Social engineering

SCW #78

June 29, 2021



We will review how synthetics are being utilized to perpetrate pandemic related frauds in the Payroll Protection Program and Unemployment Insurance. An overview of the government programs will take place with the controls that were in place, how they were compromised, by who and what you can do to remediate risk. Visit https://www.securityweekly.com/scw for all the latest episodes!

Full Episode Show Notes

CARES Act Fraud, Paying People & Fraudsters, Part 1

Guests

Steve Lenderman

Steve Lenderman – Director, Strategic Fraud Prevention at ADP

Steve Lenderman has been working in the financial crimes sector for over 20 years and is currently with ADP as the Director, Strategic Fraud Prevention in the Global Security Organization. At ADP, Lenderman oversees fraud prevention for all lines of business, including payroll for 6 in 10 Americans and nearly 80% of the Fortune 500.

Prior to ADP, he was the Fraud Operations Lead for PayPal Business Loans where he was responsible for managing fraud detection, investigations and mitigation. Lenderman has spent time with Barclaycard US where he oversaw major investigations, internal investigations, bust outs / credit abuse, FINCEN reporting including SAR’s and 314A & B compliance. Lenderman, was involved in counterfeit card defense, the implementation of chip cards and Apple Pay in the US market.

Additionally, Lenderman has been heavily involved in investigating and identifying synthetic identities and entities. Lenderman is considered an industry expert and serves as the Co-Chair of the Bust Out Synthetic Identity (BOSI) working group. He is the Vice President of the IAFCI Delaware Valley Chapter and is involved with the National Cyber-Forensics &Training Alliance (NCFTA), Innovative Payment Alliance (IPA) and the Payroll Fraud Prevention Group (PFPG).

Lenderman, was also employed with First USA, Bank One and Chase working in various fraud roles. He is a graduate of the University of Delaware with a degree in Criminal Justice and is a regular speaker at numerous fraud conferences, law enforcement trainings and community outreach programs.

Hosts

Jeff Man

Jeff Man – #HackingisNotaCrime Advocate, Sr. InfoSec Consultant at Online Business Systems

@MrJeffMan

Cryptanalyst, infosec analyst, pioneering ex-NSA pen tester, PCI specialist and certified security curmudgeon. Currently a Sr. InfoSec Consultant for Online Business Systems.

Josh Marpet

Josh Marpet – Executive Director at RM-ISAO

@quadling

Executive Director, RM-ISAO
Co-founder, MJM Growth
IANS Faculty
Blockchain Patent Holder
MISTI Instructor
Entrepreneurship Curmudgeon
Board Member BSidesDE
Board Member BSidesDC
Ex-cop and Fireman

Liam Downward

Liam Downward – CEO at CYRISMA

Liam started his career in 1998 in Dublin, Ireland and each year brought new challenges and with this where my passion of Information Security grew. In 2018, he saw that Cyber Security was becoming more complex and organizations would rather ignore risks as their budgets could not afford solutions to protect their data and CYRISMA was born.

Scott Lyons

Scott Lyons – CEO at Red Lion

@Csp3r

CEO at Red Lion

Announcements

  • Security Weekly Unlocked will be held IN PERSON this December 5-8 at the Hilton Lake Buena Vista! Our Call For Presentations Deadline has been extended through July 5th at 11:59 pm ET! Visit securityweekly.com/unlocked to submit your presentation!

  • In our July 14th democast at 11 AM ET, learn how to reveal and protect your entire attack surface. Then join us July 15 at 11 AM ET to learn how a thoughtful approach to SASE can improve security and enable scalability. Finally, in our July 22nd technical training at 11 AM ET, learn how Guided-SaaS NDR Enables Rapid Response. Visit https://securityweekly.com/webcasts to register now! If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand



We will review how synthetics are being utilized to perpetrate pandemic related frauds in the Payroll Protection Program and Unemployment Insurance. An overview of the government programs will take place with the controls that were in place, how they were compromised, by who and what you can do to remediate risk. Visit https://www.securityweekly.com/scw for all the latest episodes!

Full Episode Show Notes

CARES Act Fraud, Paying People & Fraudsters, Part 2

Guests

Steve Lenderman

Steve Lenderman – Director, Strategic Fraud Prevention at ADP

Steve Lenderman has been working in the financial crimes sector for over 20 years and is currently with ADP as the Director, Strategic Fraud Prevention in the Global Security Organization. At ADP, Lenderman oversees fraud prevention for all lines of business, including payroll for 6 in 10 Americans and nearly 80% of the Fortune 500.

Prior to ADP, he was the Fraud Operations Lead for PayPal Business Loans where he was responsible for managing fraud detection, investigations and mitigation. Lenderman has spent time with Barclaycard US where he oversaw major investigations, internal investigations, bust outs / credit abuse, FINCEN reporting including SAR’s and 314A & B compliance. Lenderman, was involved in counterfeit card defense, the implementation of chip cards and Apple Pay in the US market.

Additionally, Lenderman has been heavily involved in investigating and identifying synthetic identities and entities. Lenderman is considered an industry expert and serves as the Co-Chair of the Bust Out Synthetic Identity (BOSI) working group. He is the Vice President of the IAFCI Delaware Valley Chapter and is involved with the National Cyber-Forensics &Training Alliance (NCFTA), Innovative Payment Alliance (IPA) and the Payroll Fraud Prevention Group (PFPG).

Lenderman, was also employed with First USA, Bank One and Chase working in various fraud roles. He is a graduate of the University of Delaware with a degree in Criminal Justice and is a regular speaker at numerous fraud conferences, law enforcement trainings and community outreach programs.

Hosts

Jeff Man

Jeff Man – #HackingisNotaCrime Advocate, Sr. InfoSec Consultant at Online Business Systems

@MrJeffMan

Cryptanalyst, infosec analyst, pioneering ex-NSA pen tester, PCI specialist and certified security curmudgeon. Currently a Sr. InfoSec Consultant for Online Business Systems.

Josh Marpet

Josh Marpet – Executive Director at RM-ISAO

@quadling

Executive Director, RM-ISAO
Co-founder, MJM Growth
IANS Faculty
Blockchain Patent Holder
MISTI Instructor
Entrepreneurship Curmudgeon
Board Member BSidesDE
Board Member BSidesDC
Ex-cop and Fireman

Liam Downward

Liam Downward – CEO at CYRISMA

Liam started his career in 1998 in Dublin, Ireland and each year brought new challenges and with this where my passion of Information Security grew. In 2018, he saw that Cyber Security was becoming more complex and organizations would rather ignore risks as their budgets could not afford solutions to protect their data and CYRISMA was born.

Scott Lyons

Scott Lyons – CEO at Red Lion

@Csp3r

CEO at Red Lion

Announcements

  • Security Weekly is more than happy to announce that we will be at InfoSec World 2021 IN PERSON October 25th-27th, 2021! This year, our annual partnership with InfoSec World is extra special, as we are both business units under the CyberRisk Alliance brand! What does that mean for Security Weekly listeners & InfoSec World attendees? You will get to see and hear from many of the Security Weekly team at the event AND you will save 20% off on your world pass! Visit https://securityweekly.com/isw2021 to register using our discount code!

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, join our Discord Server, and follow us on our newest live-streaming platform, Twitch!

prestitial ad