly you know -- have to realize that these people are taking advantage. And basically be an educated consumer. The bottom line to all of this and most especially efficient it taxes they referred to when they referred to your account information in the past and stuff. Is that there is absolutely no legitimate financial service company out there. Who would ever ask you to transmit that information in that manner. -- -- Either that contact you via mail or they'll contact you via the telephone. But these companies -- your bank to credit card companies there they're pretty aware. Of these things going on that note that any any. Email contact witnesses can necessarily be construed as as of this attack so. Really well. One is never respond to those kinds of emails that your password and username. Even if they'd look legit and seeing some of the things from my husband. Got -- this is not an email this was an actual letter from his bank. With the exact same. You know. -- -- -- -- it looks he shocker to me looks so legitimate he didn't fall forty went to the bank and they said this is scanned. Well absolutely you know and that that's. That's. The fact of the matter is that if these scams. Weren't realistic. And legitimate it wouldn't be you know -- looks and then these these communications laws so legitimate in that they wouldn't be so successful. The fact that we're having this conversation right now today just goes to show how successful these the attack -- And really what's interesting about this whole fishing fault I mean is that that but the reward. But risk vs off is so low. Because you know just sent -- email. We needed something more companies that look like your bank doesn't really cost. The person sending it -- disillusion you very much. And so they can quote -- afford to send out. Millions of these communications and even a small percentage of people respond if it's still a terrific way to that the cost of doing it without so much which is. One of the reasons -- so pervasive. Since last year group called get cyber safe release stats on the success rate of fishing they found that of the get this. A 156. Million Phishing emails that go out every day. That's mind blowing sixteen million make it past email spam filters eight million opened. 800000. Click the links back to 10% success for. It exactly and the cost of of producing that mail and sending about 888 minutes to a lot of -- you know if you can measure -- intense. Well this anti Phishing working group he said AP WG. At its fishing is up 20% it's literally. -- an element of criminals who this is their life. Yes and and quite frankly -- they're quite good and and again bomb that there are enough people falling for these gains and there's enough money to be made all the information gleaned from these games. To basically support the entire criminal enterprise that global criminal enterprise. Look I wanna go back only because on -- and the British. -- -- Yes that was in the little -- our favorite terms that you noticed when your. Out on the on the world like that you'll notice many times you're given a choice to click OK. If you wanna download this file -- You wanna push the light and if you wanna like get on. On FaceBook well those are built. Themselves are elements. Of the web page. What a click jacking attack dozens. Is what has gone in and substituted that particular element. That an element. So instead of saying okay do this you're really saying okay go to this other web site and do this other action meaning. You may think you're hitting the like button because you wanna like FaceBook. But what you're really doing -- you're pushing a button that says okay download and install the software. And so that that that's basically the technique with click jacking it it's an extremely. Effective way. To get people to install. Malicious software trojans vehicles like you know which is like intrusion -- of war. And so it's something to be extremely. Careful about. You always want you to ensure the web site you're wrong. And I think what you're doing is actually the west and you think you're on and you're doing that thing you want to be doing which again goes back to this is being careful and aware. Your actions on the web. More than what is Google dork. Go -- is is and basically it's going into Google and searching. Somebody's name and just seeing how much information you can -- about the what he's biggest weapons. The criminal activity the that the professional again we have. Is that fact that we now loath to share information about ourselves we put things linked in we put things on FaceBook. We share pictures on terrorists we. Search and we have references to ourselves all over. And they'll haul. But the ability to make a realistic. All email is being able to establish enough authority and credibility that you believe this. So for instance -- on FaceBook and I have electable like friends. I think they'll want to say hi hi is a bad person and go on to FaceBook but I can go and -- taking a look at these for. And discredit simple they cast I shouldn't get in touch with you about this. Which is just the fact that I mentioned one of my friends or my friend mentioned it adds the bit of credibility and would make the so what more susceptible to believing that this is legitimate mail. And so that the concept of -- is just going in and doing as much background information about the target that group of targets. Com that you can and again it's it's it's free and it really doesn't cost all that much effort to do. A little creativity by the criminal mind. Well and that is that he you know the certificate I guess it's a fine line between between art and criminality when it comes to this because some of the tricks. That battered the -- to get cheated to stuff that you wouldn't normally do are sort of easing. One of the ones and I think is fascinating is that tactic you can go and create. Web addresses. That you know -- it will be carefully if you walking into the the web site you think you're supposed to be launching into a -- going to the right place but. I think it's interesting if you go and what he went to the FaceBook FaceBook FAA. CE POK. But if you put these heroes. Instead of that OK you're going to Facebook well. Here if it looks amazingly like FaceBook and pick up. On the fact that you're not going to the legitimate FaceBook you go into the doubles your. And so that is a very. Popular attack. Well and the another way that that that you know people or are very creative about -- -- go places we normally wouldn't -- ago. I want you to stay with us everyone not Jason blessed brokers are very special guest and we are talking about all kinds of crimes IC David's on the line stay with this. Give us a call at 2601870. And we're gonna talk identity theft right after the Jason bless -- very special guest she is co-founder of cassava but which is a full service cyber security company. And we're talking about other tricks of the trade of identity theft. I'd like to get take our caller first time David from New Orleans. David. -- -- payable on -- that you don't now to show that you do that. All my god you just made my day thank you very much. Great job keep about it. I don't -- let's jam out on that and out on -- consider much so pretty astute about not click. And so and so -- And this window pop. And it's that you need to update Adobe Flash Player. You've worked. Just like the Adobe and it looked like -- at that site. Act like that -- And this thing took over my computer. And my whole desktop went away. And it. Interpol. And then it and -- Picture of Obama lag in this race in my computer had been taken over. -- Involved in. Illegal activity. -- -- -- -- -- Thing like PayPal or on the PayPal something out. It -- you go out and -- though they'll get -- Bill -- computer for under bow like you know if you're part of privilege does all. It was humble Apatow put it and still get. I don't computer tech among over. What he. Matt and malware. First. Utley it'll work out where it still on my computer just out of the jail. -- -- -- That and that is absolutely horrendous and let me tell you. I could almost hear a smile on your face you have a better sense of humor than I would I would be hurling that computer out the window but. But isn't that what they called Jason ransom where. They exactly exactly and I'm sorry authority here that that you were victimized by an especially Nancy. Virus and in fact there there really isn't much of -- known cure for it takes advantage of are you running windows XP by any chance. Network and and in the water. My question was. -- Isolated. It's still on the computer. And you know that they expect a couple hours early computer out the window and number one on which expensive -- -- tribal. To do but it is there. He can't really answer that question to Apple Computer but it definitely right but we've actually it is and it's my children. But it still here in. It was a problem likely. He was in infection. The your master boot record which is very low couple. Part of the operating system even before windows did -- up and shows its its windows -- -- have to run a certain set of routines. And that's probably -- this infection. Took place there they're extremely difficult to remove the you can though. Temporarily isolate them what what I would recommend in this case. That you do is you'd take all of the files off your machine that are important to your photos picture to your music. -- say them. To be. -- USB drive or another this or whatever. And you can just have to flatten your machine and rebuild. A -- and I know. And those files because they actually built but not if you technically make you don't have ought to hopefully turned on I'm not sure you're aware of what -- hopefully it is it's. When you stick in. A drive your computer can automatically open windows or play music there's been sitting in control -- -- -- up and make sure that all. Okay. But let me ask you if if he does not thing but what he's already done which is sort of put to decide. Any continues to add information on his computer while they have access to that new information. Without these court you know without knowing. Without seeing it there army variations of this particular strain. Some are smarter than others some -- actually self healing and in -- -- being contained. And reestablish themselves. Others and others actually open communication channel back to them on the ship if you will. And if communication. Is not established and regular interval will go back in fact. So essentially what you do is when you're isolated by yourself small time window to get yourself ball. And just like machines. And that question. Automatic back up to were two site back up -- almanac. I'll let that backs up my computer and chained to sit on the back. It depends on what you're backing up. Are you doing a fullback debris just selecting finals. Also again it will depend on the strains. Of. The -- So it notice that you. The network connections or you know and and can infect everything on the network. Others -- You're back up files though it's good to look back at my other recommendation of course everyone is back up yourself. Whenever you care because you never know in this kind of thing happen. So if you have a packed up. Well before your infection. -- really unified steps and the game I would I would use the -- -- that -- to rebuild your machine. That that's great I mean it could cap -- that is is huge is that it is huge advantage is something we always recommend. That people do because these kinds of -- -- attacks are becoming much much more prevail. It -- it seems crazy that people would actually pay them money but people do. It. And a lot. But you now that you -- is to give them credit -- -- to do it exactly exact. Yet let me send you to check that let me send George and he'll have their address. Listen I'm really appreciated David we're gonna have to take the break we have to -- the news -- But I want Roland to stay on the on line and anybody else who is in question are or thank you are very thank you -- again very much David. Are very special guest Jason -- to stay with us now let's go to the newsroom and Chris Miller. Our guest today Jason Blacksburg -- cassava which is cyber security company helping us learn all kinds of things about. -- evil out they're trying to take over our lines are really appreciated the call from David and in my gosh -- money when an experience but he represents. On what your saying is a growing situation with these ransom where. Yeah and AD it's becoming very serious formal. It's it's beep -- he will start it. And was was much more prevalent in Europe. But it's kind of come over here. Now you can imagine it's it's one thing and it's terribly convenient if it's your own personal files photos and music and stuff. But imagine what would happen if one of these things came and -- your business. All your payroll for provoking attacks records all your chart oil it is it's just it's if you pay a huge role. So that just has to be better and better protection and awareness. But yesterday it -- and he's probably the the norm of somebody sees a it's time to update acts so you do it. Actually yeah actually what I would consider him part of the mortal and knowledgeable having running back and so like I think. What how. Happened though is he kind of get caught up in the moment all -- wanna watch it. YouTube video I need to update my -- so does seem like a normal course of action. But again it is just the kind of behavior. That these criminals are seeking to take advantage of it and it just goes to show -- is really nothing you can do on line. That you can't just step back for a second before you click on anything and say. Okay let me make sure what I am doing is supposed to be doing and we're going to supposed to be important. Good words. Roland you've been holding on thanks you Roland in Covington. Card -- it -- computer illiterates. But I am all computer and -- all want the ball she can hit about a call from her -- Play Xbox shoot edit edit page text box or more and they ran toward the gate should get knocked it. And -- general bought computer it would -- hood should my computer. Do you can build operate. Like that. Chance and and you've got true Xbox. Will treat you or like. Well let me preface by saying I've table is myself and they feel exactly the same way -- -- -- means there. But. I think you realize is that GDP. On line services lead the X boxes the the PlayStation services. They're out there contained what we would call walled garden kind of system meaning. People saw where -- you can wrong. On your Xbox is software that has been vetted and reviewed by Microsoft. So in many respects. The Xbox gaming platforms are a lot safer. Day in your home computing system because Europe -- personal -- you can basically go anywhere on the web download anything you want -- run. In the in the confines of the Xbox ecosystem. You can only -- where this has been preapproved by Microsoft. So. -- -- That's a patient could be a little maybe at least a week or. That. -- -- in my personal computer well. Liked the second part of my answer in that. Technically. It would be extremely difficult if not impossible for someone to make -- From your Xbox and then go in and in fact you're home computer how ever. These kinds of social mining techniques that we've been talking about being able to -- personal information being able to learn stuff. About people too. Send emails -- make phone calls and they. Friend of yours and in and just want to let you know that you know -- as a -- board or something along those lines. That is the very real risk. And so you have -- that the technical. And that the social kind of attack -- you are certainly susceptible. To gleaning information off the Xbox system I mean it happens it is the whole social. Aspect of gamers talking to other game. But a quick -- down to more. Educating and and talking your children and saying look there's just some things we -- share. You know and and stuff like that make it to be more and we behaviors so from a technical perspective. Know you're really opening yourself from danger from using the Xbox on the line. However from a informational prospectus from from allowing people to know more about your family potentially yes there's. -- And very very much for the call. I want to quickly move over to Richard in Baton Rouge had something on ransom where. You know and then -- like it won't help any original. Hello yes Richard. -- site. Picture that you might call my computer and check it would have been so. Ransom mortar is well at what are some proper credit card numbers in order to. Are correct the problem but I -- never do that like the other gentleman -- guard Greg just such an. It's -- a virus. Program on the computer. Market to Norton brought. -- awards held -- -- get my computer. Therapeutic throw them dignity don't do. YouTube videos or something like that. You know that this thing is -- kind of come from a million places probably the last place you really expect you might that have fallen victims one of these click jacking attacks. You may have inadvertently typed in the address wrong. And because a lot of a lot of this malware is delivered on sites that are registered -- names that are just ms. -- -- regular site so occasionally in my tight global G knows she'll leave not Google. And it might have been a site that has -- now this is in the right side but they can take advantage of the fact that that you went about on this site. Now the virus is is is terrific it's a must have you'd need to run it. But it's the very nature of many -- program. Is that it's reactive. Because he you know stands for what's known. And the big problem is that a lot of this software. Is developed. That -- And doesn't have what we would call signature which is binary representation of what the malware looks like which is what the antivirus program picked up on. This is good news pieces software. And happy antiviruses don't pick them up so they're they're important to have. Because a majority. Of the malware that out there is just kind of old -- used code because. Criminals well -- you know all that's more. There's a very small percentage were very support but do most of the part that's what they just kind of use stuff and hoping that people don't have any virus but. Just aren't running any any viruses not you know it is not a 100% of the guarantee. Right and what -- on the net -- also mentioned I've been getting lately. Messages from -- back page. These are answering local. What we need upstate new cartel and don't forget you and the -- but. Are. You aren't that that there are so it's so. Almost exactly the city and local it was the bag -- system. Really superior disturb -- Erdogan so democratic here apparently put. Yeah and you know it's it's amazing now to the degree. Of -- intensity they can pull these attacks on its feet. It in mind boggling which is like you know constantly say that. -- -- First and understand that there is no legitimate bank that would ever ask you a -- information. Cabrera and email and what what you what you you've got you work that you just throw all those -- in the trash is and it's so important. Cellular phone call. Or more realistically. Move they'll send you piece of mail. Any safer than that this is going to the bank. Except there. The market today is doing nothing nothing better than human human based based on. That is right Richard thank you very much vehicle we have to take a break toward -- wanted to stay with is someone hear your question will be right back with. -- Blacksburg. We're talking about cyber security. With an expert Jason Blacksburg and now let's go to our caller okay in Gonzales -- thanks for -- I don't -- thought that Turkey Mantilla. I don't collect on a my count and I couldn't be any shell out and you create is now. I've gotten into that now let them do everything. It now. And well into. Chemistry be debate. And I -- -- -- I can file or application not the -- Yeah you can Carol I've -- a five day an outline conscious ability. -- -- While yet that self went up without pain I AM. I am -- -- that sounds more like you know -- issue with this ball well I know. For the past few weeks they've been having it terrible trouble with their email system -- they do their recent updates. Upgrade. And some of the account information has been having some difficulties so. I wouldn't be surprised if you're not caught up in that kind of issue that there haven't. And I of course without -- email -- you can email them. Yeah but at at. So be you know your your other alternative might need to set -- even if temporarily. Another email account was another free services like Gmail. If only just to get in touch with. With Yahoo! and if they can help you fix that problem. Eight talent out let. I've never eating -- shell I need to shed happened lately like and -- me -- make true. Yeah I think unfortunately one of the designs of -- needs is that you know telephone support is quickly becoming a thing of the past and among the most if not all of these companies going to communicate with them via email. Which of course sets up for the interesting problem. When the problem here happening is that what can. -- and it is my -- Actually charity behind -- now 18. Well yes and the united tipping point to bring -- the -- they are and abandoning. Or -- -- their word retiree exe. And -- be fair. It's had a very good run it's been out there very long time. And it's just too. It's not it's not cost effective to continuously. Develops security patches for operating system that soul. Okay are they are retire. The the the operating system and no longer offering support now. The big question in the security community is is what exactly does that mean I mean Microsoft clearly cares about their reputation in the system that product. If some glaring flaw. Is discovered at some point in the future. Will Microsoft. Released an emergency patch. That's that's commendable we don't know right now because it's it's been a state of walk. However they are making it extremely attractive for people to move. Just the latest and the greatest. -- and where this nightmare. They definitely the new version of it today which which which really does address some of the usability. Issues tonight big enough not to Kendall windows eight debate that I've had troubles with -- -- The -- that very night though about windows. Is that he runs. Very well and very quickly. On a much smaller hardware so you don't need nearly as much memory or as powerful computer. -- you had to have in the past to get the same amount of work though. A lot now so there they're releasing now machines in the 200 dollar range which run. Windows eight faster than you know machines that cost a thousand dollars running XP. So if it making it that it changes in the in the in the state is a lot of benefits Q to the new stuff. Hope it works out for help you get on the other email to be able to email Yahoo! the most discouraging thing of all you're saying that. There's not going to be anybody's opinion the phone one day. And yeah so let us go. It's many people's fears and it's the wrong direction we need Dan we need decent human contact. Please everyone stay with -- we're not done with Jason green a Blacksburg we'll be right back. Learn something everyday and I certainly learned a lot from Jason Blacksburg tonight that as others. -- from him that question. Yes it -- in question in reference to fact or fiction. Out will be apple or Mac operating system compared GP bike -- -- arms so people sit. It is. Mike -- what our Mac or it can trouble -- pack your computer cheap by any Microsoft operating. Is it true or not Google. Well I would argue that it's not true. For a couple of reasons one is that there has been some substantial. Viruses released in the Mac world. That caused. Told them that it's. To. A lot of the vulnerabilities. And attacks that we are talking about a year. KGB. Whip entry which means it's more of a condition which browsers your running. Then it is. Depending on which operating system so there have been in and an enormous number of laws with the windows operating system there and flaws would be. It is Macintosh operating system I think if you look so in terms. Percentage of number of users. You know I don't know what the exact figures I think. That apple Ohio last or are Apple Mac collapse has two 4% and maybe 5% views of race. -- thank god we're out of time I'm so sorry. I wanna think Jason Plattsburgh -- our new best friend and I hope we'll have you back on many of the time should help so many thank you Jerry for calling we'll see you later.