We gained a few new subscribers over the past week. Welcome!
In issue 51, I discussed my continuing study of dog fraud and the significant rise in cases due to the shortage of trendy canines. I believed an increase in fraudulent Shiba Inu sales was imminent due to the popularity of the Shiba cryptocurrency. Within a week of that making that prophesy, I had my next dog fraud report and it wasn’t a Shiba Inu. I would say it was just a boring Bichon Frise but with price demands of 900 to 3000 dollars they are anything but boring to the scammers, or victims.
What’s with all the training companies coming out with “Dark Web Investigation” classes? I'm sure these courses are fun and maybe they offer some investigational insight but should you be paying hundreds of dollars for them? Clearly not. If you just want to take the class for informational purposes you can look elsewhere. Everything that those classes may offer is available freely on the Internet. Start with a Youtube search of "How the TOR network works".
If you are law enforcement affiliated you can take one of the fantastic courses offered by the National White Collar Crime Center (NW3C) for FREE. They have multiple courses on Internet investigations and intelligence, including one on the "dark web".
Enter Vishing, stage right
Phishlabs reports that Vishing attacks on corporate users have doubled for the second straight quarter. The group notes that Vishing has comprised 21% of all the incidents they investigated and has overtaken Business Email Compromise as the second most reported scam. https://www.phishlabs.com/blog/vishing-hybrid-response-based-attacks-on-the-rise/
You’ve made it TikTok
You know you’ve officially made it when the scammers begin to specifically target you, or users of your service. Abnormal Security reports on a phishing campaign that targeted high profile TikTok personalities. One email notifies the user that they have had a copyright claim filed against them and they must respond. This will surely get a response from users because content that violates copyright claims will be demonetized! https://abnormalsecurity.com/blog/tiktok-credential-phishing
Common goals
What’s the old saying, “the couple that steals together stays together”? A Pennsylvania husband and wife have pled guilty to stealing mail to commit credit card fraud and identity theft. Oh, and they’re shoplifters too. https://www.pennlive.com/crime/2021/11/husband-joins-wife-in-pleading-guilty-in-pa-mail-theft-credit-card-scheme.html
The real American pandemic
Seriously. https://www.washingtonpost.com/health/2021/11/17/overdose-deaths-pandemic-fentanyl/
Government usually isn’t the answer
CPO Magazine digs a little deeper into the proposed Ransomware Financial Stability Act pending in the U.S. House of Representatives. The article looks at the response of business and cyber security professionals who point out that although well intentioned, government regulation usually isn’t the answer. And it won’t be in this case either. https://www.cpomagazine.com/cyber-security/new-ransomware-reporting-rules-for-us-financial-institutions-proposed-bill-would-require-government-permission-for-payments-over-100000/
The Rest…
Brian Krebs details a new attack on Zelle users. https://krebsonsecurity.com/2021/11/the-zelle-fraud-scam-how-it-works-how-to-fight-back/
New York doctor stole 3.7 million dollars in pandemic relief money and bought himself a yacht. https://www.marketwatch.com/story/greed-over-honesty-new-york-doctor-stole-3-7-million-in-covid-19-relief-money-to-buy-yacht-luxury-cars-and-rolex-watches-prosecutors-say-11636990298?rss=1&siteid=rss
Duo Security has identified a new ransomware threat group that makes changes on the fly to adapt, overcome, and defeat your security systems. https://duo.com/decipher/new-ransomware-group-retools-attacks-on-the-fly
This phishing threat group found a way to bypass email security filters through the use of varying fonts. https://threatpost.com/tiny-font-size-email-filters-bec-phishing/176198/
Cool Tool
Does someone else already own this NFT (or is someone else trying to sell my NFT)?- https://nftdetect.com/
Cool Job
Director of NFT and Blockchain Investigations - DraftKings
Impertinent
Why do thieves steal catalytic converters? https://thehustle.co/why-thieves-love-to-steal-catalytic-converters/
BE YOURSELF DOESN’T MEAN STAY AS YOU ARE. - Someone smarter than me
Homophones are hard
Flare - to flame up or burst into sudden intense light
Flair - a natural talent or aptitude, a distinctive style
I wish you a happy Thanksgiving and hope you enjoy time with friends and family over the holiday.
Thanks
Matt