:: Cyber Security for Seniors ::

Wednesday, May 29, 2013

Windsor RCMP Issue Warning to General Public of Evolving Scam

WINDSOR, Ontario, May 29, 2013 /Canada NewsWire/ - The Windsor Detachment of the Royal Canadian Mounted Police (RCMP) is issuing a warning to the public with respect to a variation on a fraud, previously reported by the media and known as a "Letter Scam". This fraud has been prevalent in the Windsor area for a number of years however the RCMP has recently identified a new trend to this fraudulent activity.

A victim who resides in Essex County reported that they were recently defrauded of approximately $500,000.00. The victim reported that they had received a letter from a purported lawyer in Spain, who advised that a distant relative had recently passed away leaving a sizeable estate that was presently unclaimed. The deceased in the letter possessed the same last name as the victim and although they were unaware of any distant relative in Spain, they contacted the author of the letter and initiated negotiations for release of the funds.

The victim was directed, at first, to send small amounts of money to the lawyer in Spain in order to pay for back taxes and other fees blocking release of the estate. The victim was drawn into the scheme and soon began sending substantial funds to an overseas bank account.

The victim reported that during the course of the negotiations for release of the estate, they received a call from an individual identifying themselves as a RCMP officer. This individual advised that the victim was not being scammed and that enquiries revealed their situation to be legitimate. The telephone number on the victim's call display has been confirmed as the RCMP general enquiries telephone number in Ottawa. The investigation undertaken by the RCMP in Windsor has determined that this call was not made by the RCMP, but in all likelihood, a co-conspirator using a technique known as "spoofing" to reveal the RCMP telephone number and create the illusion of legitimacy.

The Windsor RCMP is issuing this media advisory to warn the general public of this illegal activity. If you have received a similar letter or know of someone who has, please contact your local police, the Windsor RCMP at 519-967-4353 ext: 255. If you are a victim or know a victim of this particular scam, please communicate this information to the Canadian Anti-Fraud Centre (CAFC) at 1-888-495-8501.

Friday, July 27, 2012

Data Breaches Are on the Rise: Be Prepared, Advises Equifax Canada

TORONTO, Ontario - July 27, 2012 - Marketwire - Identity thieves are constantly inventing more destructive ways to obtain consumers' personal information. Data compromise in both private and public sectors are on the rise, as evident in the recently announced Elections Ontario privacy breach.

While it is impossible to completely prevent identity fraud or theft, consumers can take preventative measures to reduce their personal risk and may consider placing a fraud prevention alert on their credit file. This preventive alert informs creditors that the consumer's personal information may have been lost or stolen and suggests that they validate that the credit application is legitimate. To place a fraud prevention alert on your credit file, call Equifax toll-free at 1-800-465-7166.

Consumers who are aware of potential threats, and who take preventive steps to protect their personal information are significantly less likely to become victims. In addition to placing an alert on your Equifax credit file, here are some of the easiest and most effective ways to combat identity theft:

...Review your credit report regularly - Check your credit report at least once a year. For your free report from Equifax, visit www.equifax.ca.

...Handle your financial accounts and transactions online - Consumers who frequently monitor their accounts online are most likely to uncover fraud the fastest.

...Check your bank, credit card or other financial account web sites for suspicious or unauthorized activity.

...Avoid mailing cheques to pay bills; instead pay bills online and take advantage of new remote deposit cheque imaging services and online banking sites. Install and regularly update firewall, anti-spyware, anti-virus and browser security software.

...Limit the information you share on social media sites - Consumers who have used social media tools for at least five years are twice as likely to be victims of identity theft.

...Never provide personal information unless you initiate the contact.

...Do not click web links when responding to e-mails or text messages, rather go to the site directly.

...Do not respond to automated phone messages or callers prompting you to dial a number or provide personal information to resolve a bank account issue.

...Shop on secure web sites - Online retailers should display an approved security symbol and the transaction should be conducted on an encrypted site.

...Reduce unnecessary access to your personal information wherever possible - Do not carry Social Insurance cards or unused credit cards. Be aware of your surroundings when transacting in public. Cover your keypad and any screens that display sensitive data.

About Equifax

Equifax is a global leader in consumer and commercial information solutions, providing businesses of all sizes and consumers with information they can trust. We organize and assimilate data on more than 500 million consumers and 81 million businesses worldwide, and use advanced analytics and proprietary technology to create and deliver customized insights that enrich both the performance of businesses and the lives of consumers.

Headquartered in Atlanta, Equifax operates or has investments in 17 countries and is a member of Standard & Poor's (S&P) 500® Index. Its common stock is traded on the New York Stock Exchange (NYSE) under the symbol EFX. For more information, please visit www.equifax.ca/reducefraud.

Tuesday, July 17, 2012

Commissioner Cavoukian investigates Elections Ontario's massive loss of voter data

TORONTO, July 17, 2012 /Canada NewsWire/ - Ontario's Information and Privacy Commissioner, Dr. Ann Cavoukian, is investigating a privacy breach at Elections Ontario involving the personal information of an unprecedented number of individuals - up to 2.4 million Ontarians.

On July 5, the Commissioner's office was advised of the loss of two USB keys containing the unencrypted names, home addresses, dates of birth, and gender, as well as whether or not the person had voted in the last election - all included on Ontario voters' lists. The Commissioner advised Elections Ontario to notify the public of this breach as soon as possible. An investigation was immediately launched, with the full cooperation of Elections Ontario, to examine how the breach could have occurred and the existence of privacy policies and procedures in place at the province's election agency.

The investigation is expected to be completed in several weeks, at which time the Commissioner's findings will be released publicly. As part of her report, the Commissioner will be providing guidance that organizations can use to limit the possibility of this type of breach happening in the future.

Commissioner Cavoukian Quotes:

"I am deeply disturbed that a breach of this extent, the largest in Ontario history, involving millions of individuals, could happen at Elections Ontario - the agency charged with protecting the integrity of our electoral process."
"Personal information is the currency in which Elections Ontario trades. It is my expectation that personally-identifiable information will not be stored on USB keys, laptops or other mobile devices - full stop. That is the message I have repeatedly given over the years. If it is absolutely necessary, to transfer personal information to a mobile device, it should first be de-identified or protected with strong encryption."
"Given the magnitude of this breach, impacting millions of Ontarians, the loss of electors' personal information will of course raise concerns of identity theft. Resources are available on my website, www.ipc.on.ca, to learn how to protect your personal information, and what to do if you become a victim of identity theft."

About the Information and Privacy Commissioner

The Information and Privacy Commissioner is appointed by and reports to the Ontario Legislative Assembly, and is independent of the government of the day. The Commissioner's mandate includes overseeing the access and privacy provisions of the Freedom of Information and Protection of Privacy Act and the Municipal Freedom of Information and Protection of Privacy Act, as well as the Personal Health Information Protection Act, which applies to both public and private sector health information custodians. A vital component of the Commissioner's mandate is to help educate the public about access and privacy issues.

Friday, June 29, 2012

Canada’s First Support Centre to Provide Resources for Victims of Identity Theft Launches with Events in Ottawa and Vancouver

Privacy Commissioner of Canada, Jennifer Stoddart Joins the Ottawa Event

OTTAWA June 28, 2012 – The Canadian Identity Theft Support Centre, a new, first-of-its-kind support centre dedicated to victims of identity crimes was launched today with events in both Vancouver and Ottawa. Canada’s Privacy Commissioner, Jennifer Stoddart, marked the occasion by delivering a statement at the Ottawa kick-off.

“Identity theft is the fastest growing crime in Canada and with this launch, victims can call into our Centre and receive guidance and support to help regain control of their lives,” said Kevin Scott, President of the Canadian Identity Theft Prevention Association. “Victims are typically left to figure things out on their own, which can take up to hundreds of hours and incur huge costs. We assist individuals free-of-charge, from start to finish in the process of identity recovery.”

In addition to a toll-free number and live, step-by-step support, the Centre provides online resources to help victims deal with the fallout of identity theft, ranging from credit and debit card fraud to wholesale takeovers of lives. The Centre also offers resources for individuals seeking information on prevention of identity crimes, and provides advice on protective measures that can reduce the risk of identity theft.

“Identity theft is a particularly troublesome crime from the victim’s standpoint, as they must first prove that they are not the fraudster,” said Sue Sproule, assistant professor, Brock University and Canadian expert on identity theft. “The Canadian Identity Theft Support Centre will provide much needed support to Canadian victims.”

Over the next two to three years, the Centre plans to grow its operations, offering services in multiple languages and creating satellite offices across Canada. The Center’s flagship ‘call-centre’ will provide free telephone support from expert case advisors who will assist Canadians from coast-to-coast and will specialize in assisting vulnerable groups, including seniors and youth. The Centre will also provide state-of-the-art online support in the form of interactive video presentations, online tool kits and downloadable ‘how-to’ packages.

“Anyone can become a victim of identity theft, and the Centre’s ultimate target audience is all potential victims – or in other words, all Canadians,” said Lindsay Lee, Director, Canadian Identity Theft Support Centre. “With more Canadians living on-line it is key for us to communicate on multiple platforms.”

The Canadian Identity Theft Support Centre is modeled on a similar U.S. organization based in San Diego, California. It is a non-profit organization with a wide range of expert knowledge and support from academia, the private and public sectors.

For more info on the Canadian Identity Theft Support Center – http://idtheftsupportcentre.org/

Friday, May 4, 2012

Canadian businesses missing important steps to protect personal information stored digitally, poll finds

Privacy Commissioner of Canada reminds businesses
that when using technology to safeguard personal information,
sometimes small steps can prevent a big loss.

OTTAWA, May 4, 2012 /Canada NewsWire/ - Canadian businesses are storing more and more personal information digitally, but many are not using the technological tools or implementing the recommended practices to protect this information, a new survey has found.

In a telephone survey of 1,006 companies across Canada, commissioned by the Office of the Privacy Commissioner of Canada (OPC) and published today, companies are storing personal information on a variety of digital devices, such as desktop computers (55%), servers (47%) and portable devices (23%). Most (73%) are using some type of technological tool, such as passwords, encryption or firewalls, to prevent unauthorized access to the personal information stored on these devices.

However, the survey also suggested that many businesses may not be adequately using technology when it comes to protecting the personal information they store digitally.

For example, passwords are the most popular technological tool used by businesses to protect personal information (96%). However, of those using passwords, 39% do not have controls in place to ensure that those passwords are difficult to guess, and 27% never require employees to change passwords.

"Using passwords is like locking your front door. They can be a very simple and effective way to protect valuable personal information," says Commissioner Stoddart. "But simply setting a password is not enough to thwart today's savvy online criminals—passwords must to be complex and dynamic."

The poll, conducted in late November and early December 2011 by Phoenix Strategic Perspectives, also found that nearly one quarter of businesses are storing personal information on portable devices, such as laptops, USB sticks or tablets, which are more vulnerable to theft and loss. Nevertheless, almost half of those who do (48%) indicated that they did not use encryption to protect the information on these devices. Encryption refers to the use of a secret code as a key to scramble information to make it unreadable. Once the information is scrambled, only the same key can be used to unscramble the information and make it readable again.

"Encryption is one step better than locking your doors - it is like putting information into a safe - and it can really help limit the risks if a laptop is stolen or a USB key is misplaced," says Commissioner Stoddart. "Businesses that lose their customers' data, lose their customers' trust, so they need to take every precaution to ensure they safeguard personal information they hold."

The survey did find that many Canadian companies attribute considerable importance to protecting privacy (77%).

"I am encouraged to see that companies are beginning to realize the importance of building privacy into their business processes," said Commissioner Stoddart. "Smart businesses know that taking the time to build privacy in from the beginning is much easier than cleaning up a privacy breach down the road."

In fact, survey responses seem to suggest that companies are becoming more sensitive to the potential for data breaches. Only 40%, however, indicated that they were concerned about data breaches that might compromise the personal information of their customers and 31% indicated that they have guidelines in place for responding in the event of a breach.

Other highlights of the poll include:

...One third (32%) of businesses have staff that has had training on appropriate information practices and responsibilities under Canada's privacy laws.

...Almost half (48%) of businesses have procedures in place for dealing with complaints from customers who feel that their information has been handled improperly.

...Just over three in five businesses have a privacy policy.

...The majority of companies that have a privacy policy update it at least once a year (57%) and of those that do, 35% have notified their customers about the changes.

...Many companies (39%) view protecting privacy as a competitive advantage, with 24% seeing it as a significant advantage and 15% a moderate advantage.

The OPC commissioned the survey in order to better understand the extent to which businesses are familiar with privacy issues and requirements, and the types of privacy policies and practices they have in place. Similar surveys were conducted in 2010 and 2007.

The complete survey, which is considered to be accurate to within +/- 3.1%, 19 times out of 20, can be found on our website at www.priv.gc.ca.

The Privacy Commissioner of Canada is mandated by Parliament to act as an ombudsman and guardian of privacy in Canada. The Commissioner enforces two federal laws for the protection of personal information: the Privacy Act, which applies to the federal public sector; and the Personal Information Protection and Electronic Documents Act (PIPEDA), which applies to commercial activities in the Atlantic provinces, Ontario, Manitoba, Saskatchewan and the Territories. Quebec, Alberta and British Columbia each has its own law covering the private sector. Even in these provinces, PIPEDA continues to apply to the federally regulated private sector and to personal information in interprovincial and international transactions.

Keep it private - your Facebook password should not be shared

Commissioner Cavoukian advises people to
protect their online social media profiles

TORONTO, May 3, 2012 /Canada NewsWire/ - Spurred by numerous recent media reports of employers requesting Facebook passwords from job candidates, Ontario's Information and Privacy Commissioner, Dr. Ann Cavoukian, launched a paper today to provide Ontarians with practical advice on how to protect their online privacy in the increasingly complex social media world.

Entitled "Reference Check: Is Your Boss Watching? The New World of Social Media: Privacy and Your Facebook Profile," the paper will be officially launched this evening in Toronto during a presentation by Commissioner Cavoukian at international law firm Baker & McKenzie.

"Passwords are meant to be kept private, and I want to be clear that the practice of employers requesting personal passwords from their current or potential future staff is fundamentally wrong," said Commissioner Cavoukian.
"Canada's human rights and privacy laws provide strong protections for job applicants when it comes to improper practices, such as employers requesting personal passwords. However, everyone using social media must remain vigilant when it comes to guarding their own personal information."

The paper offers true-to-life examples of improper practices by employers, provides context, and most importantly, offers practical tips to protect your privacy in today's constantly-evolving online world. Some of the issues covered in depth in the paper include:

...Think hard before you click;

...Review all the information about you that lives online;

...Remove potentially-damaging information & photos;

...Apply strong privacy controls to all of your personal information;

...Know your rights: employment, human rights & privacy laws;

...Build up a positive online social media profile.

"It is absolutely crucial to remember that anything you post online may stay there forever, in one form or another, so think carefully before you post," said Commissioner Cavoukian.
"With 86 per cent of Canadian Internet users having a Facebook profile, my sincere hope is that our paper will remind people to use social media sites wisely - posting information with their eyes wide open, and considering the potential risks to their employment - current and future."

"Job candidates should preserve their legally-protected right against what the courts have now labeled 'intrusion into seclusion'," agrees Mark Ellis of Baker & McKenzie. "As counsel to many of Canada's largest employers, we advise companies to respect the legal boundaries regarding investigation of any applicant. While an employer's review of outward-facing social media pages is proper and valuable due diligence, probing beyond the password-protected wall constitutes unwarranted invasion of privacy."

About the IPC

Thursday, May 3, 2012

Privacy Commissioner of Canada awards $500,000 to advance privacy research and awareness

Funding for 11 new independent research and awareness projects
which will explore emerging and evolving privacy issues

OTTAWA, May 2, 2012 /Canada NewsWire/ - The Office of the Privacy Commissioner of Canada (OPC) today announced the recipients of its 2012-2013 Contributions Program, which will provide $500,000 this year for projects that explore emerging and evolving privacy issues of interest to Canadians.

This year's projects touch on all four policy priorities of the OPC: 1) identity integrity and privacy; 2) information technology and privacy; 3) genetic information and privacy; and 4) public safety and privacy. For example, there are projects that focus on privacy issues related to social networking, cybercrime, surveillance, cloud computing, smartphone applications and cell therapy research.

"Technologies are advancing at an astounding rate, and it's essential that we take time to both truly understand and reflect upon their impacts on privacy," says Commissioner Stoddart. "By supporting privacy research, my Office is encouraging the exploration of complex privacy issues as well as the development of information and tools to help Canadians make informed decisions about protecting their personal information."

The Office announced the 2012-13 recipients today at its Pathways to Privacy Research Symposium at the National Arts Centre in Ottawa. The Symposium is showcasing privacy-related research funded by OPC's Contribution Program and other organizations to stimulate discussion and enable others to use and apply the research in their fields of expertise or areas interest.

The OPC is supporting a total of 11 projects in 2012-13 under the Contributions Program. This year, there is an emphasis on making the research outcomes accessible, and researchers will be using a variety of approaches, such as workshops, forums, web sites and tools, or awareness materials, to share the results of their work. Some examples of the projects include: A study of the privacy challenges emerging from innovations in cell therapy research;

...An analysis of the scope of voluntary information sharing by private enterprises in law enforcement investigations into cybercrime;

...The development of a series of in-depth news reports and other informational tools for French radio and web sites that provide practical information about protecting personal information;

...An interactive mapping tool to help Canadians better understand cloud computing and its impact on their personal information;

...An investigation of smartphone applications and the risks to end-user privacy.

...A report on the positive and negative privacy implications of using information technology in situations involving domestic violence, sexual violence and stalking.

A full list of the 2012-13 Contributions Program recipients and their projects is available on our web site.

The OPC received 45 proposals for the 2012-2013 Contributions Program. Each proposal was evaluated by representatives of the OPC, as well as an external peer review panel of privacy experts in various fields.

"It was wonderful to have the opportunity to review the interesting, innovative, and creative applications to the Contributions Program," says Dr. Jacquelyn Burkell, Associate Professor, Faculty of Information and Media Studies at the University of Western Ontario. "The research they outlined addresses complex aspects of privacy in our digital environment and will produce results that have important implications for Canadians."

The OPC's Contribution Program was created in 2004 to support arm's length, non-profit research on privacy, further privacy policy development, and promote the protection of personal information in Canada. To date, the Program has allocated approximately $3 million to nearly 90 initiatives in Canada, and it is considered one of the foremost privacy research funding programs in the world.