The Great Pretender
“Experts were once amateurs who kept practicing." - Amit Kalantri, author (Wealth of Words)
Welcome to the SecFraudOps Newsletter. Enjoy some links that Matt thought were interesting this week. If this is your first time reading, take a moment to subscribe as well!
Security and Fraud
Using feature flags for security
You may want to perform security testing before releasing features to your users. Feature management tools let security teams enable features for external security testers first. You can security “test in prod” without exposing your users to vulnerable code.
Feature flags are a great way for devs to control access to new features, do a soft launch of a feature, or do A/B testing… BUT NOW, think about them in the context of security. Being able to quickly change an experience in production for a high risk feature, or being able to allow a select group of your security team see something in advance is a great way to use flags for security.
Operation PANDORA shuts down 12 phone fraud call centres
In December 2023 a customer asked to withdraw over EUR 100 000 in cash, the bank teller grew suspicious and quickly learned the customer had fallen victim to a ‘fake police officer scam’. He informed the real police, which prevented the victim from handing the money over to the fraudsters. Surveillance was placed on the victim's phone line. Looking into this individual case, investigators soon realized that the telephone numbers used by the perpetrators could be linked to over 28 000 scam calls in only 48 hours.
I love seeing a take down, but the way this one starts warms my soul. A bank teller set off a chain reaction that resulted in 21 arrests and 39 total suspects. Well done front line!
Fun Zone
The REAL Great Pretender - Ferdinand Waldo Demara
Demara's impersonations included a civil engineer, a sheriff's deputy, an assistant prison warden, a doctor of applied psychology, a hospital orderly, a lawyer, a child-care expert, a Benedictine monk, a Trappist monk, a naval surgeon, an editor, a cancer researcher, and a teacher. One teaching job led to six months in prison.
One of the best social engineers wasn’t even in it for the money, nor did he study cybersecurity or fraud practices. He was just a great pretender and followed the next coolest thing he thought he could do. This man performed sucessful surgeries without training. It is insane!
Resources
Organized Crime and Corruption Reporting Project (OCCRP)
Awesome news and resources related to current events around crime.
New fraud news stories posted each day!
Career Links
FTC Announces Rule Banning Noncompetes
FTC’s final rule will generate over 8,500 new businesses each year, raise worker wages, lower health care costs, and boost innovation.
How to Demonstrate Your Strategic Thinking Skills
In order to advance in your career, you need to demonstrate them. Leaders want to know what you think, and they view your worthiness for promotion through the lens of how ready you are to make bigger decisions. Ask yourself: “Do people know where I stand?” If not, what do you need to do to bring your perspective to the table?
Bonus Links
Her co-defendant, Chuanhua “Hugh” Hu, 51, owned and operated a package shipping business located in the City of Industry. This company provided shipping services, including the shipping of packages via U.S. Mail, for China-based logistics businesses.
Inside America's romance scam epidemic
Romance scammers draining billions from people seeking love has evolved in sinister ways in the online age. CBS News goes inside this devastating epidemic unfolding largely in secret, following the journey of an Illinois woman seeking answers after her mother’s mysterious death.
[I think the title says it all. No caption needed.]