Episode 39 - Mayflower - White Hat Security

![[White-Hat-Large-300px.png]] 2024-08-15 # Episode Number 39 - Mayflower * Missed the show? Well you can access the replay! * https://rumble.com/v5b4gh1-white-hat-security-episode-39-mayflower.html?mref=1xggrq&mrefc=2 # General Discussion ## Back to School Scams * Yup, it's that time of year. Everyone is going back to school and the scammers are at it again full tilt. ### Social Media Scams * We have all seen these scams. * FaceBook is the number one place to see these sorts of scams. * Twitter/X is number 2...*hehehe* * Many are just drop ship marketers. * Research the manufacture and model number of the item. * Many times the item is for sale on a trusted website and for less. ### General Advice for Avoiding Scams Online * Shop only at familiar and trusted sources, both online and IRL. * Those social media ads you see are tempting, but they are not the real deal. * Shop around on any deals you find to ensure that what's being sold is not a lower budget offering with a similar name. * Model number variants can be majorly different items. * One model is the 1080p web cam, the other is the 720p web cam. * Both items look the same, main model number is identical. * The scammer only shows the main model number and not the variation for the lower feature set item. * Ensure that when shopping online, you know it's the source website selling and doing the shipping; that it's *not* a 3rd party store on that website. * Amazon is infamous for this. Check the id for both the seller AND the shipper. * Amazon Prime is NOT a validation that's is both Amazon as the seller and shipper anymore. * Shop early. * Don't wait until the last minute as supply shortages may cause you headaches. * Should you receive a defective item, you won't have time to do a swap. * Double check the returns policy PER ITEM AND NOT PER SHOPPING WEBSITE. * Again, Amazon is infamous for this where a 3rd party seller and shipper has some items returnable and others NOT returnable. * Amazon has started listing some items as NOT returnable when clearly they should be eligible. * Always pay attention to ALL the item details. ### Safe Places to Back to School Shop * Only shop at places that you utilize regularly. * This is not the time to "explore shop". * Examine all details on an item to ensure you are getting what you think you are getting. * Check with your school for school supply discount packages. * Check with your school for discount tech purchases. * NEVER USE THEIR FINANCING OPTIONS THAT CHARGE INTEREST. * Interest rates will be off the scale on the high side. * If they offer financing INTEREST FREE look closely at the details. * Many plans have interest penalties if you are late. * Some have a certain balance level that must be paid by a set time; usually a larger amount than what would be paid by following the established payment schedule. # NPD Breach Update * There is interesting reporting resulting from the increased attention for this breach. * There is a lot of "mixed" data in the breach leading to MSM reporting that it's an unconfirmed incident. * Claims are being made that the SSN data is not valid. * Other researchers have verified name/SSN combinations being valid as previously reported. * Could this "breach" be a collection of data from other breaches and some data from NPD to scam criminals into buying the data? * It's possible. * APT Big Data efforts. * Given the number of PII breaches to date, something like this could be assembled. * How much of this originated from NPD is now unclear. * Court case discovery will clear up many of these points. * Regardless we still have the issue of the volume of accurate name/ssn's in this dataset and others datasets. # News ## This week's news stories of note: * [[2024-08-12 CrowdStrike Legal Woes Grow]] * [[2024-08-13 The End of the AI Buzz]] * [[2024-08-14 Azure Health Bot Vulnerability]] * [[2024-08-14 GhostWrite Attacks]] * [[2024-08-15 The August ZDI 2024 Security Update Review]] * [[2024-08-15 Delta vs CrowdStrike]] * [[2024-08-16 CryptoCore Scam Group Profile]] # Have a question or topic suggestion? If you have a question or topic that you would like discussed on the show, send an email to [questions[@]whitehatsecurity[.]stream](mailto:[email protected]?subject=Question%20for%20the%20show). * @NiceCrew (https://nicecrew.digital/@iamthejeeves) * @X formally known as 'Twitter' (https://x.com/iamthejeeves) If you like my content, why not send a little something my way? * ![[cashapp.jpg]][Cash App](https://cash.app/$iamjeeves) * <a href='https://ko-fi.com/J3J0Y7JVG' target='_blank'><img height='36' style='border:0px;height:36px;' src='https://storage.ko-fi.com/cdn/kofi5.png?v=3' border='0' alt='Buy Me a Coffee at ko-fi.com' /></a> * <a href='https://buymeacoffee.com/iamthejeeves' target='_blank'><img src='https://publish-01.obsidian.md/access/2a3e9ac93555ab5afe068f8fa291f1ec/Images/yellow-button.png' border='0' alt='Buy Me a Coffee' /></a> #ShowNotes #JeevesOriginalContent #WhiteHatSecurity