First Take
Welcome! Thank you for giving me a few minutes of your attention.
The city of Franklin, Tennessee found themselves without $522,000 after the city treasurer fell victim to a Business Email Compromise fraud initiated through a spear-phishing email and sent the money away via wire-transfer. I took offense to the City administration attempting to place all of the liability on the employee when they shoulder half of the blame, probably even more. Read my full take and some BEC fraud prevention tips:
Phishing Works Because Management Didn’t.
Apple moves to private WiFi addresses
Apple has announced that devices running IOS 14, IpadOS 14, and WatchOS7 will use a different WiFi address, aka MAC address, aka device ID, for each WiFi network they connect to. An investigative technique to isolate, and identify, a roving suspect is to correlate specific acts to same device ID over several networks. Apple just made this much more difficult, if not impossible. The option will be on by default. Of course, Apple claims this is necessary to protect user privacy.
Feds investigate swatting attacks and get pedophile
A 22 year-old North Carolina man was sentenced to 95 months in federal prison for a series of attacks on schools and airlines. The feds also took offense to the 200 child pornography files found on his digital devices. Timothy Dalton Vaughn , who went by the web monikers “Hackers R Us” and “wantedbyfeds”, launched a series of swatting attacks and bomb threats against at least 86 school districts. 8 years isn’t long enough.
The bitcoin doesn’t exist. Really.
The back forth debate between economists and proponents of digital currency such as Bitcoin is that the digital assets don’t really exist. It’s all virtual not really backed up by anything tangible. Kinda like the U.S. Dollar right? :)
In this fraud case, prosecuted by the U.S. Attorneys Office for the Northern District of West Virginia, the currency literally didn’t exist. No bitcoins, no value, no nothing. A Pennsylvania man created a false Kraken Exchange account statement showing he possessed bitcoin worth $640,000,000. Yes, 640 MILLION dollars. Go big or go home! He successfully used that statement to obtain a $500,000 loan from a community bank.
You know the rest.
Be generous…be cautious
The National Philanthropic Trust estimates that 30% of all charitable giving occurs in the month of December. The reasons are obvious. Unfortunately, fraudsters are also aware of this also and opportunistically use the holiday season to take advantage of our humanitarian nature.
The website www.charitynavigator.org is a fantastic resource you can use to check the authenticity of any organization claiming to operate as a non-profit charity. The site offers the ability to quickly confirm the legitimacy of the charity and review their financial accountability and transparency score.
Not only should you ensure the entity is a legitimately registered charity, but also that it doesn’t exist solely for the benefit of it’s employees. Red flags should go up when you see an organization spending more on administration than on programs.
The Rest…
TrendMicro explores the problem of threat actors weaponizing open-source software. Adding malicious code to widely used free and open sources tools makes their attacks less obvious. Seeing Notepad.exe auto starting on your system is ok, right?
Shaking My Head. This brilliant fellow used synthetic identities to buy everything from cars to cosmetic surgery. Yes, cosmetic surgery for himself and another. You went into a medical facility and had surgery! How do you think you will not be caught?
The Federal Trade Commission really does try to keep the public informed about the dangers of fraud and identity theft. They publish a regular blog where they provide prevention tips and highlight current fraud schemes.
Kaspersky predicts Cyberthreats to Financial Organizations in 2021
When Shaquille O’Neal is making a commercials, he has time to give financial advice. And it’s good. “Don't always try to go for the quick money scheme,” O’Neal said. “Every time I made an investment based on: ‘I was going to double or triple or quadruple my money,’ I lost every time.”
Cool Tool
Carrot2 Search - This search engine categorizes the returns into groupings. Try it!
Cool Job
Technical Investigations Analyst - SpaceX
You’ve stuck around to the end. Thank You. If you like what you see, please consider subscribing or sharing!