operational-cyber-risk-management

BMA Operational Cyber Risk Management Code of Conduct 2022

BMA Operational Cyber Risk Management Code of Conduct 2022 The Bermuda Monetary Authority (‘BMA’) published its Operational Cyber Risk Management Code of Conduct (‘Code’) for CSPs, Trust Companies, Money Service Businesses, Investment Businesses, and Fund Administration Providers (Relevant Licensed Entities or ‘RLE’) on 15 March 2022 and RLE are required to comply by 15 February […]

Threatening Messages Being Sent Electronically

The Bermuda Police Service said they are “aware of threatening messages being sent electronically, [e-mail, social media], to members of the public.”

A police spokesperson said, “Recipients are being threatened with having their online activity made public unless they purchase varying amounts of cryptocurrency within a stipulated time period and return it to the person sending the threatening message, usually within 24 hours.

Scam Alert

Police Warn Again About Social Media Scams

The Bermuda Police Service is once again reminding residents to “remain vigilant regarding social media scams.”

A police spokesperson said, “Once such scam currently in circulation is the mystery shopper scam, where local Facebook users are offered employment as a secret shopper and enticed by the opportunity of earning thousands of dollars simply by accepting funds into their personal bank account.

“Other Facebook users seem to validate the scheme, by commenting that they’ve personally earned in excess of $70,000 within a few weeks.

“If a local resident does sign up, they will usually receive between $1,500 and $5,000 into their personal bank account and are informed that they are allowed to keep 10% as payment for their mystery shopper services.

how-a-fileless-attack-works-increasing-danger-of-fileless-attacks

Warning: Fileless Attacks Are Rising

Warning: Fileless Attacks Are Rising

Ever heard of fileless attacks? This is malicious code gets a foothold on your server. Not through a certain file or a document, but by infiltrating the server RAM. Thus, exploiting various processes and vulnerabilities of the server software. They can do this via vulnerable web applications, specially formed requests, and so on.

Scam Alert

Emerging Business Email Compromise (Phishing Scam)

United States Law Enforcement Authorities have identified a Business Email Compromise (BEC), focused on healthcare, professional services, higher education, and real estate closing companies. BEC attacks have evolved over the last couple of years from sending phishing emails to millions of targets, to sending spear phishing emails to a few hundred. The spear phishing is targeting individuals that are involved with a company’s financial decisions with the intention of compromising that corporate officer’s email account. The attackers are focusing specifically on Office 365 as many of the security features that product offers are turned off by default.

Economic Substance Act 2018 (Bermuda)

Need Help with a .BM Domain or a Local Phone Number / PBX ?

“The Economic Substance Act” requires core income-generating activities to be conducted in Bermuda. Entities must demonstrate they are directed and managed from Bermuda and have “adequate” employees, physical presence, and expenditure here. Adequacy is determined by the nature and location of strategic and operational decision-making at the board and senior management levels. Outsourcing core activities in Bermuda will be acceptable in some cases.