As some of you will no doubt know I do a lot of networking on LinkedIn. I'm always interested in what's growing, what's moving and how to advance the story of our lives here in America. Many of my professional connections are on LinkedIn and I am thrilled that I can reach into the resource from time to time seek the advice and opinions that they willingly provide.
This post is about exposing a resource whose time has come. The need is here and people should pay attention to the depth and breathe of posts. Its about helping others who may really be in a bind due to the downturn (self imposed) of our economy during this pandemic. As we press forward and reopen our economy the endless opportunities will slowly give rise to America's unlimited potential which should be great news for everyone involved.
In the meantime, Andrew Seaman does a segment on LinkedIn called #Gethired and provides some tremendous resources that I have found to be just terrific and incredibly helpful. Andrew is a great writer and inserts into his posts another resource of LinkedIn called LinkedIn Learning. I have viewed many of the videos and taken a number of these courses and found the quality to be top notch. He quotes experts from the field and links them in his posts for additional value. I call that bonus points.
A take away from the resume course is in the table I'm inserting below. Within a few minutes you can brighten your day and freshen up that resume with color and relevance.
Keywords
Tell a story
Contrast/Compare
Never give up
I was also interested in what LinkedIn was saying on its blog. Yes, if you didn't know it LinkedIn has a blog and this is another terrific resource for all involved. LinkedIn has managed to pull together a great team of individuals on its platform who do one terrific job of communicating. That can not be understated.
That's what this post is all about. Take a look at your LinkedIn account and drive some attention to the posts and resources that LinkedIn personnel and contactors have so handsomely put together in one place for your use.
Fraud and confidence schemes of the modern day: Phishing
History:
Prior to sophisticated electronics and computers, fraudsters or con men found ways with far less technical means to swindle people out of anything of value. Then came the Internet.
Phishing has its roots in the 1790's, and more recently 1990's with Vic Commodore computers, AOL, credit cards number thefts and the Warez community. "The Warez Scene" as it is known was a group of people specializing in distribution of pirated content dating back to 1975. Phishing attempts were crude in the early days. As phishing became more prominent criminal elements started to get focused: first on selecting specific companies as targets, then focusing on extorting top tier executives and eventually the complete hostage taking of companies technical assets (software, hardware, networks) with the introduction of ransomware.
The internet just made all of this a lot easier. In 1995 random credit generators existed with the use of algorithms. For a more complete reading see Ed Skoudis' Malware timeline that tracks the growth of technology, industry and subterfuge. January 2, 1996 the term phishing was for the first time posted on a Usenet group on AOL. By September of 2003 hackers and con men began registering domains of popular companies, by October of 2003 Pay Pal users found malware contained on clickable emails and the Minmail Virus was introduced to the public.
2004 produced another first as email solicitations for the U.S. Presidential campaign of John Kerry came in from bogus sites in India and Texas. Phishing was now making its debut in US Presidential campaigns. Fraudsters continued to use phishing in the years following and in its pursuits found novel ways to leverage the internet like link manipulation, web site cloning, filter evasion, website forgery, covert redirect and much more.
Today APWG provides an annual report for phishing and much of the same rings true about fraud and con men. They find a soft spot and prey on their victim. They are patient, technically smart and hungry for a win while the rest of us are just trying as best as we know how to avoid them at all cost.
Who is APWG?
The APWG is registered as a U.S. based 501(c)6 corporation (a business oriented not for profit) as defined by the the IRS internal revenue code. On its web site APWG states, it is a international coalition unifying the global response to cybercrime across industry, government, law enforcement and NGO communities.
APWG.EU the institution's European chapter established in Barcelona in 2013 as a non-profit research foundation incorporated in Spain and managed by an independent board, including APWG founding directors; and the STOP. THINK. CONNECT. Messaging Convention, Inc., a US-based non-profit 501(c)3 corporation jointly managed by APWG and Washington, D.C.-based N.C.S.A..
What is Phishing?
Phishing as defined by the APWG (anti phishing working group) is a crime employing both social engineering and
technical subterfuge to steal consumers’ personal identity
data and financial account credentials. Social engineering
schemes prey on unwary victims by fooling them into
believing they are dealing with a trusted, legitimate
party, such as by using deceptive email addresses and
email messages. These are designed to lead consumers
to counterfeit Web sites that trick recipients into
divulging financial data such as usernames and
passwords. Technical subterfuge schemes plant malware
onto computers to steal credentials directly, often using
systems that intercept consumers’ account user names
and passwords or misdirect consumers to counterfeit
Web sites.
What are the numbers?
Thousands of URL's emanating from hundreds of thousands of web sites
APWG tracks phishing sites which can consist of hundreds if not thousands of URL's all leading to the same attack destination. Web sites reported for Q2 and Q3 2019 represented a larger number of web sites than those reported Q4 for 2019 on a quarter by quarter basis for that year. However a year to date look at Q4 2019 Vs Q4 2018: 162,155 Vs 138,328 respectively represents a 14.694% increase. The summer months of July, August and September 2019 showed the months greatest increase roughly between 80-90 thousand phishing web sites reported per month.
Greg Aaron, APWG Senior
Research Fellow and President of Illumintel Inc., stated “July though October was the worst period for phishing
that the APWG had seen in three years, and then phishing levels settled back down to more normal
levels.”
In the news: COVID-19
"Cyber-criminals are already targeting healthcare
organizations—specifically hospitals—with phishing campaigns, ransomware, and
other malicious acts that can adversely impact health information technology,
medical response, and patient safety. As cases of the virus began to increase
in the US, so too did the amount of email-based phishing campaigns referencing
COVID-19." https://cyber.nj.gov/alerts-advisories/cyber-threats-cybersecurity-for-healthcare-during-covid-19
"Threat actors are targeting Small and Midsize Businesses (SMBs) with phishing
emails in an attempt to deliver the Remcos remote access trojan (RAT). Aimed at
SMBs that may be experiencing financial problems from COVID-19 shutdowns, the
threat actor impersonates the US Small Business Administration (US SBA)." https://cyber.nj.gov/alerts-advisories/threat-actors-target-smbs-using-government-grant-phishing-emails
"The COVID-19 pandemic has created an environment ripe for fraudulent
activity, with threat actors leveraging fears of the virus to perpetrate a
variety of malicious and criminal exploitation. Observed scams and fraud have
included selling fraudulent personal protective equipment (PPE), hawking fake
cures and tests, spreading disinformation, phishing campaigns, and other
related scams. The Intelligence Bureau (IB) assesses that this activity will
continue, and it will potentially pivot to leverage changing government
responses to the pandemic and shifting needs for supplies. Additionally, the IB
assesses that cyber-enabled crime will also evolve to prey upon the public’s
need to remain updated on the stream of ever-changing COVID-19-related
information and may shift from COVID-19 themed outbreak to recovery
lures." NYPD SHIELD, 04/23/20
Attribution: 4/23/20 conference call
Sectors:
The most targeted sectors for 2019 was shown as a pie chart as follows:
Saas / web mail 30.80%
Payment card industry 19.80%
Financial institutions 19.40%
Social media 6.80%
E commerce / retail 5.4%
Cloud storage / file hosting 3.4%
Telecom 3.3%
Business email compromise campaigns:
As noted by APWG: In a BEC (Business email compromise) attack, a scammer targets employees who have access to company finances, usually by sending
them email from fake or compromised email accounts (a “spear phishing” attack). The scammer
impersonates a company employee or other trusted party, and tries to trick the employee into sending
money. APWG states attackers could prepare for weeks for such an attack inside financial systems, personnel systems and other area likely to produce a positive harvest of legitimate looking emails. The BEC attack is said to cost the industry billions of dollars. Wire transfers can be 5 to 20 times larger in the amount of money gained by attackers over gift cards whose amounts are generally much smaller. The use of gift cards is stated to be used as a way of laundering other funds to buy physical goods which can later be sold rather than put them into cryptocurrency exchanges, which is said to be another popular way of laundering money.
Schemes:
The following is a list of schemes in priority:
Gift card (click here:Google play cards scheme {most request} decreased but eBay, Target, Best Buy, and Sephora all saw increases) 62%
Deception of others and stealing (confidence schemes, con games) is not uncommon, however use of the internet since the 1990's has created miles of new paths to travel for those with criminal intent. Our nation has and is enduring heart-ships heretofore not contemplated (9/11, COVID-19). Duping of unsuspecting victims will continue to happen using these incidents and a great many others to pry money out of the hands of unsuspecting victims. It is said 93% of data breaches are still caused by phishing incidents with the cost estimated at 1.6 million dollars for mid sized companies. These incidents will continue for some time to come. Awareness training should continue as a mitigation strategy to reduce the incidents.
Update 4/23/20: Corporate email
Per conference call today 4/23/20 thanks to everyone on the call. We are also reviewing a NYPD Shield report 4/20/20 and when we have a green light will post highlights on this page.
Selected Terms:
APWG: Anti Phishing Working Group
BEC: business email compromise
SSL: Secure sockets layer, standard security technology for establishing a encrypted link between a server and client (web site)
Saas: Software as a service
gTLD: Generic top level domains legacy, such as: .com, .org, .Asia, .biz
nTLD: New generic top level domains examples: .work, .icu
ccTLD: Country code domains examples: .UK, .MX
NCSA: National cyber security alliance
Spear phishing: email spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information
Whale phishing: is a specific type of phishing attack that targets high-profile employees in order to steal sensitive information from a company
Smishing phishing: criminals sending text messages via telephones
Viinishing phishing: is an actual telephone conversation
Angler phishing: Fake URL's, cloned web sites, social media etc.
Zoom, the video conferencing software maker learned a lot of lessons this past month as a result of legions of new visitors who stopped by and signed up as new customers. The software company literally exploded with new customers during Mid March 2020 as a result of the COVID -19. However a number of security incidents started happening and with that a fire hose of commentary poured into their email boxes, security blogs, conference calls and forums. Security professionals came on strong. One security practitioner commented that the right out of the box the default settings needed serious review and the general public was at the point of the spear - buyer beware. Waiting rooms, passwords, and many other enhancements all focused on security and reducing risk were heard from all quarters.
To the credit of Zoom, now known as that easy, cheap video conferencing software have made the changes to improve security (change to many of the default settings, like requiring password as a default for all meetings, establishing a waiting room so you can verify participants and sprinkling of the message not to share passwords, etc) and reduce the risks to many of its users. Zoom has taken it on the chin for many in this functional area: "Video Conferencing Brands" while the rest of the pack gets the opportunity to take another look at security. Zoom brought on a security professional and kinder days seem to be in the future. Zoom also has a HIPAA compliant application separate from what general users get to use. See the photo above for the last known update from Zoom. Zoom is growing and has been sending out improvements as they become available.
Video Conference Software:
Never Share Passwords
Keep Meeting ID’s Private
Make Use of Waiting Rooms
Here are some additional products for consideration:
GoToMeeting
Webex Teams
Skype for business
Google Hangouts
Join.Me LogMeIn
Amazon Chime
Microsoft Teams
Cisco Webex Meetings
Updox
Vsee
Zoom for healthcare
Spruce health care messenger
Apple Face Time
Doxy.me
Face Book Messenger Chat
Blue Jeans - recently purchased by Verizon
Check out each of these products and note well during a declared national emergency many if not all maybe used without compliance penalty. However, after the emergency is over please do use HIPPA compliant software. See shorturl.at/fijHL for future updates at U.S. H.H.S. dot gov.
Today 4/25/20 I reviewed an article from Dr Eric Cole, Secure Anchor Consulting. These are some of his thoughts:
Zooming now household
word
Due to pandemic
March/April 2020 video conferencing increases 1000 fold. "Zooming" takes on a life of its own for all brands of video conference calling software.
ZOOM BOMBING: DEFINED
Is where a person
joins into Zoom video conferencing calls uninvited and either 1.) listens in,
2.) gathers important info to use at a later time or 3.) become disruptive to
your meeting or event.
How do you protect a Zoom call?
Remember you
are a target, 2. Cyber security is your business, 3. Make sure your
software is up to date.
Make sure your computer
operating system is up to date
Make sure your Zoom app is
up to date and other apps as well
Make sure you are using
anti-virus software and its up to date
On a conference call today. Discussion of fat client verses thin client again for VT software (for the young at heart this seems to reoccur every 5-10 years), functionality services were discussed (I think more of what you are used to using drives the most favorite product discussion) and end to end encryption took place. Zoom came up and given that it is slowly improving its security posture some note it is moving into the "pack" of other VT implementations given that it will become less of a pick up and use utility because of security concerns. Those with more security concerns and less functionality can look here: https://www.infosecnews.org/national-security-agency-releases-guide-to-secure-video-conferencing
A few weeks ago there was a lot in the news about ZOOM Bombing.
So ZOOM took action and set up some default security to 'appease the masses'.
But here's the thing... they did too little, too late AND ZOOM meetings are
still being targeted.
It's not over! The adversary is still on the prowl and creating
havoc.
I recorded a quick video for you to share with your organization
to help keep the awareness around how to protect against ZOOM Bombing.
literally exploded with new customers during Mid March 2020 as a result of the COVID -19. However a number of 
