I received a tip about a person who seemed to possess a tremendous of money that wasn't consistent with the income earned from his job. Allegedly, he purchased a very expensive vehicle with cash. Knowing that vehicle dealers must report cash purchases over $10,000, I pulled the Suspicious Activities Reports (SARs) filed on the suspect. I didn't just find the SAR for the vehicle purchase, but many others that revealed this person was certainly up to some malfeasance.
The Bank Secrecy Act (BSA) is very strict about how investigators can use these reports. So strict in fact, that most investigators just go without because it's not worth the trouble.
I needed to get the bank records from several financial institutions to further my investigations but at this point the only probable cause was based on the information contained in the SARs. Concerned about what I could and could not include in the search warrant affidavit, I contacted the Financial Crimes Enforcement Network (FinCEN) to get clarification. This is the organization that runs the SAR program for the federal government. The FinCEN guy said, "you can't". Can't what, mention the information in the reports? He replied, "you can talk about the information, you just can't say where you got it. You can't even mention that a SAR exists.".
Well, how do you lay the basis for your information if you can't mention the basis for your information even exists?
I told this story at an organizational meeting for the Keystone Connection conference and the idea for a panel discussion was born.
Keystone Connections is the annual training event that brings together the Delaware Valley Chapter and the Pittsburg Chapter of the International Association of Financial Crime Investigators. It alternates from one side of the state to the other each year. It's on the westside this year and will be held at the Seven Springs Resort in Somerset County.
A group of industry-leading experts will be sitting on the SAR panel and I'll be moderating. Please consider joining us!
The IAFCI is offering plenty of other events if you aren’t within a few hours drive of Seven Springs. https://www.iafci.org/Public/Events/Public/Training_Events/Regional_Events_Webinars.aspx?hkey=90afc301-f37c-4cdf-a634-db27fcf0c253
Pick a side
It’s no secret that a disproportionate number of cyber threat actors are either Russian or Ukrainian and in the past they worked rather well together. The current war has torn those alliances apart at the seams. Accenture has issued a report detailing how cybercriminals from all countries have divided along sharp ideological lines picking either Team Russia or Team Ukraine. https://acn-marketing-blog.accenture.com/wp-content/uploads/2022/03/UPDATED-ACTI-Global-Incident-Report-Ideological-Divide-Blog-14MARCH22.pdf
Cafe Press gets pressed
The Federal Trade Commission (FTC) has taken enforcement action against customizable marketplace CafePress for its actions for cover-up a major breach of its networks. The FTC alleges the business attempted to conceal that a hacker exploited the company’s security systems to access millions of email addresses and passwords with weak encryption; millions of unencrypted names, physical addresses, and security questions and answers; more than 180,000 unencrypted Social Security numbers; and tens of thousands of partial payment card numbers. https://www.ftc.gov/news-events/news/press-releases/2022/03/ftc-takes-action-against-cafepress-data-breach-cover
Payment fraud targets fintechs
Sift analyzed its network of over 34,000 sites and conducted a survey of 1000 consumers to determine payment fraud attacks against fintech companies rose by 70% in 2021. https://www.globenewswire.com/news-release/2022/03/15/2403735/0/en/Report-Payment-Fraud-Attacks-Against-Fintech-Companies-Soar-by-70-in-2021.html
Too much faith in government
In this MIT Technology Review article, Patrick O’Neil examines the governments plan to “fix” America’s cyber-security failures. It’s a nice read but he places too much faith in government and assigns too much blame on private industry. And he doesn’t consider that maybe no one involved actually wants the problems to be fixed - or they would be fixed already. https://www.technologyreview.com/2022/03/18/1047395/inside-the-plan-to-fix-americas-never-ending-cybersecurity-failures/
The Rest…
Former Apple employee indicted for offenses committed during a six year scheme including taking kickbacks, stealing parts, and causing Apple to pay for items and services it never received, resulting in a loss of more than $10,000,000. https://www.justice.gov/usao-ndca/pr/former-employee-charged-defrauding-apple-money-laundering-and-tax-crimes
It’s tax season so it’s phishing season. The IRS is a favorite bait. https://cofense.com/blog/emotet-spoofs-irs-in-tax-season/
This group hopes to bury the password for ever. https://arstechnica.com/information-technology/2022/03/a-big-bet-to-kill-the-password-for-good/
Cool Tool
SEARX is a meta search engine that is run as an open-source project. The project is focused on privacy and doesn’t share the IP addresses or search history of its users.
Even better, people can run their own instances of the source code and set the configurations as they like. Here is a list of current Searx instances that are available for use. Find one you like!
Cool Training
Don’t forget to register for the SANS 2022 OSINT Summit. 12 hours of high powered training, fully virtual, and FREE!
https://www.sans.org/cyber-security-training-events/osint-summit-2022/
Irrelevant
MRE’s just got a lot better. https://www.militarytimes.com/off-duty/military-culture/2022/03/17/tabasco-bottles-make-a-glorious-return-to-the-mre/
Cool Job
Senior Product Manager of Digital Fraud - Dicks Sporting Goods https://www.dickssportinggoods.jobs/jobs/14883851/senior-product-manager-digital-fraud-remote-remote/?src=11663
Thank You for opening this weeks email (And for some of your digging it out of the spam box). Attention is in short supply and I appreciate that you gave me some yours today.
Matt
“YOU LEARN NOTHING FROM LIFE IF YOU THINK YOU’RE RIGHT ALL THE TIME.” - someone who knows more about life than me.