Hi I’m Matt. Thank You for opening this weeks issue of Threats Without Borders!
I’m not yet sure if this is a true security concern or hype, but Amazon is adding your WiFi access points into a community mesh network - TODAY. “Amazon Sidewalk” is an effort to build a “community based, crowdfunded WiFi network” that will allow your neighbors and others (who happen to be within the mesh zone) to access some of your bandwidth. If you have any Ring or Echo product in your home it will be enrolled by default. This Bleeping Computer article does a sufficient job of explaining the program as laid out by Amazon. The privacy and security ramifications are yet to be seen. I don’t have any of the enabled products in my home, but I’d surely be opting-out.
In cyber-law news, the Supreme Court finally issued their ruling in the case Van Buren V. United States. The case involved a police officer who misused a restricted access database and was charged with “exceeding authorized access” under the federal Computer Fraud and Abuse Act. Van Buren agreed that he misused the information, but denied that he exceeded authorized access since he was an authorized and authenticated user at the time he accessed the information. The justices agreed with Van Buren in a 6-3 vote. I like the ruling and it’s been enjoyable to theorize and debate the arguments of both sides. Now I guess we’ll see the consequences.
And finally, I continue to have significantly more “page views” than subscribers, showing that many readers are just browsing to cyficrime.substack.com to read the newsletter rather than receive it through email. That’s awesome. But subscribing helps me with the Substack algorithms. Please consider subscribing to help increase the ranking of the Threats Without Borders newsletter.
When your fraud alert sucks
If you read only one article from this weeks issue - make it this! Chris Camejo from TrustedSec goes into great detail to show the steps he had to take to determine if a fraud notification email he received was legit - or a phish. It turned out to be a real notification from his bank, but the message had all of the dodgy earmarks of a phishing email. The same ones we tell everyone to look for! The write-up is a really good step-by-step guide on how to investigate a suspicious email. And hopefully a call to financial institutions to do better. https://www.trustedsec.com/blog/real-or-fake-when-your-fraud-notice-looks-like-a-phish/
Bustin’ Out
I’m not sure when this undated document was released but I just found it. Experian published a detailed whitepaper explaining Bust Out Fraud. It’s been a problem for retail banks for years and is now spreading to other financial services due to the proliferation of synthetic identities. This is a long-term fraud scheme and the perpetrator has to be dedicated to make it work. They are fun to investigate….not so much fun for the victim bank though. https://www.experian.com/assets/decision-analytics/white-papers/bust-out-fraud-white-paper.pdf
Scams and profit in the Apple app store
The Washington Post claims the Apple app store is “teeming with scams”, contrary to the Apples claim that its stringent controls make it the the most secure software marketplace. The article claims 2% of the 1000 highest grossing applications available in the marketplace are scams, resulting in a loss of over 48 millions dollars to Apple customers. The true bombshell is the charge “Apple profits from these apps because it takes a cut of up to a 30 percent of all revenue generated through the App Store”. So Apple is benefiting from crime and has no incentive to fix the issue. The Washington Post is owned by Jeff Bezos right? Hmm. https://www.washingtonpost.com/technology/2021/06/06/apple-app-store-scams-fraud/
467K Pandemic relief fraud arrest
In close to home news, a Carlisle (PA) businessmen has been arrested for obtaining $467,000 in pandemic payroll relief when his business wasn’t even operating. In 2019 and 2020, KB Trucking was not in business, had no employees, and certainly did not suffer a loss due to payroll expenses. Keith McConnel has been charged with wire fraud and money laundering and is looking at a 30 year prison sentence. Well done IRS-Criminal Investigations! https://www.justice.gov/usao-mdpa/pr/owner-carlisle-area-trucking-business-charged-covid-relief-fraud
The Rest…
This is how attackers bypass Microsoft’s anti-malware scanning protection. https://www.supremecourt.gov/opinions/20pdf/19-783_k53l.pdf
Kevin Mandia calls for businesses to go on the cyber-offensive: “The puck will continue to get in the net forever unless we play offense,” https://www.forbes.com/sites/martingiles/2021/06/02/fireeye-ceo-kevin-mandia-on-ransomware-attacks/
And in the same speech, Mandia calls ransomware “intolerable” and demands a stronger government response: “Pharmaceuticals, hospitals, healthcare, public companies, organizations that don’t have the talent and skills to defend themselves—they’re getting sucker punched”. https://www.wsj.com/articles/ransomware-is-an-intolerable-situation-fireeye-ceo-says-11622649180
Study of SEC and FINRA cases shows anti-money laundering continues to be one of the highest regulatory priorities. https://www.jdsupra.com/legalnews/anti-money-laundering-continues-to-be-6594274/
Tools
For new readers - I keep my listing of OSINT tools current at https://start.me/p/jjo29z/matt-s-osint-page
Find yourself a community - for better or worse - https://www.findareddit.com/
“IT IS NEVER TOO LATE TO BE WHAT YOU MIGHT HAVE BEEN” - Someone smarter than me.
Thanks for reading and please share!
Matt