The Risk Professional: How quickly do criminal gangs get their hands on data given to an insurance company?
Today is Monday. Last Tuesday our colleagues at the AML / CFT e-learning platform Quick To Learn More created a single use e-mail address for a specific client contact. One e-mail was sent from that address to that contact. Today she replied: but earlier this morning the mailbox received another mail: a spam offering sex treatment drugs.
Most Recent - This Section
The Risk Professional: Green Capital Consulting GroupThe Risk Professional: Is your data secure enough for the UK's ICO?
Media Release: Seminar : Anti Money Laundering requirements to affect all businesses
The Risk Professional: Money Laundering laws to apply to wider industry
The Risk Professional : FBI offers reward for information regarding kidnapped consultant
Most Recent - Whole Site
BizLawCentral: SEC issues procedings in huge South Florida Ponzi schemeThe Risk Professional: Green Capital Consulting Group
Legal Professional: Baker Mac lawyer guilty of money laundering and securities fraud
Sales and Marketing: shooting oneself in the foot
Business Crime: Dear Mrs Kate Dave: Yes, please. Send it now.
Most Recent - BankingInsuranceSecurities.Com
AML/CFT: a fraud of horrifying simplicitySanctions: USA PATRIOT Act designation 20120522
Sanctions: OFAC Update 20120515
Sanctions: OFAC update 20120508
Sanctions: OFAC Update 20120517
There are limited places that that single-use address can have leaked from: our own servers or our own staff or the insurance company's servers or their own staff.
We often use single use addresses and they do not collect spam during their relatively short lifespan. Therefore we are as certain as we can be that the leak did not happen here.
It's not the first time it has happened: a single use e-mail address handwritten into a government form has become a target for spam from all over the world.
A single use e-mail address put into a letterhead of a circular sent to the MDs of ten banks has also been deluged with spam.
The simple fact is that information leakage is rife.
Even from within financial institutions.
There is little that can be done to stop it save blocking access to data.
We suspect that the culprit in each case was a junior clerk given the job of opening mail or e-mail for his or her boss and simply copying e-mail addresses for sale to criminal gangs.
And that demonstrates that criminal gangs have their tentacles deep into financial institutions and government departments.
Small signs produce worrying results.
After all, if an e-mail address is so easily - and no doubt cheaply - traded, what level of confidentiality can be assured for lists of insured assets, for example?
Download PDF version of this page
