Threats Without Borders - Issue 55

Matt's Newsletter - Week ending December 5, 2021

Receiving an email newsletter is much like someone handing you a plain brown box sealed with tape - you don't know what's in it until opened. Even if they tell you what's in it, you don't really know until you open it and look for yourself.

Sending out a weekly email newsletter is inherently risky as a creator. You invest time and energy into a product without knowing if it will ever be seen. A recipient can open the message, or not, and there is little you can do to influence the decision at that moment.

It is vital to release a product that keeps subscribers opening the email every week. There needs to be trust that when they peel back that tape it's a prize and not a trick. Every newsletter needs to be the best produced to incentivize the subscriber to open the next email.

Some of my best written newsletters, in my opinion, have the lowest open rates. Without explanation. For whatever reason, the majority of recipients that week chose not to open the email.

So goes my luck, Last week I wrote a half-assed issue with a whiny narrative about being sick and it yields my highest open rate. Ever!

If you are reading this - Thank You! You came back for more and I could not be more humbled.

Matt


Like a broken record

If you are a regular reader of this newsletter you have heard me rail against gift cards. If the government was as intent about battling gift card fraud as they are about regulating cryptocurrency then maybe we could get something done. The victim in this article learned the hard way as he lost $500 to prepaid card fraud. And as always…one business says not us, see them, while the other says not us, see them. https://www.pennlive.com/news/2021/12/he-bought-500-of-apple-gift-cards-at-target-scammers-wiped-them-clean-before-he-could-use-them.html

And this isn’t a new problem… it’s been a fraudster favorite since at least 2017. https://www.wired.com/story/gift-card-hacks/

Remember when we first got network printers?

Yeah, some of us are old. But hacking printers on your own companies network was easy and fun. As long as the joke messages didn’t get sent to the library. Librarians don’t play. Jump to post-Covid and the rise of the Anti-Work movement. Someone is hacking receipt printers to publish anti-work messages. Well, they aren’t really hacking since the printers are unsecured and Internet accessible but still… https://www.vice.com/en/article/qjbb9d/hackers-are-spamming-businesses-receipt-printers-with-antiwork-manifestos

Security Theatre

Oleg Afonin wrote this aggressive piece on the Elcomsoft blog. I say aggressive, because while most is absolutely true, it flies in the face of what most cybersecurity “experts” preach. Starting with point number one, the call to continuously change your password. Want to see if someone really understands security? Ask them how often someone should change their password. Anyways, read this article and see if your organization is participating in security theatre. https://blog.elcomsoft.com/2021/12/worthless-security-practices/

And something completely different

A South Dakota man has been sentenced to 97 months in federal prison for running a 24 million dollar Ponzi scheme. Stocks…nope. Cryptocurrency…nope. Tupperware…nope. Cattle! Yes, cattle feedlots. Who would have thunk? Read this fascinating article from AgWeek and realize no field is immune from fraud (pun intended). https://www.agweek.com/news/crime-and-courts/7269169-One-lie-after-another-Feedlot-Ponzi-scheme-lands-South-Dakota-man-in-federal-prison

The Rest…

The SEC claims they are serious about cybersecurity and breach disclosure. https://securityintelligence.com/articles/sec-business-data-breach/

Lawfare proposes a new security model: Cybersecurity For Idiots. Thats the name. Seriously. https://www.lawfareblog.com/cybersecurity-idiots

Extorting VOIP services with the threat of DDOS attacks. https://www.npr.org/2021/12/06/1060838850/criminal-hackers-are-now-going-after-phone-lines-too

Looting upscale stores has turned San Francisco business district into a ghost town. https://nypost.com/2021/12/04/how-looting-in-san-francisco-turned-the-city-into-a-ghost-town/


Cool Tools

Send an encrypted and self destructing note. (So they claim).

https://burnernote.com/

Find similar domains across various top-level domains:

https://dmns.app/


Cool Job

Fraud Investigations Manager - Revolut


“WORRY IS INTEREST PAID ON TROUBLE BEFORE IT COMES DUE.” - Someone who doesn’t worry as much as me.


Homophones are hard

Who’s - who is, or who has

Whose - the possessive case of who or which, of whom, belonging to whom


Thanks for opening the email this week. Stay safe. Stay healthy. See you next Tuesday!

Matt

Loading more posts…