Virtual Summit Headlined by USSS, Highlighting Protective Actions Taken In Developing Cyber Hygiene for Organizations

OMAHA, NEBRASKA– JULY 8, 2021 Data Connectors, representing the largest cybersecurity community in North America, continues its industry-leading live Virtual Summits in the Great Plains region on Thursday, July 15.

The 2021 Great Plains Virtual Cybersecurity Summit provides senior executives in the area education regarding new solutions, as well as the latest updates and challenges in the industry. This summit will feature some of the region’s most preeminent security experts, including Special Agent in Charge Joe Scargill of the Minneapolis Field Office of the US Secret Service.

Scargill will be covering the idea of “protective advance” — the proactive and preventative work done by Secret Service teams in order to preserve the security of the people they protect.  This includes planning, practice, and exercises that represent good cyber hygiene to prevent attacks.

“The Secret Service’s expertise in cyber capabilities enhances the agency’s ability to carry out both an evolving investigative mission, and its more familiar mandate to protect our nation’s highest elected leaders,” said Agent Scargill. “The key to developing seasoned and exceptional protective agents includes the fundamental skills that are developed and refined through their work as Secret Service investigators. The training and experience that Secret Service special agents develop by conducting complex financial investigations sharpens the skill set they need to rapidly design and implement complex protective and security plans.”

The Summit will also feature live virtual exhibits and informative presentations from cybersecurity solution providers, as well as live, topical expert panels fielded by leading subject-matter experts. At the Summit, industry experts will dive into topics around ransomware, zero trust, user security, and the key trends on which Chief Information Security Officers (CISOs) should most concern themselves in the months ahead.

The Virtual Summit will also feature a live, interactive panel discussion, with some of the top CISOs from organizations throughout the region:

• Norm Kromberg, Vice President Information Security / CISO, SouthernCarlson
• Jonathan Kimmitt, CISO, The University of Tulsa
• William Pulte, CIO, Educational Service Unit 3
• Steven Ramirez, CISO, UofL Health
• Michelle Vercellino, CIO and EVP of Operations & Insights, IMA Financial Group

Attendees will ask questions and interact online with the CISOs, as well as each other and the organizations who will feature their solutions at the event. Featured solutions providers at this summit include CrowdStrike, Pure Storage, Cisco, Okta and many more.

The Summit will take place on Thursday, July 15 starting at 8:00 a.m. CT.  Registration is free for qualified professionals, who can also obtain Continuing Professional Education (CPE) credits for participation.

More information for the Summit can be found at dataconnectors.com/greatplains.

As a preview of the summit, Agent Scargill will speak live today via LinkedIn. Details of the Cybersecurity “Protective Advance”: Data Connectors LinkedIn Live Briefing can be found at https://www.linkedin.com/company/dataconnectors/posts/

Cybersecurity Leaders Seek Solutions for Ra …

Press Releases Posted by Jen Greco on Jul 8, 2021

The White House’s Executive Order, “Executive Order on Improving the Nation’s Cybersecurity,” pushed in May of this year, included phrases and concepts that many cybersecurity professionals have been aware of for years. However, one of the biggest embraces from the federal order was in that of Zero Trust.

Namely, during the migration into cloud technology, the executive branch called upon federal agencies to adopt Zero Trust architecture, and tasked the Cybersecurity and Infrastructure and Security Agency with implementing and modernizing all cloud-computing environments with Zero Trust architecture.

In its definitions section, the White House described Zero Trust Architecture as:

“ … A security model, a set of system design principles, and a coordinated cybersecurity and system management strategy based on an acknowledgement that threats exist both inside and outside traditional network boundaries.  The Zero Trust security model eliminates implicit trust in any one element, node, or service and instead requires continuous verification of the operational picture via real-time information from multiple sources to determine access and other system responses.”

But as most cybersecurity professionals will tell you, Zero Trust is a highly complex concept that unifies various parts of the security infrastructure – and even a seasoned pro can find it overwhelming to take on a zero-trust architecture.

LIVE DISCUSSION: Join the Great Plains Virtual Cybersecurity Summit and submit your Zero Trust questions for our expert panel on this topic, happening on July 15 at 3:25 p.m.

One industry expert on this topic, Okta, has published a white paper explaining the ins and outs of laying the groundwork for your organization, titled “Getting Started with Zero Trust.”

According to the paper, Zero Trust was developed by Forrester Research Analyst Jon Kindervag in 2009, which did away with the notion of a trusted internal network and an untrusted external network – think, “castles and moats.” The Zero Trust model asserts three major principles:

• All resources must be accessed in a secure manner, regardless of location;
• Access control is on a need-to-know basis and is strictly enforced;
• Organizations must inspect and log all traffic to verify users are doing the right thing.

Okta, a Data Connectors Community Partner, has established the major steps necessary for getting started on Zero Trust. The foundation, they suggest, is to make identity the foundation for the architecture.

“Put simply, the core principle of Zero Trust is to ‘never trust, always verify.’ This ensures the right people have the right level of access, to the right level of resources, in the right context, and that eccess is assessed continuously – all without adding friction for the user,” according to the white paper.

To review the stages of development, refer to “Getting Started with Zero Trust,” and learn more about how Okta and other Data Connectors Community Partners suggests navigating this terrain at the Great Plains Virtual Cybersecurity Summit on July 15.

Breaking Down Zero Trust: Implementation Be …

Hot Topics in Cybersecurity Posted by Jen Greco on Jul 6, 2021

As it turns out, lightning does strike twice in the same place. Early adopters of LinkedIn will remember the 2012 hack that saw 6.5 million usernames and passwords leaked by Russian cybercriminals. And now, roughly 92% of the professional networking site’s user information has been compromised.

That’s 700 million users whose personal information has been scraped and posted for sale on the dark web. That data includes:

• Email Addresses
• Full names
• Phone numbers
• Physical addresses
• Geolocation records
• LinkedIn username and profile URL
• Personal and professional experience/background
• Genders
• Other social media accounts and usernames

Passwords and personal banking information were spared from this data leak, and, as the MalwareBytes Labs team mentions in their blog post on this topic, it is not a breach, but a result of a scrape, the compromise opens up users to a variety of identity theft scams.

In a statement given to Privacy Shark from Leonna Spilman, who spoke on behalf of LinkedIn, the company claims it’s not exactly a “breach”: “While we’re still investigating this issue, our initial analysis indicates that the dataset includes information scraped from LinkedIn as well as information obtained from other sources. This was not a LinkedIn data breach and our investigation has determined that no private LinkedIn member data was exposed. Scraping data from LinkedIn is a violation of our Terms of Service and we are constantly working to ensure our members’ privacy is protected.”

MalwareBytes, a Data Connectors Community Partner, offered solid advice on how to handle a breach like this, which really doesn’t offer much personal information.

First, the team suggested auditing and updating your LinkedIn profile, and ensure that its contents are all things you’d want seen publicly. After all, a leak like this will open you up to SMS, email and robocall scams.

Next, like all cybersecurity professionals likely already do – enable two-factor authentication. And get an idea of where your email and phone numbers have already been published on a site like HaveIBeenPwned.com.

92% of LinkedIn Users Information Scraped

Hot Topics in Cybersecurity Posted by Jen Greco on Jun 30, 2021

Following the unprecedented challenges handled by CISOs across the nation amidst the pandemic, one key cybersecurity phrase stood out among the rest: Zero Trust. Now that we’re living in the world of the “everywhere workplace,” the security requirements and expectations have changed dramatically over the last 16 months.

And though the work landscape has forever changed, cybersecurity experts and executives are constantly finding ways to improve and adapt a sensible zero-trust architecture that works for their organizations. As hybrid workers utilize a hybrid cloud environment, things have gotten more complicated than before.

With Gartner’s introduction of the Continuous Adaptive Risk and Trust Assessment (CARTA) approach in 2017, cybersecurity executives were guided toward zero trust, but application styles have varied since the inception. As our work environments become more complicated, it’s important to evaluate how that’s all working in your organization.

Gain insight and join an exclusive, 90-minute session tailored toward informing you better about the best approach to zero trust. This format — the CyberConnect Web Briefing — includes an overview of the CARTA approach to zero-trust access, a CISO panel discussion, plus a live Q&A.

DATE: Tuesday, June 29, 2021
TIME: 2 p.m. ET

Register to gain access.

Join the cross-industry CISO panel as they discuss their experiences working through implementation and management of VPNs, Secure Access Service Edge (SASE), Software-Defined Perimeter (SDP) and more. The experts joining the moderated discussion include:

• Steven Ramirez, CISO, UofL Health
• Rajiv Das, Principal, Plante Moran
• Brett Conlon, CISO, Edelman Financial Services
• John Frushour, D-CISO, New York-Presbyterian Hospital
• Mike Riemer, Global VP, Office of the CTO, Ivanti
• EJ Hilbert, Former FBI Agent & Founder, KCECyber.com

These Web Briefings offer a unique opportunity to engage with industry experts,  which includes a live Q&A session with an interactive chat panel. This Web Briefing, sponsored by Ivanti, qualifies for CPE credit upon completion.

The CARTA Approach to Zero-Trust Access

Hot Topics in Cybersecurity Posted by Jen Greco on Jun 25, 2021

Headlined by Florida’s top officials, including a welcome address from Lt. Gov. Jeannette Nuñez, a message from Miami Mayor Francis Suarez, and a live keynote with CIO Jamie Grant, the Florida & Caribbean Virtual Cybersecurity Summit was deeply insightful and offered the hundreds of IT professionals in attendance.

Here are a few of the highlights, in case you missed it

CIO Grant Keynote: 

As a legislator, Jamie Grant pushed a bill that created the Florida Digital Service. Upon his August 2020 appointment to Chief of Information under Gov. Ron DeSantis, he was put in charge of the Florida Digital Service. And in his post, he’s been working on transforming the way Florida is run from a technology perspective.

“I think the next frontier of government reform is everything we’re talking about here in the Digital Service; how we deliver data-driven government so that you can get out of the political noise and the qualitative and conclusive statements and get straight to math, to show a dollar spent here has X impact versus Y impact,” Grant said.

In his keynote and live Q&A session, Grant offered his plans and anecdotes for the state’s cybersecurity posture. Grant’s mission is to move policy forward with the Digital Service’s rule-making authority, with the ability to focus on “The Five Rules” — project oversight, cybersecurity, the state data center, cloud-first and enterprise architecture.

“We’re going to do policy the same way I would write software … it’s going to be interactive, it’s going to be agile, and it’s going to be perpetual. There is no finish there,” Grant said.

CISO Panel:

Our panel of CISOs from across Florida and the Caribbean talked about digital nomads, and the shift of the workforce out of the office and into everywhere else in the world — and what that means for organizational security.

“BYOD is inevitable as we move more toward a SASE model and cloud-based applications,” said Jim Routh, former CISO at Virsec. “More and more virtual micro-segmentation technologies and capabilities are maturing … We’ll see a lot of using your own device, but making sure your session is a unique, controlled session where there’s no data exchange.”

They also dove deep into ransomware — a hot topic following the Colonial Pipeline and the JBS attacks. Particularly, whether or not having cyber insurance actually brings on cyber attacks — and the new requirements of cyber insurance companies as more and more ransoms are being paid.

“They’re putting in terms and conditions during renewals — and they had a very long checklist of required security controls that we had to have in place,” said Kate Mullin, CISO for Healthmap Solutions. “We’re now proactively looking at what additional controls we need to implement in advance of the requirements they’re going to build in next year.”

The panel of five CISOs also dished out their best tips on how to succeed in cybersecurity.

“I was working in customer service for an internet service provider, and I was noticing how easy it is to see all the customers’ information — their credit cards and their addresses that we had in our databases,” said Perla Rolon, CIO for the Retirement System at the University of Puerto Rico. After getting an email from a teenage hacker, letting the organization know about their security flaws, Rolon felt the spark for security leadership. “That’s when I learned that I needed to do something about it.”

Upcoming Events:

The Data Connectors team will be back in Florida on November 9-10 for our Miami Cybersecurity Conference. Stay tuned for additional details about this live, in-person experience.

Next week, Data Connectors will be hosting the Capital Region Virtual Cybersecurity Summit. This two-day online event kicks off on June 23, and will also include the US  Secret Service’s Global Investigative Operations Center’s Romance Scams Symposium.  Register today to ensure your spot.

What You Missed: Florida Caribbean Virtual …

Virtual Events Posted by Jen Greco on Jun 17, 2021

Data Connectors Capital Regional Virtual Cybersecurity Summit to Host USSS Global Investigative Operations Center 

WASHINGTON, D.C. – JUNE 17, 2021 Data Connectors, representing the largest cybersecurity community in North America, will be hosting the US Secret Service’s Global Investigative Operations Center’s (GIOC) Romance Scam Symposium at the Capital Region Virtual Cybersecurity Summit on June 24.

This symposium will draw attention to the record-breaking cash spent in romance scams in 2020; the Federal Trade Commission stated that $304 million was spent last year and nearly $1 billion in the last five years.

For the Secret Service’s GIOC, raising awareness of romance scams is a crucial part of fighting them. Their primary mission in hosting this joint symposium is to shine a light on the massive impact on both the victims and on our country.

“The Secret Service and our many partners across both the private and governmental sectors, work diligently to protect our citizens from criminals who would seek to enrich themselves by extorting the most vulnerable in our society” said Stephen Dougherty, Forensic Financial Analyst for the Secret Service. “These scammers should know that their actions carry real consequences, both for their victims and for themselves, and that there are dedicated agents, analysts and prosecutors who will go above and beyond to find them, identify them and hold them accountable for their crimes.”

This event will feature speakers from the Secret Service, AARP, Lincoln Financial and Agari.

“The cost of romance scams are two-fold  — of course you consider the financial toll on the victims, but there is also a tremendous emotional impact. These criminals are growing trust with vulnerable people, getting their banking passwords and using them for the most nefarious purposes,” said Amy Nofziger of AARP. “And while this is growing in numbers across demographics, retired Americans are among the most common victims of these crimes.”

Leading up to this symposium is the Capital Region Virtual Cybersecurity Summit, which will take place on Wednesday and Thursday, June 23-24, which provides senior executives in the area education regarding new solutions, as well as the latest updates and challenges in the  industry. Leaders from law enforcement agencies team with Chief Information Security Officers (CISOs) from the private sector to offer industry-leading presentations and discussions.

Attendees will ask questions and interact online with the CISOs, as well as each other and the organizations who will feature their solutions at the event. Featured solutions providers at this summit include Cisco, Cloudflare, Proofpoint, Attivo Networks, ActZero and Auth0 and many more.

The Summit will take place over two days, Wednesday and Thursday, June 23-24 at 8:00 a.m. ET on both days, with the GIOC Symposium on the 24th starting at 2 p.m. Registration is free for qualified professionals, who can also obtain Continuing Professional Education (CPE) credits for participation.

More information can be found at dataconnectors.com/romance

About Data Connectors
Since 1999, Data Connectors (dataconnectors.com) has facilitated collaboration between senior cybersecurity professionals, government/law enforcement agencies, industry luminaries, and solution providers. Today, the community comprises over 650,000 members and 250 active vendor partners across North America. Members enjoy informative education, networking and support via our award-winning Virtual Summits, live conferences, Web Briefings, and regular communications.

Secret Service Romance Scam Symposium to Hi …

Press Releases Posted by Jen Greco on Jun 17, 2021

The housing market has been piping hot in some pockets of the country, and for those who aren’t taking on a new mortgage, many are jumping on the historically low interest rates to refinance their existing mortgage.

Taking on a jumbo loan is a major commitment; you wonder if you can afford the payments each month or worry about what happens if you fall ill or lose your job. But what many people don’t consider is the cybersecurity risks involved.

Mortgage payoff fraud is the topic of a recent alert from the Secret Service’s Global Investigative Operations Center. The Secret Service highlighted a sharp spike in fraud “targeting wire transfers related to real estate sales and mortgages.”

While mortgages are (legitimately) paid off annually by the millions, cybercriminals are spoofing real mortgage lenders, creating false or fictitious mortgage payoff statements, and sending them to title companies who are responsible for administering payment. The criminals change bank account information, and the title companies follow the given wiring instructions and send the cash to the scammers, not the lender, according to the Secret Service.

The alert from the USS offers some tips on how to prevent this type of fraud for financial organizations. Some of these tips* include:

• Update policies and procedures to ensure proper verification of information before releasing funds.
• Independently obtain mortgage payoff statements and confirm with verified and trusted sources.
• Independently verify the authenticity of information included in correspondence and statement.
• Do not rely on third-parties, such as mortgagors or other transaction participant, for information.
• Restrict wire transfers to known and previously verified accounts.
• Pay using checks when the information cannot be independently verified.
• Have a clear and detailed Incident Response Plan.

(*Tips courtesy of the USSS GIOC)

Have you found any instances of fraud or been a victim of a similar crime? Reach out to your USSS Cyber Fraud Task Force to report any incidents.

GIOC Warns Financial Organizations on Mortg …

Hot Topics in Cybersecurity Posted by Jen Greco on Jun 15, 2021

This post is for our Data Connectors Community Partners, who work hard to design their own virtual booths to showcase their extensive offerings at the Virtual Cybersecurity Summits. If your organization is interested in becoming a Community Partner, please contact info@dataconnectors.com.  Keep following the blog for more updates on our virtual platform, plus best practices for participation on all of our events.

Have questions? Contact post author Leila Nathaniel to set up a meeting on developing a successful Virtual Summit strategy.

As your very merry booth wizard, I’m pleased to present some of the great new features we’ve implemented into the Virtual Exhibit Booths for our Cybersecurity Summits. In an effort to improve everyone’s experience, whether an attendee, a vendor partner, a speaker, or a fellow industry professional, we have worked hard to augment  the Virtual Summit Environment  to help ensure the highest quality event and peer-to-peer networking.

Having run over 50 Virtual Summits since April 2020, the Data Connectors team have become experts in making online events work for our North American Community.  Many of the updates summit over summit come from attendee suggestions, survey feedback, and a relentless focus on improving the user experience. Here is some of the latest:

Booth Presence (Group Meetings)

This super-cool new feature allows exhibitors to have a consistent booth presence via a group video chat within the platform. Upon entering a Virtual Exhibit booth utilizing this feature, attendees can enter a voice or video chat session that is just as if they walked up to a live exhibit at a conference.  They will be able to see/hear and talk with the exhibitor, as well as others who are in the booth at that time.

A dozen or more people can be in the booth chat at the same time,  Each group meeting will display the profile image of each attendee in the meeting, so everyone on the chat knows who’s there.

Booth Analytics

Virtual Summits give us the opportunity to provide more robust analytics and data than ever before. The Virtual Summit Platform is to in-person Conferences what Peloton is to cycling: an experience that can be just as rewarding, and offer a lot more data!  Detailed analysis of booth traffic enables partners to cater responses to visitors, understanding what materials piqued their interest the most, and providing an opportunity for thoughtful, bespoke follow-up after the summit.

At the same time, partners can understand their traffic compared to others in their category, and give them clues on how to improve audience engagement throughout the event.

One-On-One Meetings

Miss connecting with peers? Want to meet with someone at the summit? Set up a one-on-one meeting. Using the calendar within the platform you can set up times you are available to meet and attendees can select an open time block from your calendar. Once in the meeting you can have a live video chat, present your screen, answer questions live and even invite other team members to the meeting.

When a meeting is scheduled for a later date and time, it will be added to your agenda view and an email will be sent as a reminder. All you need to do is click on the link in your email or in your profile, and you’ll be able to join. No need to download yet another app or program – everything is built into the platform.

User Interface Improvements

We’re all stuck with the same challenge – with so much happening and available on screen, how do you stay  focused within the environment? With the rest of the world a click away how do you put forth the best information within the platform to keep everyone engaged? iFrame it! We have worked with the platform creators to optimize custom HTML iFrames to look and perform great while remaining in your virtual exhibit booth. For example, got a Calendly or HubSpot link to schedule meetings? Set it up as an iFrame!  Same thing with blog posts, specialized downloads, and more. Keep attendees in your booth, chatting and engaged, while showing off your best assets and resources.

Level-Up Your Resources

Want to show off your spot in the latest MQ? New Wave report looking sharp? Those key resources are favorites for the Community, and we will highlight them at each Summit with special broadcast messages for the entire audience. Broadcasts include direct links to those materials, and partners are provided with details on which attendees were most engaged with their documents.

Mobile & Tablet Views

As attendees tire from their monitors – the Virtual Summit Environment has continually improved its mobile interface. The mobile landscape and portrait views stack panels, and the tablet landscape and portrait views now mimic the desktop experience.

Many more new features are in process. Keep an eye out for regular updates here. Want to maximize audience engagement in your virtual event booth? Book a meeting with me for a full review.

Virtual Exhibit Booth Improvements: New Fea …

Virtual Events Posted by Jen Greco on Jun 10, 2021

Just last weekend, the healthcare arm of the University of Florida, known within the state as UF Health, resorted to using paper records and shut down email access following unusual activity in its computer systems.

The Southeast saw a bump in gas prices and was faced with widespread shortages last month following the Colonial Pipeline hack, slowing traffic through the region.

A water treatment plant in Oldsmar, FL, in Pinellas County, was hacked in February – wherein a hacker was able to adjust the level of lye in the water system.

These instances took place only in the last five months – and it’s left local lawmakers working overtime to help avoid future attacks and mitigate inevitable breaches. Last week, Florida Gov. Ron DeSantis signed a budget that includes a $37 million spend on cybersecurity.

According to reporting from StateScoop, this is including investments in improving security around industrial controls, identity management, adding government websites to a .gov domain, and the development of a cybersecurity operations center. This keeps with the recommendations of the Cybersecurity Task Force, lead by Lt. Gov. Jeannette Nunez.

The budget includes funding for more full-time employees to the Florida Digital Service, headed by CIO James Grant, the featured Keynote Speaker at the Florida & Caribbean Virtual Cybersecurity Summit.

StateScoop breaks down the state’s budget to include the following cyber-related line items:

• $31 million to implement Task Force recommendations
• $4.3 million for security event-management software and services
• $4 million for vulnerability management
• $3.2 million for statewide inventory of cybersecurity assets
• $3.2 million for a cybersecurity operations center
• $6.5 million for the Florida Center for Cybersecurity at the University of South Florida

In January, upon announcing the planned budget, Grant celebrated the dedication to cybersecurity and improving the state’s critical infrastructure.

“As a result of the unwavering support of Governor DeSantis and Lt. Governor Nuñez, the Florida Leads budget includes first-of-its-kind investments in cybersecurity and emerging technologies, furthering our ability to secure the state’s digital assets and transform how we serve Floridians.” Grant said in the January 28 press release.

Learn more about the state’s plans to expand its cyber infrastructure at the Florida & Caribbean Virtual Cybersecurity Summit, featuring Lt. Gov. Nuñez, CIO Grant and Miami Mayor Francis Suarez. Register today to guarantee your spot.

Also, don’t miss CIO Grant answering 10 Key Questions for the State of Cyber in Florida during a LinkedIn Live Session on June 10 at 12:30 p.m.

Florida Leading in Statewide Cybersecurity …

Hot Topics in Cybersecurity Posted by Jen Greco on Jun 9, 2021

Ever feel like you’re looking for love in all the wrong places? The Secret Service has some stories for you that’ll get your heart beating faster. Welcome to the heartbreaking world of romance scams.

Now, when you think of romance scams, think outside of the “catfish” box, where someone you meet online is sending you 5-year-old photos, less those extra pandemic pounds. This is far more involved and complicated — involving large sums of cash, and elaborate stories regarding why that cash can only be sent via a very specific way.

THE COSTS

And let’s not bury the lead here — there were more than 30,000 romance scams in 2020, which has added up to a $304 million loss, according to the Federal Trade Commission. This is a record high — more than 50% more than in 2019. In the last five years, there’s been more than $1 billion lost. 

Some other major highlights in 2020 romance scams, from the FTC report include:

• The individual median dollar loss was $2500.
• There was a 70% increase in the scammers asking for gift cards.
• Younger people from ages 20-29 saw a stark increase in romance scams — more than doubling since 2019.
• People aged 40-69 were the most likely to report these scams and their cash loss.
• Those in the 70+ demographic shelled out the most cash — with median individual losses of $9,475.

THE VICTIMS

Who falls victim to these types of online scams? According to the Secret Service, these victims are both male and female, often older and struggling in relationships or are emotionally vulnerable. Of course, the best targets are those who are affluent “valuable targets.” And regardless of educational status or social standing, anyone can be a victim. 

These scammers work hard to choose their marks; they’re looking on social media for indicators of challenging relationship situations (i.e., changing your Facebook relationship status to “Divorced” or “Widowed”). By astutely following their marks and getting to know their personalities, the scammers are able to easily endear themselves to the victims and establish a trusting relationship — often behind the guise of a fake profile and persona.  

But these criminals are not just looking to break hearts, they’re looking for cash. More than that — they’re looking for money mules, often luring victims into illegal activities. 

According to the Secret Service: “The intimate and personal information victims often provide can then be used for identity fraud and financial account takeover schemes, among others. Scammers may even convert their victims into unwitting criminals by convincing them to launder and move fraudulent funds, which the victim is then liable for both financially and potentially criminally.”

These scammers consistently play their victims into believing they’re simply unable to meet, as if some victims of circumstance. In keeping with the theme of 2020, the classic excuse for not being able to meet their partners in real life was a positive COVID test, according to the FTC. 

THE IMPACT

Regardless of your relationship status, you’ll likely be surprised to find that these scams can actually affect you. That’s because this kind of fraud acts as the entryway into Business Email Compromise (BEC). 

Data Connectors community partner Agari posted a blog post on this topic, and this harrowing connection between these bad romances and BEC. The post shows the relationship between these two indiscrete scams:

“During a BEC engagement, cybercriminals often use romance mules as human proxies to send money from point A to point B. In order to steal money, romance and BEC scammers will often collaborate in order to make use of stolen romance victim account information,” according to the post. 

Basically, people do things for love that they normally wouldn’t, like sharing banking passwords and sending large sums of cash. In the post, written by Ronnie Tokazowski of Agari, he tells the story of one victim, who went so far as to share access to her personal retirement account to her “partner” — whom she didn’t realize was a member of the Scattered Canary cyber crime ring. Instead, she ignored the red flags for her hope that the relationship was genuine.

LEARN MORE

Join the US Secret Service’s Global Investigative Operations Center Romance Scam Symposium, during the Capital Region Virtual Cybersecurity Summit on Thursday, June 24 at 2 p.m. Register for the Virtual Summit to ensure your seat at this exclusive event, featuring the following sessions and speakers:

• USSS Perspective on Romance/Confidence Scams by FA Stephen Dougherty
• Cybersecurity & The Private Sector Perspective by Ronnie Tokazowski, Agari
• Financial Industry Perspective by Kenneth Elder, Lincoln Financial
• AARP Perspective by AARP Representative Amy Nofziger

The session will also include a live Q&A session with these experts. 

When Love Hurts (Your Wallet): Understandin …

Hot Topics in Cybersecurity Posted by Jen Greco on Jun 1, 2021