Avanze’s Post

🚨 Alert: Rising Wire and ACH Fraud in the Transportation Safety & Construction Industry🚨 In recent months, there has been a noticeable increase in sophisticated wire and ACH fraud schemes targeting businesses in the transportation safety industry, and likely across many construction sectors. The fraud typically occurs when a criminal gains access to email communications and monitors discussions involving high-value sales transactions. Once a payee is identified, the criminal creates a nearly identical email address—often changing just one letter or symbol (e.g., replacing "O" with "0")—to impersonate the payee. Here's how the scam unfolds: 1. The criminal engages in the conversation, posing as the payee, and mimics the email signature. 2. They notify the payer of a "change" in banking information for the ACH payment. 3. The unsuspecting payer transfers the funds to the criminal’s account, and the criminal disappears, closing the fraudulent account. This scam is particularly targeting large-value transactions and is a growing threat in our industry. To avoid falling victim to this, here are a few countermeasures: 🔒 Countermeasures: 1. Always Verify Bank Details Verbally: Confirm any changes to banking information directly over the phone using a known contact number before proceeding with the transfer. 2. Implement Dual Authentication: Require a second form of verification for any payment changes or high-value transactions. 3. Use Strong Email Security Practices: Enable multi-factor authentication on all email accounts, and ensure encryption of sensitive communications. 4. Look for Red Flags: Watch for slight variations in email addresses, especially after receiving unexpected payment change requests. Stay vigilant and protect your business from these growing threats! #Construction #TransportationSafety #FraudPrevention #WireFraud #ACHScam #Cybersecurity

PSA from Curated Cyber!   Important Actions to Take After Your Personal Data Has Been Exposed in a Data Breach   In response to recent data breaches, it is crucial to remain vigilant and proactive in protecting your personal information. Here are the key steps you should take:   Monitor Accounts Regularly: Regularly review bank statements and obtain free credit reports to identify any suspicious activity. You can get a free credit report at https://lnkd.in/djkiqcg.   Be Cautious of Emails: Do not click on links or enter personal information in emails, even if they appear to be from a legitimate source. Go directly to the company's website to log in.   Consider a Security Freeze: A security freeze restricts access to your credit report, making it harder for criminals to open new accounts in your name. However, it may also delay your ability to get credit. To place a security freeze, contact all three major credit reporting agencies listed below: Equifax: 1-888-298-0045, https://lnkd.in/gaaNq664 Experian: 1-888-397-3742, https://lnkd.in/dciFbfF TransUnion: 1-800-916-8800, https://lnkd.in/dQBJD-C   Place a Fraud Alert: A fraud alert warns creditors to take extra steps to verify your identity before opening new lines of credit. An initial alert lasts one year, while an extended alert (if you are a victim of identity theft) lasts seven years. To place a fraud alert, contact any one of the agencies listed below. The agency you contact will then contact the other two credit agencies: Equifax: 1-800-525-6285, https://lnkd.in/gUxAYCVU services/credit-fraud-alerts/services/credit-fraud-alerts/ Experian: 1-888-397-3742, https://lnkd.in/dmeAKKG TransUnion: 1-800-680-7289, https://lnkd.in/dJTHKWCg   Report Identity Theft: If you suspect identity theft, file a report with your local law enforcement and the Federal Trade Commission (https://lnkd.in/gZzU7gY6). You can also contact the FTC at 1-877-IDTHEFT (438-4338) to learn more.

Remember the major AT&T data breach that just happened? The road to recovery and mitigation may require more sophistication than mere credit monitoring services. Let's dive in. 🚨 🔒 Credit Freezes versus Monitoring Experts are emphasizing the importance of a credit freeze over mere credit monitoring. A credit freeze halts any attempt to exploit a consumer's credit information by preventing new creditors from accessing credit reports. This tool is hailed as a fundamental defense mechanism against identity theft, ensuring that consumers' information remains inaccessible to unauthorized users. While credit monitoring allows individuals to keep an eye on their credit score and identify potential fraud, it is essentially reactive, only alerting users after their data has been compromised. "It’s not going to stop you from being impacted, it just notifies you," said John Dwyer of Binary Defense. 🔎 Fraud Alerts AT&T's response to the breach includes offering fraud alerts alongside credit monitoring services. Fraud alerts serve as a middle ground, requiring lenders to verify an applicant's identity before extending credit. While this adds a layer of protection, the effectiveness of the verification process remains a concern for experts who view a credit freeze as a more reliable barrier against fraud. The data breach, affecting millions of AT&T's current and former customers, underscores the critical need for robust protective measures in the digital age. We as consumers need a multi-faceted approach to safeguarding financial health. 🛡️ AT&T's breach serves as a stark reminder of the vulnerabilities inherent in digital data management. #DataBreach #CyberSecurity #CreditFreeze #FinancialProtection #IdentityTheft https://lnkd.in/etimXUwc

While we are enjoying #LegalWeek24 in #NY, here is the latest…The New York attorney general sued Citibank over its alleged failure to protect consumers from scammers. Banks play a crucial role in safeguarding their customers' financial information and assets, not to mention, banks are subject to various regulations and laws governing the protection of customer information and financial transactions. #Cybercriminals continually evolve their methods, and banks need to stay ahead to prevent #fraud. Implementing strong #security measures helps mitigate the risk of unauthorized access, fraudulent transactions, and other types of financial fraud. "If a bank cannot secure its customers' accounts, they are failing in their most basic duty," said the Attorney General. When consumers do receive email or mobile phone text requests for verification, attempts to block a #fraudulent wire transfer don't always work, the prosecutors allege. Attempts to head off scammers aren't always successful. According to the complaint, one victim lost $15,000 while on hold for 20 minutes after she became suspicious when a phone caller, claiming to be calling from Citi but actually a scammer, demanded the number of her new debit card. While she was waiting for the fraud department to pick up her call after a front-line customer care representative transferred it, the scammer stole her money. The complaint also recounts the experience of a recently retired victim who clicked on an apparent #phishing link but didn't provide any information to the website. Her local branch told her, "Don't worry about it, it happens all the time," according to the complaint. Three days later, #scammers drained $40,000 from her account after changing her online password and enrolling the account in online wire transfer services. https://lnkd.in/g69gBnqs Saya University #securityawareness ❤️ #GoSaya #humanrisk #socialengineering #cybereducation #cybersecurity #cybertraining #phishing #phishingattacks #cyberattack #サイバーセキュリティ #サイバーセキュリティ教育 #フィッシング Jonathan Hiroshi Rossi Yoshitaka Kashiwagi

This is older news, but the article brings up the fact that financial svs breaches doubled last year. "Financial service breaches doubled in 2023 The latest breach notification increases the tally of affected loanDepot customers from the 16.6 million reported on Jan. 22 to more than 16.9 million. LoanDepot is offering all affected customers two years of free credit monitoring and identity theft protection through Experian. "Furthermore, impacted customers should also be notified that their stolen information could be used to launch phishing or other social-engineering attacks against them. Customers should remain vigilant, particularly when contacted by anyone claiming to be from LoanDepot," Malik noted. “Unfortunately, we live in a world where these types of attacks are increasingly frequent and sophisticated, and our industry has not been spared. We sincerely regret any impact to our customers,” loanDepot CEO Frank Martell said in a Jan. 22 statement. The latest breach continues a trend of increasing cyberattacks on companies that provide loans and other financial services. The financial services industry suffered the second highest number of data compromises in 2023, just behind healthcare, according to the Identity Theft Resource Center’s 2023 Data Breach Report. Additionally, the number of data breaches in the financial services sector more than doubled in 2023 compared with 2022, with 744 compromises last year and only 269 the previous year. Cyberattacks on financial services companies in the last few months include the Prudential Financial and Fidelity National Financial breaches, which were also claimed by ALPHV/BlackCat, and the Mr. Cooper breach, which impacted more than 14.6 million current and former customers. More than 2.7 million Mr. Cooper customers also affected by a data leak resulting from the exposure of an unsecured Google Cloud storage bucket discovered by Cybernews in late December, although this leak is not believed to be connected to the prior cyberattack. Recent regulatory actions also put more pressure on financial service firms to prevent cyberattacks and disclose them promptly when they occur. New SEC rules, which went into effect on Dec. 18, require all large publicly traded companies to report “material” cyber incidents within four business days of their discovery. In November, Morgan Stanley reached an agreement with the attorneys general of six U.S. states to pay a $6.5 million fine for security failures leading to a data leak exposing millions of customers’ sensitive information, in violation of several state data privacy laws." https://lnkd.in/e6tZZ75S

Saturday, March 31, 2024, AT&T (another of many) discovered a serious data breach affecting some 7.6 mil AT&T acct holders as well as some 65.4 million former acct holders. The Company actually became aware of this latest breach nearly two weeks ago. The stolen date was first reported on hacker forums in 2021 but AT&T denied that the hack was real until now. I am a past account holder. YOU NEED TO KNOW THAT THIS IS EXTREMELY SERIOUS. I have fielded numerous calls since this news broke. The breach affects both current and prior data of customers that was found on the “dark web” including Social Security numbers, passcodes, full names, email addresses, mailing addresses, phone numbers, dates of birth and AT&T account numbers. Don't wait to find out that your information has been compromised. A caller this morning had $5,000.00 removed from their bank acct. Current AT&T customers, should immediately change passwords on all of sensitive password protected accounts: banks, credit cards, FPL, cable, … anywhere your personal data is. Use hard to guess passwords. Utilize multifactor authentication. Contact the 3 major credit reporting bureaus: Equifax, Experian and Transunion and utilize their credit freeze svcs and fraud alerts to protect you from unauthorized inquiries. The FLA Attorney General has a toll-free fraud hotline for Floridians victimized by fraud: 1-866-9-NO-SCAM (1-866-966-7226). Check your accounts and balances regularly. Immediately contact any provider if you find fraudulent activity. Florida laws protect both you and the financial institutions and the laws require prompt reporting. I also recommend contacting local law enforcement to report any fraud, theft or loss. This helps you document any fraud. DO NOT RELY ON TELEPHONE CALLS, TEXT MESSAGES OR EMAILS ALONE. Start the reporting process with a call, but follow-up in writing delivered by confirmed delivery, i.e., certified or registered U.S. mail; or carriers offering signed delivery. PLEASE PROTECT YOURSELVES and be well.  Sources: AT&T Community Forums, ABC News, The Associated Press, CBS News, CNBC, CNN, Fox Business, Fortune, NBC News, NPR, The New York Times, USA Today. Information I provide on this forum is my strictly my opinion for informational purposes only and does not create an attorney-client relationship between any reader and my firm or me. Any posting that I provide is strictly for informational purposes and constitutes my opinion based on Florida law, experience and the information available to me. Other attorneys may have different opinions. This opinion may be subject to change given a specific facts or situations. For direct legal advice, employ the services of a qualified and experienced lawyer in your area handling the type of legal matter for which you need legal advice. The hiring of an attorney is an important decision that should not be based merely upon advertisement(s), casual inquiries, information or my posted opinions on this site.

In recent years, 𝘄𝗶𝗿𝗲 𝗳𝗿𝗮𝘂𝗱 has become an increasingly prevalent threat in the real estate industry. I know what you're thinking... "𝙄𝙩 𝙬𝙞𝙡𝙡 𝙣𝙚𝙫𝙚𝙧 𝙝𝙖𝙥𝙥𝙚𝙣 𝙩𝙤 𝙢𝙚 𝙖𝙣𝙙 𝙢𝙮 𝙘𝙡𝙞𝙚𝙣𝙩." We realize this is not a very "fun" topic to cover, but it is extremely serious and can happen to anyone, so please read on for important information and updates... 𝗛𝗼𝘄 𝗱𝗼𝗲𝘀 𝘄𝗶𝗿𝗲 𝗳𝗿𝗮𝘂𝗱 𝗵𝗮𝗽𝗽𝗲𝗻? Wire fraud typically involves sophisticated schemes where fraudsters impersonate trusted entities, such as real estate agents, title companies, or financial institutions, to trick victims into wiring money or disclosing sensitive information. These scams often rely on deceptive emails, phone calls, or text messages that appear legitimate, making it challenging to discern the fraud. 𝗛𝗼𝘄 𝗰𝗮𝗻 𝘆𝗼𝘂 𝗽𝗿𝗲𝘃𝗲𝗻𝘁 𝗪𝗶𝗿𝗲 𝗙𝗿𝗮𝘂𝗱? We recommend taking the following proactive measures: 𝟭. 𝗘𝗱𝘂𝗰𝗮𝘁𝗲 𝗮𝗻𝗱 𝗜𝗻𝗳𝗼𝗿𝗺. Make sure your clients and partners are aware of this thread and how to prevent it from happening. 𝟮. 𝗩𝗲𝗿𝗶𝗳𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗼𝗳 𝗜𝗻𝘀𝘁𝗿𝘂𝗰𝘁𝗶𝗼𝗻𝘀. Always verify wire transfer instructions directly with your clients using the phone or in-person meetings (NOT text message or email). 𝟯. 𝗨𝘀𝗲 𝗦𝗲𝗰𝘂𝗿𝗲 𝗖𝗼𝗺𝗺𝘂𝗻𝗶𝗰𝗮𝘁𝗶𝗼𝗻. Utilize encrypted email and secure messaging apps to transmit sensitive information and communicate securely with all parties involved in the transaction. 𝟰. 𝗦𝘁𝗿𝗲𝗻𝗴𝘁𝗵𝗲𝗻 𝗖𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆. Implement strong passwords, enable two-factor authentication, and regularly update security software to protect against unauthorized access to your accounts and devices. 𝟱. 𝗘𝘅𝗲𝗿𝗰𝗶𝘀𝗲 𝗖𝗮𝘂𝘁𝗶𝗼𝗻 𝘄𝗶𝘁𝗵 𝗖𝗵𝗮𝗻𝗴𝗲𝘀. Be skeptical of any sudden changes to payment instructions or other transaction details. Independently verify such changes with your clients before proceeding.

Based on FICO's recent Fraud, Identity and Digital Banking Report, it is estimated that approximately two million citizens of the United Kingdom may have fallen victim to identity theft leading to the fraudulent opening of financial accounts in 2023. According to the analytics firm, 4.3% of survey participants had their identity exploited in this manner. If we apply this percentage to the adult population in the UK, it would amount to approximately 1.9 million individuals. This marks a notable decline from the 7.7% of respondents in 2022 who experienced ID theft for the purpose of opening financial accounts. In addition, an additional 5.4% of participants believe it is likely that their stolen identity was utilized to establish an account. According to Sarah Rutherford, a senior director in fraud marketing at FICO, the percentage of individuals impacted by identity misuse may potentially be much greater. It should be taken into consideration that our data only shows individuals who are aware of their stolen identity being used for financial fraud. The majority of people are not immediately informed about fraudulent activity under their name, or may not even find out at all. According to her, it's important to note that a person committing fraud is not likely to limit themselves to using a stolen identity only once. As a result, the level of fraud being committed will be significantly high as well. The top concern for UK citizens, according to research, was financial fraud at 30%. This was closely followed by credit card theft and fraudulent use at 24%, and the loss of bank account control to a scammer at 20%. This demands very clear and strong security awareness focusing on Social Engineering to be given to the customers. Regular updates on social engineering attacks and latest trends. Like Anti Virus signature updates. One customer has a Zero-day attack, they report and Anti Malware company distributes signature for all. So one attack reported, the organization must ensure everyone is alerted. #cybersecurity #cybersecurityawareness #isssuk #infosec #infosecurity #informationsecurity #iso27001 #iso27001certification

Beware of Fake Money Orders and Social Engineering: Protect Yourself from Wire Transfer Fraud Wire transfer fraud is a sophisticated theft attempt that uses deceptive tactics to steal your hard-earned money. Scammers often create fake receipts and impersonate trusted sources to create a sense of urgency and pressure you into wiring money. Don't Be a Victim: How to Spot and Prevent Wire Transfer Fraud Be wary of unsolicited requests: Never wire money based on emails, calls, or texts requesting immediate action, especially from unfamiliar sources. Verify directly: If someone you know asks you to wire money, contact them directly through a trusted phone number to confirm the request. Resist pressure tactics: Scammers may create a sense of urgency or crisis to cloud your judgment. Take a step back and verify the information before acting. Fight Back: What to Do If You Suspect Fraud Report immediately: If you suspect fraud, contact your bank right away. They might be able to stop the transfer or recover your funds. Shielding Yourself with Technology Email filtering: Block fraudulent emails with robust email filtering systems. Multi-factor authentication (MFA): Add an extra layer of security with MFA, which requires additional verification for access. Fraud detection software: Utilize software that can analyze transactions and flag suspicious activity. A Notable Incident: A recent news report 'The Reporter' highlighted a religious leader attempting a $6.05 million wire transfer fraud within an African Union building. This stark reminder emphasizes the prevalence of wire transfer scams. By staying vigilant and informed, you can safeguard yourself from these cunning theft attempts. #cybercrime #socialengineering #fraudmanagement #cybersecurityawaireness https://lnkd.in/efHesVVQ