Identity Theft Is Easy Over P2P

Peer to peer file sharing is a great technology used to share data over peer networks. It’s also great software to get hacked and have your identity stolen.

Installing P2P software allows anyone, including criminal hackers, to access your data. This can result in data breaches, credit card fraud and identity theft. This is the easiest and, frankly, the most fun kind of hacking. I’ve seen numerous reports of government agencies, drug companies, mortgage brokers and others discovering P2P software on their networks after personal data was leaked.

The Register reports that a Washington state man has been sentenced to more than three years in federal prison after admitting to using file-sharing program LimeWire to steal tax returns and other sensitive documents. He searched LimeWire users’ hard drives for files containing words such as “statement,” “account,” and “tax.pdf.” He would then download tax returns, bank statements, and other sensitive documents and use them to steal identities.

I did a story with a Fox News reporter and a local family who had four kids, including a 15-year-old with an iPod full of music, but no money. I asked her dad where she got all her music and he replied, “I have no idea.” He had no idea that his daughter had installed P2P software on the family computer and was sharing all their data with the world. The reporter asked me how much personal information I could find on the P2P network in five minutes. I responded, “Let’s do it in one minute.”

There are millions of PCs loaded with P2P software, and parents are usually clueless about the exposure of their data. P2P offers a path of least resistance into a person’s computer, so be smart and make sure you aren’t opening a door to identity thieves.

Don’t install P2P software on your computer.
If you aren’t sure whether a family member or employee has installed P2P software, check to see whether anything unfamiliar has been installed. A look at your “All Programs Menu” will show nearly every program on your computer. If you find an unfamiliar program, do an online search to see what it is you’ve found.
Set administrative privileges to prevent the installation of new software without your knowledge.
If you must use P2P software, be sure that you don’t share your hard drive’s data. When you install and configure the software, don’t let the P2P program select data for you.
Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name.
And invest in Intelius identity theft protection. Not all forms of identity theft protection can be prevented, but identity theft protection services can dramatically reduce your risk.

Robert Siciliano, identity theft speaker, discusses P2P hacks on Fox.

Tags: fraud, hackers, identity, theft, anti-virus, breaches, card, cards, credit, criminal

Twitter Facebook

Comment

You need to be a member of Reviews, News, and How To Geeks to add comments!

Join Reviews, News, and How To Geeks

Comment by DTM on August 28, 2009 at 10:10am: I suppose it's possible some people are dumb enough to "share" and entire computer. Kids. This is where I run into the most trouble with repairs on customer machines as well.
Dan

Comment by Michael Wagner on August 28, 2009 at 9:13am: I think you are preaching to the Choir here. Most people in this group have above average computer/internet savvy.
The issues of p2p sharing of content can and has been debated here extensively.
You neglected to mention the "legal" p2p activities such as those in the open source community where development and applications files are shared regularly.
Your post seems more directed to the "typical" PC user. Posting it in this community of advanced usrs does nothing but spark controversy.

Comment by Robert Siciliano on August 28, 2009 at 8:54am: "This is the part(s) I was upset at. I knew very well where this post was coming from."

No, the posts entire motivation is personal security. It says nothing about illegal downloads. it just so happens that participating in the p2p environment is liken to stealing copywritten content in many cases. So if you want to ignore all the security issues, you still have the law to contend with if they every chose your IP to go after.

Comment by Snick on August 28, 2009 at 8:42am: Quote: "Robert Siciliano"
"otherwise for all those snarling at this post, good luck and all the power to your illegal activities. dont get caught, the fines are in the millions now."

This is the part(s) I was upset at. I knew very well where this post was coming from.

Comment by usr_local on August 28, 2009 at 8:34am: I totally agree with Snick. The vast majority of those have their data stolen, do not have their data secure. Who, with any knowledge of broadband, always on Internet access leaves their data lying around. I suppose it is the same parents who "have no idea" where the kids music come from. If I did not maintain security over my children on the internet, how can I possibly secure my private data.

Comment by Robert Siciliano on August 28, 2009 at 8:33am: launch your p2p and search "tax" you will see various people whose data is being compromised. The best advice for them, and most people is not to have it installed in the first place. whats my motivation here? to protect those who need protecting. otherwise for all those snarling at this post, good luck and all the power to your illegal activities. dont get caught, the fines are in the millions now.

Comment by Snick on August 28, 2009 at 8:25am: This article is completely bias.

All p2p ware is not bad - And it depends on how well you have your computer secured and the P2P configured to *if* someone could actually steal your information.

Just like any other software.

Just like when Firefox had a security breach like this, are you going to tell people don't install browsers too?

Comment by Robert Siciliano on August 28, 2009 at 7:35am: be nice system001. unfortunately its better to tell most people not to smoke crack than how to smoke crack. its just not good for you. most of the stuff downloaded on p2p today is illegal or has a virus.

Comment by krazdkiller on August 28, 2009 at 7:26am: the only clueless ones are the people who take their time to post articles like this, and do nothing to educate people on how to properly use p2p so their personal information cannot be stolen. you know that used correctly there is nothing wrong with p2p software. lockergnome was originally designed to teach people about how to use a computer, fix a computer, or use software, or fix software issues. it was not there to scare people away from certain types of software because they do not believe in it. would you also ban programs like messenger?