Threats Without Borders - Issue 176
Cybercrime Investigation Newsletter - week ending March 31, 2024
During a speaking event this week, I was asked about my preferred web browser with regards to security. It's important to note that when choosing an Internet browser, security is only one aspect to consider. The other equally important aspect is privacy, but these two terms should not be used interchangeably. Privacy doesn't always equate to security, and just because a browser is secure, doesn't necessarily mean that it's also private.
Security measures are designed to shield against unauthorized access, data breaches, malware, and cyber threats you will face while browsing the Internet, or technically, the World Wide Web. A secure web browser employs encryption to safeguard personal information like login credentials and financial details from hackers. It also thwarts malicious software from infiltrating devices and compromising data integrity.
Privacy, on the other hand, is more concerned with shielding personal information and browsing habits from being exploited or shared without consent. A privacy-centric web browser prioritizes anonymity and confidentiality, ensuring that online activities remain untracked, unmonitored, and unrecorded by third parties. This entails blocking tracking cookies, thwarting data collection by websites, and providing features such as private browsing modes and ad blockers to bolster online privacy.
While both security and privacy are integral to a safe and secure web browsing experience, it's crucial to acknowledge their differences and the distinct features they necessitate in a web browser. For instance, a browser that is strong on privacy might not excel in security, and vice versa.
Let’s compare Firefox and Chrome. Firefox is renowned for its robust privacy features, including enhanced protection from web trackers blocking third-party trackers and cookies. It also employs robust anti-fingerprinting techniques to deter websites from identifying and monitoring individual users. However, Firefox is routinely criticized for its poor response to address security vulnerabilities.
Conversely, Chrome boasts robust security features such as built-in phishing protection, sandboxing, and automatic updates to patch security loopholes promptly. Without a doubt, Chrome is the most security-focused web browser. However, Chrome is a Google product that epitomizes the mantra “If you’re not paying for a product, you are the product.”
Next week, I’ll review the big four web browsers (Chrome, Edge, Firefox, and Safari) and give you my personal favorite.
Some News…
AT&T is still defiant about 70 million current or former customers' records being published online. While they acknowledge the records appear to be AT&T customers, they claim, “Currently, AT&T does not have evidence of unauthorized access to its systems resulting in theft of the data set.”. OK, whatever. https://www.npr.org/2024/03/30/1241863710/att-data-breach-dark-web
The police edited images of criminal suspects to replace the faces with Lego heads. Lego was not amused. https://www.deseret.com/u-s-world/2024/03/27/lego-mugshots-murietta-police-department-booking-photo-trump/
The Federal Trade Commission (FTC) and U.S. Postal Inspection Service have joined forces with Canadian authorities to create a task force known as the “Quebec Strategic Partnership.” The group is working to identify and combat cross-border fraud, such as imposter, investment, and prize-winnings scams. https://www.ftc.gov/news-events/news/press-releases/2024/03/ftc-canadian-law-enforcement-agencies-cooperate-public-outreach-combat-cross-border-fraud
Check Point Research exposes tax-themed phishing attacks utilizing QR codes. They have also found “Hackers are buying and giving away remote desktop privilege access to popular tax services”. ‘Tis the season! https://blog.checkpoint.com/security/beware-the-tax-scam-tsunami-unmasking-qr-code-schemes-bogus-refunds-and-ai-imposters/
The agency's Office of Inspector General (OIG) says Department of State employees are directly targeted in a payroll account takeover scheme. Employees should be on the alert for an unsuspected request to update a 1099 form. https://content.govdelivery.com/attachments/USSTATEOIG/2024/03/25/file_attachments/2825574/FRAUD%20ALERT%202024-01.pdf
Is this irony? OWASP gets breached. https://owasp.org/blog/2024/03/29/OWASP-data-breach-notification
It’s not all social engineering! Your humble editor has long been beating the drum that all of these SIM Swap attacks aren’t simply the result of hackers social engineering employees of the mobile phone providers. The former manager of a “telecommunications company” in New Jersey has admitted to federal authorities that he was “swapping the Subscriber Identity Module (SIM) numbers of cell phone customers into mobile devices controlled by another individual”. He was being paid $1000 per swap. This guy needs to get the maximum sentence possible to send a very clear message. https://www.justice.gov/usao-nj/pr/former-telecommunications-company-manager-admits-role-sim-swapping-scheme
FBI-Omaha is seeking this ahole who stole 1.5 million dollars from the clients of his investment brokerage. https://www.kwqc.com/2024/03/29/wanted-by-fbi-iowa-man-accused-15-million-wire-fraud-scheme/
Cool Job
Fraud Operations Investigations Manager - One https://jobs.ashbyhq.com/oneapp/70f7d47b-56ff-4e53-bae7-abefe5c880c6
Cool Tool
Free and open source application to upscale and repair low-quality images - fix the blur. The web app is on the waitlist, but you can download and run it locally. https://www.upscayl.org/
Irrelevant
Don’t get scammed by the “4 Square” when buying a car. https://www.consumerreports.org/consumerist/dealerships-rip-you-off-with-the-four-square-heres-how-to-beat-it/
Really long technical read - that you should read
Researchers from Resecurity found a seller offering detailed instructions explaining how to turn a Raspberry Pi into a all-in-one electronic crime tool called the Geobox. The tool allows the use to “spoof GPS locations, emulate specific network and software settings, mimic settings of known Wi-Fi access points, and bypass anti-fraud filters”. The article warns, “GEOBOX provides cyber criminals with the ability to fake their geographical location down to specific coordinates, which can be manually set.”. https://www.resecurity.com/blog/article/cybercriminals-transform-raspberry-pi-into-a-tool-for-fraud-and-anonymization-geobox-discovery
Sign-Off:
I would like to thank the Delaware Fraud Working Group and the Better Business Bureau of Delaware for allowing me to speak at the Fraud Summit in Dover last Wednesday. It was a great event, and I’m glad I could participate. For fraud fighters at the intersection of Delaware/Maryland/Pennsylvania/New Jersey - email [info @ dfwg.group] for information about future DFWG events.
See you next week,
Matt
“YOU CAN LEARN A LOT FROM YOUR MISTAKES WHEN YOU AREN’T BUSY DENYING THEM” - I should have a PhD.
Published every Tuesday, Threats Without Borders offers original commentary and educational pieces related to cybercrime investigations and information security topics. We also summarize and comment on news articles concerning active threat intelligence for the financial industry. The newsletter interests everyone tasked with cybersecurity or preventing or investigating technology-enabled fraud, theft, or money laundering.
Legal: I am not compensated by any entity for writing this newsletter. Obviously, anything written in this space is my own nonsensical opinions and doesn’t represent the official viewpoint of my employer or any associated organization. Blame me, not them.