The MGM Ransomware Attack + How it Can Impact Online Fraud

Fraudology is presented by Sardine.In this episode of Fraudology, host Karisse Hendrick delves into the world of cybersecurity, the evolving tactics of hackers, and why it's important for online fraud professionals to pay attention to data breach news & trends. Because online fraud is often the preferred method of monetizing from cyber attacks, it's important to understand the supply chain of information that could be available to cybercriminals soon. In light of the recent security breach at MGM (at least all US locations) & Caesar's Entertainment in Las Vegas, Karisse shares some of the research she's done to better understand what happened, and how a similar attack can be prevented. From the vulnerabilities & threats of social engineering to entering through the 3rd party system used for account & identity verification & sign-on flow, to ultimately encrypting all data in their Active Directory. -These steps are relatively simple for some groups, so it's imperative that fraud & cyber teams work together to "patch" vulnerabilities within their org. Also discussed: Ways to use these headlines as a catalyst to communicate threats to leadership and suggest social engineering training & enhanced verification processes. Should the data being held captive be released, the types of fraud vectors different companies should expect, and how to look at the types of data exposed via data breaches to determine which fraud methods your company or financial institutions may rely on. Several articles were referenced for this episode. Including:https://www-dailymail-co-uk.cdn.ampproject.org/c/s/www.dailymail.co.uk/news/article-12505921/amp/MGM-Resorts-Las-Vegas-cyber-attack.htmlhttps://techcrunch.com/2023/09/14/mgm-cyberattack-outage-scattered-spider/https://www.reuters.com/business/casino-giant-caesars-confirms-data-breach-2023-09-14/https://www.darkreading.com/application-security/okta-flaw-involved-mgm-resorts-breach-attackers-claimhttps://arstechnica.com/security/2023/09/a-phone-call-to-helpdesk-was-likely-all-it-took-to-hack-mgm/https://www.vox.com/technology/2023/9/15/23875113/mgm-hack-casino-vishing-cybersecurity-ransomwarehttps://www.trellix.com/en-us/about/newsroom/stories/research/scattered-spider-the-modus-operandi.htmlFraudology is hosted by Karisse Hendrick, a fraud fighter with decades of experience advising hundreds of the biggest ecommerce companies in the world on fraud, chargebacks, and other forms of abuse impacting a company's bottom line. Connect with her on LinkedIn She brings her experience, expertise, and extensive network of experts to this podcast semi weekly, on Tuesdays and Thursdays.Mentioned in this episode:2023-q4-postroll sardine 1

Om Podcasten

If you work in online fraud prevention, chances are you've caught the "bug". The bug that makes you passionate about identifying & preventing cybercriminals from getting away with stealing from your company, or your client's companies. Most people who have made cyber-fraud their career have the perfect balance of analytical and social skills, a strong sense of justice and the curiosity that will drive you to go down every path of information until you "crack the case". Just like sociology is the study of social behavior, and psychology is the study of human behavior, Fraudology is the science and study of fraud. On the Fraudology podcast, long-time online fraud expert, Karisse Hendrick will dive into all areas of Fraudology from the perspective of a fraud-fighter. With guests ranging from former cybercriminals to fraud-fighters at Fortune 500 companies to law enforcement and others, you will no doubt be entertained, while learning a lot about fraud & other forms of abuse prevention! Subscribe to be alerted when a new episode is out and please rate & review where you can, to help others find this new & unique podcast!