If you have an interest in this newsletter, then you are probably involved in the field of investigations or security. Specifically, the protection of financial assets or the investigation of those who steal financial assets from others through the use of digital technology. Obviously you are well versed in the mechanics of fraud and could “get away with it” if you would chose to turn to a criminal lifestyle. So why don’t you?
In my most recent writing, I apply a criminological theory of Gottfredson and Hirschi to cybercrime.
If you leave the front door open…
The news cycle over the past week was filled with talking heads terrorizing the citizenry with tales that hackers are going to kill us all by poisoning our water supply. Of course, that actually happened, or at least almost. But maybe the hacker isn’t the one to fear. A water treatment plant in Florida had their SCADA system breached and the attacker attempted to change the amount of lye distributed into the water. The investigation determined the plant was operating an unsupported version of Microsoft Windows, had no firewall installed, and the employees shared the same password for TeamViewer. Of course they were going to get compromised. Is it really a HACK if you leave the front door open?
Timely
Considering yesterday was Valentines Day. The Federal Trade Commission issued their findings that Americans lost a record amount of money to romance style scams in 2020. The agency recorded that fraudsters raked in over 304 million dollars in 2020 taking advantage of the lovesick. A key finding is that the use of gift cards to send the money increased by over 70%.
And in this corner…
Facebook and Proofpoint have ensnared themselves in legal drama over look-a-like domains. Proofpoint had been using domains such as instagarn(.)com and facebook-login(.)net to conduct phishing tests of their clients. Facebook moved to seize the domains under a UDRP action (Uniform Domain Name Dispute Resolution). I get the point the point Facebook, but Proofpoint is actually working to secure your business also! How about a compromise where Facebook owns the domains, but Proofpoint gets to use them for their exercises? Done. Watch the mail for my consulting invoice.
Focus your career
I’m always suspicious of these type of market analysis reports but this one is probably correct. Trends and analysis firm Market Research Future calls for the global OSINT market to grow at 17.4% CAGR (compound annual growth rate) between 2020 and 2026 and reach a market value of over 4 billion USD. This is obviously great news for those of us who already have some portion of our job assigned to collecting OSINT and a definite area of focus for those looking to get into the investigations field. The field is already moving from OSINT being a general investigator skill to a specific area of expertise.
The Rest…
A day late is better than never and ties in nicely with the FTC report linked above - Digital Shadows explained the dangers of looking for love online and how threat actors use dating sites to abuse you and steal personal data.
Just in time for tax season, the National Law Review published a reminder for employers about W-2 phishing scams.
Phishlabs details how they mitigated an attack group using fake social media pages to steal the log-in credentials of credit union members. The scam started though an SMS “smishing” attack that directed the credit union members to the page.
The United States Attorney’s Office for Maryland announced charges being filed against three Baltimore County men who created a website to sell Covid-19 vaccines. Obviously they didn’t have any vaccines and didn’t have any connections to anyone else who had vaccines. Maybe they should start a website design firm!
The Ohio Department of Job and Family Services received 140,444 new unemployment claims the week of January 31, 2021. That is a 194% increase from the prior week. They correctly presume that the majority of the claims are fraudulent.
Cool Tool(s)
Those of us who collect evidence from Internet sources utilize screen shot utilities everyday. They are necessary tools. Here are two of my favorites (depending on what operating system I’m running).
ShareX is the absolute best screen shot app for Windows. And it’s open source.
Flameshot is the go-to tool for Linux systems. It doesn’t have the prettiest user interface but it is extremely powerful and effective. It’s available through Snap and Flatpak.
Two housekeeping notes:
If you are reading this then your email system’s spam filter didn’t block delivery of the email. I am hearing that many systems are directing it to the spam-box upon receipt. If you know of a friend or colleague that has subscribed and hasn’t received an issue yet please ask them to check the spam-box.
The words that in bold text and underlined are links. You can click on them to link to the articles I referenced. And I code the links myself so they are (at least in theory) safe to click. My Substack stats show that many people open the email and never click a link - the links are kind of the point.
No, three notes: Please share!
Thank you for giving me a few minutes of your attention.
- Matt
“Time is more expensive than money, spend it wisely.” - someone smarter than me