BMA Operational Cyber Risk Management Code of Conduct 2022 The Bermuda Monetary Authority (‘BMA’) published its Operational Cyber Risk Management Code of Conduct (‘Code’) for CSPs, Trust Companies, Money Service Businesses, Investment Businesses, and Fund Administration Providers (Relevant Licensed Entities or ‘RLE’) on 15 March 2022 and RLE are required to comply by 15 February […]
The Bermuda Police Service is once again reminding residents to “remain vigilant regarding social media scams.”
A police spokesperson said, “Once such scam currently in circulation is the mystery shopper scam, where local Facebook users are offered employment as a secret shopper and enticed by the opportunity of earning thousands of dollars simply by accepting funds into their personal bank account.
“Other Facebook users seem to validate the scheme, by commenting that they’ve personally earned in excess of $70,000 within a few weeks.
“If a local resident does sign up, they will usually receive between $1,500 and $5,000 into their personal bank account and are informed that they are allowed to keep 10% as payment for their mystery shopper services.
The Regulatory Authority is warning people about an online scam, with an article claiming that Netflix ‘lost thousands of Bermudian users this week because of the new competing service,’ and urging people to sign up for MovieFlix, with the RA explaining that the scam is actually “designed to steal credit card details.”
The RA said, “The Regulatory Authority of Bermuda is today [Aug 8] warning consumers to be aware of the latest internet scam to arrive in Bermuda. MovieFlix, an online movie service is featured in a Facebook ad, and will reportedly deliver identical streaming service to that of Netflix, free of charge.
Warning: Fileless Attacks Are Rising
Ever heard of fileless attacks? This is malicious code gets a foothold on your server. Not through a certain file or a document, but by infiltrating the server RAM. Thus, exploiting various processes and vulnerabilities of the server software. They can do this via vulnerable web applications, specially formed requests, and so on.
United States Law Enforcement Authorities have identified a Business Email Compromise (BEC), focused on healthcare, professional services, higher education, and real estate closing companies. BEC attacks have evolved over the last couple of years from sending phishing emails to millions of targets, to sending spear phishing emails to a few hundred. The spear phishing is targeting individuals that are involved with a company’s financial decisions with the intention of compromising that corporate officer’s email account. The attackers are focusing specifically on Office 365 as many of the security features that product offers are turned off by default.
Need Help with a .BM Domain or a Local Phone Number / PBX ?
“The Economic Substance Act” requires core income-generating activities to be conducted in Bermuda. Entities must demonstrate they are directed and managed from Bermuda and have “adequate” employees, physical presence, and expenditure here. Adequacy is determined by the nature and location of strategic and operational decision-making at the board and senior management levels. Outsourcing core activities in Bermuda will be acceptable in some cases.