I spent three days this week enjoying the Intelligence Writing and Briefing Course (IWAB) instructed by the National White Collar Crime Center (NW3C) and I can’t say enough good things about this organization. I attended my first NW3C class somewhere around 2014 and have completed several of their courses since. They are second only to SANS when it comes to delivering education and training. I might even place NW3C higher since the classes are free. I would love to partner with them someday to make my plan for bringing cybercrime training to rural police agencies a reality.
They have completely nailed the online education format. I forgot I was using Webex the class went so smoothly. Enrollment is restricted due to the agencies charter but check out their course listings and see if you qualify. You won’t regret it.
Salmonella and Phishing are best avoided
Cybersecurity is like food safety says this author - and he’s not wrong! I love when people whose main job is something other than security and investigations offer thoughts on security and investigations. It brings fresh thoughts and perspectives which is something we desperately need in the field.
Be careful who you hang out with…
Choose your friends wisely, or in the case of business, choose your vendors wisely. Third-party risk is becoming a huge issue. You can do everything right and still get wacked due to the failure of someone else. Grocery giant Kroger Foods announced they have been compromised through they’re “trusted” vendor Accellion who they used for file transfer services.
The Accelion hack is a story of itself and has affected multiple vendors besides Kroger, including international law firm Jones Day, communications provider Singtel, and the State of Washington.
Everyone retires at some point
Security and crime journalists continue to hypothesize why the most successful and prolific marketer of stolen credit card numbers would shut it all down. On the run from law enforcement? Poor Health? Religious conversions? The writer of this article believes its because of the meteoric rise in the price of Bitcoin and estimates the Joker is currently worth more than 2.5 Billion dollars. The risk now outweighs the reward.
EFIN Scammers!
The Internal Revenue Service issued an alert to tax professionals concerning a new scam where fraudsters are impersonating the IRS to steal Electronic Filing Identification Numbers (EFIN). The latest phishing email says it is from "IRS Tax E-Filing" and carries the subject line "Verifying your EFIN before e-filing."
The Rest…
Ukrainian money-mule coordinator sentenced to seven year federal prison sentence.
The SANS Internet Storm Center issued a warning concerning an attacking targeting LinkedIn members. The attack involves an alleged “secure message” sent through the direct message function.
The U.S. Attorney for the Southern District of New York announced the arrest of six individuals for their part in a fraud and money laundering organization based in Ghana. The fraud schemes perpetrated by the group ran the gamit from romance scams, to Business Email Compromise, to Covid-19 relief fraud.
Kia Motors America gets ransomware causing a nation-wide outage for customers. The ransom demand is reportedly 20 million dollars.
A study conducted by Chainanalysis finds that just 270 Bitcoin addresses are responsible for 55% of all illegally transferred cryptocurrency.
The stupidest thing I read this week
A guy in New Jersey opted for a gasoline fueled fire to melt the ice and snow off his lawn. Setting his property on fire, most of the ice and snow remain, and now has a yard full of speedy dry.
Cool Tool
Melissa Property Explorer - Find out who owns that house!
“MAYBE YOU DON’T NEED MORE TIME. MAYBE YOU NEED BETTER FOCUS.” - someone smarter than me.
Thank you for opening this email. If you just browsed in on Substack, please consider subscribing.
Matt