Threats Without Borders - Issue 153
Cyber Financial Crime Investigation Newsletter, Week ending October 22, 2023
This image was was originally posted to LinkedIn and shared with me through email. I don’t know who took the picture or the young lady speaking but she is exactly right and it makes me so sad.
Kudo’s to her for putting it into writing and I hope the audience showed the appreciation she is due. And hopefully, law enforcement takes it to heart.
This space originally contained four full paragraphs interpreting this chart but I removed it because it’s worthy of more consideration. Comment below or reply back with your thoughts. Financial institutions should certainly have something to say about this because they bear the brunt of this failure.
Welcome to Issue 153 of the Threats Without Borders Newsletter.
News
Once again showing that every business is a potential target, the FBI has released a warning that cybercriminals are attacking plastic surgery practices in an effort to collect patient information. The obtained files are then used to extort the patients. I wonder if the extortion rate differs based on surgical procedure - $5000 for a nose job or $25,000 for a tummy-tuck. https://www.ic3.gov/Media/Y2023/PSA231017
Canadian journalist checked up on repair technicians at several prominent computer businesses and guess what - they snoop in places they shouldn’t. “CBC's Marketplace took smartphones and laptops to repair stores across Ontario — including large chains Best Buy and Mobile Klinik — and found that in more than half of the documented cases, technicians accessed intimate photos and private information not relevant to the repair.” Techs at nine of sixteen shops were caught with their hands in the cookie jar. https://www.cbc.ca/news/business/marketplace-tech-repair-snooping-1.7000775
The same hacker who leaked a trove of user data stolen from the genetic testing company 23andMe two weeks ago has now leaked millions of new user records. On Tuesday, a hacker who goes by Golem published a new dataset of 23andMe user information containing records of four million users on the known cybercrime forum BreachForums. Golem claims to have 300 terabytes of 23andMe user data. Just to be clear - a terabyte is 1024 gigabytes of data. Considering the 256GB iphone is the best selling - the attacker has 1200 iPhones full of customer data. https://techcrunch.com/2023/10/18/hacker-leaks-millions-more-23andme-user-records-on-cybercrime-forum/
Elastic Security Labs published their latest Global Threat Report. The reports claims to be derived from “more than 1 billion data points”. The authors use excellent graphics. https://www.elastic.co/pdf/elastic-global-threat-report-october-2023.pdf
The Attorney General of New York has accused three high-profile crypto businesses of lying to their customers. Crypto exchange Gemini, crypto lender Genesis and its parent company, Digital Currency Group, have been charged with causing a combined $1.1 billion in losses for hundreds of thousands of investors. The AG claims Gemini failed to alert customers to their risk exposure while Genesis and DCG failed to assess the quality of the loans it passed out. They then attempted to conceal losses incurred in mid-2022 when hedge fund Three Arrows Capital and another smaller counterparty defaulted on loans amounting to $1.1 billion. https://www.wired.com/story/crypto-gemini-genesis-dcg-sued-billion-dollar-fraud/
Guidepoint security released their 3Q ransomware report. Again, a great use of visual aids. https://www.guidepointsecurity.com/wp-content/uploads/2021/07/2023_Q3_GRIT_Ransomware_Report_Quarterly.pdf
Recorded Future also released an summary of the current state of ransomware. https://therecord.media/ransomware-tracker-the-latest-figures
Florida man, and woman, have been convicted in federal court for running a 93 million dollar home health care fraud. The details are so far fetched it makes you realize how broken our system is that something like this can happen. https://www.justice.gov/opa/pr/three-individuals-convicted-93m-home-health-fraud-and-money-laundering-scheme
Cool Tool
The Tor Project released Tor Browser 13 - a completely re-worked version based on the latest stable version of Firefox. https://blog.torproject.org/new-release-tor-browser-130/
Sometimes it’s faster to just read it - transcribe that Youtube video. https://aiscriber.io/
Cool Job
Financial Crimes Operations and Oversight Lead - Stripe. https://stripe.com/jobs/listing/financial-crimes-operations-and-oversight-lead/5285403?gh_src=73vnei
Scam Policy Officer - Citi. https://jobs.citi.com/job/-/-/287/56049897872?source=jb_indeedorganic
Irrelevant
Thinking of a new iPhone? The older one is probably good enough. https://9to5mac.com/2023/10/20/iphone-13-vs-15/
Thank you for reading the newsletter this week. I understand how limited your time is and appreciate that you gave me a few minutes of it! Comment by replying back to the email that delivered the newsletter or email cyficrime@substack.com.
Have a great week.
Matt
“FACTS DO NOT CEASE TO EXIST WHEN THEY ARE IGNORED.” - unless you work in higher-education.
Legal: I am not compensated by any entity for writing this newsletter. Obviously, anything written in this space is my own nonsensical opinions and doesn’t represent the official viewpoint of my employer or any associated organization. Blame me, not them.
Hey Matt you and the person that put the slide up about LE vs. Scammers is spot on. And Financial institutions should certainly have something to say about this because they bear the brunt of this failure. I work a number of scam cases as a Detective and I have to say these cases take alot of my time because of the bureaucratic BS we have to go through to get information about the scammer from FI's. In Massachusetts I have to write a search warrant for any information I want to receive from a FI regarding the scammers account. I don't understand why the investigators at these FI's can't just share the information with us through a secure portal. What happened to the doctrine of "the knowledge of one is the knowledge of all". I feel as tho the investigators at FI's are almost working against LE, making it so difficult to get simple information. We (LE and FI's) all know this person with a bank account is a scammer so let's work together to take them down!