Faith-Based Daily Awareness Post 24 July 2025

These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters. 

North Korean IT Worker Threats to U.S. Businesses

In this alert, the FBI’s Internet Crime Complaint Center (IC3) warns North Korean IT workers are targeting private companies to illicitly generate substantial revenue for their regime. The scammers use a variety of techniques to disguise their identities like leveraging U.S., -based individuals to gain fraudulent employment an access to U.S. company networks.

Analyst Comments: The IC3 alert highlights show how North-Korean actors are exploiting opportunities to infiltrate U.S. company networks; therefore, organizations may consider verifying prior employment and education when interacting with individuals, require in-person meetings, capture images of individuals, analyze payment methods, and build a relationship with your local FBI Field Office. For those who missed it, FB-ISAO recently collaborated with several other organizations to produce a TLP: CLEAR overview of the North Korea IT worker threat. The report can be accessed here.

The Com: Theft, Extortion, and Violence are a Rising Threat to Youth Online

The Internet Crime Complaint Center (IC3) and FBI have issued three Public Service Announcements (PSA) related to The Com. The Com, short for the community is a primarily English speaking, international, online ecosystem comprised of multiple interconnected networks whose members, many of whom are minors, engage in a variety of criminal violations. Criminal activity conducted by members of The Com includes, but is not limited to, swatting/hoax threats, extortion/sextortion of minors, production and distribution of child sexual abuse material, violent crime, and various types of cyber-crimes. The latter category is broad and includes distributed denial-of-service (DDoS) attacks, subscriber identity module (SIM) swapping, ransomware, intellectual property theft, extortion, cryptocurrency theft, and money laundering. The motivations behind the criminal activity vary but often fall within one of the following: financial gain, retaliation, ideology, sexual gratification, and notoriety.

There are currently three known primary subsets within The Com: Hacker Com, In Real Life (IRL) Com, and Extortion Com. Each subset has a distinct focus; however, members of The Com often participate in criminal activity encompassed in more than one subset and maintain relationships with members in multiple subsets simultaneously, in case their skills are beneficial. The members within these subgroups typically have a shared interest, ideology, or goal and work together, adding others to the group and splintering, when necessary, to achieve their mission. In addition to the general overview of The Com, there were two additional PSAs released which highlight Hacker Com, the cyber-criminal subset of The Com, and the violent subset of The Com, which is referred to as In Real Life (IRL) Com. Another PSA released earlier this year discusses extortion activities which align with the third subset.

Analyst Comments: These alerts highlight the growth of the threat group over the past several years, and the variety of ways they can target individuals or organizations. We encourage faith-based communities to review the PSAs, which include mitigation and reporting considerations.

We found 5 places in the US that could flood like Texas. Here’s what they have in common

CNN reports that climate change is making flash floods more frequent and severe across the U.S., especially in areas like Central Texas’s “Flash Flood Alley” and burn-scarred regions of New Mexico. Warmer air holds more moisture, leading to intense storms that quickly overwhelm infrastructure and drainage systems. These flash floods develop quickly endangering communities where drainage systems are insufficient, or terrain exacerbates runoff.  Experts stress the need for improved early warning systems and climate-resilient infrastructure to protect communities as extreme rainfall events increase.

Analyst Comments: Flash floods are increasingly dangerous due to climate change and aging infrastructure that is unable to handle extreme rainfall. Many communities underestimate how quickly these floods can develop, with water levels rising within minutes. It is important to recognize these risks and incorporate flash flood preparedness and create a plan.

How to prepare for flash flooding:

• Sign up for local weather alerts and NOAA warnings for rapid updates.
• Identify higher ground and evacuation routes in advance.
• Never drive through flooded roads.
• Keep emergency kits with water, food, medications, and flashlights ready.
• Review your buildings drainage systems.
• Create flash flood response plans.
• Incorporate flash flood risks into regular safety drills and communications with staff and congregations.