September 2021 — The FTC investigates McFlurry Machines, Glitter Bombing Scammers and more

By Daniel Young | September 30, 2021 | 6 min read
Security news september

McDonald's Broken Ice Cream Machines Are Getting Attention From The Feds

From Mashed: It's an all too common situation: You pull off the highway and into a McDonald's drive-thru lane ready for a McFlurry and maybe a side of fries when the voice on the other end of the microphone delivers the devastating news — "The soft-serve machine is broken." Frustrating? Yes. Illegal? The Federal Trade Commission is going to find out. The FTC reached out to several McDonald's franchisees earlier this summer inquiring about the nearly constant broken machines happening across the country. Franchise owners told the FTC that the machines do break often and stated that they're overly complicated to fix. Getting the machines back up and running can take time because a technician has to come out and look at them. The FTC — tasked with stopping unfair commerce practices — wants to ensure the machines aren't purposefully difficult to fix.

Our take: Broken soft serve machines might seem like an odd thing to investigate, but the lack of ice cream at McDonald’s is affecting the market. While yes, McDonald’s may be making the machines hard to fix on purpose, there might be another problem as well: franchisees may not be keeping up with maintenance. Corporations need to be able to perform assessments on all their franchisees for safety, security and effectiveness, rather than just relying on what they're being told. Having all of your franchisee’s assessments for safety, security, and compliance on a single dashboard will provide powerful insight into the overall organization’s health.

Coroner IDs remains, says Gabby Petito was homicide victim

From the Associated Press: Gabby Petito was killed by another person, a coroner concluded while also confirming that the human remains found recently at a Wyoming national park were those of the 22-year-old woman who disappeared months after she set out on a cross-country road trip with her boyfriend, the FBI said Tuesday. The young couple had set out in July in a converted van to visit national parks in the West. They got into a fight along the way, and her boyfriend, 23-year-old Brian Laundrie was alone when he returned in the van to his parents’ home Sept. 1, police said. His whereabouts are unknown, and he is a person of interest in the case.

Our take: We’ve written before about how violence within relationships can escalate, even impacting the partners’ work environment — many active shooters who target workplaces are often abusive partners or former partners of employees. The Gabby Petito story has shown the trajectory of an abusive relationship that likely escalated to murder: witnesses report the couple fighting, 911 was called when a witness reported seeing Laundrie slap Petito, police bodycam footage shows a visibly upset Petito not wanting to press charges, and one ranger asked Petito to leave what she called a “toxic” relationship. It’s critical that you read the signs of your employees’ mental health — especially if you see red flags — even if they claim everything is all right or project the image of a perfect relationship online.

2 empty tequila bottles found on under-construction Air Force One planes, prompting Boeing investigation

From Insider: Boeing is investigating the discovery of empty liquor bottles found inside a plane set to become the new Air Force One, The Wall Street Journal reported. Two small bottles of tequila were found this month on a Boeing 747-8 under construction in San Antonio, The Journal said, prompting the company to launch an investigation.

Our take: While the people who left their liquor bottles on the new Air Force One are unlikely to be international criminal geniuses who are planting bombs, surveillance gear or any other hazards, Boeing has a huge security problem on its hands; if the tequila drinkers got into the airplane, anyone can. Boeing will have to go through the plane with a fine toothed comb to make sure that no one else has been aboard.

California resident charged for role in SIM swap scam

From the U.S. Department of Justice: Richard Yuan Li, 21, a resident of Hercules, California, was charged on August 26, 2021 by a federal grand jury seated in the Eastern District of Louisiana in a four-count Superseding Indictment for his role in a SIM swap scam that targeted at least forty people. A SIM Swap scam is a cellular phone account takeover fraud that results in the routing of a victim’s incoming calls and text messages to a different phone. Once a perpetrator is able to swap the SIM card, it is likely he is able to obtain access to a victim’s various personal accounts, including email accounts, bank accounts, and cryptocurrency accounts, as well as any other accounts that use two-factor authentication. Li and a partner stole cryptocurrency from victims and demanded ransoms as well.

Our take: We often think of cybercrime as something that happens online, but SIM card swaps are a physical security issue as well as a cybersecurity one. For a SIM card to be swapped, the criminal must gain physical access to your phone. Make sure you never lend your phone to someone you don’t know and trust, know where your phone is, and ensure that your employees are aware of this scam so that no company devices, or data, are endangered.

Glitterbomb Trap Catches Phone Scammer

From YouTube: YouTuber and former NASA engineer Mark Rober targeted phone scammers by glitter bombing them instead of passing along the money that they’d extorted from elderly victims.

Our take: Rober’s video is worth a watch, and not just because it’s satisfying to see phone scammers covered in glitter and fart spray. His video explains how scammers conduct their scams —using money mules to collect deliveries in front of AirBnbs and businesses, scammers making calls from India, and supervisors in the U.S. coordinating the mules. It’s important to understand how scammers work — make sure they’re not using your site as a pick-up for cash, and be vigilant to make sure your loved ones are not being scammed.

September top grants

E-Learning Collaborative for Sexual Violence and Intimate Partner Violence Prevention:

Sexual violence (SV) and intimate partner violence (IPV) are preventable public health problems that have long-term physical and mental health impact on victims and affect millions of Americans. The purpose of this grant from the CDC is to support an E-Learning community and peer learning platform that uses multiple communication channels, including interactive web conference series, podcasts, online education resources, translation products, and planed and strategic social media to build and strengthen violence prevention systems for the Division of Violence Prevention’s funded recipients, sub-recipients and prevention practitioners nationally. Grant closes: Nov 17, 2021

Fiscal Year 2021 Flood Mitigation Assistance (FMA): The Flood Mitigation Assistance (FMA) program makes federal funds available to states, U.S. territories, federally recognized tribal governments, and local communities to reduce or eliminate the risk of repetitive flood damage to buildings and structures insured under the National Flood Insurance Program (NFIP). It does so with a recognition of the growing flood hazards associated with climate change1, and of the need for flood hazard risk mitigation activities that promote climate adaptation and resilience with respect to flooding. These include both acute extreme weather events and chronic stressors which have been observed and are expected to increase in the future. Grant closes: Jan. 28 2022

Fiscal Year 2021 Building Resilient Infrastructure and Communities (BRIC): The Building Resilient Infrastructure and Communities (BRIC) program makes federal funds available to states, U.S territories, federally recognized tribal governments, and local communities for hazard mitigation activities. It does so with a recognition of the growing hazards associated with climate change1, and of the need for natural hazard risk mitigation activities that promote climate adaptation and resilience with respect to those hazards. These include both acute extreme weather events and chronic stressors which have been observed and are expected to increase in the future. Grant closes: Jan. 28, 2022

Are you ready to improve your organization’s risk resiliency?

See Circadian Risk In Action Now
Watch a Demo