Threats Without Borders - Issue 139
Cyber-Financial Investigations Newsletter - Week ending July 16, 2023
“Hey Matt I haven’t received your newsletter in a while did you take me off of the subscription list?”
I get some variation of this email every other week…sometimes every week. If you’re not getting the newsletter delivered to your inbox each Tuesday morning it’s not me…it’s THEM. Them being your email system.
Last week only about 50% of my subscriber list opened the email. Maybe the other half just decided not to. I get it, no hard feelings. But it seems more likely that most just didn’t get the email.
I publish on Substack because it’s convenient, writer focused, and free. It’s certainly not consistent. Several free-mail systems regularly drop Substack newsletters completely. Many enterprise-level email security scanners recognize newsletters as spam and direct the newsletter to the depths of the spambox. Some companies are blocking newsletters by default out of the belief that employees who are reading newsletters aren’t working.
What can you do? Include the email address of “cyficrime@substack.com” as an approved sender within your email service. If you find the newsletter in your spambox mark it as “not spam”. And if you are completely missing the delivery email Tuesday morning visit www.cyficrime.substack.com to read the latest issue and all back issues. (Click the No Thanks link to bypass the email submission box)
Posted without Commentary
Bank of America was caught fleecing customers and will now repay them 100 million dollars. And pay an additional 90 million dollars in penalties to the Consumer Financial Protection Bureau and 60 million dollars to the Office of the Comptroller of the Currency. https://www.marketwatch.com/story/bank-of-america-will-pay-customers-100-million-for-double-dipping-on-fees-and-opening-fake-accounts-will-you-be-one-of-them-d334ca07?rss=1&siteid=rss
Employee impersonates hackers to get paid…gets jail instead
A British company found themselves infected with ransomware…expected. Learning one of their own employees was soliciting the ransom payment - unexpected. The employee was part of the IT team investigating the incident. Realizing the opportunity, he acted as the attackers in an attempt to collect a ransom payment - from his own employer. The scam fell apart and now he’s going to jail. https://grahamcluley.com/rogue-it-security-worker-who-impersonated-ransomware-gang-sentenced-to-jail/
Government
A few months ago, I questioned the Government’s intent, and effectiveness, after the release of an updated National Cybersecurity Strategy. My doubt stems from, well, government. And proving my concerns were accurate - six months after the former National Cyber Director resigned …the position still hasn’t been filled. How is the government going to tackle the cybersecurity issue when it can’t even tackle it’s own managerial functions? https://www.scmagazine.com/news/leadership/coalition-presses-white-house-to-name-a-new-national-cyber-director
However…this article on the Federal News Network details a push from the White House to implement the National Cybersecurity Strategy regardless of leadership, or lack thereof. The strategy calls for 18 different federal agencies to run some aspect of the plan. How is all of that going to come together without a cohesive leadership plan…and someone being in charge? I suspect we’ll have 18 different implementations of the strategy that will eventually lead to infighting and quagmire. Government as usual. https://federalnewsnetwork.com/cybersecurity/2023/07/white-house-puts-national-cyber-strategy-into-practice-with-implementation-plan/
Is this right
I question the numbers in this report but can’t provide an alternative. Only 225 “financial organizations” have been victimized by ransomware since 2018? Worldwide…really? And their interpretation of financial organization is really expansive including accounting, credit unions, banks, debt collections, insurance, and investment groups. The information source is listed as Comparitech’s own ransomware tracker. Again I can’t provide numbers of my own, but 225 worldwide attacks over five years seems really low. Otherwise, it’s an interesting study and analysis. https://www.comparitech.com/blog/information-security/global-ransomware-attacks/
FCC Targets SIM Swaps
The Federal Trade Commission has proposed new rule designed to tackle the epidemic of SIM-swap attacks. The agency has created the “Privacy and Data Protection Task Force” to coordinate the effort. https://docs.fcc.gov/public/attachments/DOC-395019A1.pdf
The Rest…
Man gets 41 months in prison for scamming sixty-five senior citizens out of 1.5 Million dollars through various “grand parent scams”. C’mon - he should have at least got one month for each victim! https://www.justice.gov/usao-md/pr/florida-man-sentenced-more-three-years-federal-prison-his-role-scheme-scam-elderly
Avanan examines how the comment feature in Google Docs can be used for phishing and to launch BEC attacks. https://www.avanan.com/blog/more-phishing-with-google-docs
Group-IB released their annual risk report aptly called “Digital Risk Trends 2023”. The report examines the links between email phishing and financial scams. https://www.group-ib.com/media-center/press-releases/digital-risk-trends-2023/
Introducing “ShadowVault” infostealer attacking macOS. https://guardz.com/blog/guardz-uncovers-a-new-threat-targeting-macos-shadowvault/
Cool Job
Director of Casino Compliance - Pennsylvania Gaming Control Board. https://www.governmentjobs.com/careers/pabureau/jobs/4113936/director-of-casino-compliance-pgcb
Cool Tool
Complete end-to-end encrypted workspace hosted on IPFS - InterPlanetary File System (IPFS). Secure Mail, Drive, Pages, and Calendar from a privacy focused company based in the U.S.
Irrelevant
Shout-Out to Lauren G for directing me down this rabbit-hole.
Thanks for reading this weeks issue of Threats Without Borders!
Matt
“Consuming information won't make you smart, applying it will.” - nor will consuming information and writing about it.
Or - just forward it to someone. Sharing is caring.