Tuesday, February 20, 2007

What are you willing to pay for online security?

According to Trend Micro there are black market al a carte menus available for hackers to buy/sell our personal information. Here's what some are willing to pay for our 'private parts':
  • Trojan program to steal online account info: $980-4900
  • Credit Card number w/ PIN: $490
  • Billing data (SSN, address, birth date, etc): $78-294
  • Drivers license: $147
  • Birth Record: $147
  • SSN card: $98
  • Credit card number w/ security code and expir-date: $6-24
  • PayPal account uname and pwd: $6
What can we do and what are we willing to pay to fight this?

Here's a simple recommendation; If we aren't willing to use a crypto-card, or random password generator when doing online banking or accessing retirement accounts, we're part of the problem, not the solution.

Anything I have to do that absolutely, positively has to be secure involves an RSA secure ID. This little gem of device forces me to use a different, pseudo-random password every time I log on. It also makes it easier for me to remember my password, and not compromise security by writing down on a sticky note some reminder.

If we continue to ignore the price hackers are willing to pay for our private parts, we will continue to be a part of the problem, not a solution. Insist on the best of security when doing online banking. Ask your bank and retirement services to provide the best.

No comments: