Last week, the two-year anniversary issue of Tw/oB was published. Opens were off by about 20% which tells me something in the issue ran afoul of the email-gods and it was dropped with extreme prejudice. You can direct link to the issue at https://cyficrime.substack.com/p/threats-without-borders-issue-104.
Yes, the Elizabeth Holmes sentencing and FTX collapse is trending everywhere but I just can’t get interested in either story. Meh.
Sometimes the most interesting articles are the most modest. This short piece explains how to obfuscate URL’s by appending a decimal IP address. This is a really slick trick and something definitely to stay alert for. https://intarna.com/2022/11/15/url_obfuscation-with-decimal-ip-address/
And for something completely different: The absolute definitive list of apples. Everything you need to know about apples, ranked. Really. https://applerankings.com/
Happy Turkey Day!
PCI loves Acronyms.
The Payment Card Industries (PCI), Security Standards Council (SSC), has issued a new standard for mobile payment acceptance (MPA) on (COTS) - Commercial off-the-shelf mobile devices. They also introduce us to MPOC’s and SPOC’s. Acronyms Are Awesome (AAA) - Laugh Out Loud (LOL). https://blog.pcisecuritystandards.org/just-published-pci-mobile-payments-on-cots
More call back fraud
The FBI issued a notice through the Internet Crime Complain Center warning of an increase in “Call Back Fraud”. The scam starts with a phishing email or direct messages scaring the soon-to-be-victim into thinking they have been charged an outrageous fee for an unwanted subscription service. The only way to cancel the subscription, of course, is to call the specified “customer service” phone number where the overly friendly scammer is more than happy to victimize the caller. https://www.ic3.gov/Media/Y2022/PSA221110
Tis the season
Akamai has discovered a new phish kit that is designed to impersonate reputable brands and targeting shoppers looking for “holiday specials”. The unique thing about the attack is that each prospective target is directed to a unique URL with a specific HTML anchor. Akamai explains "In the context of a phishing scam, the value placed after the HTML anchor might be ignored or overlooked when scanned by security products that are verifying whether it is malicious or not." Tricky, Tricky. https://www.bleepingcomputer.com/news/security/phishing-kit-impersonates-well-known-brands-to-target-us-shoppers/
Refunding
This is my “must read” article of the week. Cybersixgill details how scammers are using “Refunding” tactics to defraud online retailers. These tactics include “Did not arrive”, “Empty Box”, “Wrong Item”, and “Boxing” scams. Nothing here is really new but the brazenness of the threat actors to openly discuss the methods is different for sure. Hopefully retail fraud-fighters are working to implement protections. https://news.cybersixgill.com/heres-how-scammers-commit-refund-fraud-to-steal-from-retailers/
Insider Threat-of-the-week
Showing, AGAIN, that no company, even those with really, really, big security programs, is immune from insider threats - Booz Allen Hamilton disclosed that a former staffer downloaded the personal information of “tens of thousands” of employees from the company’s internal network. The company attempted to calm employees by claiming “it is not believe that the individual intended to misuse any of the personal information in the report or to cause harm to Booz Allen employees” Ahh ok, but they could have, right? That’s the point. https://techcrunch.com/2022/11/18/booz-allen-employee-data-exposed/
The Rest…
Cofense details a phishing campaign abusing Microsoft customer voice services. https://cofense.com/blog/microsoft-customer-voice-urls-used-in-latest-phishing-campaign
Dragos is publishing a new blog series detailing best practices for OT cybersecurity of “undersized” organizations. https://www.dragos.com/blog/ot-cybersecurity-best-practices-for-smbs-new-dragos-otcert-blog-series/
Is there a solution for ransomware? https://techcrunch.com/2022/11/18/combatting-ransomware/
Cool Job
Senior Manager, Cybersecurity Operations - National Football League. https://hdmm.fa.us6.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX/job/220559
Cool Tools
A tool for every file and everything you ever need to do to a digital file. https://tinywow.com/
Handy online currency converter. https://apelsin.money/
Irrelevant
The Seven Levels of Busy. https://randsinrepose.com/archives/the-seven-levels-of-busy/
Thank you for opening this weeks email and giving Tw/oB a few minutes of your time. I especially appreciate those who have gone the extra effort to share the newsletter. Word of mouth is the best advertising you can buy!
See you next Tuesday.
Matt
Badger’s Law – “any website with the word “Truth” in the URL has none in the posted content.”