New case of identity theft – BSI in possession of 18 Million new accounts

The Federal Office for Security in Information Technology (BSI) has informed the press (in German) about a new case of identity theft. Also this time a lot of German users are affected, according to the source, more than 3 million email addresses. BSI is working with big telecom providers like Telekom, Freenet, GMX, Kabel Deutschland, Vodafone, Web.de in order to inform their customers that are affected.

For those that don’t want to wait for the official email coming from the above mentioned providers, BSI continues to support the website https://www.sicherheitstest.bsi.de where any user can check if his email address is affected by this incident.

The accounts were discovered as part of a police investigation and BSI assumes that the cybercriminals have used various sources to get access to the login data: infected computers that transmit the data to some servers in the world.

There are, however, other possible sources like phishing websites and social engineering schemes.

If you are one of the affected users, please take the following actions to make sure that you will no longer be affected:

- clean up your computer  using Avira’s PC Cleaner

More details about the PC Cleaner can be found in this TechBlog article: http://techblog.avira.com/2014/01/09/avira-pc-cleaner-a-second-opinion-scanner/en/

- Change all your passwords, especially those that were using the affected email address.

First, make sure you are still in possession of that email address. Try to login via webmail and change the password used to access the emails. If you can do this, means that you’re still owning that account. If not, try to recover the password and change the passwords as part of this process.

If you have used the email address to login to a website (e.g. Facebook, Twitter, Amazon, etc.) you must change those passwords as well, and make sure you are not using the same password used to access the email account. Here are good tips to create a good password.

- Use antivirus software like Free Antivirus and keep it up to date.

- Keep your system up to date because many viruses are making use of vulnerabilities in unpatched software

- Print these security tips and keep them at reach.

 

Avira has released recently its iOS security application which contains the feature Identity SafeguardAvira is the only security vendor to offer iOS users such a feature which ensures an individual’s personal email is not one of the 160 million that have been caught in security breaches in the last 6 months alone. Users can see if their personal identity details have been leaked in any security breaches, and an on demand scanner allows the user to scan their entire address book to detect any compromised contacts. If any contacts have been compromised, users can email any breached contacts directly to alert them about the danger. On average, between 5% and 10% of a typical user’s address book contains email addresses that have been compromised.

 

Sorin Mustaca

IT Security expert