Tuesday, February 22, 2022 //(IG): BB //Weekly Sponsor: ISG
Payment card skimming reemerges with an online twist
FROM THE MEDIA: Card skimming has been around since before the mainstream internet and is undergoing a renaissance as financial fraudsters are recognizing new opportunities to combine physical world data theft with online intrusion to steal even more money and information than before. Just a week ago, it was reported that roughly 500 online retail sites fell prey to a massive “card skimming” incident, wherein bad actors installed a device that allowed them to copy and swipe the data off legitimate debit and credit card as they were being used for payments. In the past, card skimming thieves would insert a physical device into ATMs or payment terminals that would hijack the information off of valid customers’ payment cards. Nowadays, as online shopping is booming more than ever, these cyber thieves are using malware inserted onto the checkout page of online commerce sites to collect the card information, which they can resell or use in their own nefarious schemes.
READ THE STORY: SC MAG
A QUICK LOOK:
Credit Suisse faces fresh scrutiny over culture after client data leaks
FROM THE MEDIA: Credit Suisse is facing fresh scrutiny from Swiss regulators and the European Parliament after leaked data purported to show the bank had served human rights abusers, corrupt politicians and businessmen under sanctions for decades. The Swiss bank has denied any wrongdoing and said it “strongly rejects” the allegations published by dozens of global media outlets following a coordinated investigation. The leak of client data was initially sent to a German newspaper before being picked up by the Organized Crime and Corruption Reporting Project and 46 other news organizations. Credit Suisse said the ensuing report, entitled “Suisse Secrets,” detailed “predominantly historical” matters and was based on “partial, inaccurate, or selective information taken out of context, resulting in tendentious interpretations of the bank’s business conduct.” “Approximately 90% of the reviewed accounts are today closed or were in the process of closure prior to receipt of the press inquiries, of which over 60% were closed before 2015. Swiss regulator FINMA said it was aware of the articles, though couldn’t comment on individual media reports.
READ THE STORY: CNBC
A QUICK LOOK:
China delays new anti-money laundering rules amid privacy worries, pushback from small financial firms
FROM THE MEDIA: China’s central bank has said it is postponing implementation of new rules that strengthen scrutiny of cash withdrawals and deposits due to “technical reasons”. The new regulation, which was said to target money laundering and originally expected to take effect on March 1, requires people who make a single cash deposit or withdrawal that exceeds 50,000 yuan (US$7,8884), or US$10,000 in a foreign currency, to report the source and intended use of the money. Banks and other licensed financial institutions handling relevant transactions must also validate and store client’s information, according to the joint order issued by the People’s Bank of China (PBOC), the China Banking and Insurance Regulatory Commission, and the China Securities Regulatory Commission last month. But the PBOC issued a notice on Monday saying the new rules would be delayed and transactions would continue under current protocols, which only require banks to check a person’s identification.
READ THE STORY: SCMP
A QUICK LOOK:
Cyber Terrorism, the Real Threat to India’s Security - Anuraag Singh
FROM THE MEDIA: “The cyberspace has provided an advantageous platform for cybercriminals for executing their malicious activities, spreading hate propaganda, etc. over the internet. This was possible because of minimum online regulations, anonymity, large audience, fast circulation of information, and many other benefits”, says Cyber Expert, Anuraag Singh. Just the word terrorism was enough to give some chills to the bones, and when it gets combined with the word Cyber i.e. digital, it becomes even more terrifying. The term 'Cyberterrorism' was first coined by Banny C. Collin of the Institute for Security and Intelligence (ISI) in the late 1980s. But, its usage was better understood during the 9/11 attack. Cyberterrorism is a controversial term with no clear definition yet. However, it can be understood as the use of the Internet to carry out violent activities that result in or threaten the loss of life or substantial physical injury to accomplish political or ideological advantages through threat or intimidation. Under Cyberterrorism attack, there will be large-scale disruption of computer networks that are connected to the Internet. This is accomplished using tools such as computer viruses, computer worms, phishing, malicious software, hardware methods, programming scripts, and much more.
READ THE STORY: Deccan Herald
A QUICK LOOK:
Cybercrime Moves: Conti Ransomware Absorbs TrickBot Malware
FROM THE MEDIA: TrickBot Being Used to Gain Initial Access to Victim's Network, Researchers Say. The group that runs Conti ransomware has a new trick up its sleeve: Hiring some of the top staff responsible for having developed the venerable TrickBot malware. So reports New York-based threat intelligence firm Advanced Intelligence, aka AdvIntel, which notes that Conti first began working with TrickBot a year ago, in an exclusive arrangement giving it initial access to numerous networks. While some other big-name ransomware operations have disappeared since last summer, Conti lives on. Experts say this seems to be due in part to its TrickBot ties, the operation largely eschewing the use of third-party initial access brokers, and also being run as a tightly controlled group, including training its own network penetration specialists. Security experts say Conti-wielding attackers have likely earned profits worth hundreds of millions of dollars. As of December 2021, a Conti ransom demand averaged $657,000, according to ransomware incident response firm Coveware, based on thousands of incidents it investigated.
READ THE STORY: Bank Security
A QUICK LOOK:
How scammers like Anna Delvey and the Tinder Swindler exploit a core feature of human nature
FROM THE MEDIA: Maybe she had so much money she just lost track of it. Maybe it was all a misunderstanding. That’s how Anna Sorokin’s marks explained away the supposed German heiress’s strange requests to sleep on their couch for the night, or to put plane tickets on their credit cards, which she would then forget to pay back. The subject of a new Netflix series, “Inventing Anna,” Sorokin, who told people her name was Anna Delvey, conned over $250,000 out of wealthy acquaintances and high-end Manhattan businesses between 2013 and 2017. It turns out her lineage was a mirage. Instead, she was an intern at a fashion magazine who came from a working-class family of Russian immigrants. Yet the people around her were quick to accept her odd explanations, even creating excuses for her that strained credulity. The details of the Sorokin case mirror those from another recent Netflix production, “The Tinder Swindler,” which tells the story of an Israeli conman named Simon Leviev. Leviev persuaded women he met on the dating app to lend him large sums of money with similarly unbelievable claims: He was a billionaire whose enemies were trying to track him down and, for security reasons, couldn’t use his own credit cards.
READ THE STORY: Yahoo News
A QUICK LOOK:
Nigeria’s Unrelenting War Against Internet Fraud In The Face Of New Threats
FROM THE MEDIA: As the federal government struggles to contain the menace caused by internet fraudsters, it continues to intensify, especially among youths in the past six years. Recently this month, the world marked the Safer Internet Day. This saw agencies of the federal government once more beaming their searchlights on potential areas where fraudsters target to defraud unsuspecting members of the public. The Nigerian Communications Commission (NCC), the National Information Technology Development Agency (NITDA) together with other ministries, agencies and departments have attempted enlightening the public on activities of these fraudsters who are capable of hacking into online platforms to wreck havoc. The NCC earlier in September 2021 urged all telecom consumers to be at alert while using any social platform and remain wary of the wiles of fraudsters and other unscrupulous persons. In an alert to telecom consumers, it mentioned what it called a new high risk and extremely damaging malware called Flubot in a press statement signed by NCC’s director for Public Affairs, Dr Ikechukwu Adinde. The release further revealed that Flubot impersonates Android mobile banking applications to draw fake web view on targeted applications. Its goal transcends stealing personal data and essentially targets stealing of credit card details or online banking credentials.
READ THE STORY: Leadership NG
A QUICK LOOK:
UK Police Return $5.4 Million to Cryptocurrency Fraud Victims
FROM THE MEDIA: The U.k.’s Better Manchester Police (GMP) introduced Friday that about $5.4 million of the finances seized from a world cryptocurrency rip-off rumbled by way of its law enforcement officials in July remaining 12 months had been returned to rightful homeowners. The announcement main points: OVER 4 MILLION KILOS HAD BEEN RETURNED TO 23 VERIFIED SUFFERERS AND ANY OTHER 127 REPORTED CLAIMS ARE RECENTLY BEING INVESTIGATED BY WAY OF OFFICIALS ALONG COMPANIONS IN GLOBAL REGULATION ENFORCEMENT AROUND THE GLOBE. The police famous, “any other seven million kilos to be returned to rightful homeowners.” Then again, the announcement does no longer specify whether or not the sufferers will obtain cryptocurrency or fiat foreign money from the police. “A sum of $22.25 million (identical to simply over £16 million) used to be seized by way of specialist officials from Better Manchester Police’s Financial Crime Unit in July 2021, after intelligence ended in the invention of USB sticks containing large quantities of Ethereum,” the police detailed, including: A COMPLETE OF 150 SUFFERERS FROM IN ALL PLACES THE ARENA CONTACTED OFFICIALS WITHIN THE UNIT.
READ THE STORY: bitcoin
A QUICK LOOK:
About this Product
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com