23 December 2011 – Experian, the global information services company, announces that it has acquired Garlik Limited, a provider of web monitoring services based in the United Kingdom.

Founded in 2005, Garlik helps consumers to protect themselves from the risks of identity theft and financial fraud. Through its main product, DataPatrol, Garlik captures and monitors information from a variety of sources across the wider web and social networking sites using its proprietary web-crawler technology. DataPatrol generates alerts when an online loss, disclosure or theft of consumer data is detected, and suggests next steps on how to respond to incidents before an individual becomes a victim of financial crime or identity fraud. Garlik provides services in the UK, US, Germany and Italy.

The acquisition of Garlik extends Experian’s presence in identity protection, consistent with Experian’s strategic goal to become the most trusted consumer brand for credit monitoring and identity protection services. It enables Experian to offer a more comprehensive identity protection product to its customers and clients, while accelerating plans to expand consumer protection services into new geographies. The acquisition will form part of Experian’s Interactive business.

At 31 December 2010 Garlik had gross assets of US$1m. Garlik was acquired from venture capital investors DFJ Esprit and Doughty Hanson, and the founding shareholders. The acquisition has been funded from Experian’s existing cash resources.

Contact

Experian
Nadia Ridout-Jamieson, Director of Investor Relations; +44 (0)20 3042 4215
James Russell, Communications Director, UK&I and EMEA

Finsbury
Rollo Head; +44 (0)20 7251 3801
Don Hunter

About Experian

Experian is the leading global information services company, providing data and analytical tools to clients in more than 80 countries. The Group helps businesses to manage credit risk, prevent fraud, target marketing offers and automate decision making. Experian also helps individuals to check their credit report and credit score, and protect against identity theft.

Experian plc is listed on the London Stock Exchange (EXPN) and is a constituent of the FTSE 100 index. Total revenue for the year ended 31 March 2011 was US$4.2 billion. Experian employs approximately 15,000 people in 41 countries and has its corporate headquarters in Dublin, Ireland, with operational headquarters in Nottingham, UK; California, US; and São Paulo, Brazil.

For more information, visit http://www.experianplc.com.

For the majority, Christmas is a time for giving, but many scammers increase their efforts around the Christmas period and see it as a chance to get hold of our hard earned cash.

We have picked out a variety of famous Christmas scams to give you guys a better chance of avoiding these nasty tricks.

Fake charity appeals
If you get an email asking for donations, apparently from a recognised charity, proceed with caution. Reputable charities never ask for money via email, so any website you are directed to will probably be designed to collect your personal and banking details. There are plenty of worthy causes to support this time of year, so make sure donations are going to the right ones. Whether giving online or through text messaging, thoroughly review the charity, look at the organization’s privacy policy and verify if it has appropriate security measures in place to protect transactions. To review charity evaluations, visit www.bbb.org/charity.

Wi-Fi Scams
Sitting in a coffee shop surfing the Internet is not always as handy as it might seem. Make sure the wireless network is password protected, or someone might just be using specialist software to gain access to your passwords and personal details. If you are logging in to email or online banking from an unsecured, public network, you are asking for trouble.

Themed attachments and ‘spam’
Unsolicited email should always be treated with suspicion, more so in over the Christmas season. Any email from a sender you do not know, and which asks you to visit a website or open an attachment is probably not the festive fun it claims to be:

• Ensure you have a spam filtering service active on your email account and if you do receive any spam mail, do not open any attachments or click on any links.
• Notify your contacts that your account is sending out spam messages and for them not to open any short, non-titled or unusually titled emails from you and to ensure that any spam emails they receive are marked as spam and then deleted.
• Ensure your anti-virus and spyware software is up to date and run a scan to check for any issues

Laptop theft
If you are going away for Christmas, lock away your laptop. If it is stolen, the chances are the thief will find a way to access your passwords and personal details, then have a merry old time spending your money.

“Smishing”
You’ve heard of phishing? “Smishing” is when a phishing SMS, or text messages, gets sent to your phone. “These texts appear to come from your bank or an online retailer saying that there is something wrong with an account and you have to call a number to verify your account information. In reality, these efforts are merely a ruse to extract valuable personal information from the targets,” McAfee says.

You should be extra vigilant over the Christmas period. If something looks to go to be true, it probably is. So make sure you carry out research before providing anyone with your personal or payment details.
Stay Safe & Stay Aware

This Christmas, sales of netbooks, laptops and tablets are set to outstrip sales of conventional PCs. The increased use of portable devices is providing scammers with a perfect opportunity to target users of public Wi-Fi networks in cafes, bars, airports and train stations. A common scam is to set up an open wireless access point that is designed to look like an official hotspot such as ‘BTOpenzone’, the cybercriminals then monitor all of the traffic coming through their access point, hoovering up any sensitive details they can.

If you are connecting to a Wi-Fi network, be especially careful that you select the correct network and do not allow your device to automatically find and log into nearby Wi-Fi hotspots.

Let us know if you believe you have fallen victim to this type of scam. Get in touch at support@garlik.com if you believe that your personal information may have been compromised, we can help!

Stay safe & stay aware

A compromised Facebook account not only leaves your own personal details as risk but also provides cyber criminals with insight into all of your friends’ personal details and activity. It’s therefore important to realise that if one of Facebook friends appears to have had their account hacked, that this could impact directly on you. Access to a Facebook account can provide an online criminal with numerous avenues to gain data and carry out fraudulent activities such as:

• Data mining for mobile phone numbers on account profiles;
• Collecting personal and private information to be used for phishing attempts such as the ‘Grandma Scam’ (in which a fraudster contacts older citizens pretending to be their grandchild in desperate need of money to help them out of a tricky situation);
• Using photos and other profile data to create fake profiles, tricking people into accepting friend requests so as to collect yet more data;
• Installing rogue Facebook applications so as to send spam and scam links to all of the friends on the account;
• Monitor status updates of friends to know where they are and when they are not at home.

Advice

It is all very well your friend notifying you that their Facebook account has been compromised, but this also puts you and your details at risk. You should pay careful attention to everyone on your friends list, if you see any name changes of suspicious activity, immediately perform the following actions to protect your personal information:

• If a Facebook friend’s account is sending out strange messages which look like spam and/or contain links, try to notify them of the situation by alternative contact details (email address, phone number), so they can take action to reclaim their account and mitigate the damage. Do not click on any links posted from their account! If you cannot contact the friend consider blocking or un-friending them;
• If the name changes on one of your friends’ Facebook accounts it might be worth looking into. Perhaps they genuinely prefer the name ‘Max Power’ but it could be a sign that the account is no longer under their control. As above, try to verify that it is in fact still your friend, if you cannot then you should block or un-friend this person;
• Report any fake profiles to Facebook – Do this by navigating to the offending profile, and clicking on the settings menu (the icon looks like a gear/cog) near the top right corner and click on ‘Report/Block’.

Let us know if you have fallen victim to this type of scam. Get in touch at support@garlik.com if you believe that your personal information may have been compromised, we can help!

Stay safe & stay aware

The Sun has revealed that millions of Xbox users have been hit by a phishing scam by cyber criminals. “In one phishing con, crooks sent emails to players directing them to bogus websites offering free Microsoft points that can be used to buy games.”

Users were then prompted to enter details that provided criminals with access to their online accounts and credit card information. Small amounts were taken over several weeks that were undetected by millions of users. “The average loss to gamers in 35 countries hit by the scam is around £100, but many lost £200.”

Advice
If you believe you have been a victim of this or a similar scam, we would advise that you use our online email checker to detect whether your email address has been compromised.

We would also advise that you immediately change the passwords to all of the online services you use. We advise that you use separate passwords for each site so if one is compromised, the fraudsters will not have access to all of your online accounts. There are free online password managers that can help you manage your passwords.

Cybercriminals often build well-known & trusted brands into scams in their attempts to trick computer users into giving money or divulging sensitive information.

We recently had a customer call us in relation to a telephone call from “Microsoft Tech Support”; they had identified that our customer had a virus on their PC and that they may have noticed that their computer had “slowed-down” and he was “experiencing unwanted pop-ups” when using the internet. Sure enough our customer had noticed that his PC had slowed down a bit and he was indeed experiencing many unwanted pop-ups.

It’s a pretty good numbers game for the scammers to gain the trust of the not-so-tech-savvy users, after all PCs do tend to slow down gradually over time & we all know how annoying those constant pop-ups can be whilst you are browsing the internet!

This scam has been doing the rounds for some time, however they it does still seem to be catching out many PC users. Microsoft state that they “will never send unsolicited e-mails or make unsolicited phone calls to request personal or financial information or fix your computer”.

Other Microsoft scams

• During activation of Microsoft Windows, a pop-up appears saying: “Microsoft requires credit card information to validate your copy of Windows”

Microsoft say: “At no time during the validation process do we request your credit card information.”

• E-mail messages claiming to be from Microsoft with attached security updates

Microsoft say: “Legitimate communications do not include software updates as attachments. We never attach software updates to our security communications. Rather, we refer customers to our website for complete information about the software update or security incident.”

• “You have won the Microsoft Lottery”

No, there isn’t a Microsoft Lottery.

Advice

If you are contacted from a company offering you a service or advice about a ‘problem’ they have been made aware of, you should take some time to research the company before providing them with any personal information or payment. For example, the Microsoft website states that; “ If you receive an unsolicited e-mail message or phone call that purports to be from Microsoft and requests that you send personal information or click links, delete the e-mail or hang up the phone.”

Some fraudsters will claim they are a limited company, if do, they should be registered with Companies House, the official government register of companies. If the offer is to buy or sell shares, they must be registered with Financial Services Authority (FSA) so it will be worth checking with these institutions.
Remember to only open emails and texts, or click on links from trusted sources. If you receive emails or text from an untrusted source, instantly delete them. To give yourself maximum protection from Malware ensure that you are regularly receiving Windows OS system updates and you have a valid anti virus software on your PC devices. If you are worried that you have opened an email like this, then run both a virus scan and check for updates in Windows updates.

If you have been a victim

You should also report similar emails to Action Fraud who provide a central point of contact for information about fraud. If you have received similar scams regarding Microsoft, you should report it to reportphishing@antiphishing.org.

We would also recommend that you visit the CIFAS website. “CIFAS Protective Registration is a service that enables individuals to seek protection against possible impersonation attempts when they have good reason to believe that their details might be used by a fraudster.”

Pop-up Blockers

Did you know your internet browser can block most of those annoying pop-ups? Some pop-ups will contain content that may lead you to untrusted sites that could put your computer and your personal details at risk. We would advise that you have a pop up blocker enabled to prevent the chance of online fraud.

Stay safe & stay aware

Facebook has announced that they will be adding two more password tools to its site in an attempt to boost security after growing concerns about the social networks privacy and security issues.

The two new features, Trusted Friends and App Passwords should become available to users in upcoming weeks.

Trusted Friends is a new tool to help users in case they get locked out of their account, Facebook’s security blog states; “you can now select three to five trusted friends who can help you if you ever have issues accessing you account”. “If you forgot your password and need to login but can’t access your email account, you can rely on your friends to help you get back in. We will send codes to the friends you have selected and they can pass along that information to you”

App Passwords is currently a feature in testing that will allow users to use app passwords for logging into third party applications. “Simply go to your Account Settings, then the Security tab, and finally to the App Passwords section”. It will enable users to “generate a password that you won’t need to remember, just enter it along with you email when logging into an application”.

Advice

Facebook users must be careful whom they chose to share their Trusted Friends codes with.

When you can’t log in, Facebook will send codes to 5 of the friends you selected. You will have to communicate with them in some way to gain the codes, however, you only have to enter 3 of the 5 codes. The only fault in this process that we can detect is that if one of the 5 friends asks for 2 of the codes from your other trusted friends they will be able to gain access to your account. It is therefore essential that you carefully choose your trusted friends and keep them to yourself.

Recent police statistics show that robberies involving knives has risen from 13,994 in the twelve months running up to June of last year to 14,980 in the following twelve months. This 7 per cent increase is being credited at the increase of smartphones such as Samsung Galaxy’s, iPhones and BlackBerry’s. The Association of Chief Police Officers (ACPO) suggests that the demand for personal data stored on the smartphones is partly to blame for the cause of the increase.

Jon Murphy – Merseyside chief constable states that; “The increase in robbery and robbery with knives is a cause for concern. We believe this is in part driven by demand for mobile phone handsets, which can fetch more than double their worth on the black market abroad.”
Smartphones now hold a variety of data other than just the owner’s contacts; files, internet history, email addresses, bank account passwords as well as other files and personal details can all be stored on the phones. The age and model of the phones are not important to ID thieves; however, the stored information makes them extremely valuable on the black market in Africa, China and Europe.

Our advice

• If you own a smartphone, ensure that you have a PIN or security passcode enabled. So, if the unfortunate event does occur, and your phone is stolen, the fraudster will not easily be able to gain access to your personal information;
• There are applications available for smartphones, i.e. MobileMe for iPhone that will allow you to remotely lock, wipe or locate your phone if required. (However, you should also look in to backing-up the data on your phone, you will be grateful you did if you do ever have to wipe your phone!);
• We would also recommend not selecting “keep me logged in” options for web services or apps. So, if your phone is stolen, the fraudster would not have instant access to your accounts. There are applications available to help you keep track of passwords such as KeePass or LastPass, which mean you will only ever have to remember a single password (remember though, that you should definitely not check the option to “remain logged in” or “remember my password” for a password manager!);
• We would also advise that you avoid storing sensitive information on your smartphone in notes or texts.

If you have been a victim of a similar crime

Please ensure that you report it to the police. There are also websites such as victim support who will help deal with the after effects.

We would also advise that you visit the CIFAS website. “CIFAS Protective Registration is a service that enables individuals to seek protection against possible impersonation attempts when they have good reason to believe that their details might be used by a fraudster.”

Stay Safe & Stay Aware

We reported earlier this week that research by CIFAS shows that 7% of the UK population have been victims of Identity Fraud. This week, HM Revenue & Customs (HMRC) has announced that six million taxpayers are eligible for on average, a £300 tax rebate. Internet fraudsters have seen this as a perfect opportunity to send out emails claiming to be HMRC and trick taxpayers into giving away their personal & financial details.

HMRC state that almost 24,000 phishing emails were reported in August alone, an increase of nearly 300 per cent compared to the same month last year. HMRC state that they “will never send notifications of a tax rebate by email, or ask you to disclose personal or payment information by email.”

Examples of known HMRC phishing emails can be found here.

What to do if you have received a suspicious HMRC email

If you do receive similar emails, ensure that you take the following actions:
• Do not click on any links included in the email;
• Check for HMRC related scam examples;
• Forward it to phishing@hmrc.gsi.gov.uk;
• Run anti-virus software to check for infections;
• Do not visit the website contained within the email or disclose any personal or payment information.

HMRC are currently helping to successfully shut down around 100 fraudulent sites per month. It is therefore essential that similar emails are reported.

What to do if you have already given your personal information

If you have already given any of your personal information, for example your HMRC User ID, password or National Insurance number, you should forward brief details to security.custcon@hmrc.gsi.gov.uk

We would also recommend that you visit the CIFAS website. “CIFAS Protective Registration is a service that enables individuals to seek protection against possible impersonation attempts when they have good reason to believe that their details might be used by a fraudster.”

The National Identity Fraud Prevention Week, launched by leading organizations such as the Metropolitan Police & CIFAS, runs from the 17th to the 23rd of October. Its aim is to alert consumers and businesses to the threat of identity fraud at home and at work.

Research carried out by Fellows, a sponsor of the campaign shows that 7% of the UK population have been victims of identity fraud, equating to over 4 million people. The average cost of these incidents to each victim is £1,190, but some individuals have lost up to £9,000.

Statistics from CIFAS, the UK’s Fraud Prevention Service, reported that the number of identity fraud cases declared to the authorities in the UK continues to rise, with over 80,000 reported in the UK so far this year.

The National Fraud Intelligence Bureau advice recently posted a fraud alert which highlights some main points of how to stay protected:
• Don’t get involved with or respond to unsolicited communication – email, telephone, letters;
• Never provide any personal/sensitive information as a result of emails or cold calls;
• If you ever do, run an Internet check on company names, telephone numbers, email address, etc.;
• When receiving correspondence from the police always check the email address finishes ‘police.uk’.

A guide of tips of how Individuals and businesses can prevent ID Fraud can be found here.

ID Fraud Victims

If you have been a victim of Fraud you should firstly contact Action Fraud. This is a service run by the National Fraud Authority – the government agency that helps to co-ordinate the fight against fraud in the UK.

We would also suggest CIFAS Protective registration. CIFAS is a service that enables individuals to seek protection against possible impersonation attempts when they have good reason to believe that their details might be used by a fraudster.

Stay safe & stay aware.