Cybersecurity News of the Week, January 21, 2024

This week’s essential cybersecurity and privacy news for the cyber-aware and the cyber-concerned. Designed to educate, support, and advocate.

Stan’s Top of the News

This week’s Top of the News is about fraud and cyber scams. In addition to the following story, see our stories in Section 2. Let’s be careful out there. And let’s help others.

  • ‘Fraud is at a crisis level,’ says expert: 5 financial scams to watch out for in 2024: With advanced technology, thieves can capture a voice recording and then use a software program to generate an imitation “deepfake” version that can be used to impersonate you. … Fraud cost U.S. consumers more than $7 billion in the first three quarters of 2023, a 5% increase from the same period a year earlier, according to the Federal Trade Commission. … If you are aware of a specific scam, research shows you are 80% less likely to engage with it.

Small and Midsize Organizations. Take your security to the next level. Apply Now! If you’re a small business, nonprofit, or IT / MSP in the greater Los Angeles area, apply NOW for LA Cybersecure, a pilot program with coaching and guidance that costs less than two cups of coffee a week. The LA Cybersecure Pilot Program is funded by a grant from the Center for Internet Security (CIS) Alan Paller Laureate Program.

Family Protection Newsletter: Did you know we created the Family Protection Newsletter for non-cyber experts? For your parents, friends, those who need to protect themselves in a digital world. Sign up or share with a friend! Click here to learn more and quickly add to your free subscription! 

How Hackable Are You? Take our test. Find out how hackable you are and download our free updated 13-step guide.

  • How Hackable Are You? Think your defenses are strong. Find out as SecureTheVillage tests you on five basics. Please take our short test as your answers will help you and guide us to improve community safety.

Upcoming events. Please join us.

  • Los Angeles Cybersecurity Workforce Coalition: The monthly meeting of the workforce coalition, Tue, February 6, 1:00 pm – 2:00 pm PT. The LA Cybersecurity Workforce Coalition is for employers, educators, government, nonprofits, and others with a professional interest in the cybersecurity workforce challenge.

Please Support SecureTheVillage.

  • We need your help if we’re to build a world of CyberGuardians. Please donate to SecureTheVillage. Thank you. It takes a village to secure the village. TM

Cyber Humor

Cybersecurity Nonprofit of the Week … Cyber Readiness Institute

Our kudos this week to the Cyber Readiness Institute (CRI) and the great work they do helping our medium-size and smaller organizations manage their information security challenges. CRI’s Cyber Readiness Program helps organizations protect their data, employees, vendors, and customers. This free, online program is designed to help small and medium-sized enterprises become more secure against today’s most common cyber vulnerabilities. Their free Cyber Leader Certification Program is a personal professional credential for those who have completed the Cyber Readiness Program. Both are highly recommended. The Cyber Readiness Institute is playing a major role in our LA Cybersecurity Pilot Program. Like SecureTheVillage, the Cyber Readiness Institute is a fellow-member of Nonprofit Cyber. Dr. Stahl is a proud member of CRI’s Small Business Advisory Council.

Live on Cyber with Dr. Stan Stahl – Live on LinkedIn and Your Favorite Podcast Platform

Sun Tzu and the Art of War.  (Video) (Podcast): This week Stan and Julie riff on Sun Tzu’s warning: “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.”  Our purpose in the Cybersecurity News of the Week & Weekend Patch Report is to give you, our readers, the knowledge you need to defend and protect your sensitive information, your money, and your lives, both at home and at work. This week’s Top of the News illustrates this by sharing stories of frauds and scams. … Sharing information is how we the people stay aware and on top of the dangers of the Internet and cyberspace. … Want to join the fight for online safety? Learn how LA Cybersecure is helping: … Subscribe to Live on Cyber with Stan Stahl, PhD and Julie Michelle Morris, your weekly 15-min update on the latest in privacy and information security affecting our businesses and the communities we live in!

Section 2 – Let’s Be Careful Out There. And Let’s Help Others Who Aren’t Yet Cyber-Aware. 

More stories of fraud and scams. Let’s help others stay safe.

  • ‘Where is my son?’ Scammers using AI put Bay Area family through terrifying ordeal: Amy and Andy Trapp were nearly the victims of an AI-generated phone scam that used an imitation of their son’s voice to fool them into handing over cash to get him out of jail. … Amy Trapp was in her office at the Mill Valley school where she works when she got a call from an unknown number. … She picked it up, thinking it might have something to do with the school fire drill from earlier in the day. Instead, a familiar voice — one she knew better than any other — was on the line. … “It was my son’s voice on the phone crying, telling me ‘Mom, mom, I’ve been in a car accident!’ ’’ Trapp said. Instantly, she felt rising panic. Images of her son Will, away at college on California’s Central Coast, flashed through her mind: him lying on the side of the road in a pool of blood, or trapped in an overturned car. … Trapp was convinced that her son was in trouble. When a man came on the line and told her he was a police officer and that Will had injured a pregnant woman in the crash and had been taken to jail, she believed him, convinced by the unmistakable sound of Will’s voice. She also put trust in another man who claimed to be a public defender representing Will and asked her to take more than $15,000 from her bank account to pay her son’s bail. … It wasn’t until Trapp’s husband called the police directly, hours into the episode, that the couple realized it was a scam. The men were apparently using technology powered by artificial intelligence to copy Will’s voice. Will was quietly studying in his living room throughout the ordeal.
  • Family of teen who died by suicide warns of dangers of financial sextortion: James Woods, a 17-year-old college-bound track star, had just gotten his driver’s license and posed for his senior yearbook photo when an online predator targeted him on Instagram. James received 200 messages in less than 20 hours, according to his mother, Tamia Woods. … “It ranged anywhere from ‘I own you,’ to ‘you need to take your own life,'” Woods told CBS News. … The FBI calls what happened to James financial sextortion. … “Any child can be a victim of this crime,” said Abbigail Beccaccio, unit chief for the FBI Child Exploitation Unit. It consists of minors being coerced into sharing compromised images of themselves by criminals who are often working together overseas. The coercion can take place on gaming and video-streaming platforms, or instant messaging apps. … “This is a predator that is solely interested in financial gain,” Beccaccio said. … Children, some as young as 9 years old, are told to send money, or the photos will be posted online. … From October 2021 through March 2023, the FBI tracked roughly 12,600 sextortion victims — all of them minors. Since 2021, at least 20 children who were victims of sextortion have died by suicide, according to the FBI, including James Woods. … “The most horrible phone call I’ve received, that my only child, my blessing…is no longer here,” Tamia Woods said. … The FBI is trying to warn parents and encourage victims to break their silence. In December 2022, the FBI issued an alertabout what it described as a “staggering” sextortion scam that had targeted more than 3,000 boys. … That scam typically involved someone posing as a woman using a fake account and enticing the victim into sending explicit material, which the scammer then threatened to release unless the victim sent money or gift card codes.
  • Watch out for “I can’t believe he is gone” Facebook phishing posts: A widespread Facebook phishing campaign stating, “I can’t believe he is gone. I’m gonna miss him so much,” leads unsuspecting users to a website that steals your Facebook credentials. … This phishing attack is ongoing and widely spread on Facebook through friend’s hacked accounts, as the threat actors build a massive army of stolen accounts for use in further scams on the social media platform. … As the posts come from your friends’ hacked accounts, they look more convincing and trustworthy, leading many to fall for the scam.
  • Tax identity theft ‘continues to be a huge problem,’ expert says. Here’s how to protect yourself: Tax-related identity theft happens when criminals use your personal information to file a return in your name and claim your refund. … Victims are waiting an average of almost 19 months for the IRS to process their returns and issue refunds, the National Taxpayer Advocate reported. … Get an identity protection pin for the future …If you’re looking for added protection, experts suggest getting an identity protection PIN, or IP PIN, from the IRS.

Brian Krebs has a story this week of a man caught in the middle of a fraud.

  • Canadian Man Stuck in Triangle of E-Commerce Fraud: A Canadian man who says he’s been falsely charged with orchestrating a complex e-commerce scam is seeking to clear his name. His case appears to involve “triangulation fraud,” which occurs when a consumer purchases something online — from a seller on Amazon or eBay, for example — but the seller doesn’t actually own the item for sale. Instead, the seller purchases the item from an online retailer using stolen payment card data. In this scam, the unwitting buyer pays the scammer and receives what they ordered, and very often the only party left to dispute the transaction is the owner of the stolen payment card.

Another reminder that different web sites need different passwords.

  • Researcher uncovers one of the biggest password dumps in recent history: Roughly 25 million of the passwords have never been seen before by widely used service. … Nearly 71 million unique credentials stolen for logging into websites such as Facebook, Roblox, eBay, and Yahoo have been circulating on the Internet for at least four months, a researcher said Wednesday.

Section 3 – Cybersecurity and Privacy News for the Cyber-Concerned.

Related to our story of a new cache of 71 million passwords on the Dark web, Microsoft is under attack by a group using these and other compromised passwords to access Microsoft email accounts. Don’t reuse passwords.

  • Microsoft Executives’ Emails Hacked by Group Tied to Russian Intelligence: The hackers appeared to be trying to learn what the company knew about them, a regulatory filing said. … Hackers infiltrated Microsoft accounts through a basic hacking tactic known as password spraying, in which hackers try common passwords on an array of accounts. … An elite hacking group sponsored by Russian intelligence gained access to the emails of some of Microsoft’s senior executives beginning in late November, the company disclosed in a blog post and regulatory filing on Friday. … Microsoft said it had discovered the intrusion a week ago and was still investigating. The hackers appeared to focus on combing through Microsoft’s corporate email accounts to look for information related to the hacking group, which Microsoft’s researchers called Midnight Blizzard.

The following story could only happen in a world where it’s “cool” to live a life of cybercrime. I can’t imagine Willy Sutton producing tutorials on how to rob a bank. As Simon and Garfunkel sang 50 years ago, “Where have you gone, Joe Dimaggio.”

  • E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop: The rapper and social media personality Punchmade Dev is perhaps best known for his flashy videos singing the praises of a cybercrime lifestyle. With memorable hits such as “Internet Swiping” and “Million Dollar Criminal” earning millions of views, Punchmade has leveraged his considerable following to peddle tutorials on how to commit financial crimes online. But until recently, there wasn’t much to support a conclusion that Punchmade was actually doing the cybercrime things he promotes in his songs. … That changed recently when Punchmade’s various video and social media accounts began promoting a new web shop that is selling stolen payment cards and identity data, as well as hacked financial accounts and software for producing counterfeit checks.

And the result of all this cybercrime? Billions spent on defense. The British Library services down for perhaps a year. Instead of being social media personalities, cybercriminals need to be in jail.

Kudos to North Star Health Alliance for taking a vendor to court to force the return of its patient data.

  • Exclusive: Cloud Vendor Returns Stolen Hospital Data: Alliance Had Sued LockBit Gang to Force Cloud Firm to Release Affected Patient Data. … A cloud services firm has turned over to a New York hospital alliance the patient data stolen in an August ransomware attack by the notorious LockBit gang. The hospital group – North Star Health Alliance – had filed a lawsuit against LockBit in November as a legal maneuver to force the storage firm to return the patient data the cybercriminals had exfiltrated from the hospitals and stashed on the Massachusetts vendor’s servers.

This week in cybercrime.

  • LoanDepot customers struggle to make mortgage payments after Irvine lender hacked: Irvine lender loanDepot is struggling to get its systems operational the Irvine company was hit by a cyberattack in early Jan. 2024. The hack affected loan processing and phone services for the nation’s fifth-largest retail mortgage lender, according to a filing Jan. 8 with the Securities and Exchange Commission. … The company said its data was encrypted by the “unauthorized third party” who broke into company systems. It said certain unspecified systems were shut down to contain the incident.
  • Vans, North Face owner says ransomware breach affects 35 million people: VF Corporation, the company behind brands like Vans, Timberland, The North Face, Dickies, and Supreme, said that more than 35 million customers had their personal information stolen in a December ransomware attack.
  • Framework says hackers accessed customer data after phishing attack on accounting partner: U.S. repairable laptop maker Framework has confirmed that hackers accessed customer data after successfully phishing an employee at its accounting service provider. … In an email sent to affected customers, Framework said that an employee at Keating Consulting, its primary external accounting partner, fell victim to a social engineering attack that allowed malicious hackers to obtain customers’ personal information related to outstanding balances for Framework purchases.

Section 4 – Managing  Information Security and Privacy in Your Organization.

A survey from IANS paints a disturbing picture of CISOs under attack. A full 75% of them said they are looking for a job change.

  • CISOs Struggle for C-Suite Status Even as Expectations Skyrocket: An IANS survey shows that CISOs shoulder more and more legal and regulatory liability for data breaches, but few are getting the recognition or support they need. … CISOs are increasingly being asked to assume the responsibilities of what would normally be considered a C-suite role, but without being regarded or treated as such at many organizations, a new survey of 663 security executives has shown.

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge