Identity Theft? That’s Been Outsourced, Too

There’s been a lot of attention paid to “pretexting”,the practice of posing as someone else in order to gain access to their personal data, lately in the wake of the HP scandal. However, a British TV program has shown that there’s more than one way to skin the identity fraud cat, as an undercover reporter was offered the personal details of 100,000 UK bank customers, stolen by offshore call-center workers.

The knee-jerk reaction is simply to point the finger at outsourcing and offshoring, but they’re largely irrelevant to the situation. Lax corporate security and indifferent attitudes towards data breaches certainly aren’t restricted to a particular country, industry or line of work, so the suggestion that banks and other companies that allow offshored workers access to personal financial information could simply solve the problem by bringing outsourced functions back in-house is inaccurate.

Quite clearly, many companies’ security policies are inadequate, unenforced or nonexistent, whether for in-house employees or external suppliers, and there’s currently little motivation for them to take the problem seriously. Whether data is kept internally or shared with offshore workers doesn’t really seem to matter — it doesn’t appear particularly secure either way.

No One Has Any Idea How Much Work Email Is Spam

Can we just say, for the record, that no one actually has a good handle on how much spam is out there? This is absolutely true when it comes to corporate email accounts.

In 2001, we had a report that said that only 21% of all emails were work related, with the rest being junk or personal emails… but a year later the story was that office employees don’t get much spam at work. Last year, a report came out saying that spam made up 33% of office email, which seems lower than the other studies (which also said another 25% of work emails were personal, and thus 42% — twice of that earlier study — were work related).

The latest such study claims a flip of that original stat: 21% of corporate emails are spam. So, basically, over the past few years, we’ve had reports of lots of spam and not very much spam at all when it comes to the office — suggesting that, frankly, no one really knows how much spam there is in the office. Also, to be honest, the aggregate number is pretty useless, as different companies (and different people within a company) probably face vastly different levels of “spam threat.”

So, rather than focusing on how much corporate email is spam, why not focus on how effective (or not) IT departments are at stopping the spam from those who are most targeted?

Hezbollah Hacked Israeli Military Radio

Newsday is reporting that Hezbollah was able to monitor secure Israeli military communications, perhaps using technology supplied by Iran, during the recent Lebanon war. A former Israeli general, speaking anonymously, called the results ‘disastrous’ for Israel. The story reports that an anonymous Lebanese source said that Hezbollah might have taken advantage of Israeli soldiers’ mistakes in following secure radio procedures. The radio gear uses frequency hopping and encryption.