Those of us in Pennsylvania celebrate our state holiday on Thursday.
Those of us in Pennsylvania celebrate our state holiday on Thursday.
Yes, Thursday is Groundhog day and that ornery old rodent will come out to predict the weather for the rest of the winter season. Of course, it’s been a pretty fair winter so hopefully he'll just keeps his mouth shut. Other than the obligatory chomp on the hand of his handler.
For those of you not hip to the joke in the first two lines, there is a classic movie about the annual Pennsylvania event starring Bill Murray where he relives February 2 over, and over, and over again.
Cybercrime investigators and cybersecurity practitioners live their version of the Groundhog day loop. Month after month, year after year, the attacks and schemes are the same with only victim names changing. “Yes ma’am, I’m absolutely positive that Dunkin Donuts is not paying people to wrap their cars to look like a chocolate frosted donut”. “No sir, the local electric utility does not accept Google Play gift cards as payment”. “So, all of your business records were stored on that single computer and you have no backups?”.
Phishing, Business Email Compromise, Scareware, Ransomware, Romance Scams, malicious insiders… it's an endless loop where the participants change but the story is always the same.
I’ll make my own Groundhog day prediction about cybercrime.
I’ll make my own Groundhog day prediction about cybercrime.
I’ll make my own Groundhog day prediction about cybercrime…
Two wrongs…
The combination of two wrongs, the Darkweb and fake money, don’t make a right. Security and Darkweb monitoring company Cybersixgill reports a 91% increase in the offerings of counterfeit U.S. currency on underground web markets. Interestingly, they conclude that 10% of the sellers are responsible for 80% of the listings. https://news.cybersixgill.com/dark-web-market-counterfeit-currency/
No No RMM
The Cybersecurity & Infrastructure Security Agency (CISA) and partners released a warning notice concerning the criminal use of remote monitoring and management software (RMM). Most of you will recognize this type of software as the brand names of Connectwise, AnyDesk, or TeamViewer. To be clear, these tools have very legitimate purposes and make thousands of businesses more productive everyday. Unfortunately, they have been co-opted by criminals to conduct fraud, including refund scams where they trick the victims into installing the software onto their computer and then remote in to access banking information. https://www.cisa.gov/uscert/sites/default/files/publications/aa23-025a-protecting-against-malicious-use-of-rmm-software.pdf
They made a phone?
For those of us a bit long in the tooth, we remember when the most coveted tech gadget was the Blackberry Bold. Yes, Blackberry is the original smartphone. Now they are fantastic security company. Talk about a metamorphosis. The company just released their first Global Threat Intelligent Report and it’s really well done. One important point made by the report is that no platform is safe from attacks as the company identified an abundance of malware for the “immune” MacOS operating system. https://www.blackberry.com/content/dam/bbcomv4/global/pdf/0408-Threat-ReportV17.pdf
Back to bingo
A church congregation in Elkin, North Carolina, spent “years” raising the funds to pay for the construction of their new sanctuary. Unfortunately, church staff fell for a business email compromise scam (BEC) and wired away $800,000 to the unknown attackers. Back to Saturday night bingo and Easter pie sales for these poor souls. https://www.pennlive.com/news/2023/01/n-carolina-church-says-it-lost-nearly-800k-in-email-scam.html
No truer fraud than this
Promising a shot of that wicked-cinnamon-oh-it-burns Fireball whisky and then delivering a "malt beverage with natural whisky and other flavors and caramel color” is an unforgivable fraud. A true bait and switch says the filers of the class action lawsuit against Fireball maker Sazerac Company and claim the company has done them irreparable harm. The parties esophaguses claim otherwise. https://text.npr.org/1151955120
The Rest…
Checkpoint Research’s Q4 brand phishing report. https://blog.checkpoint.com/2023/01/23/brand-phishing-report-q4-2022/
Bitwarden users under attack. https://www.bleepingcomputer.com/news/security/bitwarden-password-vaults-targeted-in-google-ads-phishing-attack/
Cool Job
Regional Field Investigations Manager (Delaware) - M&T Bank. https://mtb.wd5.myworkdayjobs.com/en-US/MTB/job/Millsboro-DE/Regional-Field-Investigations-Manager_R49433
Cool Tool(s)
Claims to be the ultimate OSINT search tool. https://cylect.io/project-anthony-ultimate-osint-tool
Listen to music from 14, 018 radio stations. https://www.internet-radio.com/
Irrelevant
Everything you ever need to know about the Apple iPhone. Everything. https://www.theiphonewiki.com/wiki/Main_Page
Super long technical geeky read
This is from October of last year but I just consumed it. Mandiant details the Caffeine “Phishing-as-a-Service” platform. So easy a (script) kiddie can do it! https://www.mandiant.com/resources/blog/caffeine-phishing-service-platform
Thank you for opening the email and making it this far down the page. You’ve gone father than most. Welcome new subscribers! Thanks for signing on. Bonuses have been suspended but I’m working on some freebies and maybe a few coupons.
Matt
The Wadsworth Constant – the first 30% of any video can be skipped because it contains no worthwhile or interesting information.
Legal: I am not compensated by any entity for writing this newsletter. Obviously, anything written in this space is my own nonsensical opinion and doesn’t represent the official viewpoint of my employer or any associated organization. Blame me, not them.