Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

9/17/2010
12:46 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

IID Helps Monster.com, Credit Unions Join Internet Fraud Alert Program

Internet Fraud Alert notifies organizations about fraudulent online activity involving their own stolen credentials

TACOMA, Washington - September 14, 2010 - IID (Internet Identity), a provider of technology and services that help organizations secure Internet presence, today announced it has partnered with the National Cyber-Forensics and Training Alliance (NCFTA) to join the Internet Fraud Alert program. Internet Fraud Alert is the only system of its kind that instantly notifies organizations about fraudulent online activity involving their own stolen credentials. As part of the partnership, IID will contribute malicious activity data to Internet Fraud Alert, and IID will assist existing IID ActiveControlT customers in joining the network at no extra fee to receive the latest alerts about compromised credential activity. Monster.com', BECU (Boeing Employees' Credit Union) and Yakima Valley Credit Union are some of the first IID customers to sign up to receive the alerts.

"Monster.com has an unrelenting focus on providing a secure and trusted experience for both job seekers and employers. We have made, and will continue to make, significant investments in data security and with IID we have yet another resource to ensure that we're doing our best to maintain trust with our users," said Patrick Manzo, Senior Vice President for Fraud Prevention and Chief Privacy Officer at Monster.com. "Internet Fraud Alert's real time reports will serve as a valuable supplement to our robust global threat monitoring program."

"As a not-for-profit, member-owned credit union, helping our members prevent identity theft is paramount," said Ken Kinloch, BECU Information Protection Officer. "Our participation in the Internet Fraud Alert program with IID is a continuation of our commitment to our members' security and will further enhance BECU's ability to protect our members."

"The safety of our members' financial and personal information is extremely important to us at Yakima Valley Credit Union," said Don Rowe, Yakima Valley Credit Union Network Administrator. "That's why advanced security measures are a top priority, and IID helps us give our members the safety and security they deserve."

Internet Fraud Alert was recently developed by Microsoft and the NCFTA - a nonprofit whose mission is to identify, mitigate and neutralize cyber crime threats in partnership with the private sector, law enforcement agencies, academics, and other groups. The alert enables reporting of suspected online fraudulent activity and offers a trusted and effective means of alerting service providers, retailers, financial institutions, social networking companies, government entities and more about compromised account credentials helping to diminish losses due to fraud. Once stolen data is reported, Internet Fraud Alert will match it to the institution that manages the account in question, sending a secure alert to the appropriate parties, who can then take action to protect their customers and mitigate the potential for future fraud or financial losses.

"By bringing IID on-board, we will be able to gain a wealth of vital data from one of the world's leading Internet fraud fighting organizations," said NCFTA President and CEO Ron Plesco. "In addition, IID's customers, which comprise many of the world's largest brands and hundreds of financial institutions, will have instant access to the Internet Fraud Alert, providing protection to the organizations and their customers."

Customers using IID ActiveControl will get instant access to their alerts. ActiveControl actively detects and blocks new malicious sites, emails and advertisements, and controls leakage of sensitive data - before these attacks can propagate, and before they can cause extensive damage to an organization and its stakeholders. By utilizing the Internet Fraud Alert network, IID's customers will have a new tool in their anti-fraud arsenal, receiving immediate reports of stolen debit and credit card information and compromised account access credentials.

IID will be using its ActiveKnowledgeT solution to relay data to Internet Fraud Alert. IID ActiveKnowledge provides a comprehensive, centralized and continuously refreshed list of the latest malicious (or compromised) IP addresses, domains, hostnames and email accounts - protecting an enterprise and its extended network of partners. The company will channel all stolen credential information it comes across during its normal Internet scanning operations and deep-dive fraud investigations to the Internet Fraud Alert system. This integration will ensure that all affected institutions, including IID clients, will receive the recovered data in real-time.

"By joining forces with a national crime fighting organization like NCFTA, we're able to help take the battle against cyber criminals to the next level," said IID CTO and President Rod Rasmussen. "This system is exactly what the market has needed for years to tackle the thorny issues around stolen credential remediation, and we are very excited to be able to assist our customers in joining the Internet Fraud Alert program."

More information about Internet Fraud Alert can be found at www.ifraudalert.org .

About NCFTA

The National Cyber-Forensics and Training Alliance was established to unite the technology industry, law enforcement, academia and private- and public-sector organizations to bring into focus the most significant online threats and identify the most effective and efficient early options for detecting and combating cybercrimes. A focal point of this project is the primary partnership established between the FBI, the NW3C, Carnegie Mellon University and West Virginia University. About IID

IID (Internet Identity) has been providing technology and services that secure the Internet presence for an organization and its extended enterprise since the company was founded in 1996. It recently started delivering the industry's first and only solution for detecting, diagnosing and mitigating domain name system (DNS) security and configuration issues for an organization and its extended enterprise. IID also provides anti-phishing, malware and brand security solutions for many of today's leading financial service firms, e-commerce, social networking and ISP companies, and more. The company is working hard to deliver solutions that help keep the Internet safe and trusted for businesses. IID is headquartered in Tacoma, Washington. More information can be found at www.internetidentity.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Look Beyond the 'Big 5' in Cyberattacks
Robert Lemos, Contributing Writer,  11/25/2020
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: I think the boss is bing watching '70s TV shows again!
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-26250
PUBLISHED: 2020-12-01
OAuthenticator is an OAuth login mechanism for JupyterHub. In oauthenticator from version 0.12.0 and before 0.12.2, the deprecated (in jupyterhub 1.2) configuration `Authenticator.whitelist`, which should be transparently mapped to `Authenticator.allowed_users` with a warning, is instead ignored by ...
CVE-2020-28576
PUBLISHED: 2020-12-01
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information.
CVE-2020-28577
PUBLISHED: 2020-12-01
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal server hostname and db names.
CVE-2020-28582
PUBLISHED: 2020-12-01
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal number of managed agents.
CVE-2020-28583
PUBLISHED: 2020-12-01
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version, build and patch information.