Robert Burns predicted my daily living when he stated “The best laid schemes o’ mice an’ men, gang aft a-gley” meaning even the best prepared and reasoned plans “often go awry”. It’s the rare effort of mine that goes off without a hitch.
Issue 82 of Tw/oB can be summarized “out smarted by the technology I was trying to out smart”.
I have been trying to improve the email open rates for the newsletter. I suspect that many email systems view the email that delivers the link-heavy content as spam and immediately drop it. I theorized the problem could be fixed if just don’t make the noted URL’s clickable links.
For issue 82, I didn’t make the URL’s clickable, however the receiving email systems were smart enough to recognize the text as links and offer them to the reader as clickable. So, most of you still opened an email with blue URL’s.
And Issue 82 still had the lowest open-rate the newsletter has had in the past six weeks. So much for that.
Enjoy the clickable links.
Crypto still drives cybercrime
Decipher published this insightful and very relevant article about the “cat and mouse” game currently being played between law enforcement and cybercriminals.
“It’s like whack-a-mole between law enforcement and the tools they use, and criminals,” said Redbord. “You’re seeing money launderers use more and more sophisticated techniques to move money in crypto. There are so many of these types of techniques that bad actors are using today, and they’re also taking advantage of these non-compliant exchanges.”
Law enforcement also faces the sledgehammer of having to explain their investigative techniques in search and arrest warrants. These documents get published by the court so other criminals can see exactly how peers where identified and make changes to refine their operations.
https://duo.com/decipher/the-cat-and-mouse-game-of-ransomware-money-laundering
And they got Scott Evil too! Here is a story about how Seth Green, aka Scott Evil in the Austin Powers movies, was victimized by a NFT/cryptocurrency scam.
https://news.yahoo.com/weve-only-scratched-surface-bad-221758213.html
Don’t be on this list
It’s hard to believe that anyone is still using passwords like password or 12345678 or ABC123 but…they are. Cybernews analyzed 15,212,645,925 passwords scraped from hundreds of publicly leaked data breaches and determined the ten most frequently used. Let’s try not to use these password. https://cybernews.com/best-password-managers/most-common-passwords/
Twice is not so nice
Michigan based Flagstar Bank announced that a December 2021 data breach affected over 1.5 million customers. This is the second time the company had sustained a major security lapse. In January 2021, the ransomware gang Clop breached the bank’s servers by exploiting a zero-day vulnerability in Accellion FTA servers. Let’s hope they don’t allow a three-peat. https://www.bleepingcomputer.com/news/security/flagstar-bank-discloses-data-breach-impacting-15-million-customers/
Interpol get something done
International law enforcement led by the Interpol organization launched “First Light 2022” which resulted in over 1700 suspects arrested and over fifty million dollars (USD) seized. The primary focus of the offensive was groups running business email compromise (BEC) schemes, romance scams, and other social engineering attacks. Kudo’s to a multi-national organization actually getting something accomplished. https://www.tripwire.com/state-of-security/latest-security-news/interpol-arrests-thousands-scammers-operation-first-light-2022/
The Rest…
The U.S. Marshals Service has its work cut out managing cryptocurrencies seized by the Justice Department. The DOJ’s inspector general office found the Marshals Service in September 2021 held 22 different types of seized cryptocurrencies worth about $466 million. https://oig.justice.gov/reports/audit-united-states-marshals-services-management-seized-cryptocurrency
For Mac users…Seven new security updates in MacOS Ventura https://www.sentinelone.com/blog/apples-macos-ventura-7-new-security-changes-to-be-aware-of/
Intel471 reports on cybercriminals exploiting travelers venturing out for the first time after Covid. https://intel471.com/blog/travel-fraud-cybercrime-ransomware-pii
Spoof email looks like it’s from Paypal and tricks victims into making a phone call to get scammed. https://www.avanan.com/blog/new-attack-spoofs-paypal-to-obtain-payment-from-end-user
They’re still phishing - Pixm provides an update on a group that has stolen over 5 million user credentials through a wide-scale phishing attack. https://pixmsecurity.com/blog/blog/phish-goes-on/
Reader comments
“Matt when you asked why users are so bad at basic security and noted that “some” are stupid, you should have left it at that. The answer is they are stupid.” (See issue 81 for context).
“Thanks for the heads-up on Be Real. I was able to drop a reference and be the cool dad while talking to my daughters friends.” (See Issue 80)
“Tim Horton’s is the Wendy’s of coffee”
Cool Tool(s)
All the tips and tricks for Excel and Google Sheets. https://sheethacks.com/
Screen sharing and general GSD tool for Windows users. https://getsharex.com/
Cool Job
Leader - Law Enforcement Outreach and Investigations : Western Union
Irrelevant
Originally published in 2019 - I just read it. “Journal Writing for Intelligent People - The Ultimate Guide”. https://journalsmarter.com/journal-writing
Thank You for sticking with this and continuing to open the email. If you just browsed into the Substack page and have not yet subscribed - please consider doing so.
Matt
“LIFE CAN GO TO ABSOLUTE SHIT AT ANY MOMENT, SO ENJOY IT WHILE YOU CAN.” - someone watching my life