Threats Without Borders - Issue 174
Cybercrime Investigation Newsletter, Week ending March 17, 2024
While developing my Cybercrime Investigation class, I became interested in the Space Transition Theory (STT), proposed by Dr. K. Jaishankar in 2008.
The STT suggests that people who suppress their criminal tendencies in the physical world may resort to acting out online, where they can easily hide their true identities and escape punishment. This theory emphasizes that criminal behavior is not limited to a specific space and can easily cross into the digital world.
A critical feature of STT is its recognition of the ever-changing nature of the digital world. Unlike physical spaces limited by geographic boundaries, the online environment allows offenders to operate intermittently and avoid conventional surveillance and punishment. This poses significant challenges for law enforcement agencies and cybersecurity professionals responsible for preventing and addressing cybercrimes. Wow, that sounds like an excellent concept for a newsletter!
The rapid advancement of social media, online marketplaces, and emerging trends like the Internet of Things and artificial intelligence present new areas for cybercriminals to exploit. STT underscores the importance of adaptive cyber security strategies that evolve alongside these technological developments, ensuring the protection of individuals and organizations from emerging threats.
The theory is built on seven postulates:
Individuals with repressed criminal behavior in physical space have the propensity to commit crimes in cyberspace.
Cyberspace's characteristics, such as identity, flexibility, dissociative anonymity, and lack of deterrence, give offenders the choice to commit cyber crimes.
Offenders’ criminal behavior in cyberspace is likely to be imported into physical space, and in turn, their behavior in physical space may be exported to cyberspace as well.
Offenders intermittently venture into cyberspace, and the dynamic spatiotemporal nature of cyberspace provides the chance to escape.
Strangers will likely unite in cyber space to commit crimes in physical space. Associates of physical space are likely to unite to commit crimes in cyberspace.
People from a closed society are more likely to commit crimes in cyberspace than those from an open society.
The conflict of norms and values of physical space with the standards and values of cyberspace may lead to cyber crimes.
Learn more about the theory at: https://www.jaishankar.org/theory.html
Some News…
This NPR reporter found that cyber-criminals are exploiting the information of minor children. What? No! Identity thieves have been targeting minors for years…so I’m not sure why this is a story. Of course, reporters need something to report, and no expert will ever turn down an interview, regardless of how recycled the topic is. https://www.npr.org/2024/03/12/1237497833/students-schools-cybersecurity-hackers-credit
Checkpoint Research explains how scammers use Paypal’s own tools to commit fraud through Venmo. The fraud is hard to detect because the email, invoice, and all links are sourced from PayPal. https://blog.checkpoint.com/harmony-email/phishing-through-venmo/
I like this take on turning the tables on threat actors through a practice the authors have coined “persistent engagement.” The authors surmise that “through persistent engagement, defenders can be proactive rather than reactive and pursue points of origin well before threat actors strike.” https://www.c4isrnet.com/opinions/2024/03/12/persistent-engagement-is-best-defense-against-nation-state-adversaries/
I apologize for linking to Vox, ugh. This article is well-written and insightful. Chief Garcia of the Dallas (TX) Police Department is a bit too kind in his speech, but he’s also in the political spiderweb. Overall, he adequately describes the current state of police investigations and the effects of the anti-police movement. https://www.vox.com/2023/12/23/24012514/police-crime-data-solve-rate-eddie-garcia-today-explained
Inky reveals how legitimate tools are being used to create complex phishing attacks. https://www.inky.com/en/blog/fresh-phish-leveraging-legitimate-adobe-and-constant-contact-tools-in-a-multi-layered-phishing-attack
A recent study concluded refund fraud cost retailers 101 billion dollars last year. The figure includes multiple forms of fraud, such as sending back clothing after it’s been worn, known as “wardrobing,” and returning shoplifted merchandise. Organized fraud groups thrive online and teach others how to exploit the system. It's an interesting article for sure. https://www.cnbc.com/2024/03/14/amazon-and-other-retailers-hit-by-refund-fraud-costing-them-billions.html
Do we have to block .SVG files also now? https://cofense.com/blog/svg-files-abused-in-emerging-campaigns/
Cool Job
Corporate AML Manager - PENN Entertainment. https://vizi.vizirecruiter.com/Remote-4501/284305/index.html
Cool Tool
Traditionally, a product must be free to be included in the cool tool section. The notetaking application, Stashpad, is not free, but it’s definitely cool. They just released a new product called Stashpad Docs, which allows multiple users to collaborate on a single document in real-time. Yes, this already exists by using Google Docs…but the developers of Stashpad don’t view your data as a product to sell to marketers. And you can use markdown language. Check it out. https://www.stashpad.com/blog/announcing-stashpad-docs-google-docs
Convert webp files to jpeg images. https://webpformattojpg.com/
Irrelevant
It’s conference season - Don’t suck at networking. https://casnocha.com/2024/03/how-to-network-at-an-unstructured-happy-hour.html
Really Irrelevant
Why are there so many damn car washes??? https://www.bloomberg.com/news/features/2024-02-21/car-washes-are-taking-over-the-us-here-s-why
Sign-off
Thanks for making it this far down the page! Please consider sharing the newsletter with your colleagues. Every subscriber helps the newsletter rank within the Substack network.
I participated in a competitive bass fishing tournament over the weekend. I used to, but I haven’t for years, and my body wasn’t prepared for it. At one point in my life, I fished about 100 days a year. I enjoyed it, but both my body and ego took a beating.
See you next Tuesday.
Matt
“WISE MEN SPEAK BECAUSE THEY HAVE SOMETHING TO SAY; FOOLS BECAUSE THEY HAVE TO SAY SOMETHING.” - fools also write newsletters.
Published every Tuesday, Threats Without Borders offers original commentary and educational pieces related to cybercrime investigations and information security topics. We also summarize and comment on news articles concerning active threat intelligence for the financial industry. The newsletter interests everyone tasked with cybersecurity or involved in preventing or investigating technology-enabled fraud, theft, or money laundering.
Legal: I am not compensated by any entity for writing this newsletter. Obviously, anything written in this space is my own nonsensical opinion and doesn’t represent the official viewpoint of my employer or any associated organization. Blame me, not them.