5 Years of SecFraudOps: Reflection + Growth
Five Years Later, Still Learning in Public
Welcome to the SecFraudOps Newsletter. Enjoy some links that Matt thought were interesting this week. If this is your first time reading, take a moment to subscribe as well!
“Change is the law of life. And those who look only to the past or present are certain to miss the future.” — John F. Kennedy
Reflecting on 5 Years
Tomorrow, April 1st, marks 5 years of public access for the SecFraudOps Newsletter. Thank you so much for being here with me! You are one of 400 current subscribers. That means there are a lot of fraud, cyber fraud and security professionals that are missing out on this content. Please take a moment to share this newsletter with a friend!
To be honest, I started this newsletter for myself. I wanted to keep up on industry trends and keep connected with some colleagues through sharing what I was reading. I’m glad you found some value too! Feel free to leave a comment on what you like best, or what you wish you’d see more of!
And now on to our regularly scheduled content…
Security and Fraud
India Has A Money Mule Problem – There Are 2.5 Million Of Them
Imagine opening a bank account for a small fee and then turning it over to a complete stranger to move money through it? Well, that’s become a big social trend in India as scams soar.
This happens in the sates too! While most of the folks selling their bank accounts don’t understand what the use will be for, I still treat them as witting mules. If you don’t have models looking for an account hand off (especially in the first 60 days), you should look into it. At the very least, look for device or contact info changes.
What Your Bluetooth Devices Reveal About You
Building Bluehood, a Bluetooth scanner that reveals what information we leak just by having Bluetooth enabled on our devices.
What would happen if you monitored the bluetooth devices around you? Not yours, but others… Well, you might find out that Bob always drops off your Amazon packages, or you pass Sally by the coffee shop fairly frequently. Maybe your devices are saying a lot about you to others as well!
Fun Breakdown Zone
Federal cyber experts called Microsoft’s cloud a “pile of shit,” approved it anyway
The tech giant’s “lack of proper detailed security documentation” left reviewers with a “lack of confidence in assessing the system’s overall security posture,” according to an internal government report reviewed by ProPublica. Or, as one member of the team put it: “The package is a pile of shit.”
It’s a staggering reality. Most companies (or governments in this case), are left with very little options when it comes to 3rd party security. There is no negotiating best practices with vendors that are big enough. And if the US government doesn’t have pull to make Microsoft better, no one does. This isn’t a security breakdown, its a community breakdown.
AI Resources
AI Security Board Report Template
This free, editable board report template helps CISOs and security leaders communicate AI risk, posture, and priorities in a way the board understands, using real metrics, risk narratives, and strategic framing.
Privacy and Data Protection in AI Systems
[See] five techniques in which AI is used to develop or extend red teaming approaches for privacy and data protection in AI systems.
Agent Skills are the New Packages of AI: It’s Time to Manage Them Securely
Organizations need clear visibility into what skills are being used, where they come from, and whether they can be trusted. Without that, scaling agents safely becomes exceedingly difficult, bordering on impossible.
Career Links
[Oops, got carried away with AI and War based intel this week]
Bonus War Links
Zelensky: Russia providing Iran with Shahed drones used against US bases
President Trump, in an interview that aired Thursday, said Russian President Vladimir Putin “might” be helping Iran with its military operations against the U.S. … [of note] The U.S. recently temporarily removed sanctions against Russian oil.
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran’s time zone or have Farsi set as the default language.
Poland faced a surge in cyberattacks in 2025, including a major assault on the energy sector
Poland experienced 2½ times more cyberattacks in 2025 compared to the previous year, and the numbers are constantly rising, a government official said Tuesday. The attacks included a destructive infiltration of the country’s energy system in December that was believed to be unprecedented among NATO and European Union members, and was suspected of originating in Russia.