Assuming my math is correct, this is the two-year anniversary edition of the newsletter. 52 weeks + 52 weeks = 104 weeks. Issue 104. Additionally significant because it means I haven’t missed publishing an issue for two years.
It’s said by Substack that if a publication can make it to the one-year mark it will have enough subscribers to transition to a paid newsletter. This may be true for newsletter writing about the cool topics of the day but I muse about cyber-financial crime and information security, so no wave of subscribers has come to the shores. I’m passionate about the subject matter and use the newsletter as a creative outlet not income. If you find me writing about Covid-19 conspiracies, MAGA politics, or environmental-justice activism, you’ll note my priorities have changed – and you should probably unsubscribe.
One good thing about covering a topic that doesn’t have a mass appeal is that I’ve had to hustle for every subscriber. You can’t believe how stingy people are with their email addresses and getting someone to transition from a casual reader to a subscriber is a major feat. An issue with hundreds of “reads” usually translates into only one or two new subscribers. The saying “you only get one chance to make a first impression” certainly rings true with newsletters where the best chance to gain a subscriber is at their first exposure. I work hard to make sure every issue is as good as the previous one because I need to convert that first-time reader to a subscriber – or it probably won’t ever happen.
Why are so subscribers so important? It’s how newsletters get ranked within the Substack system. Higher rankings raise the probability of being found through a search or being promoted by the service. It’s no different than the Youtube platform where every creator starts their video with “please subscribe, like, and ring that bell!”.
And while I don’t do this for money, fame, or even notoriety, it’s nice when someone recognizes the value of your product. Even after two years, I smile when receiving a new subscriber notification email.
Thank you for being here. Thank you for sharing. Thank you for subscribing.
I plan to be here every Tuesday morning for another 52 weeks. I hope you will be also.
Matt
Because it’s not a machine problem
Tessian released a 27 page report titled “State of Email Security 2022” and it’s definitely worth investing a few minutes to read it. Of note, is the finding that 60% of security leaders report advanced threats bypassed their companies existing email security solutions. Of course. Email security is largely a human problem and isn’t going to be solved by technology. It would already be resolved if the fix was machine and code. And to back up that belief, the report also reveals that 92% of organizations studied dealt with a data breach caused by an end-user email error. https://1670277.fs1.hubspotusercontent-na1.net/hubfs/1670277/%5BCollateral%5D%20Tessian-Research-Reports/%5BTessian%20Research%5D%20State%20of%20Email%20Security%202022.pdf
Fried dough is not hard
It’s a stretch to take anyone serious who choses a fried dough ball as their criminal moniker but Ramon“Hushpuppi” Abbas was very serious. Especially when it came to facilitating business email compromise fraud. Last week, the Nigerian man had a meeting with Judge Wright of the Central District of California and caught an 11 year prison sentence for his crimes. He was also ordered to pay more than 1.7 millions dollars in restitution. Abbas became one of the most notorious cyber criminals through his prolific use of social media to flaunt his wealth and ability to defeat law enforcement efforts to capture him. Game Over doughboy. https://www.justice.gov/usao-cdca/pr/nigerian-man-sentenced-over-11-years-federal-prison-conspiring-launder-tens-millions
IPFS is not Intergalactic
“Now when it comes to envy, y'all is green
Jealous of the rhyme and the rhyme routine ('tine)
Another dimension, new galaxy
Intergalactic planetary”
Pardon me, it’s not that often that I get to include Beastie Boys lyrics in the newsletter but the song immediately filled my head after reading how criminals are using the “Interplanetary File System” (IPFS) to facilitate fraud. IPFS is an emerging Web3 technology and the Talos group explains how it us being used to run phishing campaigns. (Excellent reading) https://blog.talosintelligence.com/ipfs-abuse/
Fighting Words
Elizabeth Warren, U.S. Senator for the state of Massachusetts, has called out Zelle and Wells Fargo Bank concerning their lackluster response to fraud. And she didn’t use soft language, accusing the companies of being “evasive”, “inaccurate”, and “misleading”. https://www.warren.senate.gov/oversight/letters/warren-calls-out-wells-fargo-and-zelle-for-evasive-inaccurate-and-misleading-responses-about-fraud-and-scams-on-zelle-calls-for-companies-to-publicly-release-all-data-on-zelle-fraud-and-scams
Financials targeted
Phishlabs reports “financial institutions were the most impersonated industry in Q3, accounting for 52.3% of phishing site volume. This demonstrates a more than 10% increase over Q2 and was the largest jump in activity among all industries.” https://www.phishlabs.com/blog/financials-see-increase-in-phishing-attacks-compromised-sites-lead-staging-methods-in-q3/
The Rest…
Mandiant takes a closer look at threat groups using Windows Credential Roaming. https://www.mandiant.com/resources/blog/apt29-windows-credential-roaming
The bad guys say they breached your network and want X dollars to keep it quiet. How do you know you’ve actually been breached? It’s a toss of the dice for small and medium businesses who lack a dedicated security team. Are you breached or in a high risk game of chicken with an extortionist? https://www.bleepingcomputer.com/news/security/new-extortion-scam-threatens-to-damage-sites-reputation-leak-data/
Flashpoint explains why Telegram is useful in open-source investigations. https://flashpoint.io/blog/why-telegram-is-essential-to-open-source-investigations/
Trendmicro highlights the four types of cybercrime groups. https://www.trendmicro.com/en_us/ciso/22/k/cyber-crime-group-types.html
Cool Job
Director of Fraud and Payments - Underdog Sports. https://boards.greenhouse.io/underdogfantasy/jobs/4122872005
Cool Tool
Explore other security focused newsletters curated by Tal Eliyahu. https://github.com/TalEliyahu/awesome-security-newsletters
Irrelevant
Most things in life are not distributed evenly.
The Pareto Principle suggests that in some cases, the majority of results come from a minority of inputs:
80% of a certain piece of software can be written in 20% of the total allocated time (conversely, the hardest 20% of the code takes 80% of the time)
20% of the effort produces 80% of the result
20% of the work creates 80% of the revenue
20% of the bugs cause 80% of the crashes
20% of the features cause 80% of the usage
This principle is also known as: The 80/20 Rule, The Law of the Vital Few, and The Principle of Factor Sparsity.
Legal: I am not compensated by any entity for writing this newsletter. Obviously, anything written in this space are my own nonsensical opinions and doesn’t represent the official viewpoint of my employer or any associated organization. Blame me, not them.