Certain sectors are profiting from the recession. As these companies increase in value, so does their stock. Payday lenders, pawn brokers, collectors and low cost outlets are several of these industries. Several investment advisers are pushing them over other industries which have been more worthwhile in the past. Quick installment loans may be what you want at this time.

Economic climate isn’t getting better

There was a rise in unemployment to 9.2 percent in June. This was bad for many stocks. There has been an increase in the number of people living below the poverty line to one in seven which is the highest it has been since 1994. For two months in a row, there has been a decrease in consumer spending. At this time, the economy isn’t doing well at all. Nobody knows when it will get better either.

Tough economic climate means more money

Several businesses benefit from bad times. There has been a large boost in shares for discount outlets, collectors, pawnbrokers and payday loan lenders. And while that may raise ethical problems for a few, stock brokers are recommending buying shares from several of these companies.

David Rosenberg works as an economist at Gluskin Sheff which is a money management firm. He said, "People are broke. They're all chasing value. It's a seismic shift in mindset."

Huge increase in stock in just a year

Stock buyers were told in June to start seeking out Ezcorp (EZWP) stock by Sterne analyst John Coffey Jr. Average earnings in the last five years have been substantial. There has been a 48 percent increase total in stock. By one 3rd, the stocks were worth more than their cost, Coffey said. They would most likely climb in the near future. Now, the stock is double what it was just a year ago. It went up 7 percent in just hours after he made that suggestion.

Payday lenders are increasingly becoming a good investment. In the last year, the price of stock at Advance The United States Cash advance Centers (AEA) has doubled. Cash America International Inc. (CSH) is up 64 percent from a year ago.

Worthwhile for debt collectors

It is also true with other companies. This involves any with financial hardship. When compared to last year, the San Diego based Encore Capital Group (ECPG) profits are up 59 percent. This is despite the truth that the business has faced class action lawsuits in several states concerning its debt collection practices.

The opinions vary

Many professionals believe that it isn't that safe to invest in these kinds of companies. The chances the stock will increase are the same chances it will fall. Individuals may end up less financially stressed if the economy would recover. Then, stock in these corporations would drop. The businesses will not get as much traffic if the economy gets any worse either.

Articles cited

Huffington Post
huffingtonpost.com/2011/07/10/payday-lenders-pawn-shops-stocks-economy_n_894047.html

Cox
cox.com/myconnection/kansas/today/news/finance/article.cox?moduleType=apNews&articleId=D9OBNCT81

According to a recent report from Verizon, data breaches are on the rise. There were 760 data breaches recorded in 2010, compared to 140 breaches in 2009. However, there were approximately four million records stolen in 2010, as opposed to 144 million stolen in 2009.

This means there were fewer large-scale data breaches compromised of multimillions of records, and many more data breaches that compromised fewer records at a time.

Criminals have shifted their focus away from large corporations that have implemented multilayered security measures to protect mass amounts of data, and are now targeting smaller companies with smaller databases, who have yet to implement strong security measures.

Verizon’s study further shows that in 2010, 92% of data breaches were external hack attacks, a 22% increase from 2009. Nearly 80% of the stolen data was accessed via malware that gave attackers back door computer access.

This shift from bigger to smaller breaches may also indicate that hackers are realizing that big breaches get more attention, and therefore increase their chances of being caught. Furthermore, a breach of 100 million credit card numbers might be discovered quickly, and all those credit numbers would immediately be cancelled. A breach of just 10,000 credit card numbers would be more likely to stay under the radar, meaning those cards would remain active for longer.

There are now multiple breach lists, and not all define a data breach the same way. According to the Identity Theft Resource Center, there were at least 662 data breaches in 2010, which exposed more than 16 million records. Nearly two-thirds of breaches exposed Social Security numbers, and 26% involved credit or debit card data.

The ITRC elaborated, “Other than breaches reported by the media and a few progressive state websites, there is little or no information available on many data breach events that occur. It is clear that without a mandatory national reporting requirement, many data breaches will continue to be unreported, or under-reported.”

Identity theft can happen to anyone. McAfee Identity Protection, offers proactive identity surveillance, lost wallet protection, and alerts when suspicious activity is detected on your accounts. McAfee Identity Protection puts victims first and provides live access to fraud resolution agents who work with the victim to help restore their identity even from past theft events. For additional tips, please visit http://www.counteridentitytheft.com.

Robert Siciliano is a McAfee consultant and identity theft expert.

As part of the Dutch National Cyber Security Strategy that was launched earlier this year, one of the two new entities has officially been stood up. On June 30th of this year, Dutch minister Ivo Opstelten (Ministry of Security and Justice) officially installed the Cyber Security Council. The council will be advising both government and private parties on relevant developments in the area of digital security.

The council will make a priority of IT threats, will look into the necessity for further research & development and will investigate how this knowledge is best shared between collaborating public and private parties. The council will also expressly look to basic values such as the importance of privacy or fundamental rights such as freedom of speech and gathering of information. The foundation of the advice the Council will supply will lie in public-private risk assessments. The first threat analysis in the area of Cyber Security will be expected in October this year.

According to this government publication (warning, Dutch) the Cyber Security Council has been assembled based on balancing the public, private and scientific community with a broad spectrum in relevant Cyber Security issues and angles. It will feature a dual chairmanship. The Council currently exists of the following members:

• Eelco Blok, co-chairman of the Council, CEO KPN;
• Erik Akerboom, co-chairman. National Coordinator for Counterterrorism
• Harry van Dorenmalen, on behalf of the IT suppliers, chairman IT~Office and Chairman IBM Europe
• René Steenvoorden, on behalf of the major IT end users, chairman CIO Platform and CIO Rabobank
• Frank Heemskerk, on behalf of the end users and SMEs, chairman of the ECP-EPN Supervisory Board and member of RVB Royal Haskoning;
• Ben Voorhorst, on behalf of the vital infrastructure, operational director Tennet and member of RVB Tennet;
• Professor Corien Prins, Tilburg University;
• Mark Dierikx, DG Energie, Telecom and Competition, Ministry of Economic Affairs, Agriculture and Innovation;
• Mark van Nimwegen, Board of Prosecutors General, cyber crime portfolio holder;
• Professor Michel van Eeten, TU Delft;
• Major General Koen Gijsbers, Chief Director Information Provision and Organisation, Ministry of Defence;
• Professor Bart Jacobs, Radboud University Nijmegen;
• Ruud Bik, KLPD Chief Constable;
• Jan Kees Goet, deputy Head AIVD;

The installation of the Cyber Security Council acts as a prelude to the investment of the National Cyber Security Centre, which is to be made operational on January 1st, 2012. The NCSC is to be the operational centre of knowledge and expertise brought together by a collaboration between the public and private sector. Though it is absolutely a positive development that the Cyber Security Council has been made operational so quick, it is sad that the Dutch government did not provide a public course for other interested parties to participate. Obviously the first batch of members have been hand-picked and as such it could hardly be called a democratic process. Let us hope that this is changed rapidly so that parties with more experience in Cyber Security and Cyber Warfare can also start assisting the Dutch government.

All merchants who accept credit cards are now subject to strict Payment Card Industry standards, rules, and regulations, which require a level of security that took about five years to finally implement.

PCI exists to increase credit card security and, among other goals, to stave off government intervention. While significant effort has been made to improve the security of credit card data processing, adequate attention has yet to be given to the identification, authentication, and accountability of cardholders.

For consumers, the primary concern is account takeover. Account takeover occurs when your existing bank or credit card accounts are infiltrated and your money is siphoned out. A hacked account or stolen credit card is often to blame.

InformationWeek reports that according to a new Ponemon Institute survey, “50% of security professionals view PCI as a burden, and 59% don’t think it helps them improve security. Furthermore, comparing this study with the inaugural one conducted in 2009, the number of respondents who said they had sufficient resources to comply with PCI dropped from 40% to 38%. Ponemon also found that the number of organizations that had experienced a data breach in the past two years increased from 79% in 2009 to 85% in 2011.”

Retailers who invest in device fingerprinting and device reputation make it much easier to identify bad guys during purchases, making those stolen credit card numbers way less valuable to thieves. By instantly evaluating a device’s history for criminal activity and assessing risk on new devices within a fraction of a second, retailers can stop fraudulent transactions before the order is accepted and product shipped.

Robert Siciliano, personal security and identity theft expert contributor to iovation.

Second-hand ticket retailer viagogo has revealed that scam artists that have been selling fake tickets are collectively reeling in just over $4 million a month, or $49 million a year.

Viagogo found that more than 67,000 fake music festival tickets were sold last year. In 2011, that number could reach 100,000. Most of this scamming occurs during the summer, the most popular season for concerts.

Ticket scams have been occurring for years. When a ticket is nothing but a piece of paper with a barcode that is scanned at the gate, counterfeiting is child’s play. Some events provide wristbands to ticketed attendees, and these wristbands can also be easily faked.

Watermarks and other security features make tickets a bit more difficult to recreate, but these low-tech methods of determining a ticket’s authenticity are often lost on the general public. The victim only realizes the scam when he’s denied entry to an event.

Avoid scalpers, period. Unless you know them personally, just buy tickets at the venue’s window. When purchasing tickets online, stick to legitimate websites. An online search will probably turn up plenty of options, but only buy from familiar, trusted brokers.

Scam artists often take advantage of online ticket companies by buying up blocks of tickets with stolen credit cards, either to counterfeit or simply to overcharge the public.

Fortunately, some ticket brokers have deployed device reputation, which allows them to uncover computers or other devices responsible for fraudulent activity or exhibiting suspicious behavior at the point of sale, and deny transactions from these devices. This kind of visibility gives ticketing services businesses a powerful advantage. More than ever, they can easily identify the scam artists where they’re coming from.

Robert Siciliano, personal security and identity theft expert contributor to iovation.

Earlier this week news broke of Google's interruption of a large-scale phishing expedition, which alluded to some state involvement of China. This inspired a host of experts to write about it and J Oquendo's article on InfoSecIsland inspired me to write mine. In his article mr. Oquendo asserts that its remarkable (read: stupid) that US officials still seem to be using commercial email services such as GMail for exchange of security sensitive and sometimes mission-critical information, instead of using the available high-security services offered by the US Government that they should be using. In this day and age, with a nearly constant barrage of security breaches in the news, people don't seem to be getting any more aware of security issues.

In the area of User Security Awareness, things aren't improving at the pace they should. The Internet (and related technology) is not New anymore. While the usage of internet technology has grown exponentially over the last decade, its users have not grown much wiser in terms of security. Largely this is because the common online populace simply does not see the danger in having their online identities compromised; its too abstract a notion for most people. Until the very real and practical downside of getting compromised hits them on the nose, they won't care. There is a whole industry revolving around protecting you and recovering you from identity theft, and that is both a blessing and a warning. The many problems a person can experience from being a victim of Identity Fraud can take years to resolve. Years during which you are most likely to have bad credit (even when the bank knows you've been victimized!) or even be in debt for thousands of dollars for purchases you have never made. Living through such an experience is probably a real eye-opener, but we can hardly put everyone through such an ordeal just for security's sake.

Provided all your friends would actually listen to sage advice, what would you even tell them?

The answer to that question gets harder every year, because criminals get craftier all the time. A few years ago, you could tell your friends not to open attachments from people they don't know and they'd be safe. These days you'll receive your dose of malware from people you do know, packed in emails that look increasingly like something they could actually have sent you. Even in my native language (Dutch) every year more malicious email finds its way to my inbox. The first few were poorly written, the authors probably used basic online translation software, but this too is changing. Soon you won't be able to distinguish malware based solely on poor grammar anymore. Regardless, delivery by email is hardly the biggest problem these days. What about drive-by-infections on the web? All you have to do is do a Google search on images and you can get infected just by looking at the results because the malware is embedded in the images you see. No longer can you stay safe by just staying away from 'bad online neighbourhoods' because online crime has long since made its way to cyber-suburbia.

The solution to our security problems will have to come from a variety of efforts. Firstly user education is obviously very important and should start at the earliest opportunity. Educating kids in school is probably a good idea, but we have to make sure that their learning material is updated constantly or the effect will be minimal. I see a strong role here for Governments, with help from the corporate world such as Microsoft, Cisco or McAfee to name but a few. A second angle issecurity enforcement in software products and online services. To use Google as an example once again: You can now choose to use two-factor logins rather than a simple password. This would seriously reduce the success of several angles of attack such as brute-forcing or phishing, but at the cost of being slightly more inconvenient to the users. It is my opinion that we should accept this inconvenience sooner rather than later, because the damage of not doing so is simply too great. Another good example is Microsoft Windows' use of local Administrator rights; I believe that they should find ways to copy the Linux security model so as to lessen the attack surface for malware.

Thirdly, I believe that more efforts should be made to lessen the incentive to commit cybercrime. Currently this type of crime is far too lucrative and the risk of getting caught are absolutely minimal. And its easy to learn! An especially important effort here is for the banks that offer Credit Card services (Mastercard, Visa, American Express etc). The credit card system is insecure by design and this should be changed. What is most frustrating is that the credit card companies have long since assessed the situation and have found the answers. However, the cost of implementing the necessary changes is considerable and do not actually increase profit for the banks. This is why they do not get implemented. By making banks responsible for returning stolen money (think fraudulent credit card charges) to fraud victims, it was hoped that banks would be forced to make changes. What it actually did was move the damage from the consumer to the retailer because the banks would simply revoke payments to the retailers, in the end barely touching the bottom line of the banks. Status quo was returned and criminals are still getting their loot.

A fourth angle ties into lessening the incentive: increase the chance of getting caught when committing cybercrime. Several nations have stiffened sentences for cybercrime, but studies show that sentencing barely reduces crime rates. What does affect crime rates is the chance of being caught. This is especially true in such a cross-border legal nightmare as cybercrime, where international borders mean nothing and everything depends on nations working together to fight the crime syndicates. Luckily, more and more cooperation is seen on this front. Virtually every conference on cyber security will host speakers of law enforcement to regale you with their international successes, and this is a good thing! Give these people the limelight so that they have more incentive to continue. Kudos, after all, are often a currency on their own.

There are probably many more methods to increase cyber security. The trick is not only to find them, but to implement them. Our future online security will depend on bold men taking action - not on bending to inconvenience.

Crossposted from ArgentConsulting.nl