This is the last week to register for the 2022 Keystone Konnection Conference that runs May 9-11 at Seven Springs Mountain Resort. The event is the annual training conference sponsored by the Delaware Valley and Pittsburgh Metro chapters of the International Association of Financial Crime Investigators. The conference has a great line-up of speakers and fantastic networking opportunities. And a cornhole tournament!
https://keystonekonnection.com/
Remember when overly aggressive attorneys only chased ambulances? Remember how they moved to cancer causing agents and you couldn’t watch a sporting event without getting bombarded with legal commercials soliciting those who had contact with asbestos or Round-up? Well now they’ve move to “food fraud”. Yep, how dare someone sell a product advertised as “vanilla” when in reality it’s only vanilla flavored. And don’t even think about listing the sweetener in your product as “dehydrated cane juice solids” instead of sugar!
https://www.courthousenews.com/ice-cream-lawyers-on-retainer-food-fraud-cases-on-the-rise-in-us/
Such a fine line
There is a fine line between defender and victim. Robert Heaton is a security engineer for Stripe and regularly writes about digital security. In his most recent writing, he explains he almost fell for a phone scam targeting his bank account. I’ve previously wrote about my struggle to resist blaming the victim and this article is another great reminder that anyone of us, regardless of our personal experience, can easily become “the mark”. https://robertheaton.com/almost-scammed/
Apple Pay enhanced
Apple is upgrading the fraud prevention protection of Apple Pay. The news alert from Apple advised “For cards with certain enhanced fraud prevention, when you attempt an online or in-app transaction, your device will evaluate information about your Apple ID, device, and location (if you have enabled Location Services), to develop fraud prevention assessments, which are used by Apple to identify and prevent fraud”. Using the geolocation functionality of the device is such a simple protection that Apple already has immediate access. Clearly there is a problem if the phone is geolocating to Harrisburg, PA, but the Apple Pay purchase is from an IP address in Austin, Texas. Of course, that means that Location Services must be always enabled. :( https://appleinsider.com/articles/22/04/20/apple-adding-new-fraud-prevention-features-to-apple-pay-apple-wallet
That is some dedication
Jim Baugh loved his job. In fact, he was so dedicated that he engaged in a cyberstalking campaign that targeted a couple whose online newsletter was as critical of his employer. The problem of course, is that Jim Baugh was the Director of Security for Ebay and now he’s just pled guilty to multiple felonies for carrying out his harassment scheme. https://finance.yahoo.com/news/former-ebay-executive-plead-guilty-194214617.html
Original press release from the U.S. Attorney’s Office announcing the indictment: https://www.justice.gov/usao-ma/pr/two-former-ebay-executives-indicted-connection-cyberstalking-campaign
Acceptable Collateral Damages
The financial market sanctions put in place to pressure the Russian government is having an equally restrictive effect on Russian cybercriminals who can’t launder illicit profits. Fine. This report from Flashpoint details how the sanctions put in place over the invasion of Ukraine combined with the global law enforcement takedowns of several darkweb markets have left the Russian cybercriminal financial systems in a panic. https://www.flashpoint-intel.com/blog/russias-ukraine-war-is-complicating-cybercriminal-money-laundering/
The Rest…
New Jersey man convicted in scheme involving USPS employees stealing credit cards and mail that lead to one million dollars worth of identity theft and fraud. https://www.justice.gov/usao-nj/pr/essex-county-man-convicted-using-credit-cards-stolen-us-mail-defraud-banks-and-commit
Las Vegas man indicted for assisting foreign telemarketers who defrauded elderly victims of “millions of dollars”. https://www.justice.gov/usao-nv/pr/nevada-man-indicted-multi-million-dollar-fraudulent-check-scheme
Lapsus$ hackers stole T-Mobiles source code. https://www.theverge.com/2022/4/23/23038570/lapsus-hackers-target-t-mobile-source-code-multiple-breaches-cybersecurity
Cool Job
Financial Intelligence Unit (FIU) Investigator - Strike https://strike.me/jobs/?gh_jid=4205902004&gh_src=8ac99a904us
Senior Fraud Operations Investigator - Sardine https://jobs.ashbyhq.com/sardine/1b3a9f95-bc4d-4deb-96d0-5975239678ac
Cool Tool
Pop-up privacy notices are really annoying. Set your preferences once and never see them again - https://www.super-agent.com/
Bellingcat is one of the most prominent international investigation organizations in existence today. If you conduct any form of open-source-intelligence (OSINT) investigations then you’ve probably used one of their tools or online resources. Here is an interview with a Bellingcat investigator about the work the group is doing to document the war crimes Russia is committing in Ukraine.
Thank your for returning after last weeks issue. I was traveling and wrote most of it on the go, including some sections on my phone. I did my best to proof read but caught several spelling and grammar errors after publishing. Thank-you for coming and back!
Matt
“Avoiding stupidity can often be a better strategy than seeking out brilliance.” - someone better at avoiding stupidity than me.
Homophones are hard
Faint - hardly perceptible; lacking strength and vigor and weak or dizzy
Feint - A pretense; a mock blow or attack