I surprised a colleague this week when I claimed my number one investigation tool was Google. Although I don’t use it for my personal searching, I begin every investigation, whether the target is a human or a business, with a standard Google search. I have an arsenal of more advanced tools that I transition into but many times the inquisition needs to go no further than some simple Google-Fu.
Two quick tips for better Google results:
Use the tabs.
At the top of your results page, you'll see a series of tabs that are generally titled "All", "News", "Images", "Videos", "More", and "Tools". It’s surprising how many people completely ignore these convenient time savers. The two that I always hit are Images and Tools.
Images: Developers will use a coding exercise called “Alt-Text” when embedding an image into a web page.
This attached text allows the end-user to receive some information about an image if for some reason they cannot view it. Most developers will include a description of an image and proper names if it includes a person or persons. The person you are searching for may not be mentioned in the article but may be tagged in the alt-text of an image. I have linked many people to an event or business simply by being tagged in an image.
Timeline: The “Tools” tab will allow you to timeline your search results. I generally start by narrowing the search results to the “Past Year” to get the most relevant results and then expand from there.
Related Searches.
Scroll to the bottom of the search results and look at the related search suggested by Google. You're probably not the first person to ask the question and someone else probably worded it better than you. If Google is offering it they have already searched it and probably have the identified resources cached for quick access. Many times the search suggestions will pivot you to a better course than you initially set yourself.
Welcome to Issue 86 of Tw/oB!
He really needs a new job now
Axie Infinity is an online gaming environment that has its own cryptocurrency. It’s wildly popular and for a brief time the currency was on bull run. Then the company was breached and lost 540 Million (USD) worth of crypto. Party Over. News broke this week that the breach occurred when a senior engineer fell for a phishing scam which he thought was in invitation to apply for a better job. During his “hiring” process, the engineer download a PDF that was actually a malicious payload sent by the hackers. He didn’t get the job and lost the one he had. https://www.theblock.co/post/156038/how-a-fake-job-offer-took-down-the-worlds-most-popular-crypto-game
The predators claim victimhood
Domestic online gambling companies are demanding the U.S. Department of Justice crack down on offshore gambling sites. The domestic gaming operators claim their concern is for the consumer but it seems they are really only concerned for their bottom line: “There are hundreds of illegal or unregulated operators who are taking sports bets every single day. We estimate there’s potentially $15 billion going through some of these offshore operators,” FanDuel CEO Amy Howe told CNBC. https://www.cnbc.com/2022/07/07/casino-industry-urges-federal-prosecutors-to-crack-down-on-illegal-operators-.html
Why so long
A guy in New Jersey ran 15 Amazon storefronts and 10 Ebay stores to peddle over one billion dollars in counterfeit Cisco networking hardware. He was indicted this week by the United States Attorney for the District of New Jersey. According to the press release, between 2014 and 2019, Cisco sent seven letters to the guy asking him to cease and desist selling counterfeit goods. In July 2021, agents finally executed a search warrant at his warehouse and seized 1,156 counterfeit Cisco devices with a retail value of over $7 million. Why did it take this long? That is seven years that unsuspecting consumers got stuck with crappy products! https://www.justice.gov/opa/pr/ceo-dozens-companies-and-entities-charged-scheme-traffic-estimated-1-billion-fraudulent-and
Are you’re interesting
The Russians may want to learn your secret recipe for Ranch dip or maybe the North Koreans are at need-to-know status over the drama with your second cousin Lindsay. Well, Apple has a fix for that. This week the company announced a new security protocol to help protect users who may be targeted by sophisticated digital attacks such as state-sponsored mercenary spyware. If you absolutely need to secure the information on your phone, and know that state backed attackers are coming for it, then an iPhone is your only choice now. https://www.apple.com/newsroom/2022/07/apple-expands-commitment-to-protect-users-from-mercenary-spyware/
The Rest…
This is why you should use a dedicated password manager and never store your passwords in a web browser. https://www.gosecure.net/blog/2022/06/29/did-you-know-your-browsers-autofill-credentials-could-be-stolen-via-cross-site-scripting-xss/
Malicious insiders - again. Gun shop manager stole guns, clothes, coffee and other items so he could “fit in”. With who? All the other thieves employed by the business?? https://www.pennlive.com/crime/2022/07/central-pa-gun-shop-manager-accused-of-stealing-nearly-13k-in-merchandise-i-was-just-trying-to-fit-in.html
Cybercriminals are targeting law enforcement agencies around the world. https://resecurity.com/blog/article/cybercriminals-are-targeting-law-enforcement-agencies-worldwide
North Korean threat actors have unleashed “Maui” ransomware which is targeting the healthcare industry. Oh, they don’t leave a note - they steal the files and then contact you directly. https://threatpost.com/healthcare-maui-ransomware/180154/
Cool Job
Senior Fraud and Risk Manager - Zipcar https://avisbudget.wd1.myworkdayjobs.com/Zipcar_Careers/job/Remote---United-States-of-America/Analyst-Risk---Fraud-III_R0131834
Cool Tool
This tip is why you read the newsletter each week.
https://tinywow.com/ - Tools that solve your file problems - all of your files!
Irrelevant
In the market for a new Macbook? The choice between the Air and Pro is getting hard to make. https://9to5mac.com/2022/07/08/difference-between-macbook-air-and-pro/
Thank you for opening this week emails. I appreciate everyone who takes the few minutes to read an issue and I have even more praise for those that take the time to dig it out of their spam-box.
With sincere thanks - Matt.
“Working hard doesn’t get you anywhere if you’re working on the wrong thing” - someone who watches me work.
About: Published every Tuesday, I summarize and comment on the articles that interested me the most through the week and share active threat intelligence for the financial industry. The Threats Without Borders newsletter will be of interest to anyone who is involved in the prevention or investigation of crime facilitated through the use of digital technology.
P.S. - It’s OK to say “cyber”.