CALL US: 216-397-4080  | CLIENT HELP DESK: 216-539-3686

Thoughts From Abbott’s Inbox Oct. 13th, 2023

I’ll start off this week with the fact that we’re seeing a significant increase in the number of “payment redirection attacks” in recent days and weeks.  In the instances that we’ve seen first hand, an end user (“Company A”) receives (and has been expecting) an invoice from a known vendor/partner. With that invoice comes notification that “Company B” (the payee) has changed their bank routing information. In this type of attack, the hacker has compromised the email of Company B, watching and waiting for an invoice to be generated.

 

At that point, the hacker steps into the middle and creates an alarmingly high quality spoofed email and email account.  Their hope is that Company A doesn’t have a process in place when receiving information about updated bank routing. Assuming no process is in place and nobody at Company A takes the time to verify the change in Company B’s banking info, large sums of money (in the tens and hundreds of thousands) are then sent electronically to an unknown hacker, rather than to “Company B”.  I hope to have a better breakdown for you next week, but in the meantime, should you EVER receive any notification from a vendor/partner about a change in bank routing, call them to confirm.  This is what is called “trust but verify”.  A two minute phone call could save you a lot of money and a lot of agony.

 

I actually have an article about a similar scam linked below, along with the usual security updates, cyber protocols, running shoes, and real estate (and no, I still can’t figure out why our marketing software makes half of my links blue when they’re all supposed to be green).  Enjoy!

I’ll start this week with a great tribute to recently retired Indians manager Tito Francona. Glad I made it to his last home game last week, but he’s going to be a tough one to replace.  I’d love to see him go into the HoF with a Cleveland jersey on, but with two Series wins in Boston, I’m sure he’ll wearing Red Sox. If you don’t like baseball, you can scroll down for tower running, plogging, cookie hijacking, and more.

Something about ...

P2P Payment Hacking

I was only a few paragraphs into this piece about peer to peer payment (specfically, Zelle) hacking and I’d already come to the conclusion that the writer got what he deserved. The guy rubbed me the wrong way from the get-go, and I’m sure he’s the type that moved from the city to the country where he now thinks he’s better than everybody else.  Anyhow, it’s an interesting example of social engineering being used to swipe $30K from some unsuspecting (yet fully deserving of it) person.  And I loved the fact that he’s 100% positive that “the person who stole my money needs it more than I do.”

Legal Burdens

There are numerous legal burdens when effected by a data breach- from who you need to inform to how to make a ransomware payment (if you choose to do so).  This piece lists four items to consider, and I know first hand about ‘pre-incident controls’.  We often times review new clients cyber liability policies and the checklists they’ve filled out in acquiring these policies.  Many times, they’ve checked all the boxes, even though they have no clue as to which measures they do or don’t have.  Just checking the boxes is a great way to get yourself in a lot of trouble!

NIST

All of the cyber security measures that we implement for our own network as well as those of our clients are based on the National Institute of Standards and Technology (NIST) framework. As this piece states, “Its position allows it to build cybersecurity frameworks on scientific and non-biased points of view, but the agency cannot mandate organizations comply with its guidance. This allows for a fluid landscape as NIST continually looks for advancements, complexities, or changes in the threat landscape to bring into its framework of best practices.”  If you’re not already familiar with NIST guidelines for cyber, you should be.  And if you need help, Ashton can assist.  

Running Shoes

I’m not a runner.  Never have been, never will be. But I did work in a sporting goods store during college, and part of that was selling shoes.  My first week on the job, a customer came in and said he was looking for a size 16.  Thankfully, when I suggested the boat dealership down the street, he laughed.  Marathon world records continue to fall, and this past weekend, a Kenyan was :35 away from breaking the two hour mark.  As Mars Blackmon once said, “it’s gotta be the shoes

Real Estate

High rents got you down? If you want to move to San Francisco but are worried that you can’t afford the cost of living, fear not… Brownstone rents their ‘suites’ for $700/mo.  What a deal!

Friday the 13th

If you haven’t already realized it, today as Friday the 13th, the second and last one of 2023. According to my research, there are an average of 1.72 Friday the 13ths in any given year;  there must be at least one, and there can be no more than three. And for it to happen, a month must start on Sunday. Anyway, if you’re interested to know why Friday the 13th is such an ominous date for some, you can read this article from The Smithsonian.

Security Updates

There are lots of security updates this week, including Microsoft (Dynamics, SQL Server, Windows, Office, and plenty more)Citrix, and Fortinet.

Nancy's Nuggets

This week’s selections from Nancy suggest that she might be hinting at a vacation.  For any of you who’ve ever stood through the TSA lines at Orlando’s airport, you’ll know what an awful place that is.  MCO is actually the reason that we signed up for Global Entry a few years ago- to avoid two hour security lines!  But, if you want to go through that to spend your day shopping and dining at an airport, have at it.  Personally, I’d rather spend my free time on a Finnish island in the Baltic.  It can be yours at auction starting next week, and includes some really fancy Swedish mattresses and a ‘yoga yurt’.  Wouldn’t that just be a yogurt?

It doesn’t look like there are any McRibs available in London, but if all goes as planned, you’ll be able to tour underground spy tunnels originally used in WWII.  I’m betting that those tunnels were the basis for this scene from James Bond’s Skyfall

Thanks to our buddy Kurt Nelson at Business Network Team for a couple of this week’s articles.  In return for content, he’s getting a couple of stainless steel Ashton wine tumblers for his bar.  Feel free to send me your thoughts for my “Thoughts” if you need some Ashton swag.  

 

It looks like a crummy fall weekend, unlike the past couple.  On top of bad weather, the Browns are off of their bye week and half the team is hurt (even if they’ve been “medically cleared”).  San Fran might put 100 on us.  At least we have the Buckeyes to look forward to on Saturday.

 

Have a great weekend, and trust but verify!

Have a great weekend!

Abbey

Related Posts