I’ve thrown some bombs on LinkedIn over the past two weeks, one of them being this post:

Can we stop using the term “Pig Butchering”? It’s terribly demeaning and insulting to the victims. You are essentially comparing the victim to a fat stupid animal that was too stupid to realize it was being led to the slaughter. How about we just call it was it is - Romance fraud or Investment fraud?

I received mostly positive feedback, but also a few dissenters through both public post and DM.

The one thing all of the dissenters have in common is they have linked the topic to their personal brand. They are actively publishing on the issue, doing press sessions, and/or are speaking about the topic at industry events. It’s hard to change your lexicon after you’ve committed to it on a national stage. I get it. But after 25 years in this business, 24 in law enforcement where I dealt with the fall-out of victimization everyday, I understand the importance of getting victim-care right.

And comparing your victim to a fat, dirty, stupid, slaughtered animal is not the way to do it.

Collective Liberty is an organization dedicated to fighting human trafficking. They have also recognized the devastating effects of long-term, relationship-based, financial fraud and are fighting to rebrand it as “Financial Grooming”. They rightly call out the term pig butchering as dehumanizing and traumatic. Using the term only further traumatizes the victim.

I invite you to review Collective Liberty’s efforts on the issue: https://collectiveliberty.org/blog/is-financial-grooming-formerly-pig-butchering-a-violent-crime/

https://collectiveliberty.org/

It’s a shortened newsletter this week as I’m at Keystone Konnection, the training conference sponsored jointly by the Delaware Valley and Pittsburgh Metro Chapters of the International Association of Financial Crime Investigators. Please say Hi to me if your in attendance - I’d love to meet you. If you’re not attending - I’ll expect to meet you next year!

P2P fraud to the moon

Do you know the difference between a credit push payment and a debit pull payment? Yeah, I didn’t either until I read this PYMNTS article. You’ll also learn that Peer-to-Peer (P2P) payment fraud is skyrocketing. https://www.pymnts.com/digital-payments/2023/fighting-faster-payments-fraud-comes-down-to-technology-and-education/

Regulatory Smackdown

The Federal Reserve Board issued their official review and findings of the Silicon Valley Bank failure. And it’s crushing. The quick and dirty was expressed on the first page of the report:

1. Silicon Valley Bank’s board of directors and management failed to manage their risks.

2. Supervisors did not fully appreciate the extent of the vulnerabilities as Silicon Valley Bank grew in size and complexity.

3. When supervisors did identify vulnerabilities, they did not take sufficient steps to ensure that Silicon Valley Bank fixed those problems quickly enough.

That’s about as damning of an indictment as you can have for those who work in financial industry risk and compliance.

Read the entire 118 page report: https://www.federalreserve.gov/publications/files/svb-review-20230428.pdf

More BEC

The Internet Crime Complaint Center counted a 43% increase in reported Business Email Compromise attacks from 2021 to 2022. Since BEC attacks are specifically crafted for a single recipient they lack general indicators that get them flagged by email security tools. Phish Labs examines some BEC trends already coming to light in early 2023. https://www.phishlabs.com/blog/top-tactics-of-bec-attacks-in-2023/

And while we’re on the topic

Arctic Wolf examines why Ransomware and Business Email Compromise remain the top attack types. Ahhh… maybe because they work? https://arcticwolf.com/resources/blog/why-ransomware-and-business-email-compromise-remain-top-attack-types/

An ounce of prevention…

IBM Security released their annual “Cost of a Data Breach Report” for 2022 and guess what? It’s really damn expensive. Don’t take my word for it…read the report. https://www.ibm.com/downloads/cas/3R8N1DZJ

Covers a lot of ground

Feedzai released a report titled “ The Human Impact of Fraud and Financial Crime on Customer Trust in Banks” and it covers just about everything. Seriously, I don’t what type of survey they used to collect all of this information but they cover it all. The report claims the company surveyed 4000 adults in the United States and the UK. 77% of the surveyed claims they will leave their bank is they don’t get their money refunded when they fall for a scam but only 53% say the bank should reimburse them if they fall for a scam. OK. https://feedzai.com/aptopees/2023/04/Feedzai-The-Human-Impact-of-Fraud-and-Financial-Crime-on-Customer-Trust-in-Banks.pdf

Subscribe to Threats Without Borders

Cool Job

Fraud Risk Strategy Manager - Members 1st Federal Credit Union https://recruiting.ultipro.com/MEM1003MFCU/JobBoard/07ce95a9-7cc1-4159-a8e6-dcd9c4547c9f/OpportunityDetail?opportunityId=ca1ef145-9767-4351-9f07-071e2b6eea2d

Cool Tool

Find emails by company. http://www.skymem.info/

Irrelevant

The American press is the worst. No really. https://thehill.com/opinion/international/560480-us-finishes-dead-last-in-media-trust-among-46-countries-heres-why/

Thank you for reading this weeks issue. Today is National Teachers Appreciation Day so take a moment and say hey to that special teacher in your life. It’s also International Scurvy Awareness Day so eat an orange and give thanks that you have healthy gums.

Matt

“IF YOU FIND YOURSELF IN A HOLE, THE FIRST THING TO DO IS STOP DIGGING.” - Meh, I find it’s better to keep digging until the shovel breaks.

Share Threats Without Borders

Legal: I am not compensated by any entity for writing this newsletter. Obviously, anything written in this space is my own nonsensical opinions and doesn’t represent the official viewpoint of my employer or any associated organization. Blame me, not them.