When I speak to business groups I always stress the need for job rotation, particularly for employees that work in a financial capacity. Periodically, someone else should do someone else’s job. This usually occurs during a vacation and I advocate forced vacations for those that don’t use leave time. It’s a basic check and balance system. Everyone should be cross trained to do another employee’s job and should rotate into that role regularly.
And here is why: The U.S. Attorney for the Southern District or New York announced the indictment of a bank employee for a 1.7 million dollar fraud she perpetrated against her employer. From the press release “Between August 2008 and January 2021, AZIM, a long-time employee of a New York, New York-based bank (“Bank-1”) stole approximately $1.7 million from her employer. Over the course of approximately 12 years, AZIM executed hundreds of wire transfers of Bank-1 funds to co-conspirators and related companies, who then sent portions of the ill-gotten funds to AZIM’s personal bank account.”
And how was she caught? She got sick and someone else had to step into her role while she was out on sick leave. If only someone else would have worked her job at some other point before twelve years!
https://www.justice.gov/usao-sdny/pr/bank-employee-arrested-defrauding-her-employer-17-million
Stop, Drop and Roll
The article must be worthy if I’m linking to USA Today. The author writes about her mother falling for a tech support scam, and does a pretty good job with it. A security expert provides a great tip to help prevent online victimization “Whenever you’re in one of those moments where you think, ‘Oh my God, something terrible might be happening,’ stop what you’re doing. Drop the mouse, and roll your chair away from the desk.”. And then call for help. https://www.usatoday.com/story/tech/columnist/2021/04/09/how-tech-support-scam-stealing-seniors-including-my-mom/4834923001/
Not so crazy
At first this seems crazy but when you think about it, not so much. Yes, it’s crazy that this guy planned to blow up an Amazon data center to take down the Internet, but it’s not such a crazy plan when 70% of Internet traffic does actually flow through a single AWS data center in Ashburn, Virginia. Yes, AWS has redundancy, but for a few hectic moments, or even hours, eliminating that server farm would be hell on global business. Kudos to the FBI agents who conducted this investigation and made the arrest! https://www.bleepingcomputer.com/news/security/fbi-arrests-man-for-plan-to-kill-70-percent-of-internet-in-aws-bomb-attack/
Who’s preparing your taxes?
Do you trust them? Do you even know them? The U.S. Attorney’s Office for the Southern District of Illinois announced the indictment of a tax preparer who used his clients personal information to submit fraudulent Covid-19 relief loans, specifically the Paycheck Protection Program (PPP) and the Economic Injury Disaster Loan program (EIDL). https://www.justice.gov/usao-ndil/pr/suburban-chicago-tax-preparer-charged-covid-relief-fraud
There is a fine line…
Between entrepreneurship and fraud. Some sushi makers in San Francisco have thought outside the box to attract, errr steal, business by registering with food deliver apps as their more famous competitors. I guess from the consumer end, you’re still getting lunch, just not from the restaurant you though you ordered from. https://www.pymnts.com/news/retail/2021/fake-san-francisco-restaurants-trick-delivery-apps-customers/
The rest…
Did Facbook lose your data in their latest security incident? Find out at https://haveibeenzuckered.com/
And if Facebook didn’t lose your data, LinkedIn probably did. https://threatpost.com/data-500m-linkedin-users-online/165329/?mod=djemCybersecruityPro&tpl=cy
The “Golden Chickens” criminal gang is targeting professionals with fake job offers tailored to them based on information from their LinkedIn profiles. Be cautious of an email that offers you the exact same job title as listed on your LinkedIn profile. https://www.csoonline.com/article/3613878/top-cybercrime-gangs-use-targeted-fake-job-offers-to-deploy-stealthy-backdoor.html
Know your ports; Computer ports explained. https://www.digitaltrends.com/computing/pc-ports-explained-get-to-know-the-back-of-your-computer-2/
The FBI is concerned about scammers selling fake Covid-19 vaccination cards. https://pittsburgh.cbslocal.com/2021/04/06/fbi-issues-warning-surrounding-scammers-fake-covid-19-vaccine-cards/
Q Link Wireless, which has 2 million U.S. customers has been making sensitive account data available to anyone who knows a valid phone number on the carrier’s network. It’s isn’t a security glitch. It’s literally zero security. https://arstechnica.com/information-technology/2021/04/no-password-required-mobile-carrier-exposes-data-for-millions-of-accounts/
Cool Tool
Make yourself a gif, or jif, with with ezgif.com
“MOTIVATION COMES NATURALLY WHEN YOU ARE SURROUNDED BY AMBITIOUS PEOPLE.” - someone smarter than me.
Thanks for reading! Please consider sharing this newsletter with a colleague.
Matt