Hacking Humans

SLAM, scam, thank you ma’am.

Thu, 23 Apr 2026 05:00:00 -0000

This week, while Maria is on vacation, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ are joined by Michele Kellerman as they discuss the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Dave brings us a lively follow-up from his recent theater outing the conversation circles back to chicken talk. Michele also highlights the work of Blood Cancer United sharing insight into their mission and impact. Dave’s story is on the SLAM method, a simple phishing-defense framework that teaches users to evaluate suspicious emails by checking the sender, links, attachments, and message for common signs of deception and social engineering. Michele’s got the story on a potential turning point in online scams, where rising pressure—from revelations that Meta Platforms has profited from fraudulent ads, to banks and regulators like Jerome Powell and Scott Bessent warning about systemic risks—suggests liability may soon expand beyond banks to include social media, telecoms, and other upstream players. Joe’s story is on two cousins, Shray Goel and Shaunik Raheja, who pleaded guilty in a nationwide $8.5 million scheme using fake listings, double bookings, and last-minute cancellations across platforms like Airbnb and Vrbo to maximize profits while deceiving thousands of travelers. On our catch of the day, A Reddit user shares a message they got from a scammer posing as their child.

Resources and links to stories:

Ransomware (noun) [Word Notes]

Tue, 21 Apr 2026 05:00:00 -0000

Malware that disables a system in exchange for a ransom, usually by encrypting the system's data until the user pays for the decryption key.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/ransomware⁠

Audio reference link: ⁠https://watch.amazon.com/detail?gti=amzn1.dv.gti.d6a9f744-47b0-ac70-aa56-b31fd0f58482&territory=US&ref_=share_ios_season&r=web

Who is winning the scam game?

Thu, 16 Apr 2026 05:00:00 -0000

This week, hosts of N2K CyberWire ⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ alongside ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. If you thought you could escape chicken talk, you we're wrong, this week Joe shares some more updates on his chickens. Joe’s got two stories this week, one on a New Jersey man arrested while attempting to collect $800,000 in gold as part of a widespread scam targeting elderly victims, and the second is on a new Google-tracked threat group using social engineering and phishing tactics to infiltrate BPOs and steal corporate data for extortion. Maria’s story is on a conversation she had with Sean Colicchio, highlighting how trusting human instincts, slowing down, and balancing security training can help individuals and organizations better defend against social engineering attacks. Dave’s got the story on a surge in traffic violation scams now using QR codes in phishing texts to trick victims, alongside ten hard-stop rules emphasizing verification, avoiding links or inbound requests, and slowing down to prevent falling for increasingly sophisticated scams. Our Catch of the Day comes from Reddit, where a user questioned a supposed “Google Play Console partnership” email, and the community quickly flagged it as a likely scam—citing red flags.

Resources and links to stories:

Service Set Identifier (SSID) (noun) [Word Notes]

Tue, 14 Apr 2026 07:00:00 -0000

Please enjoy this encore of Word Notes.

The name of a wireless access point.

CyberWire Glossary ⁠link⁠.

Audio reference link: ⁠SSID Management - CompTIA Security+ SY0-401: 1.5⁠, Professor Messer, uploaded August 3rd, 2014.

When “opportunity” knocks, don’t answer.

Thu, 09 Apr 2026 05:00:00 -0000

This week, hosts of N2K CyberWire ⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ alongside ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Your favorite follow up story is back, this time Sue from Australia discusses why Joe’s hen is losing feathers. Dave’s story is on a sophisticated LinkedIn phishing scam that tricks professionals with fake notifications and counterfeit login pages to steal credentials. Joe discusses a bizarre Everest scam where climbers and Sherpas were targeted with fake rescue schemes, highlighting the surprisingly high number of visitors versus summiters. Maria has the story of IRS and tax-related scams warning taxpayers about ghost preparers, urgent payment demands, and fraudulent contact attempts, with Proofpoint noting the use of remote monitoring tools in 40% of 2026 cases. Our catch of the day comes from Reddit, where a likely “stranded in the woods” scam involving a man named Michael begins to unfold but quickly unravels after he overwhelms the interaction with constant ChatGPT-style questioning.

Resources and links to stories:

Advanced Encryption Standard (AES) (noun) [Word Notes]

Tue, 07 Apr 2026 07:00:00 -0000

Please enjoy this encore of Word Notes.

A U.S. Government specification for data encryption using an asymmetric key algorithm.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/advanced-encryption-standard⁠

Audio reference link: papadoc73. ⁠“Claude Debussy: Clair De Lune.”⁠ YouTube, YouTube, 6 Oct. 2008.

Who’s logging in? [OMITB]

Tue, 07 Apr 2026 07:00:00 -0000

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠⁠⁠⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠⁠⁠⁠⁠DISCARDED⁠⁠⁠⁠⁠⁠⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠⁠⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠⁠⁠⁠Keith Mularski⁠⁠⁠⁠⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠⁠⁠⁠⁠Qintel⁠⁠⁠⁠⁠⁠⁠.

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we discuss findings from the Sophos Active Adversary Report 2026 by Sophos, highlighting how identity-related weaknesses like compromised credentials and gaps in MFA continue to drive a majority of security incidents. The conversation explores how attackers are moving faster, often operating after hours, and how a growing number of threat groups is adding to the complexity.

The fine print of fraud.

Thu, 02 Apr 2026 05:00:00 -0000

This week, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and ⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, joined by friend of the show ⁠Michele Kellerman⁠, dig into the latest social engineering scams, phishing schemes, and criminal exploits making headlines. Dave Bittner is tied up covering RSA, but will be back next week. First up, a follow-up from listener Bruce, who was hit with hundreds of spam emails in what looks like a subscription bombing attack, overwhelming Google’s filters before tapering off; his local hospital saw an even bigger wave, showing how alarming these attacks can be for seniors and other vulnerable users.Joe’s got the story of the UK sanctioning Xinbi, a Chinese-language cryptocurrency marketplace accused of profiting from scam centers in Southeast Asia, marking Britain’s first action against the platform. Michele shares the FBI’s takedown of 11 people in Los Angeles who ran a $17 million “house stealing” mortgage fraud scheme targeting elderly homeowners, highlighting the rising risk of title and refinance fraud for seniors. Maria dives into a new fake CAPTCHA scam that tricks Windows PC users into downloading malware, showing how even simple web prompts can be weaponized by cybercriminals. Our catch of the day is an email on Medicare, but what makes it fake? Tune in to find out!

Resources and links to stories:

The evolving face of AI deepfakes.

Thu, 26 Mar 2026 05:00:00 -0000

Maria discusses a new spin on pig butchering scams to recruit people to be AI face models and use them at scale. Joe shares INTERPOL's Global Financial Fraud Assessment and the current trends that AI is enabling at a rapid pace. Dave's story is about the evolving and increasingly more lucrative practices of refund fraud. Our Catch of the Day comes from Reddit about a overly insistent scammer to be.

Resources and links to stories:

When AI wears a suit and tie.

Thu, 19 Mar 2026 05:00:00 -0000

This week, hosts of N2K CyberWire ⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ alongside ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow up on aggravated identity theft and how it ties to crimes like wire fraud, along with a quick look at shared mailboxes and why sharing login credentials can create security risks. Joe’s got the story of a vishing attack on an Ericsson vendor that exposed sensitive data of over 15,000 people, highlighting the risks of third-party security gaps. Dave’s story is on Meta removing millions of scam ads and accounts while facing scrutiny over whether it profits from fraudulent advertising, highlighting the growing scale of social media-driven scams and pressure from lawmakers to crack down. Maria has the story on how scammers are using AI to impersonate government officials through deepfakes, fake websites, and voice cloning, making fraud more convincing and harder to detect while stealing money and personal information. Our Catch of the Day comes from Reddit where a user has an intriguing conversation with Elon Musk, where he professes his love in a very record amount of time.

Resources and links to stories:

Domain Naming System (DNS) (noun) [Word Notes]

Tue, 17 Mar 2026 07:00:00 -0000

Please enjoy this encore of Word Notes.

A system that translates text-based URLs to their underlying numerical IP addresses.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/domain-name-system-dns⁠

Audio reference link: HistoryHeard. “⁠History Heard: Paul Mockapetris.⁠” YouTube, YouTube, 5 Apr. 2009.

Defending against unlimited penalty shots. [Hacking Humans Live!]

Thu, 12 Mar 2026 05:00:00 -0000

Maria's story involves a Maine Supreme Court hearing on a case involving a financial advisory firm that was mislead by a client. Dave highlights a malvertising campaign by a threat actor researchers call D-Shortiez. In our Catch of the Day, comes from the Scambait Subreddit where Mavis offers up large sums of money for a $50 Visa Debit card. We thank Rob for joining us as our special guest.

Resources and links to stories:

Pretexting (noun) [Word Notes]

Tue, 10 Mar 2026 07:00:00 -0000

Please enjoy this encore of Word Notes.

A social engineering technique in which a threat actor poses as a trusted person or entity in order to trick the victim into disclosing information or performing an action that benefits the attacker.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/pretexting⁠

Audio reference link: “⁠Batch Pin Hurt Charlize Theron Skin | the Italian Job (2003) Movie Scene.⁠” YouTube, YouTube, 22 Nov. 2016.

Identity theft gets a raise.

Thu, 05 Mar 2026 06:00:00 -0000

This week, hosts of N2K CyberWire ⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ alongside ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. For our follow up this week we get an update Merriam-Webster dictionary for Joe, and listener Michael Amezquita suggested that customizable ChatGPT personality settings may explain why Joe and Dave received different responses on Hacking Humans. Dave shares reporting on a Binary Defense case where attackers used social engineering and a help desk reset to hijack a physician’s identity and reroute payroll deposits through a trusted internal system without triggering security alerts. Maria highlights a surge in AI-powered publishing scams targeting authors, where fraudsters use flattery and impersonate legitimate organizations to charge bogus marketing and promotion fees. Joe covers multi-state raids tied to a massive gold bar scam that stole tens of millions from seniors, with stolen gold allegedly melted down through cooperating jewelry stores. In our Catch of the Day, a Reddit scambaiter shared a bizarre ongoing conversation with someone claiming to be “Keanu Reeves from Brokeback Mountain” who reached out to non‑fans in Norway.

Resources and links to stories:

Web Application Firewall (noun) [Word Notes]

Tue, 03 Mar 2026 08:00:00 -0000

Please enjoy this encore of Word Notes.

A layer seven firewall designed to block threats at the application layer of the open system interconnection model, the OSI model.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/web-application-firewall⁠

Audio reference link: “VCF East 9.1 - Ches' Computer Security Adventures - Bill Cheswick.” YouTube, 29 Dec. 2015, ⁠https://youtu.be/trR1cuBtcPs⁠.

AI ate my homework.

Thu, 26 Feb 2026 06:00:00 -0000

This week, hosts of N2K CyberWire ⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ alongside ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Maria’s story covers a BBC experiment by Thomas Germain showing how easily major AI tools like ChatGPT and Google’s Gemini repeated a completely fabricated claim he posted online, highlighting what experts call a “renaissance for spam” as SEO-style manipulation resurfaces in the age of AI. Dave’s story examines Elizabeth Chamblee Burch’s book The Pain Brokers, which details how women with pelvic mesh implants were allegedly cold-called and steered into surgeries as part of a $40 million mass-tort recruitment scheme fueled by litigation finance and regulatory gaps. Joe’s story reports on an alleged decade-long ticket fraud ring at the Louvre in Paris, where tour guides and museum employees are accused of reusing tickets and bribery, costing more than €10 million before French authorities made multiple arrests. Our catch of the day comes from Reddit, where a user tested the limits of a land developer.

Resources and links to stories:

COBIT (noun) [Word Notes]

Tue, 24 Feb 2026 08:00:00 -0000

Please enjoy this encore of Word Notes.

An IT governance framework developed by ISACA.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/cobit⁠

Audio reference link: isacappc. “How Do You Explain Cobit to Your Dad – or Your CEO?” YouTube, YouTube, 24 Aug. 2016, ⁠https://www.youtube.com/watch?v=EYATVkddIyw⁠.

The voice on the other end.

Thu, 19 Feb 2026 06:00:00 -0000

This week, hosts ⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show),⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We have some follow up where Joe shares a scam call he received. Dave’s got the story on a sophisticated phishing campaign targeting Apple Pay users through fake emails and voice calls impersonating customer support, as well as Australia’s ClickFit initiative warning that romance scammers are exploiting trust online for emotional and financial gain. Joe’s story is about a former Ohio bank employee who used his insider access to steal identities and siphon roughly $2 million from elderly customers, ultimately leading to his arrest in Chicago and federal conviction. Maria’s story is about a daughter who discovers her 84-year-old mother has been financially exploited by trusted professionals and even family members, underscoring how elder fraud often comes from familiar faces. It highlights the rapid rise in elder financial abuse and the urgent need for families to step in early—before cognitive decline makes the losses irreversible. Our catch of the day come's from the "Australian Government" on a tax document being floated around.

Resources and links to stories:

Security Service Edge (SSE) (noun) [Word Notes]

Tue, 17 Feb 2026 08:00:00 -0000

Please enjoy this encore of Word Notes.

A security architecture that incorporates the cloud shared responsibility model, a vendor provided security stack, and network peering with one or more of the big content providers and their associated fiber networks.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/security-service-edge⁠

Audio reference link: Netskope (2022). What is Security Service Edge (SSE). YouTube. Available at: ⁠https://www.youtube.com/watch?v=Z9H84nvgBqw⁠ [Accessed 21 Oct. 2022].

Love was the hook.

Thu, 12 Feb 2026 06:00:00 -0000

This week, hosts ⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show),⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Dave sits down with ⁠Simon Horswell⁠, a Senior Fraud Specialist at ⁠Entrust⁠ discussing evolving romance scams for Valentine's Day. We have some follow up on chickens and a listener write-in, with a quick note on the backyard chicken trend and a closer look at a Bank of America fraud text that looked like a phish. Maria’s story follows an alleged “Dubai Crown Prince” scam that drained nearly €3 million from a Romanian businesswoman using fake banks and humanitarian appeals. Joe’s story tells of a handyman-turned-boyfriend who ran multiple dating scams and stole from his partner and her family, now featured on Amazon Prime. Dave’s story features Simon Horswell from Entrust explaining why romance scams hit $4.5 billion in 2024 and how scammers use psychological tricks, AI tools, and celebrity impersonation to manipulate victims. We have two catches of the day this week, one a physical letter from the DOJ and the other is an email from Microsoft.

Resources and links to stories:

Domain spoofing (noun) [Word Notes]

Tue, 10 Feb 2026 08:00:00 -0000

Please enjoy this encore of Word Notes.

A social engineering tactic in which hackers build a malicious domain to mimic a legitimate one.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/domain-spoofing⁠

Audio reference link: ⁠“Mission Impossible Fallout - Hospital Scene.”⁠ YouTube, YouTube, 8 Oct. 2018,

Trust me, I’m legit.

Thu, 05 Feb 2026 06:00:00 -0000

This week, while ⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) is out at a conference, hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ are joined by friend of the show Michele Kellerman, as they are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Our hosts start with some follow-up on Joe’s egg story, including his latest update and a brief detour into unexpected “big chicken news.” Joe’s story is on a massive USDA loan fraud scheme where Nikesh Patel fabricated fake government-backed farm loans, duped investment firms out of hundreds of millions of dollars, and continued running similar scams under aliases and even from prison, ultimately earning decades more in sentencing. Michele’s story is on a breaking report about the ShinyHunters group using targeted voice phishing and custom phishing kits to abuse Okta SSO, steal MFA credentials, and gain privileged access for data theft and extortion. Dave’s story is on LastPass warning users about an active phishing campaign impersonating the company, designed to steal master passwords and potentially expose all credentials stored in affected vaults. Our catch of the day comes from the Reddit, where two people we're approached by scammers through text messaging and both dealt with their scammers in different ways.

Resources and links to stories:

Secure Web Gateway (noun) [Word Notes]

Tue, 03 Feb 2026 08:00:00 -0000

Please enjoy this encore of Word Notes.

A layer seven firewall that sits in line at the boundary between the internet and an organization's network perimeter that allows security policy enforcement and can perform certain prevention and detection tasks.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/secure-web-gateway⁠

Audio reference link: ‌Vintage Computer Federation (2015). VCF East 9.1 - Ches’ Computer Security Adventures - Bill Cheswick. YouTube. Available at: ⁠https://www.youtube.com/watch?v=trR1cuBtcPs.

When legit is the trick: Phishing’s sneaky new moves. [OMITB]

Tue, 03 Feb 2026 08:00:00 -0000

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠⁠⁠DISCARDED⁠⁠⁠⁠⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠⁠Keith Mularski⁠⁠⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠⁠⁠Qintel⁠⁠⁠⁠⁠.

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our hosts discuss how attackers are increasingly abusing legitimate, trusted Microsoft workflows to make phishing campaigns more convincing and harder to spot. In device code phishing, victims are socially engineered into completing a real Microsoft OAuth login flow, inadvertently granting attackers valid access tokens without ever sharing a password. They also examined abuse of Microsoft 365 Direct Send, which allows threat actors to send phishing emails that appear to originate from inside an organization, reinforcing a broader shift toward weaponizing built-in cloud services rather than relying on obviously malicious infrastructure.

Cold weather, hot scams.

Thu, 29 Jan 2026 06:00:00 -0000

This week, hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠,⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe has two stories this week, starting with scammers cashing in on a Verizon outage by luring customers with fake credits, and ending with a rare cybercrime comeback as a woman who lost nearly $1 million gets her money back and then some. Dave’s story looks at scammers cashing in on the Ozempic and GLP-1 craze, as Wisconsin consumers lose hundreds of dollars to fake weight loss drugs, deepfake ads, and shady online pharmacies exploiting high demand and high prices. Maria’s story warns that scammers are impersonating electric, gas, and water companies this winter, using urgent threats, fake refunds, and unusual payment demands to steal money and personal information, while officials remind customers to hang up and verify any contacts through official channels. Our catch of the day comes from Reddit where the chief of police is reaching out via text.

Resources and links to stories:

Indicators of Compromise (noun) [Word Notes]

Tue, 27 Jan 2026 08:00:00 -0000

Please enjoy this encore of Word Notes.

Digital evidence that a system or network has been breached.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/indicator-of-compromise⁠

Audio reference link: ‌”⁠Suicide or Murder? | The Blind Banker | Sherlock⁠,” uploaded by Sherlock, 18 October 2015

Scammers gonna scam.

Thu, 22 Jan 2026 06:00:00 -0000

This week, hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠,⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe share's another chicken update for us, this time from Werner Herzog. Dave’s got a story from a listener named Tim, an IRS Criminal Investigation agent, who explains that real CI agents may contact people unannounced and can verify themselves in person, but if anyone asks for gift cards or crypto, it’s definitely a scam. Maria has the story on how attackers are abusing real SendGrid accounts to send politically charged phishing emails that look legitimate and trick users into handing over their credentials. Joe has two stories this week, the first on Cambodia’s renewed crackdown on massive Southeast Asian scam networks following the arrest and extradition of alleged kingpin Chen Zhi, signaling deeper international cooperation against fraud operations that have stolen billions worldwide, and the second on a Nashville Uber driver who lost $300 after falling for a convincing phone scam that impersonated Uber Support and falsely accused him of drunk driving. Our catch of the day comes from Reddit scams where one scammer gets put through the ringer, twice.

Resources and links to stories:

Intrusion Detection System (noun) [Word Notes]

Tue, 20 Jan 2026 08:00:00 -0000

Please enjoy this encore of Word Notes.

A system that monitors for malicious or unwanted activity, and either raises alerts when such activity is detected or blocks the traffic from passing to the target.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/intrusion-detection-system⁠

Audio reference link: “⁠Network Intrusion Detection and Prevention - CompTIA Security+ SY0-501 - 2.1⁠,” Professor Messer, uploaded 16 November, 2017

When a scammer meets the Force.

Thu, 15 Jan 2026 06:00:00 -0000

This week, while ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) is out, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe starts us off with a chicken update. Joe’s story is on CrowdStrike’s 2025 Global Threat Report, which reveals faster-than-ever breakout times, a surge in vishing and initial access attacks, widespread abuse of valid accounts, and a growing shift toward malware-free intrusions as adversaries become more numerous and sophisticated. Dave’s got the story on how “pig-butchering” romance scams are industrialized, detailing Reuters’ reporting on cyberfraud gangs using step-by-step psychological playbooks to groom victims, manufacture emotional attachment, and rapidly funnel them into fake investments that leave lasting financial and emotional damage. Rishika Desai, Threat Researcher and Writer from Bfore.ai, joins Dave and Joe to discuss renting social media ad accounts for scamming purposes. Our catch of the day comes from Reddit, where one user channels their inner Jedi and uses the Force to send a pesky scammer retreating to the dark side.

Resources and links to stories:

⁠A scammer’sblueprint

CROWDSTRIKE 2025 GLOBAL THREAT REPORT

MFA prompt bombing (noun) [Word Notes]

Tue, 13 Jan 2026 08:00:00 -0000

Please enjoy this encore of Word Notes.

Hackers bypass, multifactor authentication schemes by sending a blizzard of spamming login attempts until the accounts owner accepts the MFA prompt out of desperation to make the spamming stop.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/mfa-prompt-bombing⁠

Audio reference link: movieclips. “⁠Sneakers (2/9) Movie Clip - Defeating the Keypad (1992) HD.⁠” YouTube, YouTube, 29 May 2011, https://www.youtube.com/watch?v=oG5vsPJ5Tos.

It's just too good to be true.

Thu, 08 Jan 2026 06:00:00 -0000

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow up on a big honor for Dave, recognized by SANS as a Difference Maker in Media—plus a quick chicken update, a newly named rooster, and construction officially getting underway on the new run. Maria has the story on a congressional warning about a surge in winter holiday travel scams, as fake booking sites and airline impersonators drive millions in losses during peak travel season. Dave has two stories this week, one on a friend who received a suspicious email appearing to come from the chair of a nonprofit, and the other on a BBC investigation uncovering how fraudulent crowdfunding campaigns exploited children with cancer and their families, siphoning off millions meant for life-saving treatment. Joe’s story covers a warning from the IRS on how to spot and avoid tax scams, highlighting red flags like too-good-to-be-true refunds, urgent threats, fake websites, and impersonators pressuring victims for money or personal information. For our Catch of the Day, it turns out Aquaman isn’t just ruling the seas — he’s apparently sliding into fans’ texts, proving once again that when a celebrity starts sounding a little too approachable, it’s probably not Hollywood calling.

Resources and links to stories:

Poisoned at the source. [OMITB]

Tue, 06 Jan 2026 08:00:00 -0000

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠⁠DISCARDED⁠⁠⁠⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠Keith Mularski⁠⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠⁠Qintel⁠⁠⁠⁠.

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we dive into supply chain attacks through the lens of a massive Android malware campaign that infects devices before they ever reach users, embedding itself in firmware and reseller-installed system images. We connect the dots to other high-impact supply chain incidents—from SolarWinds to the recent F5 breach—and share new intelligence on Android devices compromised during manufacturing and distribution in China. Together, these cases highlight how attacks at the source can quietly scale, persist, and evade traditional defenses.

Apple Lockdown Mode (noun) [Word Notes]

Tue, 06 Jan 2026 08:00:00 -0000

Please enjoy this encore of Word Notes.

An optional security mode for macOS and iOS that reduces the attack surface of the operating system by disabling certain commonly attacked features.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/apple-lockdown-mode⁠

Audio reference link: “⁠How NSO Group’s Pegasus Spyware Was Found on Jamal Khashoggi’s Fiancée’s Phone⁠,” FRONTLINE, YouTube, 18 July 2021.

Hot sauce and hot takes: An Only Malware in the Building special.

Thu, 01 Jan 2026 06:00:00 -0000

While our team is out on winter break, please enjoy this episode of Only Malware in the Building.

Welcome in! You’ve entered, Only Malware in the Building — but this time, it’s not just another episode. This is a special edition you won’t want to miss.

For the first time, our hosts are together in-studio — and they’re turning up the heat. Literally. Join ⁠⁠⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠⁠⁠DISCARDED⁠, along with ⁠⁠⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠⁠Keith Mularski⁠⁠⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠⁠⁠Qintel⁠⁠⁠⁠⁠⁠⁠⁠⁠, as they take on a fiery hot wings challenge while answering personal questions about themselves, their careers, and the stories that shaped them. Think you’ve seen them tackle malware mysteries before? Wait until you see them sweat.

This one’s too good for audio alone — you’ll want to watch the full ⁠video⁠ edition to catch every spicy reaction, every laugh, and maybe even a few tears.

So grab your milk, get ready to feel the burn, and come join us for this special hot take on Only Malware in the Building.

Simulated Phishing (noun) [Word Notes]

Tue, 30 Dec 2025 08:00:00 -0000

While our team is out on winter break, please enjoy this episode of Word Notes.

A security awareness training technique in which authorized, but fake phishing emails are sent to employees in order to measure and improve their resistance to real phishing attacks.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/simulated-phishing⁠

Audio reference link: ⁠“Blackhat (2014) - Hacking the NSA Scene (4/10) | Movieclips.”⁠ YouTube, YouTube, 19 Apr. 2017.

Scammers are recruiting.

Thu, 25 Dec 2025 06:00:00 -0000

While our team is out on winter break, please enjoy this episode of Hacking Humans

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with a scam warning from Michal, who is sharing the latest conference scam. Dave's got the story of a retired federal investigator who mapped out the “Scammer Psychological Kill Chain” and shared rules to help you spot and break it. Maria has the story of job scams surging over 1,000% in 2025, as scammers exploit a slowing labor market and desperate jobseekers with fake offers, texts, and bogus recruiter schemes. Joe follows the story on a $4 million forex scam where two men promised safe, high returns but instead ran a Ponzi scheme that defrauded 20 investors before landing in federal prison. Our catch of the day comes from listener Shannon who writes in to share a message from "Amazon" about a recall notice.

Resources and links to stories:

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Sideloading (noun) [Word Notes]

Tue, 23 Dec 2025 08:00:00 -0000

Please enjoy this encore of Word Notes.

The process of installing applications on a device without the use of official software distribution channels.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/sideloading

Trust no link, my darling.

Thu, 18 Dec 2025 06:00:00 -0000

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. In follow-up this week, we waded into murky legal waters with a fish-demeanor pun that’s now swimming rent-free in our heads, then pivoted to some surprisingly practical home-network wisdom—segregating IoT devices before they take over your Wi-Fi (and your sanity). Joe looks at how Google is taking a dual approach to fighting scams—suing to dismantle the “Lighthouse” phishing operation while backing bipartisan legislation and rolling out AI tools to protect users from smishing, robocalls, and fraud. Maria looks at how seniors are more digitally active than ever—and why caregivers and families play a key role in keeping them safe online, with practical tips ranging from strong passwords and MFA to regular conversations about scams and device security. Dave looks at two very different but increasingly common scam fronts: an FBI warning about AI-powered “virtual kidnapping” extortion schemes using fake proof-of-life images, and a surge in celebrity impersonation scams that used hacked social media accounts to trick music fans out of billions in fake tickets, merch, crypto, and VIP offers. Our catch of the day comes from Reddit where Dave and Joe take on a series of messages that will have you rethinking the way you answer scams.

Resources and links to stories:

Microsegmentation (noun) [Word Notes]

Tue, 16 Dec 2025 08:00:00 -0000

Please enjoy this encore of Word Notes.

A zero trust security technique that isolates application workloads from each other, allowing each one to be protected individually.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/microsegmentation⁠

Audio reference link: “⁠Micro-Segmentation Masterpieces⁠,” PJ Kirner, Illumio CTO and Co-Founder, Tech Field Day, YouTube, 13 December 2020.

Don’t let public ports bite.

Thu, 11 Dec 2025 06:00:00 -0000

This week, our hosts ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with another chicken update for everyone. Dave’s got the story of a Monotype font-licensing shakedown that totally backfired — automated claims, mass messages, and scary warnings that all unraveled when a typography-savvy employee proved every allegation was wrong, leaving Monotype empty-handed. Joe’s story is on a massive Walmart robocall scam targeting millions of customers. Fake calls, using AI voices claiming a pricey PlayStation 5 order, tricked people into giving personal info. The FCC is cracking down on SK Teleco, the U.S. voice provider behind the calls, threatening to cut them off from U.S. networks if they don’t act fast to stop the scam. Maria has the story on TSA warnings for travelers: avoid plugging phones into public USB ports and skip unsecured airport Wi-Fi. Hackers can sneak malware through USBs or intercept data over open networks, so TSA and the FCC recommend using portable chargers, charging-only cables, or a VPN to stay safe while traveling. Our catch of the day comes from a Microsoft looking email which says the user has been flagged.

Resources and links to stories:

Homograph phishing (noun) [Word Notes]

Tue, 09 Dec 2025 08:00:00 -0000

Please enjoy this encore of Word Notes.

The use of similar-looking characters in a phishing URL to spoof a legitimate site.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/homograph-phishing⁠

Audio reference link: “⁠Mission Impossible III 2006 Masking 01⁠,” uploaded by DISGUISE MASK, 28 July 2018.

A fish commits credit card fraud (inadvertently).

Thu, 04 Dec 2025 06:00:00 -0000

Maria shares some research (including her own) on using AI chatbots to phish the elderly. Joe’s got two stories today. First up, he talks about the Myanmar army continuing their raids on scam centers. Joe also shares a piece on two men found guilty of engaging in an extensive fraud scheme of ACA plan subsidies involving over $233 million from the federal government. Dave's story helps keep scammers out of your stockings this holiday season. Our catch of the day comes from the phishing subreddit about a text a la Strong Bad.

Resources and links to stories:

Anti-cheat software (noun) [Word Notes]

Tue, 02 Dec 2025 08:00:00 -0000

Please enjoy this encore of Word Notes.

Software designed to prevent cheating in video games.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/anti-cheat-software⁠

Audio reference link: “⁠The BIG Problem with Anti-Cheat⁠,” by Techquickie, YouTube, 5 June 2020

Yippee-ki-yay, cybercriminals! [OMITB]

Tue, 02 Dec 2025 08:00:00 -0000

Welcome in! You’ve entered, Only Malware in the Building. Wrap yourself in a warm blanket, pour your favorite mug of tea, and join us each month as we unwrap the season’s juiciest cyber mysteries. Your host is ⁠⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠⁠DISCARDED⁠⁠⁠⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠Keith Mularski⁠⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠⁠Qintel⁠⁠⁠⁠.

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we explore Remote access, real cargo: cybercriminals targeting trucking and logistics. From clever schemes to protect shipments to the tools cybercriminals use, our guests discuss how organizations can safeguard physical goods in an increasingly connected world—because even during the season of hustle and bustle, the threats don’t take a holiday.

Nice to meet you, I'm a scammer.

Thu, 27 Nov 2025 06:00:00 -0000

Please enjoy this encore of Hacking Humans.

On Hacking Humans, ⁠Dave Bittner⁠, ⁠Joe Carrigan⁠, and ⁠Maria Varmazis⁠ (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. Our hosts discuss and ponder whether or not diamonds are the original cryptocurrency, as well as diving further into Yubikeys for organizations. Maria shares the story of a 66-year-old woman who lost her $2 million retirement savings to a romance scam on Match.com, highlighting the rise in such scams and efforts to pass the Online Dating Safety Act to protect users. Joe's story is on the Madoff Victim Fund's final $131.4 million payout, bringing total recoveries to $4.3 billion for victims of Bernard Madoff's infamous Ponzi scheme, which collapsed during the 2008 financial crisis. Dave's got the story on allegations that the PayPal Honey browser extension not only fails to deliver the best deals but also hijacks affiliate revenue from influencers by replacing their links with its own, sparking backlash and controversy. Our catch of the day comes from Reddit and Dave and Maria do their best impressions yet, as a scammer chats up an unsuspecting victim.

Resources and links to stories:

You can hear more from the T-Minus space daily show ⁠here⁠.

Have a Catch of the Day you'd like to share? Email it to us at ⁠hackinghumans@n2k.com⁠.

Pseudoransomware (noun) [Word Notes]

Tue, 25 Nov 2025 08:00:00 -0000

Please enjoy this encore of Word Notes.

Malware, in the guise of ransomware, that destroys data rather than encrypts.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/pseudoransomware⁠

Audio reference link: “⁠Some Men Just Want to Watch the World Burn | the Dark Knight⁠,” by YouTube, 2 November 2019.

Lost iPhone, found trouble.

Thu, 20 Nov 2025 06:00:00 -0000

This week, our hosts ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow up on China sentencing five members of a violent Kokang-based gang to death for running brutal scam compounds in Myanmar. And in related news, China has also extradited alleged scam kingpin She Zhijiang, a major figure behind one of Southeast Asia’s largest fraud hubs, as Beijing intensifies its crackdown on global cyber-fraud networks. Listener Jon reports a new twist on sextortion, where scammers used an unsolicited FaceTime call to capture an image, generate an AI-manipulated obscene photo, and then extort an employee using publicly scraped contact lists. Joe’s story is on Anthropic’s claim that attackers jailbroke its Claude model to carry out what it calls the first AI-orchestrated cyber-espionage campaign, a narrative now being challenged by researchers like Dan Goodin and Dan Tentler, who argue the attack was far less “autonomous” than advertised and comparable to long-standing hacking tools rather than a breakthrough in offensive AI. Dave’s story is on a new phishing scam where attackers use the contact info displayed on a lost iPhone’s lock screen to send fake “Find My” texts claiming the device was found, luring victims to a spoofed Apple login page to steal their Apple ID and bypass Activation Lock. Maria has the story on Zimperium’s Mobile Shopping Report, which shows that during the holiday season mobile threats surge across mishing, fake retail and payment apps, and app-level vulnerabilities—making this the peak time for scammers to exploit shoppers with spoofed texts, malicious apps, and insecure SDKs hidden inside legitimate shopping tools. Our catch of the day comes from the phishing subreddit as someone is impersonating a woman who is sick with cancer asking for the victim to take care of their money.

Resources and links to stories:

Trusted Platform Module (TPM) (noun) [Word Notes]

Tue, 18 Nov 2025 08:00:00 -0000

Please enjoy this encore of Word Notes.

A browser configuration control that prevents accessing resources within a private network.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/trusted-platform-module⁠

Audio reference link: “⁠TPM (Trusted Platform Module) - Computerphile⁠,” Computerphile, 23 July 2021

Tap, pay…and prey.

Thu, 13 Nov 2025 06:00:00 -0000

This week, our hosts ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some big chicken news from Joe! Dave’s story is on Meta’s internal documents revealing it projected up to 10% of its 2024 revenue, worth billions, would come from fraudulent or banned ads across its platforms. Maria has the story on how Howler Cell at Cyderes uncovered a systemic “Bring Your Own Updates” risk in Windows updaters, where attackers can hijack trusted, signed update clients like Advanced Installer to deliver malicious code that evades detection and could lead to large-scale supply-chain attacks. Joe has the story on a new scam called “ghost tapping,” where fraudsters use near-field communication devices to secretly charge tap-to-pay cards and mobile wallets in crowded places. Victims often don’t notice until small, unauthorized withdrawals add up, prompting the BBB to warn consumers to use RFID-blocking wallets, verify charges before tapping, and monitor accounts for suspicious activity. Our catch of the day is on an application to the Council of the Ecliptic.

Resources and links to stories:

Private Network Access (PNA) (noun) [Word Notes]

Tue, 11 Nov 2025 08:00:00 -0000

Please enjoy this encore of Word Notes.

A browser configuration control that prevents accessing resources within a private network.

CyberWire Glossary ⁠link⁠.

Audio reference link: “⁠Chrome Limits Access to Private Networks⁠,” by Daniel Lowrie, ITProTV, YouTube, 19 January 2022.

Seniors in scam crosshairs.

Thu, 06 Nov 2025 06:00:00 -0000

This week, our hosts ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up, listener Jay shared how Robinhood tackled a $25.4 billion phone scam problem with a simple fix—a bright yellow in-call banner that warns users, “We’re not calling you. If the caller says they’re from Robinhood, they’re not—hang up.” Meanwhile, Myanmar’s military blew up a major online scam center at KK Park, forcing over 1,500 people to flee into Thailand. Listener JJ reminds us it’s “CAC cards,” not just “CAC,” and Shannon reports from Scooter’s Coffee, where customers are now bringing chickens for pup cups—proving some pets really do rule the roost. Maria’s story is on Bitdefender and NETGEAR’s 2025 IoT Security Report, which found smart homes now face triple the attacks of last year—about 29 a day. Dave’s story is on a cloud architect who exposed his AWS keys online, letting attackers hijack his account for crypto-mining and phishing. His takeaway: secure keys, limit privileges, and assume it can happen to you. Joe’s got the story of scammers posing as banks or the FTC, using fake security alerts to trick older adults into draining their savings. The FTC says losses are skyrocketing—so don’t move money or trust surprise calls or pop-ups. Our catch of the day comes from the Scams SubReddit, where a scammer got way more than what they signed up for in a text chain.

Resources and links to stories:

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Pass the intel, please. [OMITB]

Tue, 04 Nov 2025 08:00:00 -0000

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠, ⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠DISCARDED⁠⁠⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠ ⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠ and ⁠⁠⁠Keith Mularski⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠Qintel⁠⁠⁠.

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we explore what makes information sharing actually work. From public-private partnerships to actionable intelligence, our guests discuss how organizations can prioritize, process, and operationalize shared cyber threat data to stay ahead of emerging risks.

Plus, catch Dave, Selena, and Keith on their road trip adventure in our video on ⁠YouTube⁠ — full of laughs, unexpected detours, and plenty of sleuthing!

Web 3.0 (noun) [Word Notes]

Tue, 04 Nov 2025 08:00:00 -0000

Please enjoy this encore of Word Notes.

The potential next evolution of the worldwide web that decentralizes interaction between users and content away from the big silicon valley social media platforms like Twitter, Facebook, and YouTube, and towards peer-to-peer interaction using blockchain as the underlying technology.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/web-30⁠

Audio reference link: “⁠What Elon Musk Just Said about Metaverse, Web3 and Neuralink⁠,” By Clayton Morris, Crypto News Daily, YouTube. 2 December 2021.

The Malware Mash!

Fri, 31 Oct 2025 07:00:00 -0000

Happy Halloween from the team at N2K Networks!

We hope you share in our Halloween tradition of listening to the Malware Mash. You can check out our video ⁠here⁠.

Lyrics

I was coding in the lab late one night

when my eyes beheld an eerie sight

for my malware threat score began to rise

and suddenly to my surprise...

It did the Mash

It did the Malware Mash

The Malware Mash

It was a botnet smash

It did the Mash

It caught on 'cause of Flash

The Malware Mash

It did the Malware Mash

From the Stuxnet worm squirming toward the near east

to the dark web souqs where the script kiddies feast

the APTs left their humble abodes

to get installed from rootkit payloads.

They did the Mash

They did the Malware Mash

The Malware Mash

It was an adware smash

They did the Mash

It caught on 'cause of Flash

The Malware Mash

They did the Malware Mash

The botnets were having fun

The DDoS had just begun

The viruses hit the darknet,

with ransomware yet to come.

The keys were logging, phishing emails abound,

Snowden on chains, backed by his Russian hounds.

The Shadow Brokers were about to arrive

with their vocal group, "The NotPetya Five."

They did the Mash

They played the Malware Mash

The Malware Mash

It was a botnet smash

They did the Mash

It caught on 'cause of Flash

The Malware Mash

They played the Malware Mash

Somewhere in Moscow Vlad's voice did ring

Seems he was troubled by just one thing.

He opened a shell then shook his fist

and said, "Whatever happened to my Turla Trojan twist."

It's now the Mash

It's now the Malware Mash

The Malware Mash

And it's a botnet smash

It's now the Mash

It caught on 'cause of Flash

The Malware Mash

It's now the Malware Mash

Now everything's cool, Vlad's a part of the band

And the Malware Mash is the hit of the land.

For you, defenders, this mash was meant to

when you get to my door, tell them Creeper sent you.

Then you can Mash

Then you can Malware Mash

The Malware Mash

And be a botnet smash

It is the Mash

Don't you dare download Flash

The Malware Mash

Just do the Malware Mash

Beware the boo-gus giveaway.

Thu, 30 Oct 2025 05:00:00 -0000

This week, our hosts ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. In our follow up, our hosts respond to a listener who wrote in with an insightful question about the role of wealth in scam susceptibility. Joe's story covers how a fake AI recruiter lures developers with a GitHub “technical assessment” that, when run, unleashes a five-stage malware chain to steal credentials, wallets, and install persistent backdoors. Maria has the story on a Halloween-themed phishing scam that lured victims with a fake Home Depot giveaway, using obfuscated code, stolen email threads, and tracking pixels to trick users into handing over personal and payment information. Dave’s story is on a convincing phishing email claiming Dashlane was hacked, showing how fear and urgency—even in obvious scams—can make anyone second-guess before thinking twice. Our catch of the day is from the scams sub-Reddit thread, and is how one user received a message from their "aunt" who wanted to be nice and grab the user a present.

Resources and links to stories:

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Identity access management (IAM) (noun) [Word Notes]

Tue, 28 Oct 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

A set of solutions for ensuring that the right users can only access the appropriate resources.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/identity-and-access-management⁠

Audio reference link: “⁠The Wrath of Khan (1982) ‘Kirk’s Response⁠,’” by Russell, YouTube, 16 May 2017.

Liar, liar, AI on fire.

Thu, 23 Oct 2025 05:00:00 -0000

This week, while ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠ is on vacation, hosts ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Users are reporting a potential new Signal scam involving fake in-app messages posing as official support, though Signal confirms it never contacts users first and only communicates via Signal email addresses. Joe’s story is on South Korea targeting Cambodia’s scam industry after reports of kidnappings, torture, and a death, as officials crack down on criminal groups luring citizens into forced online fraud operations across Southeast Asia. Maria has the story on how AI-driven scams like deepfakes and virtual kidnappings are increasingly targeting Gen Z, using fake voices and videos to power extortion schemes that exploit their mobile-first, always-online lives. Listener DarkProphet6 shares a clever phishing attempt disguised as a fake Cloudflare “I’m not a robot” check, which tried to trick users into pasting malicious code into their terminal — a move that could have created a remote shell for attackers.

Resources and links to stories:

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Policy Orchestration (noun) [Word Notes]

Tue, 21 Oct 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

The deployment of rules to the security stack across all data islands, cloud, SaaS applications, data centers, and mobile devices designed to manifest an organization's cybersecurity first principle strategies of zero trust, intrusion kill chain prevention, resilience, and risk forecasting.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/policy-orchestration⁠

Audio reference link: “⁠The Value of Using Security Policy Orchestration and Automation⁠,” by David Monahan, uploaded by EMAResearch, 3 April, 2018

Scams that steal more than money.

Thu, 16 Oct 2025 05:00:00 -0000

This week, our hosts ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠ , ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Dave's story is on how older aspiring models like Judy were scammed into paying hundreds for fake photoshoots, and how to avoid falling for similar tricks. Joe’s got the story of how Bitcoin ATMs are being exploited by scammers, costing Americans millions and targeting mostly older victims. Maria's got the story of a rapidly spreading WhatsApp “Vote for My Child” scam across Europe that hijacks accounts and extorts money through emotional trickery. Our catch of the day comes from Reddit, where a user is messaged by the one and only Barack Obama.

Resources and links to stories:

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Abstraction layer (noun) [Word Notes]

Tue, 14 Oct 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

A process of hiding the complexity of a system by providing an interface that eases its manipulation.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/abstraction-layer⁠

Audio reference link: “⁠What Is Abstraction in Computer Science,⁠” by Codexpanse, YouTube, 29 October 2018.

The text trap tightens.

Thu, 09 Oct 2025 05:00:00 -0000

This week, our hosts ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠ , ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Listener Chad wrote in after hearing an episode to share that he received a suspicious call that sounded like a prison-related scam. Maria’s story is on a new Consumer Reports study revealing a surge in texting and messaging scams, with young adults hit hardest and major disparities in who loses money. Joe covers the story on YouTuber Tai Lopez — famous for his “here in my garage” videos — being charged by the SEC for running a $112 million Ponzi-like investment scheme. Dave’s got the story on a new Android trojan called Datzbro that targets seniors with AI-generated Facebook travel events, leading to device takeovers and financial fraud. Our catch of the day comes from listener Cameron, who shares an "urgent message from Union Bank."

Resources and links to stories:

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

When malware goes bump in the night.

Tue, 07 Oct 2025 07:00:00 -0000

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this spooky special episode, our hosts ponder which threat actor, malware, or campaign name would be the most terrifying — from the spectral stealth of GhostRAT silently haunting your systems, to the deceptively sweet lure of ILoveYou that once spread chaos across the globe. Along the way, they share some of their favorite “ghost stories” from the cyber underworld — legendary incidents and infamous operations that still haunt defenders today — and explore why these names and their real-world impacts have left such lasting scars on the digital landscape.

Plus, we’ve cooked up a fun, mystery-solving video to accompany this episode — complete with spooky clues, masked sleuths, and a few laugh-out-loud moments that fans of classic cartoon detectives will appreciate. Check it out on YouTube and see if you can unmask the culprit!

Identity Fabric (noun) [Word Notes]

Tue, 07 Oct 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

A set of services for managing identity and access management, or IAM across all of an organization's data islands.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/identity-fabric⁠

Audio reference link: “⁠Leadership Compass Identity Fabrics - Analyst Chat 126⁠,” by KuppingerCole, YouTube, 30 May 2022.

Lock your doors and check your URLs.

Thu, 02 Oct 2025 05:00:00 -0000

This week, our hosts ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠ , ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start off with a celebration of Cybersecurity Awareness Month. Joe's story is on how the North Wales Police are warning cryptocurrency holders after a victim lost £2.1 million in Bitcoin to a highly targeted scam, where criminals posing as police used a fake security breach story to trick them into entering their password on a fraudulent site. Dave has two stories this week, the first one from a Reddit user being targeted by the classic "White Van Scam," where scammers tried to sell cheap projectors as high-end equipment using a fake story and forged receipt. In his second story, the FBI is warning that cybercriminals are spoofing its official IC3 website to steal personal information and scam victims, urging users to type the URL directly and avoid suspicious links or fake social media pages. Maria has the story on two U.S. senators pressing Tinder parent company Match Group to step up efforts against romance scams, demanding details on how it detects fraud and protects users from criminals exploiting trust on its platforms. Our catch of the day comes from Reddit where a user was targeted by a scammer, but cleverly was able to get them to retreat.

Resources and links to stories:

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Intrusion Kill Chain (noun) [Word Notes]

Tue, 30 Sep 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

A cybersecurity first principle strategy focused on disrupting known adversary activity at one of several phases of an attack sequence.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/intrusion-kill-chain⁠

Audio reference link: "⁠Cybersecurity Days: A Network Defender's Future⁠," by Rick Howard, Integrated Cyber Conference, Integrated Adaptive Cyber Defense (IACD), YouTube, 26 October 2018.

The new weapon in text scams.

Thu, 25 Sep 2025 05:00:00 -0000

This week, while⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner is out, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Listener Daniel shares a follow-up where scammers exploited details from a Texas car accident to pose as claim assistants, highlighting the importance of working only with your insurance or official state agencies. Joe follows the story of Iowa authorities uncovering a nationwide texting scam run from inside a Georgia prison, and a Cincinnati man pleading guilty to stealing over $2 million through dating app fraud. Maria covers two stories this week, one on how human trafficking victims are being forced to run online scams across Southeast Asia’s billion-dollar fraud industry, and another on cybercriminals using “SMS blasters” to push mass scam texts directly to nearby phones by impersonating cell towers. Our catch of the day comes from Reddit where a user received a deceiving letter by mail.

Resources and links to stories:

Identity Orchestration (noun) [Word Notes]

Tue, 23 Sep 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

A subset of security orchestration, the management of identities across an organization's set of digital islands.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/identity-orchestration

Scammers are recruiting.

Thu, 18 Sep 2025 05:00:00 -0000

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with a scam warning from Michal, who is sharing the latest conference scam. Dave's got the story of a retired federal investigator who mapped out the “Scammer Psychological Kill Chain” and shared rules to help you spot and break it. Maria has the story of job scams surging over 1,000% in 2025, as scammers exploit a slowing labor market and desperate jobseekers with fake offers, texts, and bogus recruiter schemes. Joe follows the story on a $4 million forex scam where two men promised safe, high returns but instead ran a Ponzi scheme that defrauded 20 investors before landing in federal prison. Our catch of the day comes from listener Shannon who writes in to share a message from "Amazon" about a recall notice.

Resources and links to stories:

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Diamond Model (noun) [Word Notes]

Tue, 16 Sep 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

A cyber threat intelligence analysis model that defines relationship pairs between four core components in the shape of a diamond of adversary playbook activity across the intrusion kill chain: the adversary, their capability, the infrastructure used or attacked, and the victim.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/diamond-model ⁠

Audio reference link: “⁠Diamond Presentation v2 0: Diamond Model for Intrusion Analysis – Applied to Star Wars’ Battles⁠,” Andy Pendergrast and Wade Baker, ThreatConnect, YouTube, 4 February 2020.

How little data reveals a lot.

Thu, 11 Sep 2025 05:00:00 -0000

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Maria's story is on her recent close encounter with a Facebook scam. Dave's story is on a new strain of spyware that automates sextortion by detecting when users watch pornography, then secretly capturing both browser screenshots and webcam photos to blackmail victims. Joe's story is on the power of metadata, sharing how even limited browsing data from his machine learning class revealed personal details like daily routines, house hunting, and financial institutions. Our catch of the day comes from the Scams subreddit, featuring a phony Illuminati recruitment email promising power, wealth, and recognition in exchange for personal information.

Resources and links to stories:

Automated Sextortion Spyware Takes Webcam Pics of Victims Watching Porn

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

MITRE ATT&CK (noun) [Word Notes]

Tue, 09 Sep 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

A knowledge base of adversary tactics, techniques, and procedures established and maintained by the MITRE Corporation.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/mitre-attck⁠

Audio reference link: “⁠Attack Frameworks - SY0-601 CompTIA Security+ : 4.2⁠,” Professor Messer, YouTube, 29 April 2021.

When your AI gets scammed.

Thu, 04 Sep 2025 05:00:00 -0000

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. This week’s follow-up brings two gems: a smart tip from a listener on handling suspicious “bank calls” by asking the caller to leave a note on your account, then verifying directly with your bank. Plus, a delightful story about “Chicken Camp,” where trainers hone their skills by teaching chickens tricks—proof that maybe one day a chicken-driven tractor isn’t such a far-fetched idea! Joe's story is on YouTube scam-baiters who helped expose a $65 million fraud ring that preyed on vulnerable victims, including a Holocaust survivor’s widow. Maria's got the story of how agentic AI browsers, designed to shop and click for you, proved alarmingly easy to trick into scams and phishing schemes—ushering in a new era of “Scamlexity.” Dave's story covers a growing luggage tag scam where discarded tags give scammers enough personal info to file false baggage claims against travelers. The catch of the day comes from listener Chad, who spotted a suspicious message likely aiming to hijack his Facebook account—but wisely didn’t take the bait.

Resources and links to stories:

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Hot sauce and hot takes: An Only Malware in the Building special. [OMITB]

Tue, 02 Sep 2025 07:00:00 -0000

Welcome in! You’ve entered, Only Malware in the Building — but this time, it’s not just another episode. This is a special edition you won’t want to miss.

This one’s too good for audio alone — you’ll want to watch the full ⁠video⁠ edition to catch every spicy reaction, every laugh, and maybe even a few tears.

So grab your milk, get ready to feel the burn, and come join us for this special hot take on Only Malware in the Building.

DevOps (noun) [Word Notes]

Tue, 02 Sep 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

The set of people, process, technology, and cultural norms that integrates software development and IT operations into a system-of-systems.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/devops⁠

Audio reference link: "⁠10+ Deploys Per Day: Dev and Ops Cooperation at Flickr⁠," by John Allspaw and Paul Hammond, Velocity 09, 25 July 2009.

Social engineering served sunny-side up.

Thu, 28 Aug 2025 05:00:00 -0000

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow up, this time involving a surprising new flock of chickens and a listener note from Belgium. Via Peter Janssen, as he’s seen the same fake “employee discount” scams we covered, only this time targeting backpacks and other products. Dave's story is on a new “podcast imposter” scam, where fake invites trick business owners and influencers into giving remote access so attackers can hijack their accounts. Joe's got a story on Workday disclosing a breach after attackers used social engineering to infiltrate a third-party CRM system, and why this matters given Workday’s wide use as the front end for so many companies’ HR departments. Maria brings two quick hits this week: a fake FedEx text scam making the rounds, and a look at whether covering kids’ faces with emojis in photos really protects their privacy — or if it’s more illusion than protection. On today's catch of the day, Dave got a text claiming he’s been recommended for a high-paying, no-experience-needed YouTube job—classic signs of a scam promising easy money and “free training.”

Complete our annual ⁠⁠⁠⁠⁠⁠⁠⁠audience survey⁠⁠⁠⁠⁠⁠⁠⁠ before August 31.

Resources and links to stories:

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Waterfall Software Development Method (noun) [Word Notes]

Tue, 26 Aug 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

A software development model that relies on a series of sequential steps that flow into each other, like a series of waterfalls.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/waterfall-software-development⁠

Audio reference link: “⁠Creating Video Games - Agile Software Development,⁠” by Sara Verrilli, MIT OpenCourseWare, YouTube, 10 December 2015

Scammers hit the right notes in the wrong way.

Thu, 21 Aug 2025 05:00:00 -0000

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow up from Chris Martin, a long-time listener and fan of the show. Chris shares that his employer uses Hoxhunt for cybersecurity awareness training and came across a fun gem worth mentioning. Next, Jay writes in with a heads-up about a scam running in large cities. Criminals are reportedly sticking phones to desirable cars and then using the tracking features to show up at victims’ homes to steal the vehicles. Joe has more info on his chickens. Maria shares the story of a Spotify job recruitment scam and the email she received, where scammers used a convincing fake site to mimic Spotify’s real careers page in an attempt to steal logins. Joe has two stories this week, the first on federal investigators charging 13 people in a $5 million “grandparent scam” that targeted hundreds of elderly victims, a scheme uncovered after Uber flagged suspicious activity to the FBI when its drivers were unknowingly used to move cash. His second story looks at Northern California, where two suspects were arrested in a “cash drop scam” linked to more than 40 cases across six states, after a sharp-eyed loss prevention agent recognized the scheme and alerted police. Dave’s story this week covers federal investigators charging 13 people in a $5 million “grandparent scam” that targeted hundreds of elderly victims, uncovered after Uber flagged suspicious activity to the FBI when its drivers were unknowingly used to move cash. Our Catch of the Day comes from Patrick, who shared a scam email claiming to be from the IMF offering a $9.8 million “compensation fund” paid out in daily $5,000 MoneyGram transfers—if the recipient just hands over all their personal details.

Complete our annual ⁠⁠⁠⁠⁠⁠⁠audience survey⁠⁠⁠⁠⁠⁠⁠ before August 31.

Resources and links to stories:

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Agile Software Development Method (noun) [Word Notes]

Tue, 19 Aug 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

A software development philosophy that emphasizes incremental delivery, team collaboration, continual planning, and continual learning

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/agile-software-development⁠

Audio reference link: "⁠Velocity 09: John Allspaw and Paul Hammond, "10+ Deploys Pe,⁠" John Allspaw and Paul Hammond, 2009 Velocity Conference, YouTube, 25 June 2009.

This scam is now in session.

Thu, 14 Aug 2025 05:00:00 -0000

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe's story is on WhatsApp rolling out new anti-scam tools, disrupting over 6.8 million scam-linked accounts, and partnering with experts to share tips on spotting and avoiding sophisticated cross-platform scams run by organized crime networks. Dave's got the story of how “PharmaFraud” — a global network of fake online pharmacies — scams consumers with counterfeit or dangerous medications, stealing money and personal data while putting health and safety at serious risk. Maria dives into the story on a new twist to jury duty scams, where callers posing as police direct victims to fake government websites to steal personal data and money, often demanding payment through cryptocurrency or other untraceable methods. Our catch of the day comes from listener Adam who shares a SiriusXM payment scam they received through an email.

Complete our annual ⁠⁠⁠⁠⁠⁠audience survey⁠⁠⁠⁠⁠⁠ before August 31.

Resources and links to stories:

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Pegasus (noun) [Word Notes]

Tue, 12 Aug 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

The flagship product of the controversial Israeli spyware vendor, the NSO Group, use for remotely hacking mobile devices, most notably iPhones, via zero-click exploits.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/pegasus⁠

Audio reference link:⁠“Cybersecurity beyond the Headlines: A Conversation with Journalist Nicole Perlroth⁠,” Kristen Eichensehr, and Nicole Perlroth, University of Virginia School of Law, YouTube, 14 February 2022

Yeti or not, it’s a scam.

Thu, 07 Aug 2025 05:00:00 -0000

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up on an Arizona woman sentenced to over eight years in prison for running a “laptop farm” that helped North Korean IT workers pose as U.S. employees at hundreds of American companies, funneling over $17 million to Pyongyang through stolen identities and remote access. We also share an update on Joe's Profile picture. We start with Dave’s story on a Facebook scam falsely claiming insider access to a secret Yeti cooler deal from Dick’s Sporting Goods, using a fake emotional backstory to lure users into clicking a malicious link under the guise of an employee-only loophole. Maria’s story is on escalating violence at the Thailand-Cambodia border, where a long-standing territorial dispute has reignited after a leaked phone call between leaders fractured a decades-old political friendship, sparking deadly clashes, diplomatic fallout, and rising tensions fueled by personal betrayal, political instability, and mutual economic pressures. Joe’s story follows the indictment of a former Tri-Cities pastor who allegedly used his position and a fake cryptocurrency scheme called “Solano Fi” to defraud his congregation and others out of millions, promising risk-free returns while siphoning the funds for himself and his co-conspirators. Our catch of the day comes from Joe who shares an interesting email from "Xfinity."

Complete our annual ⁠⁠⁠⁠⁠audience survey⁠⁠⁠⁠⁠ before August 31.

Resources and links to stories:

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Domain-based Message Authentication Reporting Conformance (DMARC) (noun) [Word Notes]

Tue, 05 Aug 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

An open source email authentication protocol designed to prevent emails, spoofing in phishing, business email compromise or BEC, and other email-based attacks.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/pegasus⁠

Audio reference link:"⁠Global Cyber Alliance's Phil Reitinger talks DMARC adoption⁠" “Global Cyber Alliance’s Phil Reitinger Talks DMARC Adoption.” YouTube Video. YouTube, April 27, 2018

Work from home, malware included. [OMITB]

Tue, 05 Aug 2025 07:00:00 -0000

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠⁠Selena Larson⁠⁠⁠, ⁠⁠⁠Proofpoint⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠DISCARDED⁠⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠N2K Networks⁠⁠⁠ ⁠⁠⁠Dave Bittner⁠⁠⁠ and ⁠⁠Keith Mularski⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠Qintel⁠⁠.

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our three hosts discuss several articles covering a new wave of social engineering attacks tied to the so-called Contagious Interview campaign. In this operation, threat actors linked to North Korea are reportedly posing as tech recruiters to trick job seekers into downloading malware. The discussion highlights updates to two malware strains—BeaverTail and InvisibleFerret—that have been retooled with cross-platform capabilities and new data theft features, raising fresh concerns about how targeted individuals could become a gateway into larger organizational networks.

You can find the links to the stories here:

Click for a pay bump?

Thu, 31 Jul 2025 05:00:00 -0000

In this special episode of Hacking Humans, while Joe and Maria take a well-earned summer break, we’re joined by a special guest host: Rob Allen, Chief Product Officer at ThreatLocker. Rob dives into the tactics and profile of the cybercriminal group known as Scattered Spider—a crew that’s gained notoriety for its cunning use of social engineering over traditional hacking techniques. Known for being young, agile, and highly manipulative, Scattered Spider has successfully bypassed security measures not by breaking systems, but by fooling the people who use them. Tune in for a fascinating breakdown of how this group operates and what you can do to defend against them. A listener caught this catch of the day on campus—an email claiming a “salary increase” and urging them to click a sketchy link. It came from outside the company, was riddled with grammar issues, and asked for info HR should already have.

Complete our annual ⁠⁠⁠⁠audience survey⁠⁠⁠⁠ before August 31.

Resources and links to stories:

⁠⁠Scattered Spider weaves web of social-engineered destruction

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Shields Up (noun) [Word Notes]

Tue, 29 Jul 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

A condition announced by the US Cybersecurity and Infrastructure Security Agency (CISA) to draw attention to a temporary period of high alert, associated with expectation of a connected wave of cyberattacks prompted by either a widespread vulnerability or an unusually active and capable threat actor.

CyberWire Glossary link: ⁠⁠https://thecyberwire.com/glossary/shields-up⁠⁠

Audio reference link: “⁠⁠Star Trek II Wrath of Khan - Reliant vs Enterprise; First Clash⁠⁠” YouTube, YouTube, 11 Apr. 2015,

The delusional side of AI therapy.

Thu, 24 Jul 2025 05:00:00 -0000

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We've got some follow-up from listener Kajetan, who recalled a run-in with a scammer in Paris posing as a mute fundraiser—and says he performed a "miracle" by crossing out his name, prompting the supposedly mute woman to suddenly start yelling at him. Maria has the story on how small businesses in Toronto, like the family-run Souvlaki Hut and Pippins Tea Company, were shocked to discover that thieves exploited vulnerabilities in their point of sale terminals to issue themselves thousands in fraudulent refunds—exposing serious flaws in how these machines are secured. Dave's story is on a Stanford-led study that found popular AI therapy bots, including ChatGPT and commercial mental health platforms, often respond inappropriately to serious mental health issues—fueling delusions, validating harmful thoughts, and failing to follow basic therapeutic guidelines—raising urgent concerns about their use as replacements for human therapists. Joe follows the story on a sweeping federal investigation into Minnesota's Housing Stabilization Services program, where agents raided homes and businesses tied to an alleged multi-million-dollar Medicaid fraud scheme that exploited vulnerable residents and billed taxpayers for housing support services that were never provided. Our catch of the day is on a patient scammer who spent five months building trust before claiming to send a $700K inheritance payout locked in a lawsuit—complete with a fake video of a safe and a shady tracking number—only to demand €15,000 in "customs fees," a scam the Redditor thankfully saw through before handing over any money.

Complete our annual ⁠⁠⁠audience survey⁠⁠⁠ before August 31.

Resources and links to stories:

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Software Assurance Maturity Model (SAMM) (noun) [Word Notes]

Tue, 22 Jul 2025 05:00:00 -0000

Please enjoy this encore of Word Notes.

A prescriptive open source software security maturity model designed to guide strategies tailored to an organization’s specific risks.

Audio reference link: "⁠⁠OWASPMSP - Pravir Chandra: Software Assurance Maturity Model (OpenSAMM)⁠⁠." by Pravir Chandra, OWASP MSP, 2009.

It’s all glitter, no gold.

Thu, 17 Jul 2025 05:00:00 -0000

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Our hosts share some follow-up, including a Rick Roll after the last episode. They also highlight a listener note from Evaldas in Lithuania, who explains that companies often use alternate domains for marketing emails to protect their main domain’s reputation—so marking them as spam is actually expected. Joe’s got a story of a billion-dollar AI-fueled scam where criminals impersonate celebrities like Keanu Reeves and Kevin Costner to exploit lonely fans—convincing them to send money, fall in love, and keep the relationship secret, all while Hollywood scrambles to fight back. Maria has the story of how a federal court blocked the FTC’s new “click-to-cancel” rule—meant to make canceling subscriptions easier—due to a procedural misstep, just days before it was set to take effect. Dave shares a story from Reddit about a disturbing extortion scam where a victim received a fake photo of their car outside a strip club—with their real license plate—demanding $1,000 to keep it quiet, raising questions about data scraping and AI manipulation. Our catch of the day comes from the scams subreddit, where a user shares a tale of a scammer promising big returns for investing in gold and diamonds—spoiler alert: it’s all glitter, no gold.

Complete our annual ⁠⁠audience survey⁠⁠ before August 31.

Resources and links to stories:

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Universal 2nd Factor (U2F) (noun) [Word Notes]

Tue, 15 Jul 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

An open standard for hardware authentication tokens that use the universal serial bus, or USB, near-field communications, or NFCs, or Bluetooth to communicate one factor in a two-factor authentication exchange.

Cyberwire Glossary link: ⁠⁠https://thecyberwire.com/glossary/u2f⁠⁠

Audio reference link: “⁠⁠Rise of the Machines: A Cybernetic History⁠⁠,” by Thomas Rid, Published by W. W. Norton Company, 21 November 2017.

Convinced, compromised, and confirmed.

Thu, 10 Jul 2025 05:00:00 -0000

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠Dave Bittner⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with a ton of follow-up—from a sextortion scam that triggered a bot frenzy on Facebook, to sandboxed scam-baiting with fake credit cards, to a surprise magazine subscription that may or may not involve chicken gods. Plus, one listener wonders: do people really know what a strong password is? Dave’s story is on a massive China-linked scam where hackers are spoofing big-name retail websites—like Apple, PayPal, and Hermes—to trick shoppers into handing over their payment info on convincing fake storefronts, with thousands of fraudulent sites still live and targeting victims worldwide. Joe's got the story of a sneaky spear-phishing campaign targeting financial execs with fake job offers that ultimately install a legit remote access tool, NetBird, to gain stealthy, persistent access—part of a growing trend where attackers use real software and clever social engineering to fly under the radar. Maria's got the story of a young homebuyer who lost $109,000 to a payment redirection scam, prompting Australian banks to finally roll out a “Confirmation of Payee” system to prevent similar fraud—though critics say the fix still puts too much blame on victims. Our catch of the day comes from the Scams sub-Reddit, where we hear about a scam getting people to click on a fake job that's too good to be true.

Complete our annual ⁠audience survey⁠ before August 31.

Resources and links to stories:

⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

adversary group naming (noun) [Word Notes]

Tue, 08 Jul 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

A cyber threat intelligence best practice of assigning arbitrary labels to collections of hacker activity across the intrusion kill chain.

Brushed aside: The subtle scam you didn't order.

Thu, 03 Jul 2025 05:00:00 -0000

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠Dave Bittner⁠⁠, ⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow up, as Joe shares with us a complaint he has with Vanguard. Maria’s story is on McAfee’s latest research revealing that one in five Americans has fallen for a travel scam—often losing hundreds of dollars—despite many trying to stay vigilant, as scammers use fake websites, AI-altered photos, and phishing links to exploit deal-seeking travelers. Joe’s got two stories this week: the first one is from Rachel Tobac on LinkedIn, breaking down how attackers like Scattered Spider are using phone-based impersonation, fake domains, and social engineering to breach insurance companies, and the second is on Aflac confirming it was hit in a cyberattack believed to be part of a broader campaign targeting the insurance sector, likely tied to the same threat group. Dave’s story is on brushing scams, a scheme the United States Postal Service is warning about, where scammers send unordered packages—often low-cost items—to people’s addresses so they can fraudulently post fake “verified” reviews online using the recipient’s name and address to boost product rankings. Our catch of the day is from the scams sub-Reddit, where someone shared text messages from a scammer asking for only a small favor.

Complete our annual audience survey before August 31.

Resources and links to stories:

⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠.

BSIMM (noun) [Word Notes]

Tue, 01 Jul 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

A descriptive model that provides a baseline of observed software security initiatives and activities from a collection of volunteer software development shops.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/bsimm⁠

Audio reference link: “⁠OWASP AppSecUSA 2014 - Keynote: Gary McGraw - BSIMM: A Decade of Software Security⁠.” YouTube Video. YouTube, September 19, 2014.

The RMM protocol: Remote, risky, and ready to strike. [Only Malware in the Building]

Tue, 01 Jul 2025 07:00:00 -0000

Please enjoy this encore of Only Malware in the Building.

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠Selena Larson⁠⁠, ⁠⁠Proofpoint⁠⁠ intelligence analyst and host of their podcast ⁠⁠DISCARDED⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by ⁠⁠N2K Networks⁠⁠ ⁠⁠Dave Bittner⁠⁠ and our newest co-host, ⁠Keith Mularski⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠Qintel⁠.

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our hosts discuss the growing trend of cybercriminals using legitimate remote monitoring and management (RMM) tools in email campaigns as a first-stage payload. They explore how these tools are being leveraged for data theft, financial fraud, and lateral movement within networks. With the decline of traditional malware delivery methods, including loaders and botnets, the shift toward RMMs marks a significant change in attack strategies. Tune in to learn more about this evolving threat landscape and how to stay ahead of these tactics.

The many faces of fraud.

Thu, 26 Jun 2025 05:00:00 -0000

This week, our hosts⁠⁠⁠⁠⁠⁠⁠ ⁠Dave Bittner⁠, ⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up from listener Abdussobur, who wonders if a pair of suspicious text messages—one sent to his wife and another to him with a nearby address—could be the result of a data breach. Joe's story is on a surge of financial aid fraud where identity thieves, often using AI chatbots as “ghost students,” are enrolling in online college courses to steal federal funds—leaving real people like Heather Brady and Wayne Chaw with fake loans and months of bureaucratic cleanup. Dave's got the story on how the FIN6 cybercriminal group is posing as job seekers on LinkedIn to trick recruiters into opening malware-laced resumes, using deceptive tactics like fake portfolio sites and the MoreEggs backdoor to steal credentials and launch ransomware attacks. Maria's story is on a Pennsylvania woman who scammed over $800,000—nearly $466,000 from a Cedar Rapids church—by hacking emails and rerouting payments, claiming she did it under the direction of a famous British actor she was allegedly dating. Our catch of the day is on a convincing but bogus text claiming an overdue traffic fine under a fake regulation—complete with threats of license suspension and credit damage—all designed to trick recipients into clicking a malicious link.

Resources and links to stories:

⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠.

OWASP vulnerable and outdated components (noun) [Word Notes]

Tue, 24 Jun 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

Software libraries, frameworks, packages, and other components, and their dependencies (third-party code that each component uses) that have inherent security weaknesses, either through newly discovered vulnerabilities or because newer versions have superseded the deployed version.

Audio reference Link: "⁠The Panama Papers: A Closer Look⁠," Late Night with Seth Meyers, YouTube, 12 April 2016

Gold bars and bold lies.

Thu, 19 Jun 2025 05:00:00 -0000

Please enjoy this encore of Hacking Humans.

On Hacking Humans, ⁠Dave Bittner⁠, ⁠Joe Carrigan⁠, and ⁠Maria Varmazis⁠ (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. First we start off with some follow up, our hosts share some more information on VIN swapping, and a clarification on bank participation in FinCEN. Maria shares a telling tale about a Bethesda couple loosing $367,000 in gold bars to a sophisticated scam involving fake officials and elaborate deceptions, but a police sting led to the arrest of a suspect, highlighting a growing nationwide trend of elderly victims targeted by gold bar fraud. Joe's story comes from KnowBe4 and is on DavidB, their VP of Asia Pacific, thwarting a sophisticated social engineering attack via WhatsApp by recognizing inconsistencies in the impersonator’s behavior and verifying directly with the colleague they claimed to be. Dave's story comes from the FBI on how criminals are exploiting generative AI to enhance fraud schemes, including using AI-generated text, images, audio, and video to create convincing social engineering attacks, phishing scams, and identity fraud, while offering tips to protect against these threats. Our catch of the day comes from a listener who received an urgent email from someone claiming to be an FBI agent with a rather dramatic tale about intercepted consignment boxes, missing documents, and a ticking clock—but let's just say this "agent" might need some better training in both law enforcement and grammar.

Resources and links to stories:

You can hear more from the T-Minus space daily show ⁠here⁠.

Have a Catch of the Day you'd like to share? Email it to us at ⁠hackinghumans@n2k.com⁠.

Managing online security throughout the decades.

Thu, 12 Jun 2025 05:00:00 -0000

This week, our hosts⁠⁠⁠⁠⁠ Dave Bittner, ⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start off with some more chicken follow up, this week, delving into malware-related chicken names. Dave’s got the story of Brevard-based Health First Health Plans teaming up with the FBI to warn consumers about a nationwide medical insurance scam where victims pay upfront for fake coverage and end up stuck with huge medical bills. Maria shares the story on how a recent April 2025 survey reveals that while most US consumers feel confident identifying scams and rely on traditional security measures like strong passwords and two-factor authentication, many still experience scam attempts and data breaches, with real-time threat detection emerging as the most valued feature in security products. Joe shares a personal story about how he was mildly got, got—tricked, that is—he thought he was filling out a quick survey for a waiter, but it actually ended up as a Google review. It's a reminder of how AI and tech are blurring the lines in everyday interactions, and how easily people can get tripped up by these evolving processes. The catch of the day this week is from the Scams sub-Reddit, and Dave reads a text from a scammer claiming to have information on his doing drugs at his old work place.

Resources and links to stories:

⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠.

OWASP software and data integrity failures (noun) [Word Notes]

Tue, 10 Jun 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

Code and data repositories that don't protect against unauthorized changes.

No cameras, no crew—just code.

Thu, 05 Jun 2025 05:00:00 -0000

This week, our hosts⁠⁠⁠ ⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠, and ⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠T-Minus⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up from a listener on class action settlements: they’re a class action attorney and shared that the best way to verify a notice is to contact the law firm listed in the court documents—plus, unclaimed funds don’t go to the attorneys, but are redistributed to claimants. Maria's story is on a listener dealing with phishing calendar invites that auto-add to their calendar—she shares tips like avoiding the “decline” button, adjusting settings to prevent automatic invite processing, and contacting email admins to help block these pesky requests. Joe's got the story on a film made almost entirely with AI tools like Google Veo and Runway—while the results are stunning, the process was chaotic, proving that human creativity, direction, and a lot of trial and error are still essential behind the scenes. Our cluck of the day is from listener Clayton, who writes in with a scam email sharing a fake job about a virtual interview.

Resources and links to stories:

Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠.

OWASP server-side request forgery (noun) [Word Notes]

Tue, 03 Jun 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

An attack technique that leverages an unprotected web server as a proxy for attackers to send commands through to other computers.

The great CoGUI caper. [OMITB]

Tue, 03 Jun 2025 07:00:00 -0000

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠Selena Larson⁠⁠, ⁠⁠Proofpoint⁠⁠ intelligence analyst and host of their podcast ⁠⁠DISCARDED⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts ⁠⁠N2K Networks⁠⁠ ⁠⁠Dave Bittner⁠⁠ and ⁠Keith Mularski⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠Qintel⁠.

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our hosts discuss Chinese-speaking threat actors are targeting Japan with a massive phishing campaign using a sneaky new kit called CoGUI, which has hit organizations with over 170 million messages in a single month. The campaign mimics trusted brands like Amazon, PayPay, and Rakuten to steal login and payment info—lining up with warnings from Japan’s Financial Services Agency about attackers cashing out and buying Chinese stocks. While the CoGUI kit is slick with its evasion tricks and browser profiling, your hosts are hot on its trail with new detections to help stop the phishing frenzy.

Lights, camera, scam!

Thu, 29 May 2025 05:00:00 -0000

This week, our three hosts ⁠⁠⁠Dave Bittner⁠⁠⁠, ⁠⁠⁠Joe Carrigan⁠⁠⁠, and ⁠⁠⁠Maria Varmazis⁠⁠⁠ (also host of the ⁠⁠⁠T-Minus⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with a bit of follow up, one from listener Aaron, who shares some safety tips for chickens, and from listener Shannon, who writes in with a new fashion statement. Maria’s got the story on how Trump’s sweeping new tariffs are creating the “perfect storm” for scams, as cybercriminals exploit consumer confusion with fake fee requests, shady links, and urgent messages—three red flags experts say to watch for. Joe shares the story of a new FBI warning about an AI-driven phone scam targeting iPhone and Android users, where scammers impersonate senior U.S. officials through fake texts and voice messages to steal personal information via malicious links. Dave shares the story of a classic Hollywood pitch deck scam, where fake agents from bogus production companies like "Hollywood Talent Agency" and "Writer’s Edge Production" lure authors into paying for useless film services with promises of big-screen adaptations. We have our new Cluck of the Day, and this week, Jonathan Webster shares a classic scam attempt: a fake PayPal invoice PDF designed to trick recipients into calling a fraudulent support number or paying a bogus charge.

Resources and links to stories:

Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠.

OWASP security logging and monitoring failures (noun) [Word Notes]

Tue, 27 May 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

The absence of telemetry that could help network defenders detect and respond to hostile attempts to compromise a system.

Scam me once.

Thu, 22 May 2025 05:00:00 -0000

This week, our three hosts ⁠⁠Dave Bittner⁠⁠, ⁠⁠Joe Carrigan⁠⁠, and ⁠⁠Maria Varmazis⁠⁠ (also host of the ⁠⁠T-Minus⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Listener Jim notes that money launderers and couriers mentioned in recent episodes are often scam victims themselves, unknowingly processing fraudulent payments or delivering items, sometimes with tragic consequences like an innocent Uber driver being shot. Dave shares two close calls with scams this week: one where a bank employee saved a 75-year-old customer from losing $9,000 to a Facebook crypto scam, and another where a scammer impersonating “Officer Shane Kitchens” nearly tricked his mom into sending $3,500 for fake bail and ankle monitor fees after a family member was arrested. Joe's got three short stories this week—one is on how someone tried scamming his wife, another about a DoorDash driver who admitted to stealing $2.5 million in a delivery scam, and the last on a warning to billions of Gmail users to remain vigilant over a terrifying new phishing scheme. Maria sits down with Alex Hall, Trust and Safety Architect at Sift, to discuss the rise of job scams. Our catch of the day comes from Jonathan who writes in with a fake PayPal invoice.

Resources and links to stories:

Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠.

OWASP identification and authentication failures (noun) [Word Notes]

Tue, 20 May 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

Ineffectual confirmation of a user's identity or authentication in session management.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/owasp-identification-and-authentication-failure⁠

Audio reference link: “⁠Mr. Robot Hack - Password Cracking - Episode 1⁠.” YouTube Video. YouTube, September 21, 2016.

The band is finally back together.

Thu, 15 May 2025 05:00:00 -0000

And....we're back! This week, our three hosts Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are all back to share the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. The team shares three bits of follow-up and then breaks into their stories. Joe starts off sharing some stories about influencer fakery on fake private jet sets and a scam taking advantage of the RealID requirements coming into effect. Maria talks about "Scam Survivor Day" (it's a real thing). She also talks about a former Facebooker's tell-all "Careless People." Dave shares a story about fake Social Security statements. Our Catch of Day comes from Richard about a truck win.

Resources and links to stories:

Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠.

Log4j vulnerability (noun) [Word Notes]

Tue, 13 May 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

An open source Java-based software tool available from the Apache Software Foundation designed to log security and performance information.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/log4j⁠

Audio reference link: “⁠CISA Director: The LOG4J Security Flaw Is the ‘Most Serious’ She’s Seen in Her Career⁠,” by Eamon Javers (CNBC) and Jen Easterly (Cybersecurity and Infrastructure Security Director) YouTube, 20 December 20 2021.

What’s inside the mystery box? Spoiler: It’s a scam!

Thu, 08 May 2025 05:00:00 -0000

As Dave Bittner is at the RSA Conference this week, our hosts ⁠⁠Maria Varmazis and ⁠⁠Joe Carrigan⁠⁠, are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up from José on episode 335, sharing how UK banking features like Faster Payments and the “Check Payee” function might have helped prevent a scam involving fake banking apps—and he even tells a wild tale of someone using a fake app to reverse-scam a bike thief. Joe covers the House’s overwhelming passage of the SHIELD Act to ban revenge porn—including deepfakes—and why critics say it could threaten encryption. He also shares a strong warning about trust and the real risks of sharing intimate images. Maria has the story of a surge in sophisticated subscription scams, where cybercriminals use fake “mystery box” websites, social media ads, and influencer impersonations to trick users into handing over credit card data and signing up for hidden recurring payments. Bitdefender researchers warn these polished scams are part of a broader evolution in social engineering, designed to bypass skepticism and evade detection. Our Catch of the Day comes from listener Rick, who received a suspicious email that appears to be from Harbor Freight—a popular U.S. retailer known for affordable tools and equipment—offering a “free gift” to the recipient… classic bait for a likely scam.

Resources and links to stories:

Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠hackinghumans@n2k.com⁠⁠.

OWASP broken access control (noun) [Word Notes]

Tue, 06 May 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

Software users are allowed access to data or functionality contrary to the defined zero trust policy by bypassing or manipulating the installed security controls.

The RMM protocol: Remote, risky, and ready to strike. [OMITB]

Tue, 06 May 2025 07:00:00 -0000

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠Selena Larson⁠, ⁠Proofpoint⁠ intelligence analyst and host of their podcast ⁠DISCARDED⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by ⁠N2K Networks⁠ ⁠Dave Bittner⁠ and our newest co-host, Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Quintel.

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our hosts discuss the growing trend of cybercriminals using legitimate remote monitoring and management (RMM) tools in email campaigns as a first-stage payload. They explore how these tools are being leveraged for data theft, financial fraud, and lateral movement within networks. With the decline of traditional malware delivery methods, including loaders and botnets, the shift toward RMMs marks a significant change in attack strategies. Tune in to learn more about this evolving threat landscape and how to stay ahead of these tactics.

The prince, the pretender, and the PSA.

Thu, 01 May 2025 05:00:00 -0000

As Maria is on vacation this week, our hosts ⁠Dave Bittner⁠ and ⁠Joe Carrigan⁠, are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe and Dave are joined by guest Rob Allen from ThreatLocker who shares a story on how a spoofed call to the help desk unraveled into a full-blown cyber siege on MGM Resorts. Joe’s story is on a new FBI warning: scammers are impersonating the Internet Crime Complaint Center (IC3), the very site where people go to report online fraud. Dave's got the story of a so-called “Nigerian prince” scammer who turned out to be a 67-year-old man from Louisiana, now facing 269 counts of wire fraud for helping funnel money to co-conspirators in Nigeria. Our catch of the day comes from a scams subreddit, and is on a message received from the Department of Homeland Security reaching out to a user to share that they are a victim of fraud.

Resources and links to stories:

Have a Catch of the Day you'd like to share? Email it to us at ⁠hackinghumans@n2k.com⁠.

OWASP security misconfiguration (noun) [Word Notes]

Tue, 29 Apr 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

The state of a web application when it's vulnerable to attack due to an insecure configuration.

CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/owasp-security-misconfiguration⁠

Audio reference link: ⁠“What Is the Elvish Word for Friend?”⁠ Quora, 2021.

When AI lies, hackers rise.

Thu, 24 Apr 2025 05:00:00 -0000

This week, our hosts Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. This week Joe's got some follow up about his chickens. Joe's story is on LLM-powered coding tools, and how they are increasingly hallucinating fake software package names, opening the door for attackers to upload malicious lookalike packages—a practice dubbed "slopsquatting"—that can compromise software supply chains when developers unwittingly install them. Dave’s story is on Cisco Talos uncovering a widespread toll road smishing campaign across multiple U.S. states, where financially motivated threat actors—using a smishing kit developed by “Wang Duo Yu”—impersonate toll services to steal victims' personal and payment information through spoofed domains and phishing sites. Maria's got the story of how scammers are using fake banking apps to fool sellers with phony payment screens—and walking away with thousands in goods. Our catch of the day comes from listener John who writes in to share a suspicious text message he received.

Resources and links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

OWASP insecure design (noun) [Word Notes]

Tue, 22 Apr 2025 07:00:00 -0000

Please enjoy this encore episode of Word Notes.

A broad OWASP Top 10 software development category representing missing, ineffective, or unforeseen security measures.

CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-insecure-design

Audio reference link: “Oceans Eleven Problem Constraints Assumptions.” by Steve Jones, YouTube, 4 November 2015.

Phishing in the tariff storm.

Thu, 17 Apr 2025 05:00:00 -0000

This week, our hosts Dave Bittner and Joe Carrigan, are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines, while our other host, Maria Varmazis is at a conference. We begin with some follow-up, as Joe reflects on the density of gold. Then, Dave shares some heartfelt and moving words about the recent passing of his father. Dave's story follows how confusion sparked by Trump's erratic tariff policies is fueling a global surge in cyber scams, phishing sites, and crypto cons, as threat actors exploit the chaos to mislead, defraud, and manipulate online users. Joe has two stories this week, the first is about the "blessing scam," a con that targets older Chinese women with promises of spiritual cleansing that ends in financial ruin. The second covers a new FTC rule requiring companies to make subscription cancellations as easy as sign-ups, cracking down on deceptive practices. Our catch of the day this week comes from MontClair University, as they are warning of a phishing scam offering a “free 2014 Airstream Sport 16′ Travel Trailer.”

Resources and links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

OWASP injection (noun) [Word Notes]

Tue, 15 Apr 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

A broad class of attack vectors, where an attacker supplies input to an applications command interpreter that results in unanticipated functionality.

CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-injection

Audio reference link: “APPSEC Cali 2018 - Taking on the King: Killing Injection Vulnerabilities” YouTube Video. YouTube, March 19, 2018.

You get a million dollars, and you get a million dollars!

Thu, 10 Apr 2025 05:00:00 -0000

This week, while Dave Bittner is out, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start off with a lot of follow up on listener feedback this week! Justin shares a thought about how to track gold deliveries with a simple sting operation involving an AirTag. Xray Specs offers a fun response to a theory about scanning plates and running Python scripts, stating they receive similar emails despite not owning a car. Jim Gilchrist recounts his experience with E-ZPass and unpaid tolls, explaining how a failed transponder led to a replacement and noting the prevalence of scam toll messages. Joe shares two gripping stories this week, one being on how the FBI is seizing $8.2 million from a massive romance scam involving cryptocurrency, and second is on a Maryland woman losing millions in a growing "pig butchering" scheme, with the FBI warning that many more victims are at risk. Maria's story is on an East Hartford woman caught up in a federal sweepstakes scam targeting the elderly. The suspects, including one local resident, allegedly stole millions. What did they do, and how did they get caught? Our catch of the day comes from a user on Reddit who shares a message they got from billionaire, and owner of Tesla, Elon Musk.

Resources and links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

OWASP cryptographic failures (noun) [Word Notes]

Tue, 08 Apr 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

Code that fails to protect sensitive information.

CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-cryptographic-failure

Audio reference link: Vandana Verma. “OWASP Spotlight - Project 10 - Top10.” YouTube Video. YouTube, January 4, 2021.

Not-so-real deals.

Thu, 03 Apr 2025 05:00:00 -0000

This week our hosts, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. First, we start off with some more follow-up on EZ passes, along with the newest iteration, as Kailey Cornick shares that scammers target phone numbers rather than actual toll users, sending her SUN pass scam texts tied to her old Florida number. Dave shares the story of Palo Alto's Unit 42 researchers uncovering a massive campaign distributing thousands of fraudulent cryptocurrency investment platforms via websites and mobile apps, using brand impersonation, Ponzi-like schemes, and domain fronting to deceive victims, primarily in East Africa and Asia. Maria follows the story of a Queens man arraigned for allegedly scamming a 72-year-old Newton woman out of over $480,000 by posing as a DEA agent and coercing her into transferring her assets under the threat of arrest. Joe came across a Facebook video featuring an AI-generated ad falsely claiming Kelly Clarkson endorsed a weight loss product. These deceptive ads use AI to create convincing deepfakes, making it appear as if celebrities are promoting products they’ve never actually supported. Our catch of the day comes from listener Connor, who flagged a phishing email pretending to be from the Social Security Administration. The email urges the recipient to click a link to view an "important update," but the repetition of the message and a suspicious logo placeholder suggest it's a phishing attempt designed to steal personal info.

Resources and links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

account takeover prevention (noun) [Word Notes]

Tue, 01 Apr 2025 07:00:00 -0000

Enjoy this encore of Word Notes.

The prevention of the first part of an intrusion kill chain model exploitation technique, where the hacker steals valid logging credentials from a targeted victim.

CyberWire Glossary link: https://thecyberwire.com/glossary/account-takeover-prevention

Hello? Is it malware you’re looking for? [OMITB]

Tue, 01 Apr 2025 07:00:00 -0000

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner —and our newest totally unbiased co-host, Archy, a highly sophisticated AI robot who swears they have no ulterior motives (but we’re keeping an eye on them just in case).

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our hosts discuss Telephone-Oriented Attack Delivery (TOAD), also known as callback phishing. In this type of attack, an attacker sends a seemingly benign email, often containing an invoice or payment notification, along with a phone number. When the victim calls, they speak with the attacker, who convinces them to install remote access tools, leading to malware installation, phishing, and financial theft. Tune in as we explore how this deceptive tactic works and ways to protect yourself from falling victim to it.

Smells like scam season is upon us.

Thu, 27 Mar 2025 05:00:00 -0000

This week our hosts, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up on E-ZPass scams—a listener suggests that scammers may be exploiting exposed license plate reader data, as demonstrated by YouTuber Mike Brown, to link plate numbers with breached phone records and send scam texts in real time. Dave's story is on how scammers may use conditioning techniques in romance scams—Ben Tasker observed that refusing to provide a phone number led to fewer photos being sent early on, suggesting scammers use rewards like photos to encourage compliance. Joe's got the story of Google's lawsuit against scammers who created and sold thousands of fake business listings on Google Maps, exploiting urgent services like locksmiths and towing to deceive customers and charge inflated fees. Maria's got the story of the FTC suing Click Profit for allegedly scamming consumers out of millions with a fake “passive income” scheme, falsely promising high returns through AI-driven e-commerce stores on Amazon, Walmart, and TikTok while most investors ended up losing money. Our catch of the day comes from Reddit after a user posted a conversation with a scammer after messing with them about a potential job opportunity.

Resources and links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

threat hunting (noun) [Word Notes]

Tue, 25 Mar 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

The process of proactively searching through networks to detect and isolate security threats, rather than relying on security solutions or services to detect those threats.

CyberWire Glossary link: https://thecyberwire.com/glossary/threat-hunting

Audio reference link: “My ‘Aha!" Moment - Methods, Tips, & Lessons Learned in Threat Hunting - sans Thir Summit 2019.” YouTube, YouTube, 25 Feb. 2020.

E-ZPass or easy scam?

Thu, 20 Mar 2025 05:00:00 -0000

On Hacking Humans, this week Dave Bittner is back with Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), and they are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe shares a bit of follow up on scam victims sharing their experiences of losing money to various frauds, including investment schemes, romance scams, business email compromises, online shopping fraud, unusual payment requests, tax impersonations, remote access scams, and identity theft. Maria shares a story on scammers using fake E-ZPass toll alerts to steal personal information, and another on victims losing thousands to investment, romance, and online shopping scams. Dave's got the story of how digital scammers prey on the financially vulnerable, using AI-generated content and deceptive ads on platforms like Instagram to sell worthless "get-rich-quick" schemes that ultimately leave victims deeper in debt. Joe's got two stories this week, the first being on Wenhui Sun, a California man, and how he was sentenced to six and a half years for stealing nearly $800,000 through a gold bar scam targeting victims nationwide. Meanwhile, the U.S. Federal Trade Commission reported a sharp rise in fraud, with 2.6 million people losing $12.5 billion in 2024, up from $2.5 billion in 2023, primarily due to impostor scams. Younger adults reported losing money more often than older ones. Our catch of the day follows how First Lady Melania Trump messaged an unsuspecting citizen claiming to give them a free gift.

Resources and links to stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

vulnerability management (noun) [Word Notes]

Tue, 18 Mar 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

The continuous practice of identifying classifying, prioritizing, remediating, and mitigating software vulnerabilities within this.

CyberWire Glossary link: https://thecyberwire.com/glossary/vulnerability-management

Audio reference link: “Vulnerability Scanning - Comptia Security+ sy0-501 - 1.5.” YouTube, YouTube, 11 Nov. 2017,

Catch me if you scam.

Thu, 13 Mar 2025 05:00:00 -0000

On Hacking Humans, this week Dave Bittner is on vacation so our two hosts Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Our hosts start out with some follow up on chicken talk from last week. Maria shares the story of scammers impersonating police officers in England to steal cryptocurrency by exploiting leaked personal data, creating fake fraud reports, and tricking victims into revealing their seed phrases, leading to losses totaling £1 million. Joe has two stories this week, his first one is on a $21 million "Grandparent Scam" in which 25 Canadians were charged for running a scheme from Montreal call centers, posing as grandchildren in distress to deceive elderly Americans into handing over money, with 23 suspects already arrested. Joe's second story is on two people charged in a ticket scam that exploited a loophole in StubHub’s system to steal and resell over 900 tickets—mostly for Taylor Swift’s Eras Tour—netting more than $600,000 in profit before being caught by the Queens D.A.'s Cybercrime Unit. We have a special catch of the day this week, where we are joined by N2K's own Ma'ayan Plaut, who joins to discuss going out of business scams.

Resources and links to stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

software bill of materials (SBOM) (noun) [Word Notes]

Tue, 11 Mar 2025 07:00:00 -0000

Please enjoy this encore of Word Notes.

A formal record containing the details and supply chain relationships of various components used in building software.

Scams in the henhouse.

Thu, 06 Mar 2025 06:00:00 -0000

On Hacking Humans, this week Dave Bittner is on vacation so our two hosts Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start off the show with some follow-up from a long-time listener who shared how switching to Publii and Cloudflare Pages saved his wife's psychiatric nurse practice over $120/year in hosting costs after discovering static site generators on Hacking Humans. Joe's story is on a warning from an Oregon woman who fell victim to an online scam while trying to buy hens for her backyard chicken coop amid egg shortages caused by the bird flu, urging others to be cautious and avoid transactions on social media. Maria has the story on the increasing threats targeting sellers on online marketplaces, including phishing campaigns, scams designed to bypass platform protections, and the risks associated with off-platform transactions, all of which emphasize the need for heightened vigilance and security measures. The catch of the day, from Scott, highlights an email invitation that appeared legitimate but redirected to a phishing site designed to steal email credentials, with Scott’s wife recognizing the suspicious nature and forwarding it for further investigation.

Resources and links to stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

The new malware on the block. [Only Malware in the Building]

Tue, 04 Mar 2025 08:00:00 -0000

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the latest shake-ups in the fake update threat landscape, including two new cybercriminal actors, fresh Mac malware, and the growing challenge of tracking these evolving campaigns.

zero trust (noun) [Word Notes]

Tue, 04 Mar 2025 08:00:00 -0000

Please enjoy this encore of Word Notes.

A security philosophy that assumes adversaries have already penetrated the digital environment and tries to reduce the potential impact by limiting access by people, devices, and software to only the resources essential to perform their function and nothing more.

Live from Orlando, it's Hacking Humans!

Thu, 27 Feb 2025 06:00:00 -0000

In this special live episode of Hacking Humans, recorded at ThreatLocker’s Zero Trust World 2025 conference in Orlando, Florida, Dave Bittner is joined by T-Minus host Maria Varmazis. Together, they explore the latest in social engineering scams, phishing schemes, and cybercriminal exploits making headlines. Their guest, Seamus Lennon, ThreatLocker’s VP of Operations for EMEA, shares insights on Zero Trust security and the evolving threat landscape. Maria's story this week follows the IRS warning about a fake “Self Employment Tax Credit” scam on social media, urging taxpayers to ignore misinformation and consult professionals. Dave's got the story of the Better Business Bureau’s annual Scam Tracker report, revealing that online shopping scams continue to top the list for the fifth year, with phishing and employment scams remaining major threats, while fraudsters increasingly use AI and deepfake technology to deceive victims. Our catch of the day comes from Diesel in West Virginia, and features a scammer who tried to panic their target with a classic “We’ve frozen your account” scam—only to get hilariously mixed up with actual embryo freezing.

Resources and links to stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

OT security (noun) [Word Notes]

Tue, 25 Feb 2025 08:00:00 -0000

Please enjoy this encore episode of Word Notes.

Hardware and software designed to detect and prevent cyber adversary campaigns that target industrial operations.

I'm a scammer and need support.

Thu, 20 Feb 2025 06:00:00 -0000

Resources and links to stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

cybersecurity skills gap (noun) [Word Notes]

Tue, 18 Feb 2025 08:00:00 -0000

Please enjoy this encore episode of Word Notes.

The difference between organizational employee job requirements and the available skillsets in the potential employee pool.

The “t” that tricked.

Thu, 13 Feb 2025 06:00:00 -0000

Resources and links to stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

digital transformation (noun) [Word Notes]

Tue, 11 Feb 2025 08:00:00 -0000

Please enjoy this encore episode of Word Notes.

The use of technology to radically improve the performance or reach of the business.

Old school scams updated.

Thu, 06 Feb 2025 06:00:00 -0000

On this episode of Hacking Humans, we are going old school with Dave Bittner and Joe Carrigan sans T-Minus host Maria Varmazis (as she was hanging out with astronauts at the SpaceCom event). Not to worry, Dave and Joe have it covered sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week, we have some follow up including a conversation Joe had with ChatGPT, some discussion on AI generated images of people, and scam letters that are sent out in the mail. Joe shares a text his office mate received from the "IRS." He also has a story about food workers taking photos of credit and debit cards at restaurant drive throughs. Dave's story is about a near-perfect scam attempt that almost fooled a very smart guy—Zach Latta, the founder of Hack Club. Our Catch of the Day comes from Reddit about a Facebook Marketplace scam using Zelle.

Resources and links to stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

bulletproof hosting (noun) [Word Notes]

Tue, 04 Feb 2025 08:00:00 -0000

Please enjoy this encore episode of Word Notes.

Cloud services intended for cyber criminals and other bad actors designed to obstruct law enforcement and other kinds of government investigations, and to provide some protection against competitors.

Cyber Groundhog Day and romance scams. [Only Malware in the Building]

Tue, 04 Feb 2025 06:00:00 -0000

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode and since it is February (the month of love as Selena calls it), we talk about romance scams known throughout the security world as pig butchering. And, Rick's experiencing a bit of a Cyber Groundhog Day in his newly-realized retirement.

Despicable donation request scamming.

Thu, 30 Jan 2025 06:00:00 -0000

Resources and links to stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

endpoint security [Word Notes]

Tue, 28 Jan 2025 08:00:00 -0000

Please enjoy this encore of Word Notes.

The practice of securing a device that connects to a network in order to facilitate communication with other devices on the same or different networks.

Back to the office, back to the threats.

Thu, 23 Jan 2025 06:00:00 -0000

On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week Maria has the story on how the return to office life brings unique security challenges, highlighting the need for Red Team assessments to uncover and address physical and digital vulnerabilities, empowering organizations to proactively enhance workplace security and protect against evolving threats. Joe's story comes from the FCC's warning about a scam dubbed "Green Mirage," where fraudsters impersonate mortgage lenders, spoof caller IDs, and use social engineering to trick financially vulnerable homeowners into sending payments via unconventional methods, often only discovered when foreclosure proceedings begin. Last but not least, Dave's story is on how a Reddit user shared their cautious experiment with a suspected Airbnb scam involving a new account requesting to move to WhatsApp, agreeing to unusually high rental rates, and engaging in rapport-building tactics, with red flags pointing to potential financial fraud or phishing attempts. Our catch of the day comes from listener William, who spotted a phishing scam disguised as a security alert about a compromised crypto wallet, featuring an unsolicited QR code and a generic warning that targets even non-crypto users.

Resources and links to stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

Executive Order on Improving the Nation's Cybersecurity (noun) [Word Notes]

Tue, 21 Jan 2025 08:00:00 -0000

Please enjoy this encore episode.

President Biden's May, 2021 formal compliance mandate for federal civilian executive branch agencies, or FCEBs, to include specific shortterm and longterm deadlines designed to enhance the federal government's digital defense posture.

Crypto chameleons and star fraud.

Thu, 16 Jan 2025 06:00:00 -0000

On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week we jump right into stories, Maria shares Apple’s new AI feature and how it is unintentionally rewording scam messages to make them appear more legitimate and flagging them as priority notifications, raising concerns about increased susceptibility to scams. Joe has two stories this week, the first focuses on two individuals, including an inmate using a smuggled cellphone, being charged with defrauding a Sarasota woman of $12,000 in a jury duty scam involving spoofed law enforcement identities and Bitcoin transfers, with authorities urging vigilance against such schemes. Joe's second story is on a LinkedIn job interview turned hacking attempt when a technical challenge contained obfuscated code designed to gather crypto wallet information from the user's computer; the scam highlights the importance of carefully reviewing code and using secure environments like virtual machines during such evaluations. Finally Dave has the story on a prolific voice phishing crew manipulating legitimate Apple and Google services to deceive victims, leveraging advanced phishing kits, social engineering tactics, and automated tools like "autodoxers" to target cryptocurrency holders and high-value individuals for significant financial theft. Our catch of the day comes from listener Keefe, who shares a voicemail from one suspicious sounding Walmart voice.

Resources and links to stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

lateral movement (noun) [Word Notes]

Tue, 14 Jan 2025 08:00:00 -0000

Phase of a typical cyber adversary group's attack sequence, after the initial compromise and usually after the group has established a command and control channel, where the group moves through the victims network by compromising as many systems as it can, by looking for the data, it has come to steal or to destroy.

Nice to meet you, I'm a scammer.

Thu, 09 Jan 2025 06:00:00 -0000

On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. Our hosts discuss and ponder whether or not diamonds are the original cryptocurrency, as well as diving further into Yubikeys for organizations. Maria shares the story of a 66-year-old woman who lost her $2 million retirement savings to a romance scam on Match.com, highlighting the rise in such scams and efforts to pass the Online Dating Safety Act to protect users. Joe's story is on the Madoff Victim Fund's final $131.4 million payout, bringing total recoveries to $4.3 billion for victims of Bernard Madoff's infamous Ponzi scheme, which collapsed during the 2008 financial crisis. Dave's got the story on allegations that the PayPal Honey browser extension not only fails to deliver the best deals but also hijacks affiliate revenue from influencers by replacing their links with its own, sparking backlash and controversy. Our catch of the day comes from Reddit and Dave and Maria do their best impressions yet, as a scammer chats up an unsuspecting victim.

Resources and links to stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

common vulnerabilities and exposures (CVE) (noun) [Word Notes]

Tue, 07 Jan 2025 08:00:00 -0000

A public list sponsored by the US government and designed to uniquely identify, without the need to manually cross- reference, all the known software vulnerabilities in the world.

Malware metamorphosis: 2024 reflections and 2025 predictions. [Only Malware in the building]

Tue, 07 Jan 2025 08:00:00 -0000

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the year's most impactful cyber trends and incidents—from the Snowflake hack and Operation Endgame to the rise of multi-channel scams and explosive growth in web inject attacks. Ransomware continued to wreak havoc, especially in healthcare, while callback phishing and MFA-focused credential attacks kept defenders on high alert. Join us as we reflect on these challenges and look ahead to what’s next in 2025.

The intersection of hackers, scammers, and false collaborations.

Thu, 02 Jan 2025 06:00:00 -0000

On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. First off, our hosts share some follow up, Asher wrote in to discuss follow up on the AI granny. Maria's story covers a "new QR code scam" involving unsolicited packages and brushing tactics, where scammers lure victims into scanning malicious QR codes to steal personal and financial information. Joe's story highlights how the FBI and CISA urge Americans to secure their text messages using end-to-end encryption to combat sophisticated hacking campaigns linked to China's government, which target telecom networks and user data. Dave's story highlights how pallet liquidation scams target buyers with offers of discounted merchandise, warning against red flags like unrealistic prices and unverified sellers. Our Catch of the Day comes from Jim, who shares a suspicious email he received offering a collaboration under the guise of a business partnership, which included overly generic language and an unusual sign-off from "Robert De Niro."

Resources and links to stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

dead-box forensics (noun) [Word Notes]

Tue, 31 Dec 2024 08:00:00 -0000

A forensic technique where practitioners capture an entire image of a system and analyze the contents offline.

New tools, old problems.

Thu, 26 Dec 2024 06:00:00 -0000

Please enjoy this encore episode of Hacking Humans.

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. She discusses how AI is being used as a possible solution to one of the oldest scams in the book in Japan. Dave and Joe share some listener follow up, one from listener Alan and one from Clinton, who both write in about a recent episode and they share their thoughts on the story of Charlotte Cowles being scammed out of $50,000. Dave shares a story about calendar meeting links, from Calendly, a popular application for scheduling appointments and meetings, being used to spread mac malware. Joe shares write ins from several listeners, some writing in to share experiences with scams they have come across, others writing to warn others on scams they have seen used in the real world. Our catch of the day comes from Zach with an oddity, getting scammed by mail!

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

cybersecurity maturity model certification (CMMC) (noun) [Word Notes]

Tue, 24 Dec 2024 06:00:00 -0000

Please enjoy this encore episode of Word Notes.

A supply chain cybersecurity accreditation standard designed for the protection of controlled unclassified information that the U.S. Department of Defense, or DoD, will require for all contract bids by October, 2025.

Gold bars and bold lies.

Thu, 19 Dec 2024 06:00:00 -0000

On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. First we start off with some follow up, our hosts share some more information on VIN swapping, and a clarification on bank participation in FinCEN. Maria shares a telling tale about a Bethesda couple loosing $367,000 in gold bars to a sophisticated scam involving fake officials and elaborate deceptions, but a police sting led to the arrest of a suspect, highlighting a growing nationwide trend of elderly victims targeted by gold bar fraud. Joe's story comes from KnowBe4 and is on DavidB, their VP of Asia Pacific, thwarting a sophisticated social engineering attack via WhatsApp by recognizing inconsistencies in the impersonator’s behavior and verifying directly with the colleague they claimed to be. Dave's story comes from the FBI on how criminals are exploiting generative AI to enhance fraud schemes, including using AI-generated text, images, audio, and video to create convincing social engineering attacks, phishing scams, and identity fraud, while offering tips to protect against these threats. Our catch of the day comes from a listener who received an urgent email from someone claiming to be an FBI agent with a rather dramatic tale about intercepted consignment boxes, missing documents, and a ticking clock—but let's just say this "agent" might need some better training in both law enforcement and grammar.

Resources and links to stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

incident response (noun) [Word Notes]

Tue, 17 Dec 2024 08:00:00 -0000

Please enjoy this encore episode of Word Notes.

A collection of people, process, and technology that provides an organization the ability to detect and respond to cyber attacks.

Silent push, loud consequences.

Thu, 12 Dec 2024 06:00:00 -0000

On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week, Maria shares two stories this week, the first is from "PayPal" saying they are owed over $200. The second comes from LinkedIn where a gentleman shares the terrifying story of losing everything all because of a scam. Joe's story is on text message scams where strangers pretend to know you, building trust over time to lure victims into schemes like cryptocurrency fraud; he advises ignoring unknown messages, blocking suspicious numbers, avoiding links, and protecting personal information. Dave's story follows Silent Push Threat Analysts tracking "Payroll Pirates," a group leveraging phishing campaigns targeting HR systems like Workday to redirect payroll funds by using search ads, spoofed websites, and credential harvesting, as they alert organizations and share threat intelligence to counter these sophisticated attacks. Our catch of the day comes from a phishing scam email claiming to offer a $1.75 million compensation fund via the "United Bank for Africa," requiring victims to share personal and banking details under the guise of an IMF directive.

Resources and links to stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

script kiddies (noun) [Word Notes]

Tue, 10 Dec 2024 08:00:00 -0000

Please enjoy this encore episode of Word Notes.

Cybercriminals who lack the expertise to write their own programs use existing scripts, code, or tools authored by other more skilled hackers.

Fraud's festive frenzy.

Thu, 05 Dec 2024 06:00:00 -0000

On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week, our hosts dive into some follow up from listener Will. who writes in about the Financial Crimes Enforcement Network. They also share after an anonymous listener writes in with a suggestion on filtering scam emails using the DocuSign API. Maria follows the story of how Black Friday is increasingly being dubbed "Black Fraud Day," as criminals exploit the festive shopping frenzy to scam eager bargain hunters, often using AI to create convincing fraud schemes. Joe has two stories this week. The first one is on scammers exploiting financially distressed individuals by posing as the "Bankruptcy Fraud Watchdog Group," threatening bankruptcy filers with false accusations and fines payable in Bitcoin, while warning them against contacting their attorneys. The second story explores the rise of deepfake scams in the U.S., with criminals using AI-generated videos of celebrities like Elon Musk to deceive victims into fraudulent cryptocurrency investments, contributing to over $12 billion in annual fraud losses. Finally, Dave share's a story on a new wave of deepfake scams, where AI-generated videos of Elon Musk trick unsuspecting victims into investing large sums, contributing to billions in fraud losses. Our catch of the day comes from Raul, who shares a scammy text message sent to his mother, sharing his efforts to educate her on spotting fraudulent messages.

Resources and links to stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

A cyber carol. [Only Malware in the Building]

Tue, 03 Dec 2024 08:00:00 -0000

Welcome in! You’ve entered, Only Malware in the Building. Grab your eggnog and don your coziest holiday sweater as we sleuth our way through cyber mysteries with a festive twist! Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our cyber ghosts delve into the past, present, and future of some of the season’s most pressing threats: two-factor authentication (2FA), social engineering scams, and the return to consumer-targeted attacks.

Together, Rick, Dave, and Selena deliver a ghostly—but insightful—message about the state of cybersecurity, past, present, and future. Can their advice save your holiday season from digital disaster? Tune in and find out.

May your holidays be merry, bright, and free of cyber fright!

sandbox (noun) [Word Notes]

Tue, 03 Dec 2024 08:00:00 -0000

Please enjoy this encore episode of Word Notes.

An isolated and controlled set of resources that mimics real world environments and used to safely execute suspicious code without infecting or causing damage to the host machine, operating system, or network.

Scamming just isn't what it used to be.

Thu, 28 Nov 2024 06:00:00 -0000

Please enjoy this encore of Hacking Humans:

This week, we are joined by host of N2K's T-Minus Space Daily podcast, Maria Varmazis, she sits down with Joe and Dave to discuss sextorion materials that were found on popular social media apps such as, TikTok, Instagram, Snapchat and YouTube. Joe and Dave share quite a bit of follow up, Joe starts with an anonymous listener writing in sharing their story on gift card scams. Dave shares another anonymous listeners comments, sharing about what they think of Andy Cohen going public on how he got scammed. Finally, Joe and Dave hear from a listener by the name of "The Computrix," who says they need to defend Walmart. Dave share's his story about the most common phishing email themes of 2023. Joe's got the story of ransomware not being paid the same way as it used to be by companies, and share the two different angles on that. Our catch of the day comes from listener William, who writes in with a phishing scam that caught his eye.

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

security orchestration, automation, and response (SOAR) (noun) [Word Notes]

Tue, 26 Nov 2024 08:00:00 -0000

Please enjoy this encore episode of Word Notes.

A stack of security software solutions and tools that allow organizations to orchestrate disparate internal and external tools which feed pre-built automation playbooks that respond to events or alert analysts if an event meets a certain threshold.

Granny’s got a new trick.

Thu, 21 Nov 2024 06:00:00 -0000

On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week, Joe shares a note from listener Michael before getting into stories, and Michael writes in to share that there are VIN cloning scams. Joe brings back the Iota discussion from last week. Joe's up first for stories and focuses on fraud. Dave informs us of the new human-like AI granny who is wasting scammers time. Finally Maria brings us the story of how BforeAI researchers analyzed over 6000 newly registered retail domains, revealing a surge in scam activity targeting shoppers with phishing websites, fake apps, and fraudulent offers, particularly during the holiday season, exploiting brand names, seasonal trends, and emerging technologies like AI and cryptocurrency. Our catch of the day comes from listener Kenneth who writes in about a fraudulent email claiming to be from Emirates Group, inviting a company to register as a vendor or contractor for upcoming projects in 2024/2025. The email emphasizes the company's experience in various sectors and urges a prompt response to initiate the registration process. It is signed by a supposed "Contractors Coordinator," Mr. Steve Ibrahim Ghandi, and includes fake contact details for the Emirates Group.

Resources and links to stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

personally identifiable information (PII) (noun) [Word Notes]

Tue, 19 Nov 2024 08:00:00 -0000

A term of legal art that defines the types of data and circumstances that permits a third party to directly or indirectly identify an individual with collected data.

Final approach to scammer advent.

Thu, 14 Nov 2024 06:00:00 -0000

Resources and links to stories:

DisasterAssistance.gov
They’re Giving Scammers All Their Money. The Kids Can’t Stop Them.
Attackers Abuse DocuSign API to Send Authentic-Looking Invoices At Scale
DMARC: Domain-based Message Authentication, Reporting & Conformance
CVE-2024-10327
BBB Scam Alert: 'Card declined' error may lead to multiple fraudulent charges

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

secure access service edge (SASE) (noun) [Word Notes]

Tue, 12 Nov 2024 08:00:00 -0000

Enjoy this encore episode.

A security architecture that incorporates the cloud shared responsibility model, a vendor provided security stack, an SD-WAN abstraction layer, and network peering with one or more of the big content providers and their associated fiber networks.

Happy hour hacking.

Thu, 07 Nov 2024 06:00:00 -0000

Maria Varmazis, host of N2K's daily space show T-Minus, joins Dave and Joe to share the story of the five types of social engineers Deanne Lewis encountered while tending bar, revealing how each barroom personality reflects a common cybersecurity threat. Our hosts share some follow-up from a friend of the show, JJ, who reports a rise in tech support scams targeting non-tech-savvy users by locking their screens and persuading them to call scammers, often leading to credit card fraud and unauthorized remote access through tools like AnyDesk or TeamViewer. Joe has two stories this week: one covering JPMorgan Chase's lawsuits against individuals who exploited an ATM glitch to withdraw fake deposits, a scam popularized on TikTok; and the second on four suspects in Maryland charged with conning an elderly woman out of nearly $40,000 in a "pigeon drop" scam, where victims are promised a cut of "found" money in exchange for collateral. Dave's story is on a viral AI-generated hoax spreading on Facebook, where fake posts about neighbors egging cars over Halloween decorations are stirring moral panic and sowing distrust, especially among older users. Finally, our catch of the day comes from some text threads about a scammer trying to get clever while buying a used car.

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

Whispers in the wires: A closer look at the new age of intrusion. [OMITB]

Tue, 05 Nov 2024 08:00:00 -0000

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about how threat actors are shifting tactics across the landscape, focusing more on advanced social engineering and refined initial access strategies than on sophisticated malware.

We’ll dive into Proofpoint's latest blog detailing a transport sector breach that, while involving relatively standard malware, showcases this growing trend of nuanced techniques and toolsets.

red teaming (noun) [Word Notes]

Tue, 05 Nov 2024 08:00:00 -0000

Enjoy this encore episode.

The practice of emulating known adversary behavior against an organization's actual defensive posture.

The Malware Mash

Thu, 31 Oct 2024 18:40:00 -0000

Happy Halloween from the team at N2K Networks!

We hope you share in our Halloween tradition of listening to the Malware Mash. You can check out our video here.

Lyrics

I was coding in the lab late one night

when my eyes beheld an eerie sight

for my malware threat score began to rise

and suddenly to my surprise...

It did the Mash

It did the Malware Mash

The Malware Mash

It was a botnet smash

It did the Mash

It caught on 'cause of Flash

The Malware Mash

It did the Malware Mash

From the Stuxnet worm squirming toward the near east

to the dark web souqs where the script kiddies feast

the APTs left their humble abodes

to get installed from rootkit payloads.

They did the Mash

They did the Malware Mash

The Malware Mash

It was an adware smash

They did the Mash

It caught on 'cause of Flash

The Malware Mash

They did the Malware Mash

The botnets were having fun

The DDoS had just begun

The viruses hit the darknet,

with ransomware yet to come.

The keys were logging, phishing emails abound,

Snowden on chains, backed by his Russian hounds.

The Shadow Brokers were about to arrive

with their vocal group, "The NotPetya Five."

They did the Mash

They played the Malware Mash

The Malware Mash

It was a botnet smash

They did the Mash

It caught on 'cause of Flash

The Malware Mash

They played the Malware Mash

Somewhere in Moscow Vlad's voice did ring

Seems he was troubled by just one thing.

He opened a shell then shook his fist

and said, "Whatever happened to my Turla Trojan twist."

It's now the Mash

It's now the Malware Mash

The Malware Mash

And it's a botnet smash

It's now the Mash

It caught on 'cause of Flash

The Malware Mash

It's now the Malware Mash

Now everything's cool, Vlad's a part of the band

And the Malware Mash is the hit of the land.

For you, defenders, this mash was meant to

when you get to my door, tell them Creeper sent you.

Then you can Mash

Then you can Malware Mash

The Malware Mash

And be a botnet smash

It is the Mash

Don't you dare download Flash

The Malware Mash

Just do the Malware Mash

How political donations can be deceiving.

Thu, 31 Oct 2024 05:00:00 -0000

Maria Varmazis, host of N2K's daily space show T-Minus, joins Dave and Joe to share the story of a relentless wave of political donation texts that go well beyond simple annoyance, revealing an unsettling impact on vulnerable populations. CNN's investigation exposes how these texts, with their urgent and personal tone, have led seniors, including those with dementia, to make thousands of donations—sometimes unknowingly amassing hundreds of thousands of dollars for campaigns. Joe's story highlights a dash cam video capturing a car colliding with another vehicle while backing up on a busy highway. The footage raises questions about driver awareness and road safety in high-traffic situations. Dave's story shares the alarming potential of OpenAI's real-time voice API, which allows scammers to create AI agents capable of executing phone scams for as little as $0.75. Researchers from the University of Illinois Urbana-Champaign revealed that these agents can autonomously conduct scams, raising serious concerns about the misuse of voice-enabled AI technology despite previous safety precautions. And finally, our catch of the day shares how the Library of Congress is cracking down on copy write infringement.

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

next generation firewall (noun) [Word Notes]

Tue, 29 Oct 2024 07:00:00 -0000

Please enjoy this encore episode of Word Notes.

A layer seven security orchestration platform deployed at the boundary between internal workloads slash data storage and untrusted sources that blocks incoming and outgoing network traffic with rules that tie applications to the authenticated user and provides most of the traditional security stack functions in one device or software application.

Spiritual healers or master con artists?

Thu, 24 Oct 2024 05:00:00 -0000

Maria Varmazis, host of N2K's daily space show T-Minus, joins Dave and Joe to share the story of how ESET Research revealed that Telekopye, a scam toolkit used by cybercriminals, has expanded its operations from online marketplaces to accommodation booking platforms like Booking.com and Airbnb. Joe’s story is on the elaborate "blessing scam" targeting older Chinese women, where scammers pose as spiritual healers to swindle victims out of their valuables by convincing them their loved ones are in danger—a criminal act spanning across the UK, US, Australia, and Canada, leaving families desperate to catch the perpetrators. Dave follows the story of a new rule passed by the US Federal Trade Commission (FTC) to make subscription cancellations easier with a simple "click to cancel" process. Our catch of the day comes from Reddit where a user was contacted via text message claiming that they were mixed up in a romance scam.

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

fast flux (noun) [Word Notes]

Tue, 22 Oct 2024 07:00:00 -0000

Please enjoy this encore of Word Notes.

A network designed to obfuscate the location of a cyber adversary's command and control server by manipulating the domain name system, or DNS, in a way that rotates the associated IP address among large numbers of compromised hosts in a botnet.

Cybercriminals thrive in vulnerable moments.

Thu, 17 Oct 2024 05:00:00 -0000

Maria Varmazis, host of N2K's daily space show T-Minus, joins Dave and Joe to share the story of how cybercriminals are exploiting the chaos following Hurricane Helene in Florida by launching scams and phishing attacks. Veriti’s research highlights three key threats: FEMA claim scams, phishing using hurricane-related domains, and malicious files disguised as FEMA documents, all targeting vulnerable individuals. This week, Joe's got three hard-hitting stories lined up! First, U.S. authorities have charged 18 individuals and companies for pulling off fraudulent schemes to manipulate cryptocurrency markets. Next, leaders from four crypto firms and market makers face charges for wash-trading and inflating prices to lure in investors. Finally, in a groundbreaking move, federal prosecutors have launched the first-ever criminal case targeting wash trading in digital assets, shaking up the crypto world. Dave share's a Facebook watch you can't say no too. Our catch of the day comes from Reddit, and follows a chain of messages where a scammer is sharing news that sounds a bit too good to be true.

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

Election Propaganda: Part 3: Efforts to reduce the impact of future elections. [CSO Perspectives]

Wed, 16 Oct 2024 07:00:00 -0000

Thinking past the US 2024 Presidential Election, In part three of the series, Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses reducing the impact of propaganda in the future elections with Perry Carpenter, Chief Human Risk Management Strategist at KnowBe4 and host of the 8th Layer Insights Podcast, Nina Jankowicz, Co-Founder and CEO of the The American Sunlight Project, and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber.

Check out Part 1 & 2!

Part 1: Election Propaganda Part 1: How Does Election Propaganda Work? In this episode, Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses personal defensive measures that every citizen can take—regardless of political philosophy—to resist the influence of propaganda. This foundational episode is essential for understanding how to navigate the complex landscape of election messaging.

Part 2: Election Propaganda: Part 2: Modern propaganda efforts. In preparation for the US 2024 Presidential Election, Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses recent international propaganda efforts in the form of nation state interference and influence operations as well as domestic campaigns designed to split the target country into opposing camps. Guests include Nina Jankowicz, Co-Founder and CEO of the The American Sunlight Project and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber.

References:

Rick Howard, 2024. Election Propaganda Part 1: How does election propaganda work? [3 Part Podcast Series]. The CyberWire.

Rick Howard, 2024. Election Propaganda: Part 2: Modern propaganda efforts. [3 Part Podcast Series]. The CyberWire.

Christopher Chabris, Daniel Simons, 2010. The Invisible Gorilla: And Other Ways Our Intuitions Deceive Us [Book]. Goodreads.

Chris Palmer, 2010. TFL Viral - Awareness Test (Moonwalking Bear) [Explainer]. YouTube.

David Ehl, 2024. Why Meta is now banning Russian propaganda [News]. Deutsche Welle.

Eli Pariser, 2011. The Filter Bubble: What the Internet is Hiding From You [Book]. Goodreads.

Kara Swisher, Julia Davis, Alex Stamos, Brandy Zadrozny, 2024. Useful Idiots? How Right-Wing Influencers Got $ to Spread Russian Propaganda [Podcast]. On with Kara Swisher.

Nate Silver, 2024. What’s behind Trump’s surge in prediction markets? [Analysis]. Silver Bulletin.

Niha Masih, 2024. Meta bans Russian state media outlet RT for acts of ‘foreign interference’ [News]. The Washington Post.

Nilay Patel, 2024. The AI election deepfakes have arrived [Podcast]. Decoder.

Nina Jankowicz, 2020. How to Lose the Information War: Russia, Fake News and the Future of Conflict [Book]. Goodreads.

Perry Carpenter, 2024. FAIK: A Practical Guide to Living in a World of Deepfakes, Disinformation, and AI-Generated Deceptions [Book]. Goodreads.

Perry Carpenter, 2021. Meatloaf Recipes Cookbook: Easy Recipes For Preparing Tasty Meals For Weight Loss And Healthy Lifestyle All Year Round [Book]. Goodreads.

Perry Carpenter, n.d. 8th Layer Insights [Podcast]. N2K CyberWire.

Renee DiResta, 2024. Invisible Rulers: The People Who Turn Lies into Reality [Book]. Goodreads.

Robin Stern, Marc Brackett, 2024. 5 Ways to Recognize and Avoid Political Gaslighting [Explainer]. The Washington Post.

Sarah Ellison, Amy Gardner, Clara Ence Morse, 2024. Elon Musk’s misleading election claims reach millions and alarm election officials [News]. The Washington Post.

Scott Small, 2024. Election Cyber Interference Threats & Defenses: A Data-Driven Study [White Paper]. Tidal Cyber.

Staff, n.d. Overview: Coalition for Content Provenance and Authenticity [Website]. C2PA.

Staff, 2021. Foreign Threats to the 2020 US Federal Elections [Intelligence Community Assessment]. DNI.

Staff, n.d. Project Origin [Website]. OriginProject. URL https://www.originproject.info/

Stuart A. Thompson, Tiffany Hsu, 2024. Left-Wing Misinformation Is Having a Moment [Analysis] The New York Times.

encryption (noun) [Word Notes]

Tue, 15 Oct 2024 07:00:00 -0000

Enjoy this Word Notes encore.

The process of converting plain text into an unrecognizable form or secret code to hide its true meaning.

The e-commerce scam you didn’t see coming!

Thu, 10 Oct 2024 05:00:00 -0000

Maria Varmazis, host of N2K's daily space show T-Minus, joins Dave and Joe to share the story of a South Carolina couple, and how they were devastated to discover their vacant land in Concord, Massachusetts was fraudulently sold by thieves who posed as them, with the new owners already building a home on the property, prompting a lawsuit and an FBI investigation.

Our hosts share some follow-up on two intriguing listener contributions. John blocks Google ads using NextDNS, which catches ad wrappers unless manually disabled. Georgi from Japan describes a new Visa card with no visible number or CVV.

Dave's story is on triangulation fraud, a scam on e-commerce platforms like Amazon, where a fraudster lures buyers with fake listings for popular products at enticingly low prices, then uses stolen payment information to purchase the legitimate product from a seller, ultimately leaving the buyer unaware until debt collection notices arrive. Meanwhile, Joe has two stories this week. Police arrested five individuals in connection with a fake Brad Pitt scam that defrauded two women of $362,000. He also explores insights from the 2024 Global State of Authentication survey in a Q&A with Yubico VP Derek Hanson, who discusses the future of passkeys. Our catch of the day shares some royal secrets you won't want to miss.

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

Election Propaganda: Part 2: Modern propaganda efforts. [CSO Perspectives]

Wed, 09 Oct 2024 07:00:00 -0000

In preparation for the US 2024 Presidential Election, Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses recent international propaganda efforts in the form of nation state interference and influence operations as well as domestic campaigns designed to split the target country into opposing camps. Guests include Nina Jankowicz, Co-Founder and CEO of the The American Sunlight Project and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber.

References:

Scott Small, 2024. Election Cyber Interference Threats & Defenses: A Data-Driven Study [White Paper]. Tidal Cyber.

Renee DiResta, 2024. Invisible Rulers: The People Who Turn Lies into Reality [Book]. Goodreads.

Nina Jankowicz, 2020. How to Lose the Information War: Russia, Fake News and the Future of Conflict [Book]. Goodreads.

keylogger (noun) [Word Notes]

Tue, 08 Oct 2024 07:00:00 -0000

Please enjoy this encore episode of Word Notes.

Software or hardware that records the computer keys pressed by a user.

Election Propaganda Part 1: How does election propaganda work? [CSO Perspectives]

Thu, 03 Oct 2024 07:00:00 -0000

Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses personal defensive measures that an average citizen, regardless of political philosophy, can take in order to not succumb to propaganda.

References:

David Ehl, 2024. Why Meta is now banning Russian propaganda [News]. Deutsche Welle.

Jeff Berman, Renée DiResta, 2023. Disinformation & How To Combat It [Interview]. Youtube.

Niha Masih, 2024. Meta bans Russian state media outlet RT for acts of ‘foreign interference’ [News]. The Washington Post.

Quentin Hardy, Renée DiResta, 2024. The Invisible Rulers Turning Lies Into Reality [Interview]. YouTube.

Rob Tracinski, Renée DiResta, 2024. The Internet Rumor Mill [Interview]. YouTube.

Robin Stern, Marc Brackett, 2024. 5 Ways to Recognize and Avoid Political Gaslighting [Explainer]. The Washington Post.

Sarah Ellison, Amy Gardner, Clara Ence Morse, 2024. Elon Musk’s misleading election claims reach millions and alarm election officials [News]. The Washington Post.

Scott Small, 2024. Election Cyber Interference Threats & Defenses: A Data-Driven Study [White Paper]. Tidal Cyber.

Staff, 2021. Foreign Threats to the 2020 US Federal Elections [Intelligence Community Assessment]. DNI.

Staff, 2024. Election Cyber Interference Threats & Defenses: A Data-Driven Study [White Paper]. Tidal.

Stuart A. Thompson, Tiffany Hsu, 2024. Left-Wing Misinformation Is Having a Moment [Analysis. The New York Times.

Stuart A. Thompson, 2024. Elon Musk’s Week on X: Deepfakes, Falsehoods and Lots of Memes [News]. The New York Times.

Will Oremus, 2024. Zuckerberg expresses regrets over covid misinformation crackdown [News]. The Washington Post.

Yascha Mounk, Renée DiResta, 2022. How (Not) to Fix Social Media [Interview]. YouTube.

Renee DiResta, 2024. Invisible Rulers: The People Who Turn Lies into Reality [Book]. Goodreads.

Nina Jankowicz, 2020. How to Lose the Information War: Russia, Fake News and the Future of Conflict [Book]. Goodreads.

The Dark Arts of cyber. [Only Malware in the Building]

Tue, 01 Oct 2024 07:00:00 -0000

Welcome, witches, wizards, and cybersecurity sleuths! You’ve entered, Only Malware in the Building. Join us each month to brew potions of knowledge and crack the curses of today’s most intriguing cyber mysteries. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.

The Dark Arts practitioner behind this campaign targeted global organizations, disguising themselves as mundane tax authorities and weaving clever enchantments like using Google Sheets for command and control (C2). While their ultimate motive remains as shadowy as a cursed Horcrux, this malware is built for intelligence gathering and is primed to unleash additional attacks — likely summoning something even darker, like Cobalt Strike.

Prepare your wands, and let’s dive into this tale of digital sorcery!

non-fungible tokens (NFT) (noun) [Word Notes]

Tue, 01 Oct 2024 07:00:00 -0000

Enjoy this encore of Word Notes.

Digital assets that are cryptographically protected on a blockchain and contain unique identification codes and metadata that makes them one of a kind.

The devil IS in the details.

Thu, 26 Sep 2024 05:00:00 -0000

It's all in the details, folks. Pay attention to those and you can avoid unnecessary stress. Dave Bittner, Maria Varmazis, and Joe Carrigan swap stories on email password-stealing attacks, Google ads scams, and fake banks this week. The team shares follow up from listener Steven from the UK about the hazards of shoulder surfing when they received their new debit card with all PII on the same side of the card. A friend of the show JJ shared a story and a warning about fake checks. Never accept a check from a stranger.

Dave's story covers Action Fraud, the UK’s national fraud and cyber reporting center, warning iPhone users of a new Apple ID phishing campaign. Maria talks about new research that uncovers a new scam that takes advantage of public wishlists on ecommerce websites, which in this case is Walmart, but is similar to those found on Amazon and other sites. Joe's story is about a firm in Singapore with an email from a supplier requesting that a pending payment be sent to a new bank account based in East Timor.

Our Catch of the Day is from Reddit on the /scambait subreddit "THE Dolly Parton is going to let ME in her VIP club."

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

multi-factor authentication (noun) [Word Notes]

Tue, 24 Sep 2024 07:10:00 -0000

Enjoy this special encore episode.

The use of two or more verification methods to gain access to an account.

Scammers beware, the world is watching!

Thu, 19 Sep 2024 05:00:00 -0000

This week, Dave and Joe share some listener follow-up from Clayton about credit card fraud and the potential issues with automatic update services that some cards provide. Dave's story is on sextortion scams targeting spouses, where scammers claim a partner is cheating and provide links to fake "proof." Joe has two stories this week, the first one is on how Police in Lebanon County arrested an alleged grandparent scammer after a sting operation. Joe's second story is on scam victims being compensated under a new Labor plan in Australia, which would fine banks, telcos, and social media platforms up to $50 million for failing to meet anti-scam obligations. Our catch of the day comes from Reddit, where someone posted a text message thread of their conversation with a scammer about a potential job.

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

machine learning (noun) [Word Notes]

Tue, 17 Sep 2024 07:10:00 -0000

Enjoy this special encore episode.

A programming technique where the developer doesn't specify each step of the algorithm in code, but instead teaches the algorithm to learn from the experience.

Baked goods and bad actors.

Thu, 12 Sep 2024 05:00:00 -0000

Maria Varmazis, host of N2K's daily space show T-Minus, joins Dave and Joe to share the story on the "Hello pervert" sextortion scam, where scammers now use threats of Pegasus spyware and photos of victims' homes to intensify their demands. We have quite a bit of follow-up today. Scott from Australia shared how self-service checkouts now display scam warnings when purchasing gift cards to prevent fraud. Jim highlighted a vulnerability in YubiKey encryption libraries that allows key cloning with an oscilloscope, while a former US Marshal reminded us that Zelle is marketed specifically for transfers between friends and family. Joe's story is on Loria Stern, a small bakery owner who fell victim to a counterfeit check scam after receiving a $7,500 payment for a large cupcake order that was later halved, resulting in her bank withdrawing the funds. Dave's story follows the scams targeting grieving individuals on Facebook, where cybercriminals use fake funeral live stream links or donation requests to steal money and credit card details. Our catch of the day comes from listener Anne, who shares a phishing email sent to a friend. The email emphasized the importance of thorough testing in the software development lifecycle and came with a suspicious PDF attachment, likely containing a malicious link. Anne hopes the campaign has zero success.

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

intelligence (noun) [Word Notes]

Tue, 10 Sep 2024 07:00:00 -0000

Enjoy this special encore episode.

The process of turning raw information into intelligence products that leaders use to make decisions with.

Illusions & ill-intent.

Thu, 05 Sep 2024 05:00:00 -0000

Maria Varmazis, host of N2K's daily space show T-Minus, joins Dave and Joe to share the story of how the ease of registering an LLC in Colorado has led to a surge in fraudulent businesses. She discusses how residents receiving suspicious mail addressed to fake LLCs registered at their homes are overwhelming the state's Secretary of State with thousands of complaints. Joe's story is on how scammers used a seaside hotel and former bank offices on the Isle of Man to defraud victims in China out of millions of dollars. Dave's story follows a phishing campaign where attackers impersonated HR departments by sending fake mid-year employee engagement surveys to steal Microsoft Office 365 credentials. Our catch of the day comes from Mitch, who received a scam email claiming to be an invitation to join the "Great Illuminati Brotherhood." The email promises wealth, fame, and protection, urging the recipient to contact them to solve financial problems and join the so-called "Elite Family."

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

RATs in the tunnel: Uncovering the cyber underworld. [OMITB]

Tue, 03 Sep 2024 07:10:00 -0000

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.

Proofpoint has seen an increase in the abuse of tools like ScreenConnect and NetSupport, as well as Cloudflare Tunnel abuse and the use of IP filtering. They have also observed a rise in financially motivated malware delivery using TryCloudflare Tunnel abuse, focusing on remote access trojans (RATs) like Xworm and AsyncRAT.

Today we look at how Cloudflare tunnels are used to evade detection and how they have evolved their tactics by incorporating obfuscation techniques, with ongoing research to identify the threat actors involved.

SaaS (noun) [Word Notes]

Tue, 03 Sep 2024 07:00:00 -0000

Enjoy this special edition of Word Notes:

A cloud-based software distribution method where app infrastructure, performance, and security are maintained by a service provider and accessible to users, typically via subscription, from any device connected to the internet.

Beware of the deceivers.

Thu, 29 Aug 2024 05:00:00 -0000

This week Joe and Dave share some listener follow up from Tim, who writes in to give some more information on a payment apps story in episode 302. Joe's story is on Suzy Enos, whose sister died, only for scammers to impersonate a family member and take over her phone number, leading to fraudulent charges on her accounts. Enos fought back to secure her late sister's assets and raise awareness about protecting accounts after a loved one's death. Dave's story follows how scammers exploit the "Automatic Billing Update" (ABU) program to enroll people in fake subscriptions and charge them even after their credit cards are replaced. To avoid this, you need to inform your issuer that it's a subscription scam and request them to block the merchant from using ABU to get your new card number. Our catch of the day comes from listener Felipe, who writes in share a letter he got in the mail where scammers were trying to convince him that he is owed money from a family member he has never heard of before.

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

brute-force attack (noun) [Word Notes]

Tue, 27 Aug 2024 07:00:00 -0000

Enjoy this special encore episode.

A cryptographic hack that relies on guessing all possible letter combinations of a targeted password until the correct codeword is discovered.

How scammers weave deception into everyday life.

Thu, 22 Aug 2024 05:00:00 -0000

Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe to share her story on how AI-generated scams have infiltrated the world of crochet and other crafts, selling fake patterns that often result in impossible or frustrating projects. Dave's story is on the rise of "digital arrest" scams in India, where criminals posing as law enforcement officers coerce victims into making payments to avoid fake charges against their loved ones. Joe's story come's from a listener this week, and follows the latest evolution of the classic invoice scam, where scammers are now embedding unrelated but meaningful text to bypass spam filters. Our catch of the day comes from listener William, who shares a classic Nigerian Banker Scam. In this version, a young bank employee named Zayas Yovani claims to have discovered your overdue funds at the Central Bank of Nigeria. He offers to release the money if you help him flee the country, requiring you to purchase special hard drives and share your banking details.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

decryption (noun) [Word Notes]

Tue, 20 Aug 2024 07:00:00 -0000

Enjoy this special encore of Word Notes.

A process of converting encrypted data into something that a human or computer can understand.

Navigating dark waters and deceptive currents.

Thu, 15 Aug 2024 05:00:00 -0000

Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe to share her story from listener Chloe, who shared a post she found on a social media platformed called "Bluesky," where a company is asking for photos and videos of your children to help AI smarter. Our hosts share some listener follow up on how a scammer impersonated a government official to deceive a woman into converting her assets into gold bars, resulting in the theft of over $789,000. They also share some follow up from listener Steve to discuss the "No Numbers Project" from episode 300. Joe's story is on regulators investigating whether major banks, including JPMorgan Chase, Bank of America, and Wells Fargo, are adequately addressing Zelle scams by shutting down accounts used by fraudsters. Dave has the story on the FTC warning that scammers are the only ones who promise to remove all negative details from your credit report. Our catch of the day come from listener Benjamin who shares an email they received claiming to know things about him that he would not want getting out.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

denial-of-service attack (noun) [Word Notes]

Tue, 13 Aug 2024 07:00:00 -0000

Enjoy this encore episode:

A cyber attack designed to impair or eliminate access to online services or data.

Phishing for votes.

Thu, 08 Aug 2024 05:00:00 -0000

Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave to share her story on how recent research by security firm Veriti reveals a phishing campaign targeting Trump’s 2024 supporters, soliciting cryptocurrency donations through fake WinRed-branded domains, with limited transactions and some activity traced to China. Dave and Maria share some follow-up from a listener, including suggestions for protecting Dave's father's computer from phishing scams by using LibreWolf browser, UBlock Origin extension, and NextDNS, as well as a listener sharing insights on the pronunciation of "Ports-Muth." Dave's story follows how in June, Ferrari CEO Benedetto Vigna was impersonated via deepfake technology in an attempted scam to deceive a Ferrari executive into signing a Non-Disclosure Agreement for a fictitious acquisition, but the ruse was detected and the company emerged unscathed. Dave also goes on to share news about his own home state Maryland and their gift card policy. Our catch of the day come from the scam subreddit and follows a text message where a scammer is trying to intimidate the recipient.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

AI: The new partner in cybercrime? [OMITB]

Tue, 06 Aug 2024 11:00:00 -0000

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.

Proofpoint recently released two articles on two cyber campaigns: one by the group UNK_SweetSpecter targeting U.S. organizations involved in AI with the SugarGh0st RAT, and another by TA547 targeting German organizations with Rhadamanthys malware.

Today we look at what the focus of threat actor objectives are and what that means for defenders.

cold boot attack (noun) [Word Notes]

Tue, 06 Aug 2024 07:00:00 -0000

Please enjoy this special encore episode of Word Notes.

A type of side channel attack in which an attacker with physical access to a computer performs a memory dump of a computer’s Random Access Memory or RAM during the reboot process in order to steal sensitive data.

This is 300!

Thu, 01 Aug 2024 05:00:00 -0000

This week we celebrate 300 episodes! Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe and shares a PSA on the CrowdStrike outage. Her story focuses on the Olympics, as this was the first week the Olympics started, and she shares about a recent fraud campaign that is targeting iPhone users in India, posing as India Post through smishing attacks. Our hosts discuss some follow up, from listener Brie, who writes in to share how one police force is helping folks stay safe from scam callers. They also share a story from listener Mark, who writes in about his 77-year-old mom's Facebook account being hacked, and she was tricked into downloading an app and opening her banking app while on a fake customer service call. Dave's story is on Gina Russell, who posed as a psychic and led an elaborate extortion scheme with her family, coercing victims into giving them millions of dollars under threats of harm. Joe has the story of social media giant Meta saying sextortion scams are increasing, with criminals from Nigeria often targeting adult men in the U.S.. Our catch of the day comes from an anonymous listener, who shared a post they found on the social media platform "Shared," about a scammer getting messed with.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: cloud computing (noun) [Word Notes]

Tue, 30 Jul 2024 07:00:00 -0000

On-demand pay-as-you-go Internet delivered compute, storage, infrastructure, and security services that are partially managed by the cloud provider and partially managed by the customer.

Healthcare hassles and hefty heists.

Thu, 25 Jul 2024 05:00:00 -0000

This week, Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe, as they celebrate Maria joining the Hacking Humans podcast every week! Maria's story is from a listener this week who writes in with a story on an IT company that is a third party for a healthcare company, and the dangers that can come from that. Dave and Joe share some listener follow up from Michael, who shares some thoughts on AI. Dave's story follows how a recent study found that 40% of elderly adults in the UK regularly face phone-based fraud attempts, with significant impacts on their mental health and quality of life. Joe follows a Scottsdale couple, Alexandra Gehrke and Jeffrey King, and how they have been indicted for a $900 million fraud scheme targeting hospice patients, receiving $330 million in illegal kickbacks used to purchase luxury items. Our catch of the day comes from listener Jim who writes in with a letter about a concerned beneficiary who received a letter from the FBI about their overdue inheritance with the National Bank of Belgium. The message confirmed the legitimacy of their claim but warned of potential scams by individuals impersonating bank officials.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: APT (noun) [Word Notes]

Tue, 23 Jul 2024 07:00:00 -0000

An acronym for Advanced Persistent Threat to describe hacker groups or campaigns normally, but not always, associated with nation state cyber espionage and continuous low-level cyber conflict operations.

Welcome to a new age in digital deception.

Thu, 18 Jul 2024 05:00:00 -0000

This week, Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe, as they celebrate Maria joining the Hacking Humans podcast every week! Maria's story is on supplement scams, as there has been a significant surge in health-related supplement scams on social media platforms, utilizing advanced technologies like AI-generated images and deepfake videos to promote fake products endorsed by celebrities and medical professionals. Joe's story follows Airplane WiFi, now essential for many travelers, and how it poses unexpected risks as recent incidents highlight dangers like "evil twin" attacks, urging caution with VPNs and verifying network legitimacy to safeguard personal data midair. Dave has the story on 2 women charged in a romance scheme, defrauding elderly men out of $7 million.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: backdoor (noun) [Word Notes]

Tue, 16 Jul 2024 07:00:00 -0000

An undocumented or publicly unknown method to access a computer system undetected or to break a cypher used to encode messages.

The costly consequences of communication scams.

Thu, 11 Jul 2024 05:00:00 -0000

This week Dave shares a story on Business email compromise (BEC) scams, and how they are a major threat, costing $26 billion annually. The story shares how it's crucial for employees to verify suspicious emails through a secondary channel and for companies to foster transparent communication to mitigate such risks. Joe shares two stories with us this week. The first is from a listener named Jay, who received a story from a relative. In this story, someone claiming to be a constable calls to warn about a person who has gift cards with the victim's name on them, then tries to get the caller to call the police to confirm. Joe's second story comes from Allison Gormly at Consumer reporter at WTHR in Indianapolis. Allison share's videos videos on Instagram that all start with “Hey Allison,” this one starts with Hey Allison, a stranger sent me money on Venmo, should I send it back? Our catch of the day comes from listener Cameron, who shares how he is a business owner with a public-facing email address, and how he gets his fair share of scam emails, but this one takes the cake.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: watering hole attack (noun) [Word Notes]

Tue, 09 Jul 2024 07:00:00 -0000

From the intrusion kill chain model, a technique where the hacker compromises sites commonly visited by members of a targeted community in order to deliver a malicious payload to the intended victim.

Encore: AI versus AI.

Thu, 04 Jul 2024 05:00:00 -0000

Blair Cohen from AuthenticID joins Dave to discuss how generative AI and authentication go hand in hand. Joe and Dave share some follow up from listener Robert who discusses an ad for a device that uses ChatGPT to record phone calls on your device. Dave helps his dad out with his computer and shares the tale. Dave also shares a story this week on the FBI warning against scammers who are posing as NFT devs to try and steal your crypto. Joe and Dave test their scammer catching skills while taking a test to see if they are smarter than the average scammer. Our catch of the day comes from listener Steve who writes in to share a receipt he received that looked quite suspicious.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Operation Endgame: The ultimate troll patrol. [Only Malware in the Building]

Tue, 02 Jul 2024 11:00:00 -0000

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.

Operation Endgame is a strategy by Western law enforcement to counter Russian cybercriminals through psychological tactics. This involves creating distrust among hackers, exposing their internal communications, and dismantling their anonymity to hinder their operations. You can find more information on Operation Endgame here.

Today we look at the new tactics used to disrupt these criminals by eroding trust among them and undermining their anonymity.

Encore: network telescope (noun) [Word Notes]

Tue, 02 Jul 2024 07:00:00 -0000

Network observation systems designed to monitor globally unreachable but unused Internet address space or the Deep Web in order to study a wide range of interesting Internet phenomena.

Public pianos and private scams.

Thu, 27 Jun 2024 05:00:00 -0000

This week Joe and Dave share some interesting follow up from a few episodes ago where Dave shared his love for baby grand pianos and how scammers we're using that to lure people into traps. Listener George wrote in to share about a show on UK Channel 4, called "The Piano," it's a music competition where visitors play a public piano in a train station, judged by hidden famous pianists, with winners performing at the UK Royal Festival Hall. Joe's story is a warning to travel goers using booking.com, as they share scams are at a all time high. Dave's story follows some neighborhood Facebook groups, and how they are inundated with posts about air duct cleaning services, prompting an investigation that reveals a scam involving fake profiles, telemarketers in Pakistan, and local technicians. Our catch of the day comes from listener Christopher, who writes in to share an outlandish message he received from a hacker with too much time on their hands.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: SOC Triad (noun) [Word Notes]

Tue, 25 Jun 2024 07:00:00 -0000

A best practice for framing cyber intelligence critical information requirements that recommends collecting and consolidating data from three specific sources: endpoint, network and log.

From dark shadows to main stage.

Thu, 20 Jun 2024 05:00:00 -0000

Brandon Kovacs, a Senior Red Team Consultant at Bishop Fox, is talking about how Artificial Intelligence is shaping the future of social engineering. Listener Adina wrote in to share their thoughts on an earlier episode on Google. Dave share's listener Tony's write in for his story this week. Joe and Dave discuss some questions Tony shared about preparing for an overseas trip when his bank account was locked due to security measures triggered by setting up a backup phone and using a VPN. Joe has two stories for this week, one from Blair Young at WBAL, where Maryland Lottery is warning the public about a phone scam claiming Powerball winnings. The second comes from listener Don who shares a story on people who hold posters up saying they need money for children's funerals. Our catch of the day comes from a listener that found a "task scam" on Reddit.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: supply chain attacks (noun) [Word Notes]

Tue, 18 Jun 2024 07:00:00 -0000

Also known as a third-party attack or a value-chain attack, advisory groups gain access to a targeted victims network by first infiltrating a business partner's network that has access to the victim's systems or data.

False flags and fake voices.

Thu, 13 Jun 2024 05:00:00 -0000

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria's story covers the escalating efforts of pro-Russian propagandists to tarnish the Paris Summer Olympics and erode Western support for Ukraine, employing bold tactics like using AI to mimic Tom Cruise's voice. Joe and Dave share quite a bit of listener follow up, the first on is regarding the AirBnB story from a few weeks ago, the second one is from listener Lawrence who wrote in to verify dave’s comments about American Express, and the last one is from listener Tait, who shares some info on how they stay safe with banking. Joe has two stories for this week, the first one is on how the FBI is investigating the city of Gooding after they sent $1 million to a contractor for a wastewater project but later learned it was the victim of a scam. Joe's second story follows how a scammer dupes a Las Vegas woman out of $9,000 using a simple trick after turning up on her doorstep. Dave shares Avast's Q1, 2024 threat report. Our catch of the day comes from listener Clinton who wrote in to share and invoice he received from Apple Global requesting almost $1400.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: taint analysis (noun) [Word Notes]

Tue, 11 Jun 2024 07:00:00 -0000

The process of software engineers checking the flow of user input in application code to determine if unanticipated input can affect program execution in malicious ways.

Spotting social engineering in the shadows.

Thu, 06 Jun 2024 05:00:00 -0000

This week, we are joined by Dr. Chris Pierson CEO at Black Cloak, and he is talking about some of the social engineering attacks his team is tracking. Joe's story follows how Microsoft Threat Intelligence has observed the financially motivated cybercriminal group Storm-1811 misusing the client management tool Quick Assist in social engineering attacks. Dave share's the story of the lure of a free baby grand piano to deceive over 125,000 email recipients, mainly targeting North American university students and faculty, earning at least $900,000. Our catch of the day comes from listener Chuck who writes in to share some of his junk mail he has been receiving recently, and shares concerns for other listeners.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

The curious case of the missing IcedID. [Only Malware in the Building]

Tue, 04 Jun 2024 11:00:00 -0000

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.

IcedID is a malware originally classified as a banking trojan and was first observed in 2017. It also acts as a loader for other malware, including ransomware, and was a favored payload used by multiple cybercriminal threat actors until fall 2023.

Then, it all but disappeared. In its place, a new threat crawled: Latrodectus. Named after a spider, this new malware, created by the same people as IcedID, is now poised to take over where IcedID melted off.

Today we look back at what happened to the once prominent payload, and what its successor’s spinning web of activity means for the overall landscape.

Encore: ATM skimming (noun) [Word Notes]

Tue, 04 Jun 2024 07:00:00 -0000

The process of stealing ATM customer credentials by means of physically and covertly installing one or more devices onto a public ATM machine.

The AirBnB booking that wasn’t.

Thu, 30 May 2024 05:00:00 -0000

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story from a listener, who writes in on an AirBnB debacle he was dealing with. Joe shares the newly released 2024 Data Breach Investigations Report from Verizon. Dave shares a story From the New York Magazine, written by Ezra Marcus, on a college sophomore from University of Miami who was found to be tangled up in a refund fraud scam that granted him a lavish lifestyle. Our catch of the day comes from Joe's mother this week. She happened to receive an email with the subject line being "your order is confirmed," coming from what looks to be "McAfee."

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: APT side hustle (noun) [Word Notes]

Tue, 28 May 2024 07:00:00 -0000

A nation-state hacking group’s practice of funding its town activities through cybercrime or cyber mercenary work.

Awareness, behavior, & beyond.

Thu, 23 May 2024 05:00:00 -0000

This week, we are joined by host of 8th Layer Insights, Perry Carpenter from KnowBe4 and Dr. Jessica Barker from Cygenta to discuss human risk: awareness, behavior and beyond. Joe and Dave share some listener follow up, the first being from Richard, who writes in to share some tips and tricks regarding relationship scams mentioned in a previous show. The second is from Michael, who writes in with some thoughts on social engineering to compromise open source projects from episode 288. Dave shares a story on researchers observing millions of daily emails from "Jenny Green," facilitated by the Phorpiex botnet, distributing LockBit 3.0 ransomware that has affected millions of people. Joe share's Paul Raffile's story, a gentleman who got fired from Facebook before he even started. Our catch of the day comes from listener Gordy who shared an email with us regarding his "McAfee security."

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

Security Experts Issue Jenny Green Email Warning For Millions
LinkedIn Paul Raffile (Part 1)
LinkedIn Paul Raffile (Part 2)

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: endpoint (noun) [Word Notes]

Tue, 21 May 2024 07:00:00 -0000

A device connected to a network that accepts communications from other endpoints like laptops, mobile devices, IoT equipment, routers, switches, and any tool on the security stack.

Psychology and scams.

Thu, 16 May 2024 05:00:00 -0000

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story about how ransomware infections are beginning to change to form a more psychological attack against victims' organizations, as criminals are using personal and aggressive tactics to force them to pay. Dave and Joe share some listener follow up, from Bob, who writes in to share how he shares stories with his family members, and mentions one specifically on a Best Buy Geek Squad scam. Dave share's a story on bank scams, and how scammers are using genuine push notifications to trick their victims. Joe shares a story regarding email security loopholes, and how these loopholes are the latest path for North Korean social engineering attacks. Our catch of the day is from our follow up listener Bob, as he shares the story of trying to figure out the difference between a real email from the U.S social security department and a fake one.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: unified extensible firmware interface (UEFI) (noun) [Word Notes]

Tue, 14 May 2024 07:00:00 -0000

An extension of the traditional Basic Input/Output System or BIOS that, during the boot process, facilitates the communication between the computer’s firmware and the computer’s operating system.

The illusion of influence.

Thu, 09 May 2024 05:00:00 -0000

Bogdan Botezatu from Bitdefender is discussing research on "Audio deepfakes: Celebrity-endorsed giveaway scams and fraudulent investment opportunities flood social media platforms." Dave and Joe shares some follow up from listener Lara, who writes in to discuss a few topics regarding a previous episode. Joe's story is sharing a game changer in the social engineering world. Dave shares the story of a listener's grandmother who had fallen victim to a pig butchering scam. Our catch of the day comes from listener Kenneth who shares an email he received from a "Cardiologist" on some puppies.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: Daemon (noun) [Word Notes]

Tue, 07 May 2024 05:00:00 -0000

An operating system program running in the background designed to perform a specific task when certain conditions or events occur.

From support to scam.

Thu, 02 May 2024 05:00:00 -0000

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story from Canada on a gentleman who thought he was calling Best Buy's Geek Squad, but instead ended up getting scammed out of $25,000. Dave and Joe share quite a bit of listener follow up, the first one is from Raul who shares how they saw an infamous Facebook scam. The second one is from listener Alec who shares some thoughts on episode 286's catch of the day. Lastly, Paula shares some thoughts on a recent discussion on why people are on the phone when a flight gets cancelled. Joe brings back answers to an old scam featured on an episode back in January on toll scams, as well as sharing about how the OpenSSF and OpenJS Foundations have issued an alert for social engineering takeovers of open source projects. Dave shares updates from the ex-athletic director accused of framing principal with AI and how he was arrested at the airport with a gun. Our catch of the day comes from listener Kenneth who shares an email from a "doctor" who has puppies for sale.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: greyware (noun) [Word Notes]

Tue, 30 Apr 2024 07:00:00 -0000

Also known as spyware and adware, it is a software category where developers design the application neither to cause explicit harm nor to accomplish some conventional legitimate purpose, but when run, usually annoys the user and often performs actions that the developer did not disclose, and that the user regards as undesirable.

Fighting off phishing.

Thu, 25 Apr 2024 05:00:00 -0000

Roger Grimes, a Data Driven Defense Evangelist from KnowBe4 and author is discussing his new book, "Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing." Dave and Joe share some listener follow up, the first being from listener Tim, who shares a story of him almost falling for a scam involving some of his investment assets. Lastly, Dave and Joe share a story from an anonymous listener who wrote in to share about a LinkedIn imposter nightmare. Dave's story focuses on a how the LabHost PhaaS platform was disrupted by a year-long global law enforcement operation, resulting in the arrest of 37 suspects, including the original developer. Joe shares the story of an 81 year old Ohio man, who was arrested after shooting a woman after both of them got wrapped up in a phone call scam. Our catch of the day comes from Robert, who writes in with what he believes is a email scam from a Chinese company called "Infoonity."

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: fuzzing (noun) [Word Notes]

Tue, 23 Apr 2024 07:00:00 -0000

An automatic software bug and vulnerability discovery technique that inputs invalid, unexpected and/or random data or fuzz into a program and then monitors the program's reaction to it.

Is change presenting a window of opportunity for attackers?

Thu, 18 Apr 2024 05:00:00 -0000

Trevin Edgeworth, Red Team Practice Director at Bishop Fox, is discussing how change, like M&A, staff, tech, lack of clarity or even self-promotion within and around security environments presents windows of opportunity for attackers. Joe and Dave share some listener follow up, the first one comes from Erin, who writes in from Northern Ireland, shares an interesting new find about scammers now keeping up with the news. The second one comes from listener Johnathan who shared thoughts on reconsidering his view on defining Apple's non-rate-limited MFA notifications as a "vulnerability." Lastly, we have follow up from listener Anders who shares an article on AI. Joe shares a story from Amazon sellers, and how they are being plagued in scam returns. Dave brings us the story of how to save yourself and your loved ones from AI robocalls.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: Unix (noun) [Word Notes]

Tue, 16 Apr 2024 07:00:00 -0000

A family of multitasking, multi-user computer operating systems that derive from the original Unix system built by Ken Thompson and Dennis Ritchie in the 1960s.

Could AI's doomsday be deferred?

Thu, 11 Apr 2024 05:00:00 -0000

Dr. Robert Blumofe, CTO at Akamai, sits down to talk about the AI doomsday versus a "very bad day" scenario. Dave shares a story from The Knowledge Project Podcast, where the host talks to Adam Robinson, a multifaceted individual known for his work as an author, educator, entrepreneur, and hedge fund advisor, and he talks about what is all incorporated into the term "stupidity." Dave goes on to share that while most people may feel stupid when falling for a scam, this research suggests otherwise, and you should never feel that way for falling for any scam. Joe's story comes from Hayley Compton at BBC, and is on a Facebook scam sneaking it's way into a family's home after a couple just had their first child. Our catch of the day comes from listener Michael, who shares an email he received that caught him off guard at first.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: deep packet inspection (DPI) (noun) [Word Notes]

Tue, 09 Apr 2024 07:00:00 -0000

A network monitoring and filtering technique that examines both the header information and the payload of every packet traversing a network access point.

Cyber crime chronicles featuring scams, spies, and cartel schemes.

Thu, 04 Apr 2024 05:00:00 -0000

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story about Apple users reporting that they are being targeted in elaborate phishing attacks that involve's a bug in Apple’s password reset feature. Joe and Dave share some listener follow up from Leo who shares some thoughts on episode 282 and the recruiter scam that was discussed. Dave shares a story from Mexico on one of the most violent criminal groups and drug cartels, Jalisco New Generation. They have been running call centers that offer to buy retirees’ vacation properties and then empty the victims’ bank accounts. Joe has the story of Facebook spying on users' Snapchats in a secret project. Our catch of the day comes from listener Van, who writes in to share a voicemail they received related to a tax scam.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: rootkit (noun) [Word Notes]

Tue, 02 Apr 2024 07:00:00 -0000

A clandestine set of applications designed to give hackers access and control over a target device.

Exploring emerging trends in online scamming.

Thu, 28 Mar 2024 05:00:00 -0000

Graham Cluley joins to discuss trends he’s been seeing lately in online scams. N2K's very own Gina Johnson shares some insights on a discussion a few episode ago on why people need a prescription for oxygen in the US. Joe brings up the topic of getting and exploiting access to your infrastructure, and shares an article that deals with the rise of social engineering fraud in business email compromise. Dave shares a personal story this week, on how he got scammed from a Facebook post, sharing that it can happen to anyone. Our catch of the day comes from listener Vance, who writes in to share a scam he found via "snail mail," regarding a life insurance policy that he needs to collect on.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: tactics, techniques and procedures (TTPs) (noun) [Word Notes]

Tue, 26 Mar 2024 07:00:00 -0000

A set of behaviors that precisely describes a cyber adversary attack campaign.

Job seeker beware: Spotting sneaky scammers on job boards.

Thu, 21 Mar 2024 05:00:00 -0000

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. She shares the story on scammers posing as recruiters on LinkedIn to get you to fall for an age old phishing scam. Dave and Joe share some listener follow up, the first being from listener Alex who shared a video on scammers being forced to prove they are not robots. Listener Chloe wrote in with a question, asking about a potential scam she encountered. Joe has a story from the BBC this week regarding a love scam in the Philippines. Finally, Dave shares the story on the FCC approving a voluntary cybersecurity labeling program for wireless IoT products. Our catch of the say comes from Mark, who shares a personal story on a recruiting scam nightmare.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

You can hear more from the T-Minus space daily show here.

And be sure to join our live webinar: CISOs are the new Architects (of the Workforce)

Join N2K’s Simone Petrella and Intuit’s Kim Jones on Wednesday, March 27th for an online discussion about the pivotal role security leaders play in shaping the security workforce landscape, and how we can start showing up for the future of our industry. Learn more and register on the event page.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: cyber threat intelligence (CTI) (noun) [Word Notes]

Tue, 19 Mar 2024 07:00:00 -0000

Information used by leadership to make decisions regarding the cybersecurity posture of their organization.

Cyberattack chaos and the impact on families.

Thu, 14 Mar 2024 05:00:00 -0000

This week we are joined by N2K CyberWire's very own Catherine Murphy, and she is sharing her family's experiences with Lurie Children's Hospital's recent cybersecurity incident. Dave shares a story on the dangers of Googling airline customer service numbers when an issue occurs. Joe shares another story on scary scams that are costing people millions of dollars, now getting the FBI involved. Our catch of the day was found from the Washington University in St. Louis from their Scam of the Month posting, which shares another tale of a scam, this time trying to recruit for an open vacancy as a research assistant for undergraduates. The scammers pose as a Professor of Computer Science and Engineering to try and get students to sign up for this fake job posting.

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: identity theft (noun) [Word Notes]

Tue, 12 Mar 2024 07:00:00 -0000

In this case Identity is the set of credentials, usually electronic that vouch for who you are and theft is to steal. The theft of a person's identity for purposes of fraud.

New tools, old problems.

Thu, 07 Mar 2024 06:00:00 -0000

Please take a moment to fill out an audience survey! Let us know how we are doing!

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: Monte Carlo Simulation (noun) [Word Notes]

Tue, 05 Mar 2024 08:00:00 -0000

A probability simulation technique used to understand the impact of risk and uncertainty in complex problems.

Navigating the post-password landscape.

Thu, 29 Feb 2024 06:00:00 -0000

Mike Kosak, Principal Intelligence Analyst at LastPass, is discussing passkeys, threat actors, and Volt Typhoon. Joe shares a new free certification you could get if you are looking to get into the field. Joe also shares a terrifying story about how everyone can be conned, and it's not as obvious as it may seem sometimes. Dave's story is warning Costco members of a new phishing scam that attempts to steal their credit card information. Our catch of the day comes from listener Pryce who shares an email they received regarding a charge they are getting from "NortonLifeLock."

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: Virtual Private Network (VPN) (noun) [Word Notes]

Tue, 27 Feb 2024 08:00:00 -0000

A software, hardware or hybrid encryption layer between two devices on the network that makes the traffic between the sites opaque to the other devices on the same network.

Scamming the innocent.

Thu, 22 Feb 2024 06:00:00 -0000

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. She brings us a scary story from a woman who never thought she'd ever be scammed. Dave and Joe shares some follow up before getting into their stories, they share a story from a listener who sent in a LinkedIn link about scammers targeting Walmart. They also share a question from listener Cynthia, who asks about bank scam covered before, and how to respond to these scams. Dave shares a story from an anonymous source this week, who writes in about the dangers of crypto scams. Joe has two stories for us this week, the first one being from a friend of his that works for a company that specializes in military contracts. This company was hiring an employee and received three emails that all were very similar to one another, sharing that this is a red flag and wanted to write in to share the dangers of this scam. The second story is a very similar story to the one covered on Andy Cohen a few episode ago, and shares how a Jefferson county couple were scammed out of hundreds of thousands of dollars. Our catch of the day comes from listener Thomas who shares a story on AI voices sounding like famous people and his experience.

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: smishing (SMS phishing) (noun) [Word Notes]

Tue, 20 Feb 2024 08:00:00 -0000

From the intrusion kill-chain model, the delivery of a “lure” via a text message to a potential victim by pretending to be some trustworthy person or organization in order to trick the victim into revealing sensitive information. Smishing is a portmanteau word made of two other words, the acronym “SMS” and the cyber coinage “Phishing“. It’s a text-message-centric variation of the email-based phishing scams that have been around since the 1990s. The term “Smishing” arose in the late 2000s.

Looking forward in 2024.

Thu, 15 Feb 2024 06:00:00 -0000

Aaron Walton, Threat Intel Analyst from Expel is discussing some things to look out for in 2024. Joe and Dave share some listener follow up from Mateusz, who shares some positive news with us. Dave's story is about a romance scammer coming clean after failing to woo CBS News reporter, Erica Johnson. Joe's story is on the latest decision from the FCC, and how they voted to ban scam robocalls that use AI-generated voices. Our catch of the day comes from listener Chuck, just in time for tax season, he warns against a phishing scam he received about his taxes.

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: port mirroring (noun) [Word Notes]

Tue, 13 Feb 2024 08:00:00 -0000

A network switch configuration setting that forwards a copy of each incoming and outgoing packet to a third switch port. Also known as SPAN or Switched Port Analyzer, RAP or Roving Analysis Port, and TAP or Test Access Point. When network managers and security investigators want to capture packets for analysis, they need some sort of generic TAP or Test Access Point. You can buy specialized equipment for this operation but most modern switches have this capability built in.

Scamming just isn't what it used to be.

Thu, 08 Feb 2024 06:00:00 -0000

Links to the stories:

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: Network Time Protocol (NTP) attack (noun) [Word Notes]

Tue, 06 Feb 2024 08:10:00 -0000

A reflection or amplification distributed denial-of-service attack in which hackers query Internet network time protocol servers, NTP servers for short, for the correct time, but spoof the destination address of their target victims.

Quiz scam nightmare.

Thu, 01 Feb 2024 06:00:00 -0000

Jaeson Schultz, Technical Leader from Cisco Talos, is discussing "Spammers abuse Google Forms’ quiz to deliver scams." Dave's story discusses the disturbing new trick up a scammers sleeve to get you to fall for their schemes. Joe has two stories this week, the first a warning to those who pick up scammers phone calls and what that can lead to after gaining access to your voice. Joe's second story follows a band of organized thieves and how they have been targeting high-end homes across Metro Detroit. Our catch of the day comes from listener Van, who writes in to share a fun catch from a scammer who left a voicemail.

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: smishing (SMS phishing) (noun) [Word Notes]

Tue, 30 Jan 2024 08:10:00 -0000

Phishing for mail.

Thu, 25 Jan 2024 06:00:00 -0000

Abhilash Garimella from Bolster joins to discuss a USPS phishing campaign abusing freemium dynamic DNS and SaaS providers. Dave and Joe share some follow up, one was from listener Mike who wrote in to tell us about a breach at Resend, another was regarding a previous episode on grief and the internet, and finally Joe and Dave discuss a listeners response to a previous episode regarding an SMS scam a listener wrote in about. Dave shares a story on Walmarts relaxed security methods and how scammers may be exploiting them. Joe shares a couple articles relating to the ever growing pop star Taylor Swift and how criminals are using her face to scam. Our catch of the day comes from Joe this week, and he shares an interesting looking email he received from "Apple."

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: port mirroring (noun) [Word Notes]

Tue, 23 Jan 2024 08:10:00 -0000

It's the intricate deceptions that get you.

Thu, 18 Jan 2024 06:00:00 -0000

This week we are joined by the host of T-Minus, N2Ks very own Maria Varmazis brings her own story and discusses with Dave and Joe. We start off with Joe, and he brings in the story of Andy Cohen and how he fell victim to a credit card scam and shares what he had learned through the experience. Maria shares Arctic Wolf Labs' story and how they have investigated several cases of Royal and Akira ransomware victims being targeted in follow-on extortion attacks dating back to October of 2023. Lastly, Dave shares his story warning YouTube users about videos promoting cracked software that is distributing Lumma Stealer. Our catch of the day comes from listener Jon, he shares and email that had made it through his spam filter.

You can hear more from the T-Minus space daily show here.

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: Network Detection and Response (NDR) (noun) [Word Notes]

Tue, 16 Jan 2024 08:10:00 -0000

NDR tools provide anomaly detection and potential attack prevention by collecting telemetry across the entire intrusion kill chain on transactions across the network, between servers, hosts, and cloud-workloads, and running machine learning algorithms against this compiled and very large data set. NDR is an extension of the EDR, or endpoint detection and response idea that emerged in 2013.

Password Perils: The threat of credential stuffing exploits.

Thu, 11 Jan 2024 06:00:00 -0000

Frank Riccardi sits down to discuss how cybercriminals exploit people’s fondness for reused passwords to launch credential stuffing attacks. Dave and Joe share a bit of follow up, one from a listener named Steve who shares some push back from the 23andMe story from last week, and the other from a listener named Michael who shares a story of unpaid toll scams. Joe shares the story of a Utah exchange student and how he fell victim to a cybersecurity kidnapping, and now authorities are trying to figure out how it happened. Dave shares a scam about tragic fake posts that lead to a "win now" website, that has been flooding his Facebook feed. Our catch of the day comes from Jon who writes in to share a suspicious email that made it through the spam filter in Google.

Links to the stories:

After Utah exchange student cyber kidnapping, we're looking at how the scam works

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: shadow IT (noun) [Word Notes]

Tue, 09 Jan 2024 08:10:00 -0000

Technology, software and hardware deployed without explicit organizational approval. In the early days of the computer era from the 1980s through the 2000s security and information system practitioners considered shadow IT as completely negative. Those unauthorized systems were nothing more than a hindrance that created more technical debt in organizations that were already swimming in it with the known and authorized systems.

The DNA dilemma: Unraveling a 23AndMe breach.

Thu, 04 Jan 2024 06:00:00 -0000

Alethe Denis from Bishop Fox is talking with Dave and Joe with her take on the 23AndMe breach. Dave and Joe share some follow up from listener Michael, who writes in to share thoughts on our catch of the day from last episode, regarding the voice mail from Spectrum. Dave shares a story on email security, and how human factors have a heavy influence on it, especially with people's vulnerability to phishing and social engineering. Joe has two stories this week, his first story is a good wrap on the holiday's and gift card scams. Joe's second story is a jump on tax season quickly approaching, and how the IRS is helping taxpayers by providing penalty relief. Our catch of the day is a good example of what not to do when phishing/scamming people, luckily the receiver was smarter than the sender.

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Stolen personality?

Thu, 28 Dec 2023 06:00:00 -0000

Matt Lewis from the NCC Group joins to discuss how cybercriminals can decode your personality through AI conversations to launch targeted attacks at you. Dave and Joe share some follow up from listener Sydney, who writes in to share her thoughts on an FCC proceeding and how it could be of greater relevance to IoT security than SBOMs and HBOMs. Dave also shares a story from a listener from last Christmas, sending a warning to holiday shoppers. Dave has two stories this week, he shares one regarding an announcement on holiday scams coming out. His other story follows Zelle finally caving in to provide some relief to scam victims. Joe's story follows new crypto-theft attacks and warns people against the new tactics.

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

The grinch who hacked Christmas. [Hacking humans goes to the movies]

Sun, 24 Dec 2023 08:10:00 -0000

Thanks for joining us again for another episode of a fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Hacking Humans co-host Dave Bittner is joined by Rick Howard in this series where they view clips from their favorite movies and television shows with examples of the social engineering scams and schemes you hear Dave and co-host Joe Carrigan talk about on Hacking Humans. In this episode, Dave and Rick watch some holiday classics, describe the on-screen action for you, and then they deconstruct what they saw. Grab your Christmas cookies and join us for some fantastic scams and frauds.

Links to this episode's clips if you'd like to watch along:

How The Grinch Stole Christmas (2000)
How The Grinch Stole Christmas (Cartoon)
The Greening of the Grinch (magazine)

Reeling in some phishing trends.

Thu, 21 Dec 2023 06:00:00 -0000

Adam Bateman, Co-Founder & CEO at Push Security, is sharing some of the latest phishing trends his team has been observing. Dave and Joe share some listener follow up from Michael, who writes in with a new idea, calling it "eDeception." With the holiday season practically here, Joe shares a story about gift card scams, reminding everyone to be safe this holiday season. Dave's story follows a new iPhone update regarding stolen device protection in an upcoming version of iOS. Our catch of the day comes from listener Van who sent in an audio catch about Spectrum users.

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

chaos engineering (noun) [Word Notes]

Tue, 19 Dec 2023 08:10:00 -0000

The resilience discipline of controlled stress test experimentation in continuous integration/continuous delivery environments, CI/CD environments, to uncover systemic weaknesses.

CyberWire Glossary link: https://thecyberwire.com/glossary/chaos-engineering

Audio reference link: Farnam Street, 2009. Richard Feynman Teaches you the Scientific Method [Website]. Farnam Street. URL https://fs.blog/mental-model-scientific-method/

Shielding your inbox.

Thu, 14 Dec 2023 06:00:00 -0000

Seth Blank, CTO of Valimail, joins to discuss the implications on email security on behalf of DMARC. Joe and Dave share some follow up regarding Meta, who is the parent company to Facebook and Instagram, and how they are now in a lawsuit over steering predators to children in New Mexico. Joe shares how he was almost hacked, as scammers used Peacock to lure him in. Dave's story continues with popular streaming apps being impersonated, this time with Disney+ falling victim. Joe's story follows the U.S. Attorney’s Office, the FBI, and State and Local Law Enforcement Officials sharing another "Don't click December" PSA. Our catch of the day comes from listener Mauricio, who writes in sharing a phishing email, from "PayPal," saying he has an invoice of almost $600.

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: remote access Trojan or RAT (noun)

Tue, 12 Dec 2023 08:10:00 -0000

From the intrusion kill chain model, a program that provides command and control services for an attack campaign. While the first ever deployed RAT is unknown, one early example is Back Orifice made famous by the notorious hacktivist group called “The Cult of the Dead Cow,” or cDc, Back Orifice was written by the hacker, Sir Dystic AKA Josh Bookbinder and released to the public at DEFCON in 1998.

Small, medium, and large phishing trends of 2023.

Thu, 07 Dec 2023 06:00:00 -0000

Mike Price from ZeroFox sits down to discuss what 2023 phishing trends mean for the broader industry as we quickly approach 2024. Dave and Joe share a serious write in from listener Michelle who shares her pleads for her aunt, who she believes is being catfished. Listener Marc also writes in with an email that claims to be from "Walmart," that he is quite suspicious of. Joe's story follows Meta, and how they have designed products to target and harm kids. Dave's story is on bad bots and the dangers they pose with fake businesses that are maximizing their illicit earnings. Our catch of the day comes from listener Konstantin, who shares and email received from scammers claiming to be "McAfee," trying to get payment of almost $600.

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

zero knowledge proof (noun)

Tue, 05 Dec 2023 08:10:00 -0000

A mathematical method by which one party (the prover) can prove to another party (the verifier) that something is true, without revealing any information apart from the fact that this specific statement is true.

CyberWire Glossary link: https://thecyberwire.com/glossary/zero-knowledge-proof

Audio reference link: Staff, 2022. Zero Knowledge Proofs [Video]. YouTube. URL https://www.youtube.com/watch?v=5qzNe1hk0oY

Encore: The age old battle between social engineering and banking.

Thu, 30 Nov 2023 06:00:00 -0000

Chip Gibbons, CISO at Thrive, sits down with Dave to talk about how to defend against social engineering attacks in banking. Dave starts us off this week with a story about Amazon opening up its selling market to Pakistani residents, and what consequences that led to for the organization’s business. Joe's story follows a scam targeting soldiers in the Army. The Army warns against unknown individuals purporting to be noncommissioned officers that are calling said soldiers and asking them for money to fix a "pay problem" and, if questioned, threatening them with a punishment. Our catch of the day comes from listener Manie who writes in about a scam found when trying to download a HDRI (High Dynamic Range Image). The scam involves a fake ad asking for people’s cell phone numbers as soon as they click on a button that reads "download here". Manie shares how after she clicked the ad, she realized the mistake and immediately researched more before proceeding further.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Encore: business email compromise or BEC (noun) [Word Notes]

Tue, 28 Nov 2023 08:10:00 -0000

A social engineering scam where fraudsters spoof an email message from a trusted company officer that directs a staff member to transfer funds to an account controlled by the criminal.

Cops in the catfish game.

Thu, 23 Nov 2023 08:10:00 -0000

Thanks for joining us again for another episode of fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Hacking Humans co-host Dave Bittner is joined by Rick Howard in this series where they view clips from their favorite movies and television shows with examples of the social engineering scams and schemes you hear Dave and co-host Joe Carrigan talk about on Hacking Humans. In this episode, Dave and Rick watch each of the selected scenes, describe the on-screen action for you, and then they deconstruct what they saw. Grab your bowl of popcorn and join us for some fantastic scams and frauds.

Links to this episode's clips if you'd like to watch along:

Dave's clip from the movie: Chicago P.D.
Rick's clip from the movie: The Imitation Game

HIPAA (noun) [Word Notes]

Tue, 21 Nov 2023 08:10:00 -0000

A U.S. law designed to improve the portability and accountability of health insurance coverage.

CyberWire Glossary link: https://thecyberwire.com/glossary/hipaa

Audio reference link: Dr. Dana Brems, 2021. Doctor reacts to “HIPAA violations” [Video]. YouTube. URL https://www.youtube.com/shorts/Ksk00s8a_IU

Unmasking the deceptive.

Thu, 16 Nov 2023 06:00:00 -0000

John Wilson, Senior Fellow, Threat Research at Fortra, joins to discuss email impersonation attacks which found that nearly 99% of these threats can be classified as business email compromise. Dave and Joe share some listener follow up from Terry, who writes in with some comments on episode 262 regarding cybersecurity jargon used. Joe's story comes from a listener this week, this individual writes in sharing the horror story he had to deal with when him and his wife ended up on a target list for scammers. Dave's story follows Elon Musk and Joanna Gaines, co-host of the HGTV show "Fixer Upper," and how they are selling a scam device that claims to lower your electricity bills. Our catch of the day comes from listener William, who writes in sharing an email he received from the"Tampa International Airport Police Department Florida," saying they want to release his fund with the service of DHL Courier Company.

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: man trap (noun) [Word Notes]

Tue, 14 Nov 2023 08:10:00 -0000

A physical security access control device consisting of an enclosed hallway with interlocking doors on each end where both doors can’t be open at the same time. A person presents credentials to the entry doorway. If authorized, the entry door opens and the person walks into the mantrap. The man trap exit door will not open until the entry door closes. The person presents credentials to the exit door. If authorized, the exit door will open. If not, the person is captured in the man trap until security arrives to handle the situation. Physical security leadership installs man traps to separate unrestricted areas from restricted areas, to prevent tailgating by uncleared personnel, and to impede access by unauthorized persons.

Leaving a trail of digital breadcrumbs.

Thu, 09 Nov 2023 06:00:00 -0000

This week we are joined by Harry Maugans from Privacy Bee who sits down to discuss how our digital breadcrumbs, old and new, are coming back to haunt us. Joe and Dave discuss some follow up from listener Phil, who writes in with a question about the safety of IoT and consumer devices. Dave's story follows the ever so popular YouTube, and its implemented measures to prevent users with ad blockers from watching videos. Joe shares a personal story from a friend regarding a scam he had fallen for, where the scammer got personal information and threatened him, asking for $500. Our catch of the day comes from listener John who found a hilarious text conversation on reddit that he just had to share.

Links to the stories:

YouTube's ‘War’ on Adblockers Shows How Google Controls the Internet

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Common Vulnerability Scoring System (CVSS) (noun) [Word Notes]

Tue, 07 Nov 2023 08:00:00 -0000

A qualitative public framework for rating the severity of security vulnerabilities in software.

CyberWire Glossary link: https://thecyberwire.com/glossary/common-vulnerability-scoring-system

Audio reference link: Peter Silva, 2020. What is Common Vulnerability Scoring System (CVSS) [Video]. YouTube. URL https://www.youtube.com/watch?v=rR63F_lfKf0

Weaponizing your out-of-office replies.

Thu, 02 Nov 2023 05:00:00 -0000

James Dyer and Jack Chapman of Egress join to discuss "Cybercriminals don’t take holidays: How bad actors use this two-step phishing campaign to weaponize out-of-office replies." Dave and Joe share some listener follow up from Ron, who has a suggestion about registration specific email accounts. Joe has two stories this week, one where he shares some good news on a scammer who received some justice after taking part in a $66K romance scam. His second story is on social media and how it is a breeding ground for scammers. Dave's story this week follows how Google-hosted malvertising leads to a fake keepass site that looks genuine. Our catch of the day comes from our very own editorial staff who share an interesting email they received from the infamous National Security Department.

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: anagram (noun) [Word Notes]

Tue, 31 Oct 2023 07:00:00 -0000

A word, phrase, or sentence formed from another by rearranging its letters. For example, cracking a columnar transposition cipher by hand involves looking for anagrams.

Spooky, scary, skeletons at the movies. [Hacking humans goes to the movies]

Sun, 29 Oct 2023 07:01:00 -0000

Thanks for joining us again for a very special and scary episode brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Hacking Humans co-host Dave Bittner is joined by Rick Howard in this series where they view clips from their favorite movies and television shows with examples of the social engineering, scams, and schemes you hear Dave and co-host Joe Carrigan talk about on Hacking Humans. In this episode, Dave and Rick watch each of the selected scenes, describe the on-screen action for you, and then they deconstruct what they saw. Grab your bowl of popcorn and join us for some frightfully fantastic scams and frauds.

Links to this episode's clips if you'd like to watch along:

Dave's clip from the movie: Halloween III
Rick's clip from the movie: Get Out

Scams, scams, and more scams.

Thu, 26 Oct 2023 05:00:00 -0000

Mallory Sofastaii, a consumer investigative reporter from WMAR TV, is joining Dave and Joe to discuss some recent scams she's seen in her reporting. Dave and Joe share some listener follow up from Kenneth who writes in with a suggestion on creating separate email addresses. Dave's story this week follows fake browser scams and how one has gotten a face lift, and what it looks like now. Joe's story is on a new term WIRED is calling "obituary pirates," people who create YouTube videos themselves casually reciting information about loved ones deaths. Our catch of the day comes from Joe this week, he shares an email he received from one of his old email addresses.

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Encore: zero-day (adjective) [Word Notes]

Tue, 24 Oct 2023 07:01:00 -0000

A class of software-security-weakness-issues where independent researchers discover a software flaw before the owners of the code discover it. Zero-day, or 0-day in hacker slang, refers to the moment the race starts, on day zero, between network defenders who are trying to fix the flaw before hackers leverage it to cause damage. It is a race because on day zero, there is no known fix to the issue.

Scoring cybersecurity in the NFL.

Thu, 19 Oct 2023 05:00:00 -0000

Joe Oregon, Chief of Cybersecurity at CISA, sits down to discuss the tabletop exercise that CISA, the NFL, and local partners conducted in preparation for Super Bowl LVIII. Joe and Dave share some listener follow up from Rory who wirtes in to talk tin foil hats. Joe's story shares the interesting finds after conducting a cybersecurity survey at ISI. Dave's story follows the 77 year old woman, Marjorie Bloom, who ended up losing over $600,000, her whole lifes savings by falling for a common tech scam. Our catch of the day comes from listener Damien who writes in with an email from the "federal reserve bank of USA" to inform him that he has received a car with $16.7million attached to it and he needs to claim it.

Links to the stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

extended detection response (XDR) (noun) [Word Notes]

Tue, 17 Oct 2023 07:00:00 -0000

A unified security incident detection and response platform that connects to multiple tools in the security stack via APIs, collects telemetry from each, and attempts to correlate that telemetry into a coherent threat picture.

CyberWire Glossary link: https://thecyberwire.com/glossary/extended-detection-and-response

Audio reference link: Film Major. 2022. Enemy of the State (1998) Faraday Cage HD Tony Scott; Will Smith, Gene Hackman Jon Voight [Video]. YouTube. URL https://www.youtube.com/watch?v=n3gy4otg-24

Encore: Ways to make fraud less lucrative.

Thu, 12 Oct 2023 05:00:00 -0000

Brett Johnson, Chief Criminal Officer at Arkose Labs, sits down with Dave to discuss his history & ways to make fraud efforts less lucrative for bad actors. Dave and Joe share some listener follow up from Graham about one way that helps him stay safe against fake URLs. Dave's story is about bomb email attacks, in which someones email is spammed with hundreds to thousands of emails in hopes of hiding important information contained in one of the thousands of emails, perhaps from a financial institute. Joe's story is on how the FBI is warning the public to beware of tech support scammers and how they are targeting financial accounts using remote desktop software. Our catch of the day comes from listener Norman, who shares a story about how his Steam account got hijacked and how a hacker impersonating a Steam employee was trying to help him.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Encore: social engineering (noun)

Tue, 10 Oct 2023 05:00:00 -0000

The art of convincing a person or persons to take an action that may or may not be in their best interests. Social engineering in some form or the other has been around since the beginning of time. The biblical story of Esau and Jacob might be considered one of the earliest written social engineering stories. As applied to cybersecurity, it usually involves hackers obtaining information illegitimately by deceiving or manipulating people who have legitimate access to that information. Common tactics involve phishing attacks and watering hole attacks.

Encore: Is inflation affecting the Dark Web?

Thu, 05 Oct 2023 05:00:00 -0000

Dov Lerner, a Security Research Lead from Cybersixgill, sits down with Dave to discuss how inflation hasn't affected the Dark Web, including how the cratering of cryptocurrency may have affected things. Joe and Dave share some follow up from listener Pelle, who writes in about their grandmother who was scammed over the phone for her PIN, among other information, allowing the scammers to get away with much more than money. This week, Joe's story comes from a listener named Kyle, who shared an article about protecting against AiTM (adversary-in-the-middle) phishing techniques that bypass multi-factor authentication. Dave's story is about a new video being released that shares the most common WhatsApp scams and how to avoid them. Our catch of the day comes from listener Vlad, who shares his story regarding an email he received stating he is owed 1 million dollars, and how he's not falling for the scammer’s latest attempt.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

joint cyber defense collaborative (JCDC) (noun) [Word Notes]

Tue, 03 Oct 2023 07:00:00 -0000

A cyber information-sharing U.S. Government organization designed to foster the public-private partnership.

CyberWire Glossary link: https://thecyberwire.com/glossary/joint-cyber-defense-collaborative

Audio reference link: Jen Easterly. 2021. CISA Director Addresses the National Technology Security Coalition [Video]. YouTube. URL https://www.youtube.com/watch?v=ucb1FQXqsao

Stealing your car's identity.

Thu, 28 Sep 2023 05:00:00 -0000

This week our guest is, Sam Crowther, Kasada CEO, he's sharing his team's findings on "Stolen Auto Accounts: The $2 Price Tag on Your Car’s Identity." Joe and Dave share some listener follow up from Steve who writes in sharing an email he thought to be a scam, but turned out it was real. Listener Derek writes in with a question regarding AI and phishing emails. Joe's story comes from Proofpoint as they share their 2023 State of the Phish report. Dave's story follows an email that was sent out saying that the receiver has had a sexually explicit video leaked to an adults-only website, and to remove the video in question from the site, the receiver can send $200. Our catch of the day comes from listener Tony who writes in to share an email he and his school received claiming that the person who sent the email found pornographic material on the schools website.

Links to follow-up and stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Encore: penetration test (noun) [Word Notes]

Tue, 26 Sep 2023 07:00:00 -0000

The process of evaluating the security of a system or network by simulating an attack on it. Sometimes called "ethical hacking" or white hat hacking. The phrase started to appear in U.S. military circles in the mid 1960s as time sharing computers became more necessary for daily operations. Computer security experts from Rand Corporation began describing computer compromises as “penetrations.” By the early 1970s, government leaders formed tiger teams of penetration testers to probe for weaknesses in various government systems.

Rooting vs routing. [Hacking Humans Goes to the Movies]

Sun, 24 Sep 2023 07:00:00 -0000

Links to this episode's clips if you'd like to watch along:

Dave's clip from the movie: Matchstick Men
Rick's clip from the movie: Mr. Robot

Hackers play the evasion game.

Thu, 21 Sep 2023 05:00:00 -0000

This week our guest is, John Hammond from Huntress and he sits down to talk about spoofing and evasion techniques used by hackers. Dave and Joe share a bit of follow up, including a question form listener John who writes in asking about a passkey discussion in the last episode. Joe has a story from Reddit this week, where someone posted about a dispute they are having with their wedding caterer, where the company is saying the couple still owes them over $5,000 after the wedding has happened for umbrellas, the person posting wants to know what they should do about this argument. Dave's story is from Retool, where they are warning customers after an employee of theirs fell victim to a phishing scheme through SMS. Our catch of the day comes from the University of Alabama department of engineering, where the receiver of a suspicious looking email is being "sued" after owing $300 and not paying it back.

Links to follow-up and stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Cloud Security Posture Management (CSPM) (noun) [Word Notes]

Tue, 19 Sep 2023 07:00:00 -0000

Tools that automate the identification and remediation of cloud misconfigurations.

CyberWire Glossary link: https://thecyberwire.com/glossary/cloud-security-posture-management

Audio reference link: Josh Whedon. 2005. Serenity [Movie]. IMDb. URL https://www.imdb.com/title/tt0379786/

The online dating world is a jungle.

Thu, 14 Sep 2023 05:00:00 -0000

Andrew Hendel, CEO at Marshmallo, joins to share tips to safeguard your feelings and identity in the online dating world. Dave and Joe share some listener follow up from Gareth, who writes in to discuss strange emails he has been receiving. Dave's story follows a woman who was spared jail time after being manipulated by hackers into money laundering. Joe's story is from listener Doug who wrote in to the show to talk about the site he is in charge of and discusses a website he uses called "Buy me a coffee," where his viewers can buy him a coffee, and how he has been experiencing some weird instances with the payment methods of that website. Our catch of the day comes from listener Brandyon who shares an interesting way he was offered to make $600 a week.

Links to follow-up and stories:

Woman 'manipulated' by hackers into money laundering

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Encore: The Bombe (noun) [Word Notes]

Tue, 12 Sep 2023 07:00:00 -0000

An electro-mechanical device used to break Enigma-enciphered messages about enemy military operations during the Second World War. The first bombe–named Victory and designed by Alan Turning and Gordon Welchman– started code-breaking at Bletchley Park on 14 March 1940, a year after WWII began. By the end of the war, five years later, almost 2000, mostly women, sailors and airmen operated 211 bombe machines in the effort. The allies essentially knew what the German forces were going to do before the German commanders in the field knew. Historians speculate that the effort at Bletchley Park shortened the war by years and estimate the number of lives saved to be between 14 and 21 million.

Passkeys: consumer-friendly password killers?

Thu, 07 Sep 2023 05:00:00 -0000

Guest Chris Sherwood, owner of Crosstalk Solutions, joins Dave to talk about passkeys. Joe shares some listener follow-up about "revert" and side-loading applications on Android phones. Joe's story came from a listener named Kyle who sent this as a Catch of the Day (COTD) about a phishing scam email conversation about event sponsorship. Dave discusses something he saw on Mastodon from user Bjorn about some fraudulent bank charges and stopping a scam in process. Our COTD is from listener Alec about a potential dating scam offering over Instagram.

Links to follow-up and stories:

Follow-up on side-loading applications (Note, we do not recommend you install any of these applications.)
Mastodon thread about social engineering involving fraudulent banking charges.
Chris Sherwood's passkey explainer video on YouTube
Passkeys directory website

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

single sign-on (SSO) (noun) [Word Notes]

Tue, 05 Sep 2023 07:00:00 -0000

A session and user authentication Zero Trust tactic that allows a user to access multiple applications with one set of login credentials.

CyberWire Glossary link: https://thecyberwire.com/glossary/single-sign-on

Audio reference link: English, J., 2020. What is Single Sign-On (SSO)? SSO Benefits and Risks [Video]. YouTube. URL https://www.youtube.com/watch?v=YvHmP2WyBVY

Exercise caution: online shopping edition.

Thu, 31 Aug 2023 05:00:00 -0000

Oren Koren, CPO and Co-Founder of Veriti, is discussing the need for vigilance and caution when navigating the online shopping landscape. Dave and Joe share quite a bit of listener follow up, one listener writes in for some clarification on the "AI versus AI" episode regarding Google giving their source code so they can do business in China, when in fact it was 2 other companies. Listener Miguel brings our next bit of follow up, he writes in to discuss financial crimes and shares a story based on a story shared on the show. Our last piece of follow up is from listener Will, who shares a way to expand your website links the best way that works for him. Dave's got the story on an Amazon ad in Google search that looks so real, it's been scamming people redirecting visitors to a Microsoft Defender tech support scam that locks up their browser, the one that Dave had to help his father with a couple weeks back. Joe's story follows a Cambridge shed builder who thought he was getting an award, when in fact all he got was a scam. Our catch of the day comes from the European union agency for cybersecurity that received a suspicious looking email from Ebay.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Encore: cross-site scripting (noun) [Word Notes]

Tue, 29 Aug 2023 07:00:00 -0000

From the intrusion kill chain model, a malicious code delivery technique that allows hackers to send code of their choosing to their victim’s browser. XSS takes advantage of the fact that roughly 90% of web developers use the JavaScript scripting language to create dynamic content on their websites. Through various methods, hackers store their own malicious javascript code on unprotected websites. When the victim browses the site, the web server delivers that malicious code to the victim’s computer and the victim’s browser runs the code.

Hunting the hackers.

Thu, 24 Aug 2023 05:00:00 -0000

Selena Larson and Tim Utzig discussing research titled "Twitter Scammers Stole $1,000 From My Friend—So I Hunted Them Down." Joe and Dave share a bit of follow up this week, they discuss Hawaii fire scams, and listener Steve writes in regarding some comments about the recent scammer quiz Joe and Dave took, lastly listener John writes in and shares his thoughts on a discussion a couple weeks ago regarding Google Maps. Joe has two stories this week, one is regarding how Joe was close to being scammed by a fake website, the second story is from listener George who wrote in this week sharing about the Bank of Ireland and the latest banking scam causing a technical issue tricking people into thinking they had money, when they really didn't. Dave's story is from the FBI, on a new scam where people are being tricked through mobile beta-testing applications. Our catch of the day comes from listener Richard, who writes in with "a new tip on Crypto."

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Encore: credential stealing (verb) [Word Notes]

Tue, 22 Aug 2023 07:00:00 -0000

From the intrusion kill chain model, the first part of an exploitation technique where the hacker tricks their victims into revealing their login credentials. In the second part of the technique, hackers legitimately log into the targeted system and gain access to the underlying network with the same permissions as the victim. Hackers use this method 80% of the time compared to other ways to gain access to a system like developing zero day exploits for known software packages. The most common way hackers steal credentials is with some version of a phishing attack.

AI versus AI.

Thu, 17 Aug 2023 05:00:00 -0000

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

two-factor authentication (noun) [Word Notes]

Tue, 15 Aug 2023 07:00:00 -0000

An authentication process that requires two different factors before granting access.

CyberWire Glossary link: https://thecyberwire.com/glossary/two-factor-authentication

AI: A battle between heroes and villains.

Thu, 10 Aug 2023 05:00:00 -0000

Dave Baggett from INKY joins Dave to dive into the latest phishing trends and discuss a broader view of how AI is being used by both the good guys and the bad guys. Joe's story this week dives into the APT with an entirely too cool name, Midnight Blizzard, that has been conducting targeted social engineering towards the popular Microsoft Teams. Dave's story this week follows a Facebook Market user who dodged one scam, just to fall right back into another one. Our catch of the day comes from listener Mauricio who writes in an shares a funny voicemail regarding a "potential W-2 refund."

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Encore: phishing (verb) [Word Notes]

Tue, 08 Aug 2023 07:00:00 -0000

From the intrusion kill chain model, the delivery of a “lure” to a potential victim by pretending to be some trustworthy person or organization in order to trick the victim into revealing sensitive information. According to Knowbe4, the word “phishing” first appeared in a Usenet newsgroup called AOHell in 1996 and some of the very first phishing attacks used AOL Instant Messenger to deliver fake messages purportedly from AOL employees in the early 2000s. The word is part of l33tspeak that started in the early days of the internet (1980s) as a shorthand to let readers know the author was part of the hacker community. In this case, the letters “ph” replace the letter “f” in the word fishing, as in “I fish, with an ‘f,’ for bass in the lake.” In hacking, “I Phish, with a ‘ph,’ for login credentials from key employees at my target’s organization.

Are you pretending to be Russian? [Hacking humans goes to the movies]

Sat, 05 Aug 2023 07:00:00 -0000

Links to this episode's clips if you'd like to watch along:

Dave's clip from the movie: HEARTBREAKERS
Rick's clip from the movie: Star Trek: The Wrath of Khan
Dave's Second clip: Russian Restaurant
Dave's Third clip: Funny scene 3

Privacy matters when it comes to ChatGPT.

Thu, 03 Aug 2023 05:00:00 -0000

Raj Ananthanpillai from Trua joins Dave to discuss privacy concerns and what you shouldn't share with ChatGPT. Dave and Joe share some listener follow up from Clayton who shares some comments on a previous episode where Dave discusses bomb threats to retail stores for ransom. Dave's story follows Google rapidly trying to correct bogus airline phone numbers that were discovered this week. Joe's story is on an Android app called "Spyhide" which is a phone surveillance app, that has been collecting private phone data from tens of thousands of Android devices around the world. Our catch of the day is from listener Isak who writes in to share a comedic spam email he received.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

iCloud keychain (noun) [Word Notes]

Tue, 01 Aug 2023 07:00:00 -0000

A cloud based sensitive information management system that allows users access across multiple devices.

CyberWire Glossary link: https://thecyberwire.com/glossary/icloud-keychain

Audio reference link: Ellen’s Tips For iOS, 2022. How To Master iCloud Keychain to Keep Your Passwords Safe and Secure [Video]. YouTube. https://www.youtube.com/watch?v=Tl3E29iUvgE

Reducing risk in the cyber community.

Thu, 27 Jul 2023 05:00:00 -0000

Perry Carpenter joins Dave to discuss his book "The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer." Joe and Dave share some listener follow up on messing with scammers, and how dangerous that actually can be. Joe's story follows hackers trying to steal your secrets using infected USB drives. Dave's story is on a tech executive and how they fell victim to a dating site scam, where the perpetrator was able to gain $450,000 from someone who just thought they found their soulmate. Our catch of the day this week comes from listener Ryan, who writes in sharing a renew license scam from New Zealand, with a carefully crafted email, made to look like the real thing.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Encore: darknet (noun) [Word Notes]

Tue, 25 Jul 2023 07:00:00 -0000

A subset of the internet where communications between two parties or client-server transactions are obscured from search engines and surveillance systems by layers of encryption. The U.S. Navy designed the original Darknet by developing The Onion Router network, or TOR, back in the 1990s. Roger Dingledine and Nick Mathewson deployed the first alpha implementation in 2002 with some initial funding by the Electronic Frontier Foundation (EFF.) The TOR Project became a non-profit in 2006 and is funded by the U.S, Sweden, different NGOs, and individual sponsors.

Barking up the wrong Facebook page.

Thu, 20 Jul 2023 05:00:00 -0000

Mallory Sofastaii, consumer investigative reporter from WMAR TV, is discussing animal rescue organizations on Facebook pages being taken over by hackers. Listener George writes in to share how his bank is not doing enough to protect against fraud going on. Dave's story follows scammers using new tricks, across the nation, to receive bitcoin and gift cards after threatening stores with bomb scares. Joe has the story on Chinese hackers that have targeted the Commerce Secretary Gina Raimondo and other State and Commerce Department officials. Our catch of the day comes from listener Steve who shares a fishy looking email stating that he is going to be the beneficiary to "Thirty Nine Nine million, eight hundred thousand dollars."

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Encore: rogue access point (noun) [Word notes]

Tue, 18 Jul 2023 07:00:00 -0000

1. A wireless access point installed by employees in an office or data center environment as a convenience to connectivity without the consent or the knowledge of the network manager. 2. A wireless access point, sometimes called an Evil Twin, installed by a cyber adversary in or near an office or data center environment designed to bypass security controls, gain access, and/or surveil the network traffic of the victim’s network. Both kinds, the employee installed and the adversary installed rogue access points, increase the attack surface of the organization. The employee installed device, because of its electronic footprint range, might make it easier for hackers and mischief makers outside of the organization’s network to bypass the corporate security controls and gain access without permission. The adversary installed device is designed specifically to bypass the security controls of the target network.

Encore: The rise in fraudulent online content.

Thu, 13 Jul 2023 05:00:00 -0000

Guest Jane Lee, Trust and Safety Architect from Sift joins Dave to discuss the rise of fraudulent online content and fake crypto platforms. Dave and Joe share some listener follow up regarding the debate over "mum" versus "mom" and who speaks which pronunciation more. Dave has two stories this week, one story follows a Twitter thread about a man who shared his story about selling a desk on Facebook and the dangers that come with that. His second story is about how hackers are using a clever new phishing technique to create email threads with multiple responses to trick potential victims into thinking bogus messages are legitimate. Joe shares the story of hackers new way to get information positioning themselves in the middle of your browser between the server and your computer. Our catch of the day has a little bit of everything from Peter who writes in about an email he received pulling out all the stops to get him to give over his information.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Encore: NMAP (noun) [Word Notes]

Tue, 11 Jul 2023 07:00:00 -0000

A network mapping tool that pings IP addresses looking for a response and can discover host names, open communications ports, operating system names and versions. Written and maintained by Gordon Lyon, a.k.a. Fyodor, it is a free and open source software application used by both system admins and hackers alike and has been a staple in the security community for well over two decades.

CyberWire Glossary link: https://thecyberwire.com/glossary/nmap

Indicators to insider threats.

Thu, 06 Jul 2023 05:00:00 -0000

Our UK correspondent Carole Theriault is talking with London insurance market CISO Thom Langford about insider threats. Joe and Dave share some listener follow up from Waldo who writes in to share a video explaining how bad guys are able to hack users. Joe shares a report from Verizon, one of the industries leading phone companies, about social engineering. Dave's story follows a gentleman who was able to steal one million dollars from at least 700 DoorDash drivers, and now police are warning against this sophisticated phishing scam. Our catch of the day comes from listener Ami who writes in to share her victory in catching a scammer after receiving a weird voicemail from a so called police officer.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Encore: Diamond Model (noun) [Word Notes]

Tue, 04 Jul 2023 07:00:00 -0000

CyberWire Glossary link: https://thecyberwire.com/glossary/diamond-model

Audio reference link: “Diamond Presentation v2 0: Diamond Model for Intrusion Analysis – Applied to Star Wars’ Battles,” Andy Pendergrast and Wade Baker, ThreatConnect, YouTube, 4 February 2020.

Beware ChatGPT curious: Fleece-ware chabot apps.

Thu, 29 Jun 2023 05:00:00 -0000

Guest Sean Gallagher, Principal Researcher with Sophos Xops team, joins us to discuss "'FleeceGPT' mobile apps target AI-curious to rake in cash. Joe shares some listener feedback from Jon about "No Stupid Questions" podcast. Dave's story is from Reddit about a free piano scam. Joe's got a story on a woman pleading with her bank to stop a fake wire transfer, but they were too busy. Our Catch of the Day comes from Rob about a fake student loan help ticket.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

CISA (noun) [Word Notes]

Tue, 27 Jun 2023 14:39:34 -0000

A US Department of Homeland Security agency tasked with supporting cyber and physical security for US critical infrastructure.

CyberWire Glossary link: https://thecyberwire.com/glossary/cybersecurity-and-infrastructure-security-agency

Audio reference link: CISA, 2021. CISA Director Jen Easterly’s Keynote at Black Hat USA 2021 [Video]. YouTube. URL https://www.youtube.com/watch?v=q7bu-L-m4K4.

spam (noun) [Word Notes]

Tue, 27 Jun 2023 07:00:00 -0000

Unsolicited, unwanted, and sometimes malicious electronic messages indiscriminately transmitted to a large number of people.

CyberWire Glossary link: https://thecyberwire.com/glossary/spam

Audio reference link: zumpzump, 2007. Monty Python - Spam [Video]. YouTube. URL https://www.youtube.com/watch?v=anwy2MPT5RE.

Risky chat applications.

Thu, 22 Jun 2023 05:00:00 -0000

Toby Pischl, Head of Information & Email Security at Broadcom, sits down with Dave to discuss how Slack and Microsoft Teams phishing is an open door into businesses. Joe and Dave share some follow up regarding a case of a woman claiming to have cancer to receive over $37,000 from donors on GoFundMe. Joe has the terrible story out of Michigan where a high schooler committed suicide after a sextortion scam. Dave has a story on job seekers around the country and how likely they are to fall for a job scam. Our catch of the day comes from listener Albert, who writes in regarding the German phishing emails he keeps receiving.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

CISA (noun) [Word Notes]

Tue, 20 Jun 2023 07:00:00 -0000

A US Department of Homeland Security agency tasked with supporting cyber and physical security for US critical infrastructure.

CyberWire Glossary link: https://thecyberwire.com/glossary/cybersecurity-and-infrastructure-security-agency

Audio reference link: CISA, 2021. CISA Director Jen Easterly’s Keynote at Black Hat USA 2021 [Video]. YouTube. URL https://www.youtube.com/watch?v=q7bu-L-m4K4.

Replier attacks: the latest tool in a hacker's arsenal.

Thu, 15 Jun 2023 05:00:00 -0000

This week, Jeremy Fuchs from Avanan joins Dave to discuss how hackers are using replier attacks. Replier attacks are attacks in which hackers change the reply-to address to send emails from what appears to be a reputable company, when in reality it's a spoofed account. Joe and Dave share some follow up from listeners Wayne who writes in with some comments on episode 245, and listener Michael, who writes about his first ChatGPT experience. Dave's story follows the alarming new trend happening, where sextortionists are making AI nudes from people's social media images. Joe's story uncovers the social engineering trick hackers use from their personal scammers handbook. Our catch of the day comes from listener Tim, who shares a message from a "dear friend."

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

dumpster diving (noun) [Word Notes]

Tue, 13 Jun 2023 07:00:00 -0000

The act of searching through an organization's trash for discarded sensitive material.

CyberWire Glossary link: https://thecyberwire.com/glossary/dumpster-diving

Audio reference link: “Better Call Saul jimmy digs in the Sandpiper trash scene,” uploaded by Robert Bowersock, 18 September 2022.

Criminals...assemble! [Hacking humans goes to the movies]

Sun, 11 Jun 2023 07:00:00 -0000

Links to this episode's clips if you'd like to watch along:

Dave's clip from the movie: Ocean's 8
Rick's clip from the movie: Avengers Endgame

The rise of ChatGPT: A look into the future of chatbots.

Thu, 08 Jun 2023 05:00:00 -0000

This week, our CyberWire UK Correspondent Carole Theriault is talking with Paul Ducklin from Sophos about where ChatGPT could be going in the future. Joe and Dave share quite a bit of follow up from listeners, discussing several people writing in about dating apps and the men who use them, along with a question from listener Bryan who asks about an email scheme an intern working for his company received. Joe's story hones in on AI, discussing in particular how artificial intelligence is changing the social engineering game forever. Dave has the story on how hackers hide malicious links within pictures to redirect users to phishing sites. Our catch of the day comes from listener Cyrus, who shares an email they received about benefits with a hilarious twist.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

SEO poisoning (noun) [Word Notes]

Tue, 06 Jun 2023 07:00:00 -0000

The manipulation of search engine optimization, SEO, to promote malicious sites in search engine results.

CyberWire Glossary link: https://thecyberwire.com/glossary/search-engine-optimization-poisoning

Audio reference link: Brown, B.E., 2021. The Ending Of The Waldo Moment Explained [Video]. YouTube. URL https://www.youtube.com/watch?v=HsWja44-EMg.

Are you who you say you are?

Thu, 01 Jun 2023 05:00:00 -0000

Bala Kumar of Jumio joins to discuss how travel companies can combat the exponential rise in fraud and ensure their traveler is who they say they are. Dave and Joe share some listener follow up, with the first from Matt, who writes in with a strange Dick's Sporting Goods story about gift cards and credit cards. Our second follow up comes from listener King, who writes in regarding the QR discussion in episode 243. Dave's story follows how almost every US state has sued a telecom company after being accused of routing billions of illegal robocalls to millions of US residents on the do not call list. Joe's story is about a family losing $730,000 in a wire fraud scam, but with a twist ending. Our catch of the day comes from listener William, who writes in with an email laced with so much fraud, Gmail didn't even want Joe to open it to read it for this episode.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

passkey (noun) [Word Notes]

Tue, 30 May 2023 07:00:00 -0000

A passwordless authentication protocol based on the FIDO2 standard.

CyberWire Glossary link: https://thecyberwire.com/glossary/passkey

Audio reference link: Summers, J., 2023. Google Passkeys Have Arrived (here’s how to use them) [All Things Secured Channel]. YouTube. URL https://www.youtube.com/watch?v=oFO7JgUx-bU.

catfish (noun) [Word Notes]

Tue, 30 May 2023 05:00:00 -0000

The practice of crafting a fake online persona for malicious purposes.

CyberWire Glossary link: https://thecyberwire.com/glossary/catfish

Audio reference link: netbunny, 2013. Catfish - The Movie - Ending Scene [Movie Scene]. YouTube. URL https://www.youtube.com/watch?v=qR_NIN6zy0U

Bringing in the human side of scamming.

Thu, 25 May 2023 05:00:00 -0000

Nick Percoco from Kraken sits down to discuss the human factor of crypto scams, including going over common red flags and what to do when a third party is exerting pressure that taps into a human emotions. Listener Sean writes in with some follow up to discuss the increase in AI scams and if people would be more likely to talk about falling for these scams as AI becomes better and better. An anonymous listener also reached out with some follow up regarding there experience with corporate ID theft. Joe's story follows the report on "dark patterns," and what they are. Dave's story is on people who got hired as customer service reps, but instead helped lure in lonely and lovestruck through a network of dating and hookup sites. Our catch of the day comes from listener Gareth who shares his catch of a phishing scheme from the "NSA."

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

QR code phishing (noun) [Word Notes]

Tue, 23 May 2023 07:00:00 -0000

A type of phishing attack that uses QR codes as the lure.

CyberWire Glossary link: https://thecyberwire.com/glossary/qr-code-phishing

Audio reference link: KNR, 2018. Batman The Dark Knight Joker bomb blast by phone calls scene [Video]. YouTube. URL https://www.youtube.com/watch?v=qB_fXfzB4z0.

Who says the perfect heist doesn't exist? [Hacking Humans Goes to the Movies]

Sun, 21 May 2023 05:00:00 -0000

Links to this episode's clips if you'd like to watch along:

Dave's clip from the movie Out of Sight
Rick's clip from the movie The Thomas Crown Affair

Data privacy in a consumers world.

Thu, 18 May 2023 05:00:00 -0000

Our guest, Mark Kapczynski from OneRep, joins Dave to discuss what consumers should know about data privacy. Listener Jon writes in to the show with some follow-up with some thoughts on tap interface. Another anonymous listener wrote into the show discussing ethical hacking. Dave's story is on fake QR codes and how people are getting scammed out of money after receiving a fake QR code parking ticket survey. Joe's story follows an attempted attack at Dragos and what they didn't get. Our catch of the day comes from listener Richard who writes in with a fun scam he caught from the "Marine Corps."

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

attribution (noun) [Word Notes]

Tue, 16 May 2023 07:00:00 -0000

Definition one: The recognition of a set of repeatable attack patterns across the intrusion kill chain.

Definition two: Determining the responsibility for offensive cyber operations.

CyberWire Glossary link: https://thecyberwire.com/glossary/attribution

Audio reference link: Nunnikhoven, M., 2018. Cybersecurity Basics #9 - Attack Attribution [Video]. YouTube. URL www.youtube.com/watch?v=rlyMz5jN_Vs

Remedies for infectious computers.

Thu, 11 May 2023 05:00:00 -0000

Our guest, CW Walker, Director of Security Product Strategy at SpyCloud, joins to discuss post-infection remediation and ransomware defense. Joe compliments one of his least favorite big tech companies. Joe and Dave share quite a bit of follow-up; one from listener Clayton who writes in about “fast idiots” from a previous episode. The other is from listener Robert, who writes in about the wallet versus smart phone debate, and which is safer. Joe shares a few stories this week, all regarding ATM scams and lost or stolen credit cards including his own sons ATM nightmare. Dave's scary story is on the latest hot topic in the cyber industry: AI, and how families are being scammed by believable voice AI to sound like loved ones. Listener Michael shares this week's catch of the day on an IRS scam he came across in his email.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

spear phishing (noun) [Word Notes]

Tue, 09 May 2023 07:00:00 -0000

A type of cyber attack where an attacker sends a targeted and personalized email or other form of communication to a specific individual or a small group of individuals with the intention of tricking them into divulging sensitive information, such as a password, or convincing them to click a malicious link that will enable the attacker to take control of the victim's machine.

CyberWire Glossary link: https://thecyberwire.com/glossary/spearphishing

Audio reference link: Richardson, T., 2014. What is the difference between phishing and spear-phishing? [Video]. YouTube. URL www.youtube.com/watch?v=Wpx5IMduWX4.

Encore: Human errors and why they're made.

Thu, 04 May 2023 05:00:00 -0000

Josh Yavor, CISO at Tessian, joins Dave to discuss a new report they released on cyber mistakes and why employees make them. Joe and Dave share a listener follow-up from Jon, who writes in about mental illness, a serious epidemic taking over the nation. Jon shares interesting tidbits on social media linking to mental illness and the impact it's creating. Dave's story is on hackers trying an old trick with new mechanics: impersonating well known companies. This time, hackers are posing as Quickbooks. Joe's story describes how LinkedIn users are being targeted yet again. These fraudsters are now creating significant threats to users, according to the FBI. Finally, our catch of the day comes from listener Jennifer, who writes in and shares her story of a scammer using SMS to tell her that her Venmo account was hacked, even though she does not have one.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

resiliency (noun) [Word Notes]

Tue, 02 May 2023 07:00:00 -0000

The ability to continuously deliver the intended outcome despite adverse cyber events.

CyberWire Glossary link: https://thecyberwire.com/glossary/resiliency

Audio reference link: Cameron, J., 1984. The Terminator [Movie]. IMDb. URL www.imdb.com/title/tt0088247/.

Clip Nation, 2012. The Arnold Schwarzenegger “I’ll Be Back” Supercut [Video]. YouTube. URL www.youtube.com/watch?v=-YEG9DgRHhA.

Coops, C., 2013. Terminator 2 Theme [Video]. YouTube. URL www.youtube.com/watch?v=pVZ2NShfCE8.

Is the industry ready for AI?

Thu, 27 Apr 2023 05:00:00 -0000

This week, Carole Theriault, CW UK correspondent, sits down with Cisco Talos' Vanja Svacjer discussing if the security industry is ready for AI. Joe and Dave share some follow up regarding a new term, "yahoo boy" after reading it in an article. Joe's follows a story about a scam where five mastermind business men were able to scam ordinary investors out of a billion dollars. Dave's story is on a basic iPhone feature that is helping criminals steal your entire digital life. Our catch of the day comes from William who writes in about an email he received from "Bob William" who shares that he works at a law firm and one of his clients has an insurance policy where his client did not write a will. Bob wants to share the amount of $12,820,000 with charity and then split the rest of the funds.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Security Operations Center (SOC) (noun) [Word Notes]

Tue, 25 Apr 2023 07:00:00 -0000

A centralized facility or team responsible for monitoring, detecting, analyzing, and responding to cybersecurity incidents within an organization.

CyberWire Glossary link: https://thecyberwire.com/glossary/security-operations-center

Audio reference link: AT&T Tech Channel, 2012. A tour of AT&T’s Network Operations Center (1979) [Video]. YouTube. URL www.youtube.com/watch?v=cigc3hvMyWw.

Lazarus Group: Breaking down the evolution.

Thu, 20 Apr 2023 05:00:00 -0000

This week, our guests are Jean Lee and Geoff White from BBC and the Lazarus Heist talking about what is coming up in Season 2 of their show and how the Lazarus Group is evolving. Joe briefly discusses Generative AI before going into his stories for this week. Joe's first story comes from Lauren Jackson from WBRC who writes in with a disturbing tire scam causing businesses to lose thousands. Joe's second story is from David Sentendrey from KDFW, who shares a story about a woman who fell victim to a romance scam loosing $75,000. Daves story follows a casino scam in Colorado, which was the largest heist in the states history. Our catch of the day comes from listener Morten who received a confusing message regarding an inheritance payment fund.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Hunt forward operations (noun) [Word Notes]

Tue, 18 Apr 2023 07:00:00 -0000

Defensive cyber operations carried out by U.S. Cyber Command's Cyber National Mission Force, CNMF at the request of allied nations.

CyberWire Glossary link: https://thecyberwire.com/glossary/hunt-forward-operation

Audio reference link: Paul Nakasone, G., 2022. Vanderbilt Summit Keynote [Video]. YouTube. URL www.youtube.com/watch?v=Axg4s9l9wi0.

Inside the history of a child hacker.

Thu, 13 Apr 2023 05:00:00 -0000

Paul Dant, Illumio's Senior Director for Cybersecurity Strategy and Research, is sharing how his history as a child hacker informed his thinking today. Joe and Dave share some listener follow up from Anthony, who writes in about a scam from the app Nextdoor, regarding scammers trying to upgrade Xfinity customers using their computers rather than the usual method, which throws up red flags. Dave's story this week follows a principal from a Florida science and technology charter school who mistakenly wrote a check for $100,000 to an Elon Musk impersonator. Joe's story is on email compromise, and the increase we have seen in the last several months, including an "increase in ‘novel social engineering attacks’ across thousands of active Darktrace/Email customers from January to February 2023." Our catch of the day comes from listener JP, who writes in regarding a suspicious looking email they received from "Norton" saying they will increase the price of their service being used.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Cyber gravity (noun) [Word Notes]

Tue, 11 Apr 2023 07:00:00 -0000

The invisible force that governs the movement of data across networks.

Audio reference link: “Things to Come 1936 - HG Wells.” YouTube, YouTube, 28 Sept. 2011, https://www.youtube.com/watch?v=atwfWEKz00U.

As a scammer, sometimes you need to fake it till you make it. [Hacking Humans Goes to the Movies]

Sun, 09 Apr 2023 07:00:00 -0000

Links to this episode's clips if you'd like to watch along:

Dave's clip from the movie The Princess Bride
Rick's clip from the movie Now You See Me 2

Protecting against financial cybercrimes.

Thu, 06 Apr 2023 05:00:00 -0000

Keith Houston, Chief prosecutor in financial cybercrimes at Harris County District Attorney's Office in Houston, TX, shares some scams that have come through his office and advice on how to protect yourself. Dave and Joe share some follow up from listener Nevile, who writes in about a news story he came across regarding pendrive bombs, wondering what do you do if you're a reporter and someone sends you a scoop in a pendrive? Joe has two stories regarding AI, and how scammers were able to use AI software to clone voices the victims would recognize and then con them out of thousands of dollars. Dave's story is on a new report stating that the most common combosquatting keyword is support. Our catch of the day comes from listener Shawn who writes in sharing an email they received from their companies HR team warning them of a suspicious package that has been circulating around the office.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

Artificial Intelligence (AI) (noun) [Word Notes]

Tue, 04 Apr 2023 07:00:00 -0000

The ability of computers to execute tasks typically associated with human intelligence, including natural language processing, problem solving, and pattern recognition.

CyberWire Glossary link: https://thecyberwire.com/glossary/ai

Audio reference link: Staff, 2016. Alan Turing - The Imitation Game - Can Machines Think? [YouTube Video]. Learn Understand Create. URL www.youtube.com/watch?v=Vs7Lo5MKIws.

Seeking employment fraud?

Thu, 30 Mar 2023 05:00:00 -0000

Kathleen Smith, CMO from ClearedJobs.Net sits down with Dave to talk about how job seekers are susceptible to employment fraud. Joe and Dave share some listener follow up from Steve, who writes in to share a scary and frustrating story as hackers were able to scam their way into his and his wife’s Verizon Wireless account. Dave's story follows giveaway scams, which are scams that impersonate celebrities and brands, most notably Elon Musk and the companies he is associate with, to try and get victims to believe they have won a large sum of cryptocurrency. Joe's story is on a scary development in the AI world, regarding family emergency scams. Scammers are now using AI to enhance the believability. Our catch of the day comes from a listener named Jim who writes in about a scam he came across in his spam folder from a "Sgt. Nolla E. Donald" who wants to give him millions of dollars to keep safe while she fights over in Iraq.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

Certification (noun) [Word Notes]

Tue, 28 Mar 2023 07:00:00 -0000

A credential demonstrating an individual's knowledge in the field of cybersecurity, usually obtained by passing an exam or series of exams.

CyberWire Glossary link: https://thecyberwire.com/glossary/certification

Audio reference link: Bombal, D., 2022. Are certifications important in Cybersecurity? [Video]. YouTube. URL www.youtube.com/watch?v=Zdgf_Wr82rs.

Fingerprinting fights off fraud? [Hacking Humans Goes to the Movies}

Sun, 26 Mar 2023 07:00:00 -0000

Links to this episode's clips if you'd like to watch along:

Dave's clip from the movie I dream of Jeannie
Rick's clip from the movie Ant Man

Do you have curtains on your house?

Thu, 23 Mar 2023 05:00:00 -0000

On this episode, the CyberWire's UK Correspondent Carole Theriault talks with Iain Thomson from the Register about why he has no IoT in his house and what advice he offers for those who do. Joe's story features ten social engineering techniques. Dave has a story starts with an order by the FTC against Epic Games for tricking users to make in-game purchases in Fortnite using dark patterns. Our Catch of the Day comes from listener Lauren sharing a phishing attempt at her company where the scammers obviously did their homework on who to contact in the organization.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

Network slicing (noun) [Word Notes]

Tue, 21 Mar 2023 07:00:00 -0000

A technique used to create virtual networks within a shared physical network infrastructure.

CyberWire Glossary link: https://thecyberwire.com/glossary/network-slicing

Audio reference link: Whitehead, D.N., 2021. 5G Smart Networks Part 1: Network Slicing [Video]. YouTube. URL www.youtube.com/watch?v=dCt3rYODZ7g.

Changing the face of identity.

Thu, 16 Mar 2023 05:00:00 -0000

Eric Olden, Chief Executive at Strata, sits down with Dave to discuss the changing face of identity; where we’ve been, where are going, and the bumps along the way. Dave and Joe share some listener follow-up from Michael, who writes in about advertisements on YouTube and other social networks claiming magical results. Dave's story follows a new tool released by the National Center for Missing and Exploited Children (NCMEC) to help with slow and stop the spread of sextortion of minors. Joe's story is on a LinkedIn post by Gary Warner regarding why we have so much fraud. Our catch of the day is from listener Shon, who writes in about an email they received about “Meta Resources Recruiter” informing them of an open “CISO Lead role.”

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

Device trust (noun) [Word Notes]

Tue, 14 Mar 2023 07:00:00 -0000

The process of verifying that a device is known, secure, and uncompromised before allowing it to connect to a network or access resources.

CyberWire Glossary link: https://thecyberwire.com/glossary/device-trust

Audio reference link: “Favorite Scene of Alan Rickman from Die Hard.” YouTube, YouTube, 14 Jan. 2016, https://www.youtube.com/watch?v=mklnXM3LIXo.

Encore: Scams in the media.

Thu, 09 Mar 2023 06:00:00 -0000

Mallory Sofastaii from Baltimore's WMAR 2 News sits down with Joe to talk about some recent stories on scams she's covered on Matter for Mallory. Dave and Joe share some listener follow up from Robert who writes in about the technical means to protect phones from robocalls. He shares some insight on how carriers up in the north are able to protect phones. Dave shares a twitter thread from Brian Jay Jones, who is an author of biographies of Jim Henson, George Lucas and Dr. Seuss, who shares how he would have almost had his Twitter account hijacked if it weren't for 2-step verification. Joe's story is on a gentleman pleading guilty in PAC scams, raising almost 3.5 million by making false and misleading representations in the 2016 election. This week we have a string of catch of the days from different listeners sharing different SMS scams.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

ZTNA (noun) [Word Notes]

Tue, 07 Mar 2023 08:00:00 -0000

A technology set design to support the cybersecurity first principle strategy of zero trust, that limits device people and software component access to only designated authorized resources and nothing more.

CyberWire Glossary link: https://thecyberwire.com/glossary/zero-trust-network-access

Audio reference link: “Zero Trust Explained by John Kindervag.” YouTube, YouTube, 2 Oct. 2022, https://www.youtube.com/watch?v=-LZe4Vn-eEo.

Saving the world from cybercrime.

Thu, 02 Mar 2023 06:00:00 -0000

Dan Golden and Renee Dudley, reporters at ProPublica and authors of "The Ransomware Hunting Team: A Band of Misfits' Improbable Crusade to Save the World from Cybercrime," discuss their book. Dave and Joe share some follow up form listener Ignacio who writes in to share thoughts on Joe's preference to using open source options for password managers. Joe's story this week follows Coinbase, who recently had a cybersecurity breach but their cyber controls prevented the attacker from gaining direct system access and prevented any loss of funds or compromise of customer information. Dave's story is on people trying to gain cryptocurrency back after it was hacked and stolen from them, only to wait and receive nothing in the long run. Our catch of the day comes from listener Josh, who writes in about an email he received that stated that his wallet would be suspended if he did not download a verification link.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

GDPR (noun) [Word Notes]

Tue, 28 Feb 2023 08:00:00 -0000

A data privacy legal framework that applies to all countries in the European Union, regulating the transmission, storage, and use of personal data associated with residents of the EU.

CyberWire Glossary link: https://thecyberwire.com/glossary/general-data-protection-regulation

Audio reference link: “Mr. Robot Predicts JPM Coin!” YouTube, YouTube, 14 Feb. 2019, https://www.youtube.com/watch?v=1ee-cHbCI0s.

Password managers and their benefits.

Thu, 23 Feb 2023 06:00:00 -0000

Corie Colliton Wagner from Security.org joins to discuss the company’s research of password manager tools and their benefits, identity theft, and the market outlook for PW managers. Dave and Joe share quite a bit of follow up from listeners Mitch, Neville, and Richard. Mitch writes in to share about gift card scams, and Neville and Richard both share their thoughts on the pros and cons of having a cloud-based password manager. Dave's story is about employees around the globe and their internet habits inside the workplace. Joe's story follows a new release of data from the FTC on romance scams, including the top lies being told by scammers. Our catch of the day comes from listener Gordy, who writes in about an email he received regarding a new position scammers are trying to fill in an open job.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

ChatGPT (noun) [Word Notes]

Tue, 21 Feb 2023 08:00:00 -0000

A conversational language model developed by the company OpenAI.

CyberWire Glossary link: https://thecyberwire.com/glossary/chatgpt

Audio reference link: jeongphill. “Movie - Her, First Meet OS1 (Operation System One, Os One, OS1).” YouTube, YouTube, 29 June 2014, https://www.youtube.com/watch?v=GV01B5kVsC0.

Scamming through generations.

Thu, 16 Feb 2023 06:00:00 -0000

Mathieu Gorge from VigiTrust sits down to discuss the different ways that online attackers target younger and older generations, and what the cybersecurity industry can and should do to protect them. Dave and Joe share some listener follow up from Greg who writes in regarding porch pirates possibly finding a new way to steal packages. In Joe's story this week, we learn that while ransomware was down last year, more and more people are clicking on phishing emails. Dave's story follows Ahad Shams, the co-founder of Web3 metaverse gaming engine startup Webaverse, who ended up getting $4 million of his cryptocurrency stolen. Our catch of the day comes from listener Rodney who writes in about an email he received. The scammers were trying to collect information from him after saying he was already scammed out of money, when in fact he was not.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Man-in-the-Middle (noun) [Word Notes]

Tue, 14 Feb 2023 08:00:00 -0000

A cyber attack technique where adversaries intercept communications between two parties in order to collect useful information or to sabotage or corrupt the communication in some manner.

CyberWire Glossary link: https://thecyberwire.com/glossary/man-in-the-middle-attack

Appearances count in the scam business. [Hacking Humans Goes to the Movies]

Sun, 12 Feb 2023 08:00:00 -0000

Welcome to Season 3 of Hacking Humans Goes to the Movies. Thanks for joining us again for another episode of fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Hacking Humans co-host Dave Bittner is joined by Rick Howard in this series where they view clips from their favorite movies and television shows with examples of the social engineering scams and schemes you hear Dave and co-host Joe Carrigan talk about on Hacking Humans. In this episode, Dave and Rick watch each of the selected scenes, describe the on-screen action for you, and then they deconstruct what they saw. Grab your bowl of popcorn and join us for some fantastic scams and frauds.

Links to this episode's clips if you'd like to watch along:

Dave's clip from the movie Paper Moon
Rick's clip from the movie Catch Me If You Can

A boom of infostealers and stolen credentials.

Thu, 09 Feb 2023 06:00:00 -0000

Keith Jarvis, Senior Security Researcher from Secureworks Counter Threat Unit (CTU), shares his thoughts on the alarming rise of infostealers and stolen credentials. Dave and Joe share some listener follow-up from Ron who writes in about a book, entitled "Firewalls Don't Stop Dragons" by Carey Parker, which he finds as a helpful resource when it comes to cybersecurity. Dave's story follows password management companies and how they might not be as safe as what we presume them to be, most notably the LastPass breach in the last month. Joe has two stories this week, his first on a 19 year old TikToker who was arrested for running a GoFundMe scam while portraying on the popular social media app that she was diagnosed with 3 different types of cancer. Joe's second story is on Marines outsmarting artificially intelligent security cameras by hiding in a clever way that the AI could not recognize. Our catch of the day comes from listener Tim, who writes in about an old scam with a new twist, and how he was able to figure it out.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

NIST (Noun) [Word Notes]

Tue, 07 Feb 2023 08:00:00 -0000

A branch of the US Department of Commerce whose stated mission is to “promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.”

CyberWire Glossary link: https://thecyberwire.com/glossary/national-institute-of-standards-and-technology

Audio reference link: Center, M.I., 2022. 2022 Meridian Summit: Cultivating Trust in Technology with NIST Director Laurie Locascio [WWW Document]. YouTube. URL https://www.youtube.com/watch?v=o43Y9Tk8ZVA (accessed 1.26.23).

A war on commerce.

Thu, 02 Feb 2023 06:00:00 -0000

J. Bennett from Signifyd discusses the fraud ring that has launched a war on commerce against US merchants over the past few months. Joe and Dave share some listener follow up from Jon who writes in about an email he almost fell victim to. Joe shares two stories this week, the first on how scammers were seen posing as tech support at two US agencies in an attempt to hack their employees. Joe's second story is on a woman trying to steal 2.8 million for an elderly Holocaust survivor. Dave's story follows how an ad scam was able to break through over 11 million phones. Our catch of the day comes from husband and wife, Chad and Jen, who write in sharing a scam that Jen almost fell for. An email from "iTunes" confirming a payment of over $100 hit the music lover's inbox that she didn't authorize. The scammers went on to explain the rules behind the payment, making sure to include that if she did not make this purchase to notify them immediately.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

CIRT (noun) [Word Notes]

Tue, 31 Jan 2023 08:00:00 -0000

A team responsible for responding to and managing cybersecurity incidents involving computer systems and networks in order to minimize the damage and to restore normal operations as quickly as possible.

CyberWire Glossary link: https://thecyberwire.com/glossary/cirt

Audio reference link: Avery, B., 2017. 24 TV May 05 Season4 [WWW Document]. YouTube. URL https://www.youtube.com/watch?v=Gq_2xPuqI-E&list=PLGHedLavrFoGsea1ZCHBm9-nK5FdM3_Kd&index=10.

Interview with the AI, part one. [Special Editions]

Sun, 29 Jan 2023 06:00:00 -0000

Cybersecurity interview with ChatGPT.

In part one of CyberWire’s Interview with the AI, Brandon Karpf interviews ChatGPT about topics related to cybersecurity. Rick Howard joins Brandon to analyze the conversation and discuss potential use cases for the cybersecurity community.

ChatGPT is a chatbot launched by OpenAI and built on top of OpenAI’s GPT-3 family of large language models.

Cyber questions answered by ChatGPT in part one of the interview.

What were the most significant cybersecurity incidents up through 2021?
What leads you to characterize these specific events as significant?
What were the specific technical vulnerabilities associated with these incidents?
Who were the cyber actors involved in each of these attacks?
Do you think it's valuable to attribute cyber attacks to specific actors?

Outsmarting the scammers.

Thu, 26 Jan 2023 06:00:00 -0000

Nadine Michaelides from Anima People sits down with Dave to discuss preventing insider threat using behavioral science and psych metrics. Joe and Dave share some follow up regarding a Facebook scammer who is targeting Joe, as well as a letter from listener Richard who write in about business emails and the compromised warning signs they send about dangerous emails coming from outside the company. Dave shares a story about hackers who are setting up fake websites to promote malicious downloads through advertisements in Google search results. Joe's has two stories this week, one is about the latest scam in the parking ticket realm, and the second story follows West Virginia police warning residents of a Walmart scam where the scammer send you a "free 50 dollar Walmart gift card." The catch of the day comes from Penny who writes in about a scam that almost sucked her in through an email from "McAfee."

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

PUP (noun) [Word Notes]

Tue, 24 Jan 2023 08:00:00 -0000

A software program installed unintentionally by a user that typically performs tasks not asked for by the installer.

CyberWire Glossary link: https://thecyberwire.com/glossary/potentially-unwanted-program

Audio reference link: Butler, S., 2022. Potentially Unwanted Programs (PUPS) EXPLAINED [Video]. YouTube. URL https://www.youtube.com/watch?v=5L429Iahbww (accessed 1.6.23).

The front lines of ransomware attacks.

Thu, 19 Jan 2023 06:00:00 -0000

Rohit Dhamankar from Fortra’s Alert Logic joins Dave to discuss the decline in ransomware attacks and lessons learned from the front lines. Dave and Joe share some listener follow up from Keith regarding Dave's story from last episode and how he recognizes the scams being mentioned and offers his opinions on the matter. Joe shares two stories this week, one about his ironclad gift he gave to his wife, with his second story following the buzz surrounding OpenAI, creators of ChatGPT, their new interface for their Large Language Model (LLM) and how it works. Dave's story also follows ChatGPT in a different direction. His story is on the latest popular app and its rise to fame in the app store, now charging users almost 8 dollars to use the AI technology. Our catch of the day comes from listener and friend of the show Joel who writes in about how he was contacted at his place of business by a "DEA agent" who claims Joel was committing malpractice, and if he wanted these charges to go away he would need to pay $2500.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Ransomware (noun) [Word Notes]

Tue, 17 Jan 2023 08:00:00 -0000

Malware that disables a system in exchange for a ransom, usually by encrypting the system's data until the user pays for the decryption key.

CyberWire Glossary link: https://thecyberwire.com/glossary/ransomware

Audio reference link: https://watch.amazon.com/detail?gti=amzn1.dv.gti.d6a9f744-47b0-ac70-aa56-b31fd0f58482&territory=US&ref_=share_ios_season&r=web

The age old battle between social engineering and banking.

Thu, 12 Jan 2023 06:00:00 -0000

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Service Set Identifier (SSID) (noun) [Word Notes]

Tue, 10 Jan 2023 08:00:00 -0000

The name of a wireless access point.

CyberWire Glossary link.

Audio reference link: SSID Management - CompTIA Security+ SY0-401: 1.5, Professor Messer, uploaded August 3rd, 2014.

Leveraging credentials online and off isn't going away.

Thu, 05 Jan 2023 06:00:00 -0000

Guest Eric Levine, Co-founder and CEO at Berbix, joins Dave to discuss identity fraud. Dave and Joe share comments from listener Chris on a series of SMS messages he got from "Wells Fargo." Joe's story previews what is coming for social engineering attacks in 2023 and how to prepare to improve your safety online, while Dave's story is about sextortion scammers in rural India and how they are blackmailing victims. Our catch of the day comes from listener George who's been receiving a lot of scam messages via WhatsApp and how he played along with one of them.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Advanced Encryption Standard (AES) (noun) [Word Notes]

Tue, 03 Jan 2023 08:00:00 -0000

A U.S. Government specification for data encryption using an asymmetric key algorithm.

CyberWire Glossary link: https://thecyberwire.com/glossary/advanced-encryption-standard

Audio reference link: papadoc73. “Claude Debussy: Clair De Lune.” YouTube, YouTube, 6 Oct. 2008.

Sisters, grifters, and shifters. [Hacking Humans Goes to the Movies]

Thu, 29 Dec 2022 08:00:00 -0000

On this episode, Dave and Rick are joined by guest contributor Amanda Fennell. You can find Amanda on Twitter at @Chi_from_afar.

Links to this episode's clips if you'd like to watch along:

Dave's clip from the movie Zombieland
Rick's clip from the movie Traveller
Amanda's clip from the movie The Girl with the Dragon Tattoo

The CyberWire: The 12 Days of Malware.[Special Editions]

Sun, 25 Dec 2022 06:00:00 -0000

Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect!

The 12 Days of Malware lyrics

On the first day of Christmas, my malware gave to me:

A keylogger logging my keys.

On the second day of Christmas, my malware gave to me:

2 Trojan Apps...

And a keylogger logging my keys.

On the third day of Christmas, my malware gave to me:

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the fourth day of Christmas, my malware gave to me:

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the fifth day of Christmas, my malware gave to me:

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the sixth day of Christmas, my malware gave to me:

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the seventh day of Christmas, my malware gave to me:

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the eighth day of Christmas, my malware gave to me:

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the ninth day of Christmas, my malware gave to me:

9 Rootkits rooting...

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the tenth day of Christmas, my malware gave to me:

10 Darknet markets...

9 Rootkits rooting...

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days! (Bah-dum-dum-dum!)

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the eleventh day of Christmas, my malware gave to me:

11 Phishers phishing...

10 Darknet markets...

9 Rootkits rooting...

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days! (Bah-dum-dum-dum!)

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the twelfth day of Christmas, my malware gave to me:

12 Hackers hacking...

11 Phishers phishing...

10 Darknet markets...

9 Rootkits rooting...

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

How to avoid Instagram scams.

Thu, 22 Dec 2022 06:00:00 -0000

This week, Carole Theriault sits down to interview Dr. Jessica Barker from Cygenta to discuss the latest Instagram scams and how to avoid them. Dave and Joe share some follow-up on Apple, why they are being sued, and how you can protect yourself, as well as a new USPS scam affecting Connecticut. Dave's story follows a message board on smartphones being stolen and what happens after the thieves obtain the stolen phone. Joe's story is on a complex scam where the scammers choose ambitious individuals to turn into the scammers. Our catch of the day comes from listener Jay, who writes in, sharing a LinkedIn post from Dave Harland about him messing with a scammer trying to bamboozle him.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Data Loss Protection (DLP) (noun) [Word Notes]

Tue, 20 Dec 2022 08:00:00 -0000

A set of tools designed to safeguard data while in use in motion and at rest.

CyberWire Glossary link: https://thecyberwire.com/glossary/data-loss-prevention

Audio reference link: HistoryHeard. “Data Loss Prevention - CompTIA Security+ SY0-501 - 2.1,” Professor Messer, uploaded 20 November 2017

Sometimes it's scripted and others, it's a target of opportunity. [Hacking Humans Goes to the Movies]

Sun, 18 Dec 2022 08:00:00 -0000

On this episode, Dave and Rick are joined once again by Tracy Maleeff, security researcher at the Krebs Stamos Group. You may also know Tracy on Twitter as infosecsherpa.

Links to this episode's clips if you'd like to watch along:

Rick's clip from the movie Criminal
Tracy's clip from the movie The Talented Mr. Ripley

Disinformation and verification.

Thu, 15 Dec 2022 06:00:00 -0000

Kaspars Ruklis, the Program Manager for Media Literacy from IREX sits down with Dave to talk about the very verified media literacy program. Dave and Joe share some listener followup on some of the business' common language, this week, listener Vicki asks about the term "EULA" and what it stands for. Joe's story follows a scam that is particularly alarming around the holiday's, about fake barcodes on gift cards. A former police officer found this scam as she was trying to check out with a gift card and the cashier pulled off a fake barcode. Dave's story is all about scammers who are getting scammed. The story follows cybercriminals who are using hacking forums to buy software exploits and stolen login details and how they keep falling for cons and are getting ripped off thousands of dollars. Our catch of the day comes from listener Connor who shares an email that is so suspicious, Gmail put a warning on it. It's a very interesting email explaining that the receiver has been hacked and the scammer requires $1200 in bitcoin to not take advantage of the receivers accounts.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Domain Naming System (DNS) (noun) [Word Notes]

Tue, 13 Dec 2022 08:00:00 -0000

A system that translates text-based URLs to their underlying numerical IP addresses.

CyberWire Glossary link: https://thecyberwire.com/glossary/domain-name-system-dns

Audio reference link: HistoryHeard. “History Heard: Paul Mockapetris.” YouTube, YouTube, 5 Apr. 2009.

Keeping the scams in the family. [Hacking Humans Goes to the Movies]

Sun, 11 Dec 2022 08:00:00 -0000

Links to this episode's clips if you'd like to watch along:

Dave's clip from the television show Better Call Saul.
Rick's clip from the movie The Lady Eve.

Do not get your news on social media.

Thu, 08 Dec 2022 06:00:00 -0000

Guest Giulia Porter, Vice President of RoboKiller, discusses their mid-year report on phone scams. Following that phone scam line, Dave has a story about the international takedown of online crimeware that spoofed caller ID with a service called iSpoof. Dave notes there are some helpful tips for scams related to caller ID included in the article. Joe talks about news on social media (note: Joe's stance is: DO NOT get your news on social media). He talks about several pieces he found on leadstories.com while doing research for an article about news on social media. Joe shares some examples from the website. Our Catch of the Day listener Povilas with a funny phish about a green product.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Pretexting (noun) [Word Notes]

Tue, 06 Dec 2022 08:00:00 -0000

A social engineering technique in which a threat actor poses as a trusted person or entity in order to trick the victim into disclosing information or performing an action that benefits the attacker.

CyberWire Glossary link: https://thecyberwire.com/glossary/pretexting

Audio reference link: “Batch Pin Hurt Charlize Theron Skin | the Italian Job (2003) Movie Scene.” YouTube, YouTube, 22 Nov. 2016.

A vishing competition and a Black Badge holder.

Thu, 01 Dec 2022 06:00:00 -0000

This week, Carole Theriault is interviewing DEFCON Black Badge holder Chris Kirsch from RunZero on the recent DEFCON 30 vishing competition. Dave and Joe share some listener follow up from 3 different listeners, who share stories on disposable email addresses, as well as a little insight on a Best Buy scam mentioned in a previous episode. Joe's story is on gaming companies and whether or not they have to stoop down to stemming growth in cheats, hacks, and other types of fraud to keep customers coming back. Dave's story comes from his father, he has two stories, one involving a gift card scam and an email compromise of a family member’s account. The other involves a fake invoice for tech support services. Our catch of the day comes from listener Felipe, who writes in asking Joe and Dave to make sense of the email he received saying that his refund was recalled from someone claiming to be the "Secretary for International Finance of United States Treasury Department."

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Web Application Firewall (noun) [Word Notes]

Tue, 29 Nov 2022 08:00:00 -0000

A layer seven firewall designed to block threats at the application layer of the open system interconnection model, the OSI model.

CyberWire Glossary link: https://thecyberwire.com/glossary/web-application-firewall

Audio reference link: “VCF East 9.1 - Ches' Computer Security Adventures - Bill Cheswick.” YouTube, 29 Dec. 2015, https://youtu.be/trR1cuBtcPs.

Counterfeit coupons and paybacks. [Hacking Humans Goes to the Movies]

Thu, 24 Nov 2022 08:00:00 -0000

Links to this episode's clips if you'd like to watch along:

Dave's clip from the movie Queenpins.
Rick's clip from the movie Confidence.

COBIT (noun) [Word Notes]

Tue, 22 Nov 2022 06:00:00 -0000

An IT governance framework developed by ISACA.

CyberWire Glossary link: https://thecyberwire.com/glossary/cobit

Audio reference link: isacappc. “How Do You Explain Cobit to Your Dad – or Your CEO?” YouTube, YouTube, 24 Aug. 2016, https://www.youtube.com/watch?v=EYATVkddIyw.

Ways to make fraud less lucrative.

Thu, 17 Nov 2022 06:00:00 -0000

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Security Service Edge (SSE) (noun) [Word Notes]

Tue, 15 Nov 2022 08:00:00 -0000

CyberWire Glossary link: https://thecyberwire.com/glossary/security-service-edge

Audio reference link: Netskope (2022). What is Security Service Edge (SSE). YouTube. Available at: https://www.youtube.com/watch?v=Z9H84nvgBqw [Accessed 21 Oct. 2022].

New laws and the effect on small businesses.

Thu, 10 Nov 2022 06:00:00 -0000

Kurtis Minder, CEO of GroupSense joins Dave to discuss how ransomware new laws leave small business behind. Dave and Joe share some follow up on Elon Musk after his big purchase and the changes that now follow. Joe's story follows Kalamazoo County residents and a new scam that is popping up, where they are being targeted by scammers through Facebook messenger video calls. Dave shares a story that hits home for him about an email that his father received from Best Buy claiming that he will be charged $500 for Geek Squad services. Our catch of the day comes from an anonymous listener who writes in to share an email they received from a Mrs. Phong Dung, who wants to send 1 million to the person who received the email. The receiver knows this email is a fake and writes into the show to ask Joe and Dave if these emails ever actually work on anyone.

Links to stories:

Kalamazoo County residents targeted in Facebook messenger video call scam

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Domain spoofing (noun) [Word Notes]

Tue, 08 Nov 2022 08:00:00 -0000

A social engineering tactic in which hackers build a malicious domain to mimic a legitimate one.

CyberWire Glossary link: https://thecyberwire.com/glossary/domain-spoofing

Audio reference link: “Mission Impossible Fallout - Hospital Scene.” YouTube, YouTube, 8 Oct. 2018,

What's Your Problem trailer.

Thu, 03 Nov 2022 05:00:00 -0000

We’re sharing a preview of a podcast we enjoy called “What’s Your Problem?”

Every week on What’s Your Problem, entrepreneurs talk about the future they’re trying to build and the problems they have to solve to get there. How do you build cars that can actually drive themselves? How do you use technology to bring down the cost of airfares? And how do you teach a computer to understand sports?

Hosted by former Planet Money host Jacob Goldstein, What’s Your Problem? helps listeners understand the problems really smart people are trying to solve right now.

Listen to What’s Your Problem? at https://podcasts.pushkin.fm/wyphumans

Protecting your identity.

Thu, 03 Nov 2022 05:00:00 -0000

Jameeka Green Aaron, CISO, Customer Identity at Okta, sits down with Dave to speak about their State of Secure Identity report. Dave and Joe share some listener follow up from Richard, who writes in to share his thoughts on the discussion of the phishing kit targeting WordPress sites in a previous episode, and also writes in about last episode’s discussion on how companies were turning on employees who are overworked with two remote jobs and shares how Equifax was one of these companies. Dave's story follows typosquatting, which is when a scammer registers a website that is very similar to the real one, but will have a typo in it (ex: amozon, homdepot, gougle) and how a large typosquatting campaign is delivering tech support scams. Joe's story follows a South Bay man who had the misfortune of accepting hundreds of open house offers, but the houses weren't for sale. Our catch of the day comes from listener Chris who writes in that he's never gotten a phishing email on his work email or personal email, but that he received his first phish from PayPal, which seemed to me a notification at first glance rather than a message telling him there is fraudulent activity happening in his account.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Secure Web Gateway (noun) [Word Notes]

Tue, 01 Nov 2022 07:00:00 -0000

CyberWire Glossary link: https://thecyberwire.com/glossary/secure-web-gateway

Audio reference link: ‌Vintage Computer Federation (2015). VCF East 9.1 - Ches’ Computer Security Adventures - Bill Cheswick. YouTube. Available at: https://www.youtube.com/watch?v=trR1cuBtcPs.

The Malware Mash! [Bonus]

Fri, 28 Oct 2022 07:00:00 -0000

Enjoy this CyberWire classic.

They did the Mash...the did the Malware Mash...

Setting tech limits with a new tool.

Thu, 27 Oct 2022 05:00:00 -0000

Kim Allman from NortonLifeLock, and Carrie Neill from the National PTA, sit down with Dave to discuss the Smart Talk 2.0 tool. Joe and Dave share some follow up on an exciting new position Joe has accepted as the Director of Cyber Science at a company called Harbor Labs. This week, Joe's story comes from listener Beau, who writes in about an ATM scam he fell victim to, sharing how the scammers were spamming his phone with texts, emails, and calls before he figured out what was going on. Dave's story follows the growing new trend of overworking, or having two remote jobs at once and working at both. One company's CEO calls it a form of theft and deception. Our catch of the day comes from listener Rodney who writes in, sharing about his son's girlfriend who is looking for work and received an email pointing her in the direction of a new prospect. Sadly, Rodney had to share the news that the email seemed to be a scam.

Links to stories:

Tech CEO calls overemployment trend a 'new form of theft and deception' after firing 2 engineers secretly working multiple full-time jobs at once

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Indicators of Compromise (noun) [Word Notes]

Tue, 25 Oct 2022 07:00:00 -0000

Digital evidence that a system or network has been breached.

CyberWire Glossary link: https://thecyberwire.com/glossary/indicator-of-compromise

Audio reference link: ‌”Suicide or Murder? | The Blind Banker | Sherlock,” uploaded by Sherlock, 18 October 2015

The difference between shallow fakes vs. deep fakes.

Thu, 20 Oct 2022 05:00:00 -0000

Martin Rehak CEO & Founder from Resistant AI sits down with Dave to discuss how organizations should be worried about shallow fakes vs. deep fakes. Listener Joe writes in with some follow up on Joe's statement about not using legacy OSes, and how it is unfortunately not an option for many. Both Joe and Dave share two stories this week. Dave's first story follows how the Maryland Attorney General, Brian Frosh, is warning residents about purchasing flood-damaged cars. Dave's second story is about how a Japanese woman was fooled by an astronaut imposter who wooed her into buying a "return ticket to earth." Joe's first story is about a potential scam brewing in Springfield, as people are collecting money on the side of the street for a teenagers funeral, police are warning residents stating they have heard of this scam in neighboring cities. Joe's second story follows a new horrifying scam after a woman fell victim to a phone scam where the scammer claimed to have the victims daughter and they would kill her if she did not do what they asked. Our catch of the day comes from listener Richard who writes in sharing his experience with an email that may or may not be a phish.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Intrusion Detection System (noun) [Word Notes]

Tue, 18 Oct 2022 07:00:00 -0000

A system that monitors for malicious or unwanted activity, and either raises alerts when such activity is detected or blocks the traffic from passing to the target.

CyberWire Glossary link: https://thecyberwire.com/glossary/intrusion-detection-system

Audio reference link: “Network Intrusion Detection and Prevention - CompTIA Security+ SY0-501 - 2.1,” Professor Messer, uploaded 16 November, 2017

The long con and the flim flam. [Hacking Humans Goes to the Movies]

Sun, 16 Oct 2022 07:00:00 -0000

Links to this episode's clips if you'd like to watch along:

Rick's clip from Hustle: S1 Ep1 The Con is On
Dave's clip from Cheers: S6 Harry the Hat

Falling for a phishing kit scam.

Thu, 13 Oct 2022 05:00:00 -0000

Larry Cashdollar from Akamai sits down with Dave to discuss their research, "The Kit That Wants It All: Scam Mimics PayPal’s Known Security Measures." Joe shares an incredible story regarding impersonation and man sharing his first hand experience with impostors impersonating him to get a job, luckily a good samaritan shared this information before the damage could be done. Dave's story follows raids happening in Cambodia with connection to alleged cyberscam compounds. We have two catches of the day this week, one is from listener Eric who sends in a romance scam email asking for love from one desperate scammer. The next one comes from Uberfacts on Twitter and is an instagram DM from someone pretending to be Queen Elizabeth II.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

MFA prompt bombing (noun) [Word Notes]

Tue, 11 Oct 2022 07:00:00 -0000

Hackers bypass, multifactor authentication schemes by sending a blizzard of spamming login attempts until the accounts owner accepts the MFA prompt out of desperation to make the spamming stop.

CyberWire Glossary link: https://thecyberwire.com/glossary/mfa-prompt-bombing

Audio reference link: movieclips. “Sneakers (2/9) Movie Clip - Defeating the Keypad (1992) HD.” YouTube, YouTube, 29 May 2011, https://www.youtube.com/watch?v=oG5vsPJ5Tos.

What is cyber quantum computing?

Thu, 06 Oct 2022 05:00:00 -0000

Pete Ford from QuSecure sits down with Dave to discuss what exactly cyber quantum computing is, what it means for the country, and how other countries are using quantum. Dave and Joe share follow up on 2 stories, one Bleeping Computer reports, discussing the teen that hacked Uber and Rockstar Games has been arrested. Second, we share some listener follow up from last episode about medical documents being shared and how easy it would be to falsify your identity to obtain children's documents. Dustin, a Registered Health Information Management Technician, shares his thoughts on the matter. Dave's story follows the FCC’s new plan to require phone companies to block spam texts from bogus numbers. Joe has the story on how two Abbotsford residents lose approximately forty six thousand dollars in a bank scam. Our catch of the day comes from listener Joseph who shares a strange email he received from a scammer claiming to be PayPal, which could have seemed real if it weren't for a few mistakes Joseph found to be peculiar.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Apple Lockdown Mode (noun) [Word Notes]

Tue, 04 Oct 2022 07:00:00 -0000

An optional security mode for macOS and iOS that reduces the attack surface of the operating system by disabling certain commonly attacked features.

Audio reference link: “How NSO Group’s Pegasus Spyware Was Found on Jamal Khashoggi’s Fiancée’s Phone,” FRONTLINE, YouTube, 18 July 2021.

A cryptoqueen on the run and the cons she got away with.

Thu, 29 Sep 2022 05:00:00 -0000

This week Carole Theriault sits down to interview author Jamie Bartlett on his book, "The Missing Cryptoqueen - The Billion Dollar Cryptocurrency Con and the Woman Who Got Away with It." Dave and Joe share some follow up from listener Dustin who shares an interesting experience he had involving his child's medical documents and how easy it was to obtain them, making scams even easier. Joe's story follows a young teen hacker and how they allegedly were able to hack Uber and Rockstar Games. Dave has got the story on Queen Elizabeth II and how giving condolences could lead you right into a scam. Our catch of the day comes from us here at the CyberWire. We received an email from one Vladomir Petrova, a citizen of Ukraine, which gets more suspicious the longer the email reads.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Simulated Phishing (noun) [Word Notes]

Tue, 27 Sep 2022 07:00:00 -0000

A security awareness training technique in which authorized, but fake phishing emails are sent to employees in order to measure and improve their resistance to real phishing attacks.

CyberWire Glossary link: https://thecyberwire.com/glossary/simulated-phishing

Audio reference link: “Blackhat (2014) - Hacking the NSA Scene (4/10) | Movieclips.” YouTube, YouTube, 19 Apr. 2017.

The rise in fraudulent online content.

Thu, 22 Sep 2022 05:00:00 -0000

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Sideloading (noun) [Word Notes]

Tue, 20 Sep 2022 07:00:00 -0000

The process of installing applications on a device without the use of official software distribution channels.

CyberWire Glossary link: https://thecyberwire.com/glossary/sideloading

It pays to do your research. [Hacking Humans Goes to the Movies}

Sun, 18 Sep 2022 05:00:00 -0000

Thanks for joining us again for another episode of fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Co-hosts Dave Bittner and Joe Carrigan are joined by Rick Howard in this series where they view clips from their favorite movies with examples of the social engineering scams and schemes you hear about on Hacking Humans. In this episode, Dave and Joe are joined on this episode by guest Tracy Maleeff from Krebs Stamos Group – you may know her on Twitter as @Infosecsherpa. Dave,Joe and Tracy watch and discuss Tracy;s and Joe's clips on this episode. They watch each of the selected scenes, describe the on-screen action for you, and then the team deconstructs what they saw. Grab your bowl of popcorn and join us for some Hollywood scams and frauds.

Links to this episode's clips if you'd like to watch along:

Tracy's clips from "Working Girl"
Elevator scene
Tess and Jack gatecrash a wedding scene
Joe's clip from "Oceans 8"

Is inflation affecting the Dark Web?

Thu, 15 Sep 2022 05:00:00 -0000

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Microsegmentation (noun) [Word Notes]

Tue, 13 Sep 2022 07:00:00 -0000

A zero trust security technique that isolates application workloads from each other, allowing each one to be protected individually.

CyberWire Glossary link: https://thecyberwire.com/glossary/microsegmentation

Audio reference link: “Micro-Segmentation Masterpieces,” PJ Kirner, Illumio CTO and Co-Founder, Tech Field Day, YouTube, 13 December 2020.

A travel surge and a host of different scams.

Thu, 08 Sep 2022 05:00:00 -0000

Greg Otto from Intel 471 joins Dave to discuss the findings of their work on "Cybercriminals preying on a travel surge with a host of different scams." Dave and Joe share some interesting listener follow up from Kevin, who writes in about the deepfakes episode and shares his comments on how scary the topic can be, especially with politicians. Dave shares a story about Charles Egunjobi, an auditor with the D.C. government, and how he fell victim to an online love scam costing elderly U.S. citizens $1.9 million. Joe touches on two stories, one being how a woman down in Texas is able to scam men out of some expensive items with a romance scam, and the other being a story that is warning Pennsylvania residents on a quick moving scam artist moving from state to state. Our catch of the day comes from Jon in California who writes in about about an email scam concerning a local job sent to him and how he needs to apply right away.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Homograph phishing (noun) [Word Notes]

Tue, 06 Sep 2022 07:00:00 -0000

The use of similar-looking characters in a phishing URL to spoof a legitimate site.

CyberWire Glossary link:

Audio reference link: “Mission Impossible III 2006 Masking 01,” uploaded by DISGUISE MASK, 28 July 2018.

Is there a growing number of public and private partnerships forming?

Thu, 01 Sep 2022 05:00:00 -0000

This week Carole Theriault interviews Chuck Everette from Deep Instinct on public and private partnerships. Dave and Joe share some listener follow up from Rodney who writes in about flexible spending cards and chips inside them as well as sharing technology that helps keep the scammers away. Joe's story follows the trend of fake invoicing, specifically through PayPal and the newest string of scammers getting people to call in about a pending charge. Dave shares a story where people are getting sent fake Microsoft products in hopes to steal information after they plug these products into their computers. Our catch of the day comes from listener William who writes in about getting an increasing amount of emails from fake accounts saying they have charged his card and there is a pending transaction. William shares how the scammers are trying to get him to call in to dispute the charges.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Policy Orchestration (noun) [Word Notes]

Tue, 30 Aug 2022 07:00:00 -0000

CyberWire Glossary link: https://thecyberwire.com/glossary/policy-orchestration

Audio reference link: “The Value of Using Security Policy Orchestration and Automation,” by David Monahan, uploaded by EMAResearch, 3 April, 2018

Encore: Sometimes, deepfake victims don't want to be convinced it is fake.

Thu, 25 Aug 2022 05:00:00 -0000

Guest Etay Maor of Cato Networks joins Dave Bittner to discuss the impact that deepfakes will have on our society, we share some fun feedback on the Lightning Rod story edit, Dave's story talks about how some of the most successful and lucrative online scams employ a “low-and-slow” approach, Joe's story is about 2 Arkansas farmer that scammed investors out of money for wind turbines, but used it for houses, cars and Disney World, and our Catch of the Day is from an unnamed listener with a supposed iPhone invoice.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Anti-cheat software (noun) [Word Notes]

Tue, 23 Aug 2022 07:00:00 -0000

Software designed to prevent cheating in video games.

CyberWire Glossary link: https://thecyberwire.com/glossary/anti-cheat-software

Audio reference link: “The BIG Problem with Anti-Cheat,” by Techquickie, YouTube, 5 June 2020

Scams in the media.

Thu, 18 Aug 2022 05:00:00 -0000

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

Pseudoransomware (noun) [Word Notes]

Tue, 16 Aug 2022 07:00:00 -0000

Malware, in the guise of ransomware, that destroys data rather than encrypts.

CyberWire Glossary link: https://thecyberwire.com/glossary/pseudoransomware

Audio reference link: “Some Men Just Want to Watch the World Burn | the Dark Knight,” by YouTube, 2 November 2019.

Staying away from Medicare scams.

Thu, 11 Aug 2022 05:00:00 -0000

Ari Parker, Lead Advisor from Chapter, discussing "Tips for Avoiding Medicare Scams." Joe and Dave share some follow up from several listeners, who write in about various scams they have encountered. Joe's story is on Facebook messenger and how more and more victims are being claimed to scams and cons through the popular social media app. Dave's story shares disturbing information regarding LinkedIn scams, explaining how North Koreans are stealing resumes off the job site in a new crypto job search scam. Our catch of the day comes from listener Jon who writes in about him receiving $10,500,000.00 and how he needs to claim this offer before the end of 2021. Sadly he missed the deadline and wanted to share.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

Trusted Platform Module (TPM) (noun) [Word Notes]

Tue, 09 Aug 2022 05:00:00 -0000

A browser configuration control that prevents accessing resources within a private network.

CyberWire Glossary link:

Audio reference link: “TPM (Trusted Platform Module) - Computerphile,” Computerphile, 23 July 2021

Making the world a safer online place.

Thu, 04 Aug 2022 05:00:00 -0000

Raj Sarkar, CMO from 1Password and Julien Benichou, Senior Director of Partnership, Strategy, and Execution from Gen.G, join Dave to discuss making the online world a safer place and talk about helping reduce the risk of gamers being the target of hackers. Joe and Dave share some followup from listener Ryan who writes in about the catch of the day from last week's episode, and what struck him most with the scam. Dave's story is on how the government was able to seize millions in stolen cryptocurrency. Joe's story is on a scam involving diamonds and how one scammer was caught, now sentenced to 12 years in prison. Our catch of the day comes from listener Jeremy who writes in about a suspicious email he received from one of his mothers friends. She wrote him asking if he could buy her gift cards and she would pay him back. He shares how he dealt with the scammer and informed his mom, one of her friends emails may have been compromised.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

Private Network Access (PNA) (noun) [Word Notes]

Tue, 02 Aug 2022 07:00:00 -0000

A browser configuration control that prevents accessing resources within a private network.

CyberWire Glossary link:

Audio reference link: “Chrome Limits Access to Private Networks,” by Daniel Lowrie, ITProTV, YouTube, 19 January 2022.

A return to office means a return to email scams.

Thu, 28 Jul 2022 05:00:00 -0000

Romain Basset, Director of Customer Service, at Vade joins Dave to discuss the threat of initial contact spearphishing emails now that many employees are returning to the office. Dave and Joe share some listener follow up from listener Will who writes in about a troubling debate over if it should be "Joe and Dave" or "Dave and Joe." Will shares a website about ablaut reduplication, sharing his thoughts on the matter. Joe shares some good news following a story of a homeless man being robbed of $400,000 after a GoFundMe scam. Joe's story is on a woman who loses almost $150,000 over the phone with someone claiming to be a DEA agent. Dave's story is on a woman who gets scam calls up to 20 times a day. She was diagnosed with cancer in 2021, and can't afford to miss any calls from potential doctors or possible nurses trying to schedule appointments. Our catch of the day comes from listener Alex who writes in sharing how his Apple ID was hacked and locked, although the scammers got one crucial detail wrong, his email.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

Extortion scams and the LGBTQ+ community.

Thu, 21 Jul 2022 05:00:00 -0000

This week, Carole Theriault sits down to talk with Paul Ducklin from Sophos on extortion scams targeting LGBTQ+ communities. Joe and Dave share multiple pieces of listener follow up, the first from Matt and Kevin, who write in to share a Wikipedia link regarding N.B. (Nota Bene, or note well) and an ad from 1801. The second one is a write in from someone who is referred to as "P," who shares more information on the Facebook link shortener discussion. Finally, Joe and Dave get a great piece of listener feedback from listener and friend of the show Jonathan, who writes in about resist fingerprinting and how Firefox doesn't block fingerprinting. Dave's story is on trafficking victims being forced to scam people. Joe's story is on a credit union being targeted for phone scams. Our catch of the day comes from listener Ian, who shares how his son was trying to get college housing accommodations and went through Facebook, only to find out that not everyone is as trustworthy as they seem.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

Web 3.0 (noun)

Tue, 19 Jul 2022 07:00:00 -0000

CyberWire Glossary link: https://thecyberwire.com/glossary/web-30

Audio reference link: “What Elon Musk Just Said about Metaverse, Web3 and Neuralink,” By Clayton Morris, Crypto News Daily, YouTube. 2 December 2021.

Behavioral science in the world of InfoSec.

Thu, 14 Jul 2022 05:00:00 -0000

Kelly Shortridge, a Senior Principal from Fastly, joins Dave to discuss her talk at RSAC on why behavioral science and behavioral economics matters for InfoSec. Joe's story shares an old scam with a new twist, it's about packages being delivered to you that you never ordered. Dave's story is on how a large scale phishing campaign compromised one million Facebook credentials. Our catch of the day comes from listener Will who was reached out to by someone claiming to be the "Head IMF/EUROPEAN UNION coordinator," who claimed to want to give Will one million dollars in compensation.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

Identity access management (IAM) (noun) [Word Notes]

Tue, 12 Jul 2022 07:00:00 -0000

A set of solutions for ensuring that the right users can only access the appropriate resources.

CyberWire Glossary link: https://thecyberwire.com/glossary/identity-and-access-management

Audio reference link: “The Wrath of Khan (1982) ‘Kirk’s Response,’” by Russell, YouTube, 16 May 2017.

Human errors and why they're made.

Thu, 07 Jul 2022 05:00:00 -0000

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

Abstraction layer (noun) [Word Notes]

Tue, 05 Jul 2022 07:00:00 -0000

A process of hiding the complexity of a system by providing an interface that eases its manipulation.

CyberWire Glossary link: https://thecyberwire.com/glossary/abstraction-layer

Audio reference link: “What Is Abstraction in Computer Science,” by CodeExpanse, YouTube, 29 October 2018.

The top 10 brand names most likely used in a phishing scheme.

Thu, 30 Jun 2022 05:00:00 -0000

Omer Dembinsky, a Data Research Manager from Check Point Research, joins Dave to discuss their Brand Phishing Report for Q1 2022 and how DHL, Maersk, and AliExpress were all in the top 10 list. Joe and Dave have some listener follow up from the 200th episode discussing how many redirects are too many. Joe has two stories this week, the first on how Instagram (Meta Platforms) was hit with multiple lawsuits from the Beasley Allen Law Firm over exploiting young people for money. The second story is about social media addiction, and how companies are making the platforms deliberately addictive. Dave's story is on your internet fingerprint that you leave behind, and how easy it is for websites to know everything about you and your computer settings. Our catch of the day comes from listener Pablo, who shares about a scammer contacting him through text trying to receive money for coronavirus insurance.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

Identity Fabric (noun) [Word Notes]

Tue, 28 Jun 2022 07:00:00 -0000

A set of services for managing identity and access management, or IAM across all of an organization's data islands.

CyberWire Glossary link: https://thecyberwire.com/glossary/identity-fabric

Audio reference link: “Leadership Compass Identity Fabrics - Analyst Chat 126,” by KuppingerCole, YouTube, 30 May 2022.

North Korea and a global cyber war.

Thu, 23 Jun 2022 05:00:00 -0000

Carole Theriault interviews author and journalist Geoff White on his upcoming book, "The Lazarus Heist: From Hollywood to High Finance: Inside North Korea's Global Cyber War." Joe and Dave share some listener follow up from listener John, regarding a T-mobile breach and how he was notified through a third-party monitoring service and not T-Mobile. Joe's story shares how hackers are also keeping an eye on the upcoming holidays and describes how a Father's Day beer contest from Heineken was a scam. Dave's story is on police warning against a rise in voice phishing as they have made 2000 arrests since the crackdown on social engineering and business email scams started. Our catch of the day comes all the way from the Netherlands, listener Joram shares a scam he discovered in his spam folder. The sender notified him that she is frail and will be dying soon, to which her millions of dollars will be lost since she has no next of kin. The sender goes on to tell him that he is receiving this money just out of the goodness of her heart.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

Intrusion Kill Chain (noun) [Word Notes]

Tue, 21 Jun 2022 07:00:00 -0000

A cybersecurity first principle strategy focused on disrupting known adversary activity at one of several phases of an attack sequence.

CyberWire Glossary link: https://thecyberwire.com/glossary/intrusion-kill-chain

Audio reference link: "Cybersecurity Days: A Network Defender's Future," by Rick Howard, Integrated Cyber Conference, Integrated Adaptive Cyber Defense (IACD), YouTube, 26 October 2018.

The great resignation and data exposure challenges.

Thu, 16 Jun 2022 05:00:00 -0000

Abhik Mitra, Head of Portfolio Strategy at Code42, shares the findings on Code 42's 2022 Data Exposure Report (DER). Joe breaks down a story that follows a couple in Westlake, where the woman was called about a supposed warrant out for her arrest, and how she was told that she needs to provide thousands of dollars in order for the police to not come and arrest her. The story describes how her fast-thinking husband was able to figure out the scam and get in touch with real authorities. Dave's story delves into Facebook and a phishing scam that ended in a threat actor stealing 1M credentials in 4 months. Our catch of the day comes from listener William who received an email about a new laptop that he supposedly bought through PayPal. He shares why he knew it was a scheme right away, and hopes to make this information known so others know what to look out for.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitte

Identity Orchestration (noun) [Word Notes]

Tue, 14 Jun 2022 07:00:00 -0000

A subset of security orchestration, the management of identities across an organization's set of digital islands.

CyberWire Glossary link: https://thecyberwire.com/glossary/identity-orchestration

What to look out for with scan-and-exploit cyber attacks.

Thu, 09 Jun 2022 05:00:00 -0000

Andrew Morris, founder and CEO of GreyNoise Intelligence, joins Dave to discuss the explosive increase in opportunistic scan-and-exploit cyber attacks, and what security analysts can do to combat it. Joe and Dave share some follow up from listener Mark, whose son got scammed out of 150 million dollars in a game he plays. Dave's story is on ChromeLoader, which is a pervasive and persistent browser hijacker that modifies your settings and redirects you to more advertisement websites. Joe has two stories: one on a family of con artists found to be scamming gas station patrons that attacked an individual after being confronted, and the second is on fake Facebook ads and how shoppers are being scammed. Our catch of the day comes from listener Jon, who was contacted via email being requested to pay customs fees of $750 for packages in his name.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Diamond Model (noun) [Word Notes]

Tue, 07 Jun 2022 07:00:00 -0000

CyberWire Glossary link: https://thecyberwire.com/glossary/diamond-model

Is ransomware getting too fast?

Thu, 02 Jun 2022 05:00:00 -0000

Ryan Kovar, distinguished security strategist at Splunk and leader of SURGe, discusses the speed of ransomware, as well as the first-of-its-kind research the SURGe team is releasing on how quickly the top ransomware families can encrypt 100,000 files. Joe and Dave share some listener follow up from listener Josh. Joe's story follows the baby food shortage and warns about the dangers of sellers scamming people through online purchases of formula. Dave's story is on how IT members can identify the three most dangerous types of internal users and what businesses need to look out for. Our catch of the day comes from listener Josh, who shares about a friend of his who possibly got hacked and the check the scammers claimed was real.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

MITRE ATT&CK (noun) [Word Notes]

Tue, 31 May 2022 07:00:00 -0000

A knowledge base of adversary tactics, techniques, and procedures established and maintained by the MITRE Corporation.

CyberWire Glossary link: https://thecyberwire.com/glossary/mitre-attck

Audio reference link: “Attack Frameworks - SY0-601 CompTIA Security+ : 4.2,” Professor Messer, YouTube, 29 April 2021.

Combating social engineering.

Thu, 26 May 2022 05:00:00 -0000

Ann Johnson, Security Executive at Microsoft and host of the afternoon cyber tea podcast, joins Dave to discuss social engineering and ways to help prevent it, as well as the different types of social engineering she's seen from her experience, Dave and Joe share some listener follow up about macros in Office documents, Joe has two stories this week, one is on how Seth Green lost over 300K in NFTs, and the other is on a new scam with Chatbots on phishing emails, Dave's story is on how a California man was arrested for siphoning money, our catch of the day comes from listener Sadik who shares a suspicious looking email telling him, that his Norton service is about to expire.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

DevOps (noun) [Word Notes]

Tue, 24 May 2022 07:00:00 -0000

The set of people, process, technology, and cultural norms that integrates software development and IT operations into a system-of-systems.

CyberWire Glossary link:

Audio reference link: "10+ Deploys Per Day: Dev and Ops Cooperation at Flickr," by John Allspaw and Paul Hammond, Velocity 09, 25 July 2009.

Voice authentication taking hold.

Thu, 19 May 2022 05:00:00 -0000

Mark Horne, Chief Marketing Officer at Pindrop, joins Dave to discuss voice authentication, Dave and Joe have some follow up about business phishing (BECs) from listeners Nick and Michael, Joe's story has a romance scam where criminals pretend to be celebrities, and Dave's story is about the increase in phishing downloads due to cyber criminals using SEO to leverage their lures, and we've got 2 catches of the day for you from listener Peter on free Dyson vacuums and one from Joe with a plea from Vladimir Putin asking for money.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

MITRE ATT&CK (noun) [Word Notes]

Tue, 17 May 2022 07:00:00 -0000

A knowledge base of adversary tactics, techniques, and procedures established and maintained by the MITRE Corporation.

CyberWire Glossary link: https://thecyberwire.com/glossary/mitre-attck

Audio reference link: “Attack Frameworks - SY0-601 CompTIA Security+ : 4.2,” Professor Messer, YouTube, 29 April 2021.

Business phishing: Who's biting the bait?

Thu, 12 May 2022 05:00:00 -0000

Matthew Connor, Founder of Conscious Security, discusses a study he conducted while working with F-Secure, the study targeted 82,402 individuals with one of four phishing emails, he goes into the findings of the study and certain insight this study has brought, Joe's story is on the popular app Zelle and how users are loosing thousands of dollars due to scams, and Dave's story is on three big tech giants announcing plans to expand support for a common passwordless sign-in standard created by the FIDO Alliance, our catch of the day comes from listener Areus on text messages exchanged between two strangers and where the conversation leads.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Waterfall Software Development Method (noun) [Word Notes]

Tue, 10 May 2022 07:00:00 -0000

A software development model that relies on a series of sequential steps that flow into each other, like a series of waterfalls.

CyberWire Glossary link: https://thecyberwire.com/glossary/waterfall-software-development

Audio reference link: “Creating Video Games - Agile Software Development,” by Sara Verrilli, MIT OpenCourseWare, YouTube, 10 December 2015

Encore: The attackers keep coming every single day.

Thu, 05 May 2022 05:00:00 -0000

Guest Andrew Rubin, CEO and co-founder of Illumio, joins Dave to discuss Zero Trust, Dave and Joe share some follow-up from several listeners including one with a variation on prison pen pals we discussed some time ago and some advice on Dave's Google Authenticator issue he mentioned last week, Dave's story is about non-delivery scams, Joe's got a story on Imperial Kitten doing some catphishing, and our Catch of the Day comes from listener Timothy about with a sextortion campaign.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Agile Software Development Method (noun) [Word Notes]

Tue, 03 May 2022 07:00:00 -0000

A software development philosophy that emphasizes incremental delivery, team collaboration, continual planning, and continual learning

Audio reference link: https://thecyberwire.com/glossary/agile-software-development

"Velocity 09: John Allspaw and Paul Hammond, "10+ Deploys Pe" John Allspaw and Paul Hammond, 2009 Velocity Conference,

YouTube, 25 June 2009.

The dark side of business email attacks.

Thu, 28 Apr 2022 05:00:00 -0000

John Wilson, Senior Fellow Threat Research at Agari by HelpSystems, discusses business email compromise attacks, Joe shares three stories on different types of scams, the first being a mystery shopper scam, where the scammer tries to get you to buy gift cards at a grocery store, the second one is on, scammers posing as DTE Energy representatives, seeking bill payments, and the final one is about someone showing up to a victims door and demanding money to collect “Money owed” for a family member, Dave's story is on criminals who are using apple pay to scam their way into going on spending sprees, our catch of the day comes from listener Jon, who shares how two men claimed to be owed money after Jon's death, when in fact, John was very alive.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Pegasus (noun) [Word Notes]

Tue, 26 Apr 2022 07:00:00 -0000

The flagship product of the controversial Israeli spyware vendor, the NSO Group, use for remotely hacking mobile devices, most notably iPhones, via zero-click exploits.

CyberWire Glossary link: https://thecyberwire.com/glossary/pegasus

Audio reference link:

“Cybersecurity beyond the Headlines: A Conversation with Journalist Nicole Perlroth,” Kristen Eichensehr, and Nicole Perlroth, University of Virginia School of Law,

YouTube, 14 February 2022

Cons through and through. [Hacking Humans Goes to the Movies]

Sun, 24 Apr 2022 05:00:00 -0000

Thanks for joining us for the latest episode of our fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Co-hosts Dave Bittner and Joe Carrigan are joined by Rick Howard in this series where they view clips from their favorite movies with examples of the social engineering scams and schemes you hear about on Hacking Humans. In this episode, Dave and Joe are joined on this episode by Perry Carpenter, host of 8th Layer Insights podcast and chief evangelist at KnowBe4. Dave,Joe and Perry watch and discuss Dave's and Perry's clips on this episode. They watch each of the selected scenes, describe the on-screen action for you, and then the team deconstructs what they saw. Grab your bowl of popcorn and join us for some Hollywood scams and frauds. A heads-up for our listeners: there is a bit of spicy language in today’s clips, so use your discretion if you are tuning in with your kids.

Links to this episode's clips if you'd like to watch along:

Dave's scene from "Focus"
Perrys clip from "Ferris Bueller's Day Off"

On the front lines of fraud protection.

Thu, 21 Apr 2022 05:00:00 -0000

Pete Barker, director of Fraud and Identity at SpyCloud offers critical insights on the alarming evolution of fraud and how consumers and enterprises can protect themselves, Joe and Dave share some listener follow up from listener Micah on a catch of the day from last week, Joe's story is on a woman who was scammed out of $15,000 and shares her experience on how the hackers were able to gather so much info and money from her, Dave's story is on an android malware scheme that allows cybercriminals to intercept customer calls to their banks, our catch of the day comes from listener John, who shares a scam from people claiming to be Amazon, saying that the users secret phrase has been incapacitated.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Domain-based Message Authentication Reporting Conformance (DMARC) (noun) [Word Notes]

Tue, 19 Apr 2022 07:00:00 -0000

An open source email authentication protocol designed to prevent emails, spoofing in phishing, business email compromise or BEC, and other email-based attacks.

Magic, illusion, and scams, oh my.

Thu, 14 Apr 2022 05:00:00 -0000

Brian Brushwood a former magician, joins Perry Carpenter, host of 8th Layer Insights, to talk about his new podcast, The Worlds Greatest Con, and how magic led him to discussing cons and scams on a podcast, Dave shares a personal story on login frustration, Joe's story is on a Cash App breach being confirmed after an employee was able to access a US customers data, and Dave's story is on inauthentic LinkedIn profiles and how fake accounts are requesting to connect when in fact the accounts are fake, our catch of the day comes from listener Richard who shares a scam he got sent through the mail to exploit his political views.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Shields Up (noun) [Word Notes]

Tue, 12 Apr 2022 07:00:00 -0000

Online threats turned real world danger.

Thu, 07 Apr 2022 05:00:00 -0000

Laura Hoffner from Concentric, joins Dave to discuss online dangers and how they can very easily turn into real world dangers, Laura explains about the popular social media platform TikTok and how users are being stalked and shares one story in particular, Joe and Dave share some listener follow up, Joe's story is centered around cryptocurrency scams and how they are on the rise, and Dave's story is on the malware BABYSHARK and the internal process of investigation as well as lessons learned, our catch of the day comes to us from listener Andre, who shares a scam from a Commanding officer of the U.S Central Command and how they need Andre to keep his money safe.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Software Assurance Maturity Model (SAMM) (noun) [Word Notes]

Tue, 05 Apr 2022 07:00:00 -0000

A prescriptive open source software security maturity model designed to guide strategies tailored to an organization’s specific risks.

Robocall scams and the psychology surrounding them.

Thu, 31 Mar 2022 05:00:00 -0000

Alex Quilici, Robocall Scam Expert of YouMail, discusses how unwanted robocalls are becoming more targeted and the psychology behind some of the worst calls, Joe and Dave share some listener follow up, Joe's story comes from listener Derek who shares how his aunt avoided a scam which wasn't very obvious at first, and Dave's story is about how the FBI released its annual Internet Crime Complaint Center Internet Crime Report for 2021, our catch of the day comes from listener John who shares how he got a new interesting Instagram follower.

Links to stories:

FBI Releases the Internet Crime Complaint Center 2021 Internet Crime Report

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Universal 2nd Factor (U2F) [Word Notes]

Tue, 29 Mar 2022 05:00:00 -0000

Cons: the short one and the first one. [Hacking Humans Goes to the Movies]

Sun, 27 Mar 2022 07:00:00 -0000

Links to this episode's clips if you'd like to watch along:

Joe's clip from "House of Games" (the Western Union scene)
Rick's clip from "The Brothers Bloom"

What's behind Buy Now, Pay Later scams?

Thu, 24 Mar 2022 05:00:00 -0000

Jim Ducharme, COO of Outseer joins Dave to discuss buy now pay later scams, Joe and Dave share some listener follow up, Joe has an interesting story about an Unchained Capital partner and how they were hit with a social engineering attack, and Dave's story is on the FIDO alliance, our catch of the day comes from listener Matt, who shares how he won 20.5 million and why he wasn't falling for it.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

adversary group naming (noun) [Word Notes]

Tue, 22 Mar 2022 07:00:00 -0000

A cyber threat intelligence best practice of assigning arbitrary labels to collections of hacker activity across the intrusion kill chain.

Data privacy: is it black and white when it comes to your kids?

Thu, 17 Mar 2022 05:00:00 -0000

UK Correspondent Carole Theriault returns talking with guest David Ruiz from Malwarebytes about parents spying on their kids, Joe and Dave share some listener follow up, Joe's shares a story about the top 5 strangest social engineering tactics, Dave's got a story from one of our listeners, Ricky, about best gift card sales practices at retail chains, and our Catch of the Day comes from listener Michael with a well-crafted email full of red flags when you read into it.

Links to stories:

Rounding up the Past Year's Strangest Social Engineering Tactics

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

BSIMM (noun) [Word Notes]

Tue, 15 Mar 2022 07:00:00 -0000

A descriptive model that provides a baseline of observed software security initiatives and activities from a collection of volunteer software development shops.

Technology's effects on students during the pandemic.

Thu, 10 Mar 2022 06:00:00 -0000

Guest Justin Reilly, the CEO of Impero, stops by to talk with Dave Bittner about the mental health of kids in the digital age, Dave's got a story about large-scale phishing campaigns targeting the Indian Electric Vehicle consumers and businesses, Joe's story is from Vade sharing the top 20 most impersonated brands in phishing, and our Catch of the Day comes from Bob, a friend and former coworker of Joe's who received a smishing attempt via text from a "friend" and how he expertly turned the tables on the scammer.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

OWASP vulnerable and outdated components (noun) [Word Notes]

Tue, 08 Mar 2022 08:00:00 -0000

Phishing seems to be cyclical and thematic.

Thu, 03 Mar 2022 06:00:00 -0000

Guest Jeff Nathan, the Director of Threat research at Norton Labs, joins Dave to discuss their most recent Consumer Cyber Safety Pulse Report, Joe and Dave share some follow up from listeners Daniel and Neville who helped the guys with a phrase from a recent Catch of the Day, Joe shares a story about getting around MFA using remote access software, Dave's story is about a jobfishing scam from a fake design firm, and our Catch of the Day is from listener Randy about an unsubscribe email he received.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

OWASP software and data integrity failures (noun) [Word Notes]

Tue, 01 Mar 2022 08:00:00 -0000

Code and data repositories that don't protect against unauthorized changes.

A blurring of lines between nation states and criminals.

Thu, 24 Feb 2022 06:00:00 -0000

Guest Joshua Neil, the Chief Data Scientist for SecurOnix, joins Dave to talk about evasive techniques and identifying nation-state kill chains, Joe shares an update on his identity theft experience, the guys share some follow up from listener Benji who shares experiences of scammers changing the name on gmail accounts at the synagogue where he works saying they are the rabbi and emailing congregants asking for gift cards, Dave's story is about Apple's AirTags and how they led to the discovery of a German intelligence agency, Joe's got a story about the City of Baltimore falling victim to a phishing scam, and our Catch of the Day is from listener G about a compressed file attachment he received, but did not open.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

OWASP server-side request forgery (noun) [Word Notes]

Tue, 22 Feb 2022 08:00:00 -0000

An attack technique that leverages an unprotected web server as a proxy for attackers to send commands through to other computers.

Hustling the hustlers. [Hacking Humans Goes to the Movies]

Sun, 20 Feb 2022 08:00:00 -0000

Links to this episode's clips if you'd like to watch along:

Joe's scene from "The Hustle"
Dave's clip from "True Lies"

Vulnerabilities will be found.

Thu, 17 Feb 2022 06:00:00 -0000

Guest Deral Heiland from Rapid7 talks with our UK Correspondent Carole Theriault about the state of IOT, Joe shares a personal story about bank checks and a debit card received at his home that were in his name but not from his bank, Dave's got a story from an email he received from the PR department at TikTok about romance scams, and our Catch of the Day is from listener John about a friend who was harassed on Facebook to click a link and how John addressed it.

Links to stories:

#BeCyberSmart: Tips to protect your heart and wallet

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

OWASP security logging and monitoring failures (noun) [Word Notes]

Tue, 15 Feb 2022 08:00:00 -0000

The absence of telemetry that could help network defenders detect and respond to hostile attempts to compromise a system.

If you wish for peace, prepare for cyberwar.

Thu, 10 Feb 2022 06:00:00 -0000

Guest Nick Shevelyov, Chief Security Officer for Silicon Valley Bank. joins Dave sharing some personal history around security, and discussing his book "Cyber War… and Peace," Dave and Joe have some follow up from an anonymous listener about mobile device management issue at their work, Dave has a story where a woman was scammed out of thousands while someone contacted her to "help" with a problem with their bank, Joe's got a few stories about Facebook and ad scams, and our Catch of the Day is from listener Jonathan with a Geek Squad subscription scam.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

OWASP identification and authentication failures (noun) [Word Notes]

Tue, 08 Feb 2022 08:00:00 -0000

Ineffectual confirmation of a user's identity or authentication in session management.

How to talk your way in anywhere. [Hacking Humans Goes to the Movies]

Sun, 06 Feb 2022 08:00:00 -0000

Links to this episode's clips if you'd like to watch along:

Dave's clip from the television show "Key & Peele"
Rick's pick from "Sneakers"

The ransomware game has evolved.

Thu, 03 Feb 2022 06:00:00 -0000

Guest Allan Liska from Recorded Future joins Dave to discuss the evolution of ransomware and his new book "Ransomware: Understand. Prevent. Recover," Joe shares a question from listener Joan about an email her father received from "MasterCard Fraud Department" asking photo/video and the last 4 of his Social Security Number, Joe has a story about scams to watch out for during tax time in the US, Dave's story is about ransomware operators trying to recruit company insiders, and our Catch of the Day is from listener Michael who had some acquaintances fall for a scam.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

OWASP broken access control (noun) [Word Notes]

Tue, 01 Feb 2022 08:00:00 -0000

Software users are allowed access to data or functionality contrary to the defined zero trust policy by bypassing or manipulating the installed security controls.

Useful ransomware protection for you.

Thu, 27 Jan 2022 06:00:00 -0000

Guest Roger Grimes, Data Driven Defense Evangelist at KnowBe4, joins Dave to discuss his new book "Ransomware Protection Playbook," Dave has a story about a Meta (Facebook) group with a cryptocurrency scam that promises "a new way to wealth," Joe's story has tales of account takeover attacks of high-profile gamers, and our Catch of the Day is from listener Jesse about a text they received from "Facebook" about a $600,000 windfall.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

OWASP security misconfiguration (noun) [Word Notes]

Tue, 25 Jan 2022 08:00:00 -0000

The state of a web application when it's vulnerable to attack due to an insecure configuration.

The perfect environment for ATOs (account takeovers) to breed.

Thu, 20 Jan 2022 06:00:00 -0000

Guest Jane Lee, Trust and Safety Architect at Sift, joins Dave to talk about the Digital Trust and Safety Index, Joe and Dave share some follow up from a listener, Ben, with a suggestion as an alternative to prevent clicking on those bonus phishing scams, Joe's story is about fake ticket scams for the Kansas City Chiefs NFL playoff game against the Pittsburgh Steelers, Dave's got a story about scams on Apple's App Store, and our Catch of the Day is from an anonymous listener about an email they received from their "IT department" requesting credentials (including password) when getting a new laptop. (Note: This is our first COTD that is not a scam, rather a bad policy.)

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

OWASP insecure design (noun)

Tue, 18 Jan 2022 08:00:00 -0000

A broad OWASP Top 10 software development category representing missing, ineffective, or unforeseen security measures.

The only locks you should pick are your own.

Thu, 13 Jan 2022 06:00:00 -0000

Guest Tom Tovar, CEO and Co-Creator of AppDome, joins Dave and Joe to discuss the results of a recent consumer survey, Dave's story is based on a tweet where the user's child's middle school had some unintended consequences of a phishing scam training, Joe has two stories: one on QR code scammers on parking kiosks, and one about a book publishing phishing scam, and our Catch of the Day is a message that purports to come from the USPS sent in by listener William about a missed package delivery.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Log4j vulnerability (noun) [Word Notes]

Tue, 11 Jan 2022 16:00:00 -0000

An open source Java-based software tool available from the Apache Software Foundation designed to log security and performance information.

Changing the game on ransomware.

Thu, 06 Jan 2022 06:00:00 -0000

Guest Adam Flatley, Director of Threat Intelligence at Redacted, talks with Dave about "the only way to truly disrupt the ransomware problem is to target the actors themselves," Joe shares some statistics that will help you stay up-to-date on recent cybersecurity trends, Dave's story is about criminal indictments in a case of a Maryland company buying lead paint victims’ settlements for a fraction of their value, and our Catch of the Day comes from listener Brady about a slick mail campaign they received from "Amazon."

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

OWASP injection (noun) [Word Notes]

Tue, 04 Jan 2022 08:00:00 -0000

A broad class of attack vectors, where an attacker supplies input to an applications command interpreter that results in unanticipated functionality.

Identity "protection" and a pigeon drop. [Hacking Humans Goes to the Movies]

Thu, 30 Dec 2021 08:00:00 -0000

Thanks for joining us for Episode 5 of our fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Co-hosts Dave Bittner and Joe Carrigan are joined by Rick Howard in this series where they view clips from their favorite movies with examples of the social engineering scams and schemes you hear about on Hacking Humans. In this episode, Dave, Joe and Rick are watching Joe's and Dave's scene picks. They watch each of the selected scenes, describe the on-screen action for you, and then the team deconstructs what they saw. Grab your popcorn and join us for a trip to the movies.

Links to this episode's clips if you'd like to watch along:

Joe's clip from "Identity Thief"
Rick's pick from "The Flim-Flam Man"

Encore: zero trust (noun) [Word Notes]

Tue, 28 Dec 2021 08:00:00 -0000

The CyberWire: The 12 Days of Malware.

Sat, 25 Dec 2021 06:00:00 -0000

The 12 Days of Malware lyrics

On the first day of Christmas, my malware gave to me:

A keylogger logging my keys.

On the second day of Christmas, my malware gave to me:

2 Trojan Apps...

And a keylogger logging my keys.

On the third day of Christmas, my malware gave to me:

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the fourth day of Christmas, my malware gave to me:

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the fifth day of Christmas, my malware gave to me:

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the sixth day of Christmas, my malware gave to me:

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the seventh day of Christmas, my malware gave to me:

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the eighth day of Christmas, my malware gave to me:

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the ninth day of Christmas, my malware gave to me:

9 Rootkits rooting...

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the tenth day of Christmas, my malware gave to me:

10 Darknet markets...

9 Rootkits rooting...

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days! (Bah-dum-dum-dum!)

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the eleventh day of Christmas, my malware gave to me:

11 Phishers phishing...

10 Darknet markets...

9 Rootkits rooting...

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days! (Bah-dum-dum-dum!)

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the twelfth day of Christmas, my malware gave to me:

12 Hackers hacking...

11 Phishers phishing...

10 Darknet markets...

9 Rootkits rooting...

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

Hustling the hustler and three-card Monte. [Hacking Humans Goes to the Movies]

Fri, 24 Dec 2021 08:00:00 -0000

Thanks for joining us for Episode 4 of our fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Co-hosts Dave Bittner and Joe Carrigan are joined by Rick Howard in this series where they view clips from their favorite movies with examples of the social engineering scams and schemes you hear about on Hacking Humans. In this episode, Dave, Joe and Rick are watching Joe's and Rick's scene picks. They watch each of the selected scenes, describe the on-screen action for you, and then the team deconstructs what they saw. Grab your popcorn and join us for a trip to the movies.

Links to this episode's clips if you'd like to watch along:

Joe's clip from "The Fresh Prince Of Bel-Air: Pool Hall Hustle" scene
Rick's pick from "Lock, Stock and Two Smoking Barrels"

Even if a cause moves you, do your due diligence.

Thu, 23 Dec 2021 06:00:00 -0000

Guest Amaya Hadnagy, Media Support for the Social-Engineer, LLC, joins Dave to share information about charity scams, Dave shares a personal story about some safety triggers he recently put into place to help protect his elderly parents financial accounts from scams, Joe's story comes from a listener Alice about someone scamming female Indian news anchors about jobs in Harvard University's journalism department, and our Catch of the Day comes from an imposter of Navy Federal Credit Union via listener Chris.

Links to stories:

The Harvard Job Offer No One at Harvard Ever Heard Of

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Conmen come in many flavors, all motivated by greed. [Hacking Humans Goes to the Movies]

Wed, 22 Dec 2021 08:00:00 -0000

Thanks for joining us for our fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Co-hosts Dave Bittner and Joe Carrigan are joined by Rick Howard in this series where they view clips from their favorite movies with examples of the social engineering scams and schemes you hear about on Hacking Humans. In this episode, Dave, Joe and Rick are watching Dave's and Rick's scene picks. They watch each of the selected scenes, describe the on-screen action for you, and then the team deconstructs what they saw. Grab your popcorn and head to the movies with us.

Links to this episode's clips if you'd like to watch along:

Dave's clip from "Dirty Rotten Scoundrels"
Rick's pick from "The Sting"

OWASP cryptographic failures (noun) [Word Notes]

Tue, 21 Dec 2021 08:00:00 -0000

Code that fails to protect sensitive information.

The 3 M's: Minimize, monitor and manage.

Thu, 16 Dec 2021 06:00:00 -0000

Guest Adam Levin, security expert and podcast host of "What the Hack with Adam Levin," joins Dave to share advice and discuss some experiences shared on his podcast, Dave and Joe have some listener follow up from David with clarification on 2FA, Joe's story is about a job scam for positions at a video game company, Dave's got a story about how tools like Google and smartphones affect our memories and how we judge our own abilities, our Catch of the Day is from a listener named Chris with a fake email from Amazon about a TV his father "purchased," and how Chris had to intervene.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

account takeover prevention (noun) [Word Notes]

Tue, 14 Dec 2021 08:00:00 -0000

The prevention of the first part of an intrusion kill chain model exploitation technique, where the hacker steals valid logging credentials from a targeted victim.

Scams abound this time of year.

Thu, 09 Dec 2021 06:00:00 -0000

Guest Dave Senci of Mastercard's NuData Security talks about the security issues with remote access and coaching frauds, Dave's got a story about receiving a "Best Buy gift card" and USB mailing, Joe's story is from the Better Business Bureau about their "12 Scams of Christmas," and our Catch of the Day is from our listener Henry who received an email that appeals to one's faith.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

threat hunting (noun) [Word Notes]

Tue, 07 Dec 2021 08:00:00 -0000

The process of proactively searching through networks to detect and isolate security threats, rather than relying on security solutions or services to detect those threats.

Do you really want that device to be a connected device?

Thu, 02 Dec 2021 06:00:00 -0000

Guest Jay Radcliffe from Thermo Fisher Scientific shares his advice and security concerns with smart devices since the holiday gifting season is around the corner, Joe and Dave have some listener follow up about 2FA, Joe's got a story about the Robinhood breach, Dave's story is about numerous LinkedIn requests from HR specialists with GAN images (Generated Adversarial Network), and our Catch of the Day is from listener Michael who was just trying to sell his car and then he got a text message.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

vulnerability management (noun) [Word Notes]

Tue, 30 Nov 2021 08:00:00 -0000

The continuous practice of identifying classifying, prioritizing, remediating, and mitigating software vulnerabilities within this.

Misdirection and layering with a con in the middle. [Hacking Humans Goes to the Movies]

Thu, 25 Nov 2021 06:00:00 -0000

Thanks for joining us for our fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Co-hosts Dave Bittner and Joe Carrigan are joined by Rick Howard in this series where they view clips from their favorite movies with examples of the social engineering scams and schemes you hear about on Hacking Humans. In this episode, Dave, Joe and Rick are watching Joe's and Rick's scene picks. They watch each of the selected scenes, describe the on-screen action for you, and then the team deconstructs what they saw. Grab your popcorn and join us for a trip to the movies.

Links to this episode's clips if you'd like to watch along:

Joe's clip from "The Simpsons: Father and Son Grifting" episode
Rick's pick from "Paper Moon"

software bill of materials (SBOM) (noun) [Word Notes]

Tue, 23 Nov 2021 08:00:00 -0000

A formal record containing the details and supply chain relationships of various components used in building software.

A good amount of skepticism helps protect you online.

Thu, 18 Nov 2021 06:00:00 -0000

Guest Blake Hall, CEO and founder of a company called ID.me, discusses protecting your identity online, Dave and Joe have some follow up from listener Rafa on 2FA he uses, Dave has a story about bots that take advantage of 2FA to break into your payment accounts, Joe's story is about scams carried out through QR codes, and our COTD comes from listener Wyatt about an award-winning email from Warren Buffett.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

zero trust (noun) [Word Notes]

Tue, 16 Nov 2021 08:00:00 -0000

Let's go to the movies. [Hacking Humans Goes to the Movies]

Thu, 11 Nov 2021 06:00:00 -0000

Welcome to a fun new project by the team who brings you Hacking Humans, the CyberWire's social engineering podcast. Co-hosts Dave Bittner and Joe Carrigan are joined by Rick Howard in this series. They view clips from their favorite movies with examples of the social engineering scams and schemes you hear about on Hacking Humans. In this first episode, Dave, Joe and Rick are watching Dave's and Joe's picks. They watch each of the selected scenes, describe the on-screen action for you, and then the team deconstructs what they saw. Grab your popcorn and join us for a trip to the movies.

Links to movie clips if you'd like to watch along:

Dave's pick from "The Grifters"
Joe's clip from "Matchstick Men"

OT security (noun) [Word Notes]

Tue, 09 Nov 2021 08:00:00 -0000

Hardware and software designed to detect and prevent cyber adversary campaigns that target industrial operations.

Cybersecurity awareness should be a year-round activity.

Thu, 04 Nov 2021 05:00:00 -0000

Guest Dr. Jessica Barker from Cygenta talks with UK correspondent Carole Theriault about how every month should be cyber awareness month, Joe has a story about password spraying (kind of like a credential stuffing attack), Dave's story is about scams carried out through QR codes, and our COTD comes from listener Wyatt about an award-winning email from Warren Buffett.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

cybersecurity skills gap (noun) [Word Notes]

Tue, 02 Nov 2021 07:00:00 -0000

The difference between organizational employee job requirements and the available skillsets in the potential employee pool.

The Malware Mash!

Fri, 29 Oct 2021 05:00:00 -0000

Good grammar is essential for business email compromise.

Thu, 28 Oct 2021 05:00:00 -0000

Guest Brandon Hoffman from Intel 471 is back sharing some research on business email compromise, Dave's got a story on buying collectable sneakers and how bots make that really hard to do, Joe has two stories with different spins on romance scams: one notes they are the most prevalent scams targeting older adults; and the second is about a group of Nigerian men preying on women through money scams, and our Catch of the Day comes from reddit user steev p (Steve P) about a benefit scam from an impersonated Facebook friend.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

digital transformation (noun) [Word Notes]

Tue, 26 Oct 2021 05:00:00 -0000

The use of technology to radically improve the performance or reach of the business.

Joekens, Bittnercoins, and the serious impacts of spam analysis.

Thu, 21 Oct 2021 05:00:00 -0000

UK Correspondent Carole Theriault returns with an interview with Paul, a spam analyst, Dave and Joe have some follow-up, Joe revisits NFTs with rug pull scams, Dave's story is about phishers using a symbol in place of the Verizon logo, and our Catch of the Day comes from listener Rafael in Spain about a Steam account takeover scam attempt his son experienced on Discord.

Links to stories:

Phishers Get Clever, Use Math Symbols for Verizon Logo

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

bulletproof hosting (noun) [Word Notes]

Tue, 19 Oct 2021 07:00:00 -0000

Cloud services intended for cyber criminals and other bad actors designed to obstruct law enforcement and other kinds of government investigations, and to provide some protection against competitors.

Physical pen testing: You've got to be able to think on your feet.

Thu, 14 Oct 2021 05:00:00 -0000

Guest Marina Ciavatta CEO at Hekate talks with Dave about some of her social engineering and pen testing experiences, Dave's got a story is about getting your family to use a password manager, Joe's story is about NFTs (non-fungible tokens) and scams that have arisen around them, and our Catch of the Day is from listener William and it turns out Dave is in trouble with the IRS again on this one.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

endpoint security (noun) [Word Notes]

Tue, 12 Oct 2021 07:00:00 -0000

The practice of securing a device that connects to a network in order to facilitate communication with other devices on the same or different networks.

Measuring security awareness proactively.

Thu, 07 Oct 2021 05:00:00 -0000

Guest Zach Schuler of NINJIO joins Dave to discuss measuring the effectiveness of awareness training, Joe's got a story about a school nurse who was scammed with a "Bank of America" Zelle transaction, Dave's story is about a phone scam a therapist received from a local "Sheriff's office," and our Catch of the Day is from Hacking Humans Senior producer Jennifer Eiben about some pricey potatoes and chocolate chip cookies she "ordered."

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Executive Order on Improving the Nation's Cybersecurity (noun) [Word Notes]

Tue, 05 Oct 2021 07:00:00 -0000

Capture the Flag, Black Badges and social engineering tricks.

Thu, 30 Sep 2021 05:00:00 -0000

Guest Chris Kirsch, DefCon 25 Social Engineering Capture The Flag winner and Co-Founder and Chief Executive Officer at Rumble, talks with our UK Correspondent Carole Theriault about his experience at the event, Dave's story is about scammers bypassing social engineering and going directly to pitch employees to install ransomware, Joe's got a story about travel scams he came across while planning a recent trip, our Catch of the Day comes from Reddit about some text messages which cause emotions to flare.

Links to stories:

Catch of the Day links:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

lateral movement (noun) [Word Notes]

Tue, 28 Sep 2021 07:00:00 -0000

They won't ask for sensitive information over the phone.

Thu, 23 Sep 2021 05:00:00 -0000

Guest Alex Hinchliffe, Threat Intelligence Analyst from Unit 42 at Palo Alto Networks joins Dave to talk about some of his team's ransomware research, Joe's story is about a new jury duty scam that is out there (hint, they will not call you on the phone), Dave's got a story about Microsoft rolling out passwordless login options, our Catch of the Day comes from a listener named Lucio who shared several social engineering ploys with us.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

common vulnerabilities and exposures (CVE) (noun) [Word Notes]

Tue, 21 Sep 2021 07:00:00 -0000

A public list sponsored by the US government and designed to uniquely identify, without the need to manually cross- reference, all the known software vulnerabilities in the world.

Sometimes, deepfake victims don't want to be convinced it is fake.

Thu, 16 Sep 2021 05:00:00 -0000

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

dead-box forensics (noun) [Word Notes]

Tue, 14 Sep 2021 07:00:00 -0000

A forensic technique where practitioners capture an entire image of a system and analyze the contents offline.

Collaboration platforms are a gateway for ransomware attacks.

Thu, 09 Sep 2021 05:00:00 -0000

Guest Gil Friedrich from Avanan joins Dave to discuss how collaboration platforms, like Microsoft Teams, Slack and others, opened up a new gateway to ransomware attacks, Joe's story comes from listener Matt shared as a COTD candidate that's a phishing scam, Dave's got a story about China and Russia trying to turn your employees into spies, and our Catch of the Day comes from a listener named Iain with a timely story "from" Afghanistan.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Note: Microsoft is a sponsor of the CyberWire, however, we cover them as we would any other company.

cybersecurity maturity model certification (CMMC) (noun) [Word Notes]

Tue, 07 Sep 2021 07:00:00 -0000

Don't blindly test your colleagues.

Thu, 02 Sep 2021 05:00:00 -0000

Guest Javvad Malik from KnowBe4 shares his thoughts on bad security training with the CyberWire's UK correspondent Carole Theriault, Dave's story is about deepfake technology being used for business cases, Joe's gives a synopsis of Proofpoint's most recent State of the Phish report, our very first Catch of the Day about Discord comes from a listener named Henning.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

incident response (noun) [Word Notes]

Tue, 31 Aug 2021 07:00:00 -0000

A collection of people, process, and technology that provides an organization the ability to detect and respond to cyber attacks.

Companies don't want their customers to be victims of fraud.

Thu, 26 Aug 2021 05:00:00 -0000

Guest Brandon Hoffman from Intel 471 joins Dave to talk about how cybercriminals are going after large retail and hospitality companies, Joe shares some advice for college students to avoid scams and ID theft, Dave got an edit to the tale of the lightning rod, our Catch of the Day comes from listener Shannon who received a beneficiary scam email.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

script kiddies (noun) [Word Notes]

Tue, 24 Aug 2021 07:00:00 -0000

Cybercriminals who lack the expertise to write their own programs use existing scripts, code, or tools authored by other more skilled hackers.

Effective cybersecurity training has to be meaningful to employees.

Thu, 19 Aug 2021 05:00:00 -0000

Guest Jann Yogman, entertainment industry veteran and writer of Mimecast Awareness Training, joins Dave to share his thoughts on the ransomware epidemic and the cybersecurity awareness training problem, Joe's got a story about scams targeting families eligible for the IRS' child tax credit, Dave's story is about scams and fraud experienced by US military veterans, personnel, and their families, our Catch of the Day comes from listener Sawyer Dicky on Reddit who insists he's not the right guy.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

sandbox (noun) [Word Notes]

Tue, 17 Aug 2021 07:00:00 -0000

The attackers keep coming every single day.

Thu, 12 Aug 2021 05:00:00 -0000

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

security orchestration, automation, and response (SOAR) (noun) [Word Notes]

Tue, 10 Aug 2021 07:00:00 -0000

Acceleration of our digital lives and impacts on cybercrime.

Thu, 05 Aug 2021 05:00:00 -0000

Guest Darren Shou, Chief Technology Officer of NortonLifeLock, shares insight on some of the scams he and his colleagues have been tracking, Joe and Dave share some follow up from listener Robert about free learning resources, Joe's story comes from listener Sedric who is new to real estate Investing and was looking for a hard money loan, rather than a story, Dave continues the conversation on passwords and multi-factor authentication with comments from listener Coinsigliere, and our Catch of the Day, well "catches" of the day since we have two, include one from Pryce on a smishing scam and the second from Ronald with a subscription email scam..

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

personally identifiable information (PII) (noun) [Word Notes]

Tue, 03 Aug 2021 07:00:00 -0000

A term of legal art that defines the types of data and circumstances that permits a third party to directly or indirectly identify an individual with collected data.

What are our devices doing to our compassion?

Thu, 29 Jul 2021 05:00:00 -0000

Guest Dr. Charles Chaffin, author of the book "Numb: How the Information Age Dulls Our Senses and How We Can Get them Back," joins Dave this week, we have some listener follow up from John with a tip on ATM security, Dave's got a two-fer this week including a useful site called www.shouldiclick.org and a Twitter report on multi-factor authentication thanks Rachel Tobac for calling our attention to it, Joe's story is from Microsoft on trends in tech support scams, and our Catch of the Day is from a listener on Twitter called @DoNoEvilMan about a payout from the Federal Reserve via the FBI.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

secure access service edge (SASE) (noun) [Word Notes]

Tue, 27 Jul 2021 07:00:00 -0000

It's ok to be trusting, just be careful.

Thu, 22 Jul 2021 05:00:00 -0000

Guest Gil Friedrich from Avanan joins Dave to talk about how bad actors are infiltrating organizations using collaboration apps, we have two pieces of listener follow up from Michael and Tobias, Joe has a story about fake information, Dave's story is about message spam on LinkedIn, and our Catch of the Day is from a listener named Lucio with a questionable Reddit communication.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

red teaming (noun) [Word Notes]

Tue, 20 Jul 2021 07:00:00 -0000

The practice of emulating known adversary behavior against an organization's actual defensive posture.

Threat actors changing ransomware tactics.

Thu, 15 Jul 2021 05:00:00 -0000

Guest Kurtis Minder from GroupSense joins Dave to discuss divergent ransomware trends, the guys have a listener reminder about it being CompTIA, Joe, Dave has a story about a coupon scam in the Houston area, Joe's story is about a real estate rental scam and a scammer who likes to talk about his work, and our Catch of the Day is from a listener named Craig with an email about an unprofessional colleague and a questionable attachment.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

next generation firewall (noun) [Word Notes]

Tue, 13 Jul 2021 07:00:00 -0000

Introducing 8th Layer Insights: Deceptionology 101: Introduction to the Dark Arts

Sun, 11 Jul 2021 07:00:00 -0000

Have you ever noticed how fundamental deception is to the human condition? Deception and forms of social engineering have been with us since the beginning of recorded history. And yet, it seems like we are just as vulnerable to it as ever. But now the stakes are higher because technology allows social engineers to deceive at scale.

This episode explores the psychology of deception, provides a foundation for understanding social engineering, offers a few mental models for exploration and exploitation, and discusses how we can prepare our mental defenses.

Guests:

Rachael Tobac: (LinkedIn), CEO of SocialProof Security
Chris Hadnagy: (LinkedIn); CEO of Social Engineer, LLC; Founder of Innocent Lives Foundation; Founder of Social-Engineer.org
Lisa Forte: (LinkedIn); Partner at Red Goat Cyber Security; Co-Founder Cyber Volunteers 19
George Finney: (LinkedIn); Chief Security Officer at Southern Methodist University; Founder of Well Aware Security

Notes & Resources:

CSO Online article on Social Engineering
OODA Loop
Understanding Framing Effects
More examples of Framing Effects
Harvard Business Review article on the Principles of Persuasion
A blog series I did on Deception (Part 1), (Part 2).
PsychologyToday article on Social Engineering

Recommended Books (Amazon affiliate links):

The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
Ghost in the Wires: My Adventures as the World's Most Wanted Hacker by Kevin Mitnick
Human Hacking: Win Friends, Influence People, and Leave Them Better Off for Having Met You by Chris Hadnagy
Influence, New and Expanded: The Psychology of Persuasion by Robert Cialdini
Pre-Suasion: A Revolutionary Way to Influence and Persuade by Robert Cialdini
Practical Social Engineering: A Primer for the Ethical Hacker by Joe Gray
Social Engineering: The Science of Human Hacking by Chris Hadnagy
Thinking, Fast and Slow by Daniel Kahneman.
Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors by Perry Carpenter
Well Aware: Master the Nine Cybersecurity Habits to Protect Your Future by George Finney

Music and Sound Effects by Blue Dot Sessions & Storyblocks.

Artwork by Chris Machowski.

Collaboration, data portability, and employee mobility fuel insider risk.

Thu, 08 Jul 2021 05:00:00 -0000

Guest Joe Payne of Code 42 joins Dave to discuss insider risks Joe has a story about Frank Abagnale who's conned everyone one way or another, Dave's story is about a real estate scam conning a single mother of her life savings, and our Catch of the Day is from listener Michael with an "Extremely Urgent Attention Required" email.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

fast flux (noun) [Word Notes]

Tue, 06 Jul 2021 07:00:00 -0000

An inside view on North Korean cybercrime.

Thu, 01 Jul 2021 05:00:00 -0000

The CyberWire's UK correspondent Carole Theriault returns to share an interview with Geoff White, reporter from the BBC and co-host of the Lazarus Heist podcast, Joe has some listener follow-up from Mike looking for advice on certifications for getting into cybersecurity, Dave's story is from Brian Krebs about catching an ATM shimmer gang, Joe's got a piece from MalwareBytes Labs about phishing for Bitcoin recovery codes, and our Catch of the Day is from listener Rohit with a pretty genuine-looking snail mail scam.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

encryption (noun) [Word Notes]

Tue, 29 Jun 2021 07:00:00 -0000

The process of converting plain text into an unrecognizable form or secret code to hide its true meaning.

Bad password hygiene jeopardizes streaming services.

Thu, 24 Jun 2021 05:00:00 -0000

Guest Matthew Gracey-McMinn joins us from Netacea to speak with Dave about security issues with streaming services, Joe shares some follow-up from listener Jason about a bracelet sale mentioned a few episodes ago, Joe's story is from UMBC about AI-generated fake news reports, Dave's got a story about a replacement scam for a hardware wallet used for storing cryptocurrency, and our Catch of the Day comes from a listener called R about a vishing scam for DirectTV.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

keylogger (noun) [Word Notes]

Tue, 22 Jun 2021 07:00:00 -0000

Software or hardware that records the computer keys pressed by a user.

Answering a job ad from a ransomware gang.

Thu, 17 Jun 2021 05:00:00 -0000

Guest Mantas Sasnauskas from CyberNews joins Dave to talk about how he and his colleagues applied for a job with a ransomware gang, Joe and Dave reply to a listener named Christopher about certifications, Dave's story is about credential stuffing with payroll companies for $800,000,Joe shares a story about lewd phishing lures sent to people's email accounts, and our Catch of the Day is from from a listener named Stof who says, he “received this call just now, never heard one this convincing, nearly got me too!"

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

non-fungible tokens (NFT) (noun) [Word Notes]

Tue, 15 Jun 2021 07:00:00 -0000

Digital assets that are cryptographically protected on a blockchain and contain unique identification codes and metadata that makes them one of a kind.

Pandemic taxes: later due dates afford more time for scams.

Thu, 10 Jun 2021 05:00:00 -0000

Guest Robert Capps of NuData Security joins Dave to discuss what businesses can do to bolster their protection against tax fraud, Joe and Dave have some follow-up from 2 episodes ago when they discussed a BazarLoader scam: Wired has a recent article with a twist about a totally fake streaming site called BravoMovies, Joe shares a story from a listener Jason about a friend of his who was targeted by a scammer on Facebook Marketplace, Dave's story is about scammers demanding ransom from families who report missing persons on social media, and our Catch of the Day is from Reddit on a Tron cryptocurrency scam.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

multi-factor authentication (noun) [Word Notes]

Tue, 08 Jun 2021 07:00:00 -0000

The use of two or more verification methods to gain access to an account.

The fight in the dog.

Thu, 03 Jun 2021 05:00:00 -0000

Guests Jan Kallberg and Col Stephen Hamilton of Army Cyber Institute at West Point join Dave to talk about cognitive force protection, Joe and Dave have some follow-up from a listener named Obada about Apple only allowing 2FA through SMS, Dave shares a story about Google's plan to require MFA for all users, Joe's story is about a couple who had their Fidelity retirement account defrauded to the tune of $40,000, and our Catch of the Day is from a listener named Doal about becoming named the beneficiary of a similarly-named deceased person.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

machine learning (noun) [Word Notes]

Tue, 01 Jun 2021 07:00:00 -0000

A programming technique where the developer doesn't specify each step of the algorithm in code, but instead teaches the algorithm to learn from the experience.

Hacking people vs. hacking technologies to get into companies.

Thu, 27 May 2021 05:00:00 -0000

Guest Tim Sadler from Tessian on how oversharing on social media and in OOO messages can open the door for hackers, Joe shares a story about vishing emails from "Amazon" that had spam confidence levels of 1, Dave's story is about an elaborate BazarLoader campaign counting on a lot of human interaction, and our Catch of the Day is from a listener named Scott about a phishing fax, that's right, we said fax.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

intelligence (noun) [Word Notes]

Tue, 25 May 2021 07:00:00 -0000

The process of turning raw information into intelligence products that leaders use to make decisions with.

Whaling attacks are more targeted than phishing or spearphishing.

Thu, 20 May 2021 05:00:00 -0000

Guest Kev Breen from Immersive Labs joins Dave to talk about how to address whaling attacks, Dave shares a discussion he had with. a colleague about password managers and elderly parents and Joe weighs in, Dave's story is about a smishing Trojan impersonating a Chrome app, Joe has a story about URL redirection making more effective phishing attacks, and our Catch of the Day is from a listener named Vaughn about a snail mail fraud scheme that references a website.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Introducing 8th Layer Insights [Trailer]

Wed, 19 May 2021 06:00:00 -0000

Coming May 25, 2021. Get ready for a deep dive into what cybersecurity professionals often refer to as the "8th Layer" of security: HUMANS. This podcast is a multidisciplinary exploration into how the complexities of human nature affect security, risk, and life. Author, security researcher, and behavior science enthusiast Perry Carpenter taps experts for their insights and illumination. Topics include cybersecurity, psychology, behavior science, communication, leadership, and more.

SaaS (noun) [Word Notes]

Tue, 18 May 2021 07:00:00 -0000

How to best fight fake news.

Thu, 13 May 2021 05:00:00 -0000

Guest Helen Lee Bouygues of the Reboot Foundation joins Dave to talk about social media’s effect within the misinformation ecosystem and how users can best fight fake news, Dave and Joe share some follow-up from listener Jonathan on two-factor authentication, Joe's story is about an employee in Scotland sued for making payments based on phishing emails, Dave has a story about fake order confirmation phishing messages prompting us to call rather than click, our Catch of the Day comes from a listener named Wyatt who received a phishing email from some fellow jackpot winners.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

decryption (noun) [Word Notes]

Tue, 11 May 2021 05:00:00 -0000

A process of converting encrypted data into something that a human or computer can understand.

Digital identities are at the core of recent breaches.

Thu, 06 May 2021 05:00:00 -0000

Our UK correspondent Carole Theriault returns to share her interview with Julie Smith from the Security Alliance and Kelvin Coleman from National Cyber Security Alliance about Identity Management Day, Dave's story is about how Pixar uses colors to hack our moods and minds to see colors we've never seen before, Joe has a story about ways malicious actors can break into accounts with multi-factor authentication enabled, our Catch of the Day comes from a listener named Brett who works in a PC repair shop and "HackerDont'comebacker" software.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

brute-force attack (noun) [Word Notes]

Tue, 04 May 2021 07:00:00 -0000

A cryptographic hack that relies on guessing all possible letter combinations of a targeted password until the correct codeword is discovered.

Anyone can be a target of romance scams.

Thu, 29 Apr 2021 05:00:00 -0000

Guest Stacey Nash, Head of Fraud and Central Operations at USAA, joins Dave to discuss romance or sweetheart scams, Joe and Dave share some listener follow-up, Joe's got a story about emails sent to British awards organizers asking them to transfer prize money to a PayPal account, Dave's story is about a Rolling Stones tribute band targeted in a bogus check racket, and our Catch of the Day comes from a listener named Konstantin about a fake tax refund.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

denial-of-service attack (noun) [Word Notes]

Tue, 27 Apr 2021 07:00:00 -0000

A cyber attack designed to impair or eliminate access to online services or data.

Make systems to mitigate the mistakes.

Thu, 22 Apr 2021 05:00:00 -0000

Guest Margaret Cunningham from Forcepoint talks with Dave about cognitive biases that lead to reasoning errors in cybersecurity, Joe shares some follow-up from a listener named Alex about the Alexa phone call Joe mentioned a few episodes back, Dave shares a note from listener Brandon about finding similar DNS names (check out https://dnstwister.report/), Dave's story is about dark patterns to get you to do something on a website, Joe shares a story phishing emails and defenses against them, and our Catch of the Day comes from a listener named Big Mike about an old time radio podcast he heard recently with great examples of social engineering.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

cold boot attack (noun) [Word Notes]

Tue, 20 Apr 2021 07:00:00 -0000

Being aware can go a long way to prevent attacks.

Thu, 15 Apr 2021 05:00:00 -0000

Guest Herb Stapleton, the FBI’s cyber division sector chief, joins Dave to talk about the FBI's Internet Crime Complaint Center (IC3) annual report and its findings, Joe's story is about an ongoing IRS impersonation scam targeting educational organizations, Dave shares a story from the BBC about people using their pets names as passwords (tell us that hasn't crossed your mind or your keyboard before), and our Catch of the Day comes from the Land Down Under via Gareth and Kingsley. COTD note: Just to be clear their jurisdiction is a single party consent jurisdiction.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

cloud computing (noun) [Word Notes]

Tue, 13 Apr 2021 07:00:00 -0000

On-demand pay-as-you-go Internet delivered compute, storage, infrastructure, and security services that are partially managed by the cloud provider and partially managed by the customer.

Finding targets of opportunity.

Thu, 08 Apr 2021 05:00:00 -0000

Guest Peter Warmka, founder of the Counterintelligence Institute, joins Dave to talk about how insider targets are chosen and assessed, Joe shares a weird phone call he received, Dave's story from a Twitter use named Jake on flower shop scams, Joe has a story about student loan forgiveness scams, and our Catch of the Day comes from a listener named Andrew about a pricey software subscription renewal scam.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

APT (noun) [Word Notes]

Tue, 06 Apr 2021 07:00:00 -0000

The pandemic is slowing, time to travel?

Thu, 01 Apr 2021 05:00:00 -0000

Guest Fleming Shi of Barracuda joins Dave to talk about about travel-related phishing attacks now that vaccines are more readily available, Dave and Joe share listener advice about preventative email blocking, Joe shares a story about romance scams by someone that includes fake W2s and other documents in the process, Dave's got a story about a phone scammer posing as McDonald's CEO, and our Catch of the Day is from a listener named Tarik with an email about his reported death. Tarik awards this email the Unlikely Phishing Hook of the Year Award presented by the Institute of Questionable Intentions.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

backdoor (noun) [Word Notes]

Tue, 30 Mar 2021 07:00:00 -0000

An undocumented or publicly unknown method to access a computer system undetected or to break a cypher used to encode messages.

Technology is not designed for older users.

Thu, 25 Mar 2021 05:00:00 -0000

Guest Ming Yang of Orchard joins Dave to talk about ways to help your parents with technology (aka providing tech support for our parents). Dave shares the FBI's advisory warning of an expected increase in the use of deepfakes for social engineering attacks, Joe's got a story about phantom debts, and our Catch of the Day is from a listener named Anthony about an email from federalcrimeofinvestigation@gmail.com. Hmmm...seems legit.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

watering hole attack (noun) {Word Notes]

Tue, 23 Mar 2021 07:00:00 -0000

From the intrusion kill chain model, a technique where the hacker compromises sites commonly visited by members of a targeted community in order to deliver a malicious payload to the intended victim.

Ideally, look for someone open to deception.

Thu, 18 Mar 2021 05:00:00 -0000

Guest professional magician Brandon Williams talks with Joe about the art of deception. we have some follow-up on a watering hole attack we discussed a few episodes back, Joe's story is about the Attorney General of Vermont's top scams of 2020 report (no surprise #1 was SSN phishing), Dave's got a story about the level of sophistication of cybercriminals (hint: not all are that sophisticated), and our Catch of the Day is from a listener named Jo about a well-written request for donation.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

network telescope (noun) [Word Notes]

Tue, 16 Mar 2021 07:00:00 -0000

Network observation systems designed to monitor globally unreachable but unused Internet address space or the Deep Web in order to study a wide range of interesting Internet phenomena.

Insider threats and security concerns for APIs.

Thu, 11 Mar 2021 06:00:00 -0000

Guest Inon Shkedy, security researcher at Traceable and API project leader at OWASP Foundation, talks with Dave about the risks various types of insider threats pose to APIs, we have some follow-up from a listener closing on their home, Dave's story is about a new wave of scams saying they are from the Social Security Administration, Joe's got Deepfakes of Tom Cruise (thanks to Rachel Tobac for this one), and our Catch of the Day is from a listener named John's son and a job interview scam he experienced.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

SOC Triad (noun) [Word Notes]

Tue, 09 Mar 2021 08:00:00 -0000

A best practice for framing cyber intelligence critical information requirements that recommends collecting and consolidating data from three specific sources: endpoint, network and log.

Fraud activity within secure messaging apps in plain sight.

Thu, 04 Mar 2021 06:00:00 -0000

Guest Brittany Allen of Sift joins Dave to talk about a new fraud ring on Telegram where bad actors leverage the app to steal from on-demand food delivery services, Joe's story involves two of the five parts of URLs in phishing attacks, Dave's got a story about a malvertising group called "ScamClub," and our Catch of the Day is from a listener named John about a letter he received in the mail from "TD Trust Bank" about an inheritance opportunity.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

supply chain attacks (noun) [Word Notes]

Tue, 02 Mar 2021 08:00:00 -0000

How likely are online users to reveal private information?

Thu, 25 Feb 2021 06:00:00 -0000

Guest Professor Lior Fink from Ben Gurion University shares insights from their study on "How We Can Be Manipulated Into Sharing Private Information Online," Dave's story is some good news about a Nigerian man sentenced for phishing the US heavy equipment company Caterpillar, Joe has a story with bad news about a sextortion email scam with a fake Zoom zero day component, and our Catch of the Day is a compelling phishing email a listener named Michael recently received.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

taint analysis (noun) [Word Notes]

Tue, 23 Feb 2021 08:00:00 -0000

The process of software engineers checking the flow of user input in application code to determine if unanticipated input can affect program execution in malicious ways.

Including your passwords in your final arrangements.

Thu, 18 Feb 2021 06:00:00 -0000

Guest Sara Teare who is known as 1Password's Minister of Magic talks with Dave about things that people don't consider like custody of the digital keys to your stuff online, Dave and Joe share some listener feedback from Jonathan about replacing outdated equipment (aka an old phone), Joe's story is about ongoing campaign targeting security researchers working on vulnerability research and development at different companies and organizations, Dave's story has a holiday theme: emails pretending to confirm orders from lingerie and flower shops that are actually spreading malware, and our Catch of the Day is from a listener named Kristian and it's a "legitimate deal" from Colonel Gaddafi's daughter.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

ATM skimming (noun) [Word Notes]

Tue, 16 Feb 2021 08:00:00 -0000

The process of stealing ATM customer credentials by means of physically and covertly installing one or more devices onto a public ATM machine.

In the disinformation and misinformation crosshairs.

Thu, 11 Feb 2021 06:00:00 -0000

Carole Theriault returns with a discussion on disinformation with guest, BBC host, podcaster and author Tim Harford, Dave's got a story about Covid vaccine phishing campaigns, Joe's story talks about data breaches that have increased 50% year over year since 2018, and our Catch of the Day is from a listener named John his wife saw on Facebook who translated it from Lithuanian.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

APT side hustle (noun) [Word Notes]

Tue, 09 Feb 2021 08:00:00 -0000

A nation-state hacking group’s practice of funding its town activities through cybercrime or cyber mercenary work.

Understanding human behavior is a key to security.

Thu, 04 Feb 2021 06:00:00 -0000

Guest Nico Popp of Forcepoint joins Dave to discuss why understanding human behavior is a major key to security, Dave & Joe discuss some listener follow-up about a Craigslist posting, Joe's story is about a scam website that is promising refunds to consumers all over the world, Dave shares a story about scam calls coming from call centers in India, and our Catch of the Day is from a listener about an email from former first lady Melania Trump.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

endpoint (noun) [Word Notes}

Tue, 02 Feb 2021 08:00:00 -0000

A device connected to a network that accepts communications from other endpoints like laptops, mobile devices, IoT equipment, routers, switches, and any tool on the security stack.

Covid has shifted the way we deal with money and increased fraud.

Thu, 28 Jan 2021 06:00:00 -0000

Guest Eric Solis of MOVO Cash talks with Dave about the increase of fraud attacks on consumers and businesses by not having a body of regulations for digital payments, Dave's story is about his recent pillow purchase prompting him to do online reviews for an extra bonus, Joe shares some details from Verizon's Cyber-Espionage report, and our Catch of the Day is a letter from a listener named Jim who had a bad eBay transaction.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

unified extensible firmware interface (UEFI) (noun) [Word Notes]

Tue, 26 Jan 2021 08:00:00 -0000

An extension of the traditional Basic Input/Output System or BIOS that, during the boot process, facilitates the communication between the computer’s firmware and the computer’s operating system.

Targeted phishing campaigns and lottery scams abound.

Thu, 21 Jan 2021 06:00:00 -0000

Guest Arjun Sambamoorthy of Armorblox talks with Dave about five targeted phishing campaigns that weaponize various Google services during their attack flow, Joe's story is about the MegaMillions jackpot that is approaching epic proportions and attracting the attention of scammers, Dave's story comes from a listener over on the Grumpy Old Geeks podcast about a Venmo incident, and our Catch of the Day comes from Joe's son who received an email from the FBI.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Daemon (noun) [Word Notes]

Tue, 19 Jan 2021 08:00:00 -0000

An operating system program running in the background designed to perform a specific task when certain conditions or events occur.

As B2C interactions shift online, call centers become new fraud vector.

Thu, 14 Jan 2021 06:00:00 -0000

Guest Umesh Sachdev of Uniphore talks with Dave about how call centers are becoming the new fraud vector, Dave's story involves an email that has a Trump scandal .jar file attached that's really a RAT, Joe has a story about hackers spoofing a victim's phone number making emergency calls where the police respond to the victim's home with force, he also talks about credential stuffing for swatting a video doorbell, and our Catch of the Day comes from a listener Christian who received an email with a lazy trunk box scam.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

greyware (noun) [Word Notes]

Tue, 12 Jan 2021 08:00:00 -0000

Combating growing online financial fraud.

Thu, 07 Jan 2021 06:00:00 -0000

Dave switches gears and shares a story from the National Law Review with a social engineering spin to it about a theft exclusion in a title company's errors and omissions policy, Joe shares a story from Facebook taking action against hacking groups, The Catch of the Day comes Joe himself with a connection request he received on LinkedIn, and later in the show, Dave's conversation with Carey O’Connor Kolaja from AU10TIX on fraud in the financial services and payment industry, and how organizations are using emerging technical solutions to help combat it.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Unix (noun) [Word Notes]

Tue, 05 Jan 2021 08:00:00 -0000

A family of multitasking, multi-user computer operating systems that derive from the original Unix system built by Ken Thompson and Dennis Ritchie in the 1960s.

fuzzing (noun) [Word Notes]

Tue, 05 Jan 2021 08:00:00 -0000

An automatic software bug and vulnerability discovery technique that input's invalid, unexpected and/or random data or fuzz into a program and then monitors the program's reaction to it.

Encore: Don't go looking for morality here. [Hacking Humans]

Thu, 31 Dec 2020 06:00:00 -0000

Dave has a story of an investment scam featuring celebrities, Joe warns of scams surrounding the Coronavirus, the Catch of the Day features Joe's son-in-law's adventure with thousands of bot infiltrations, and later in the show, Dave's extended interview with magicians and entertainers Penn and Teller at RSAC 2020 in San Francisco.

Links to stories:

Revealed: fake 'traders' allegedly prey on victims in global investment scam

Coronavirus: Scammers follow the headlines

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

deep packet inspection (DPI) (noun) [Word Notes]

Tue, 29 Dec 2020 08:00:00 -0000

A network monitoring and filtering technique that examines both the header information and the payload of every packet traversing a network access point.

Encore: Separating fools from money. [Hacking Humans]

Thu, 24 Dec 2020 06:00:00 -0000

Dave shares a story of airport penetration testing with high degree of yuck-factor. Joe explores research on protecting passwords from social engineering. The catch-of-the-day comes courtesy of Graham Cluley's email spam box. Dave interviews Wired's Security Staff Writer Lily Hay Newman on her article tracking Nigerian email scammers.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

rootkit (noun) [Word Notes]

Tue, 22 Dec 2020 08:00:00 -0000

A clandestine set of applications designed to give hackers access and control over a target device.

tactics, techniques and procedures (TTPs) (noun) [Word Notes]

Tue, 22 Dec 2020 08:00:00 -0000

A set of behaviors that precisely describes a cyber adversary attack campaign.

Phishing lures that may be in your inbox soon, and how to deal "left of bang."

Thu, 17 Dec 2020 06:00:00 -0000

Joe talks about phishing lures with holiday packages, current events, and things he expects to see in your inbox soon, Dave's shares a blog post on how to troll a Nigerian prince, The Catch of the Day comes from a listener named Christian who received an email from an ill churchgoer that tests US knowledge of geography, and later in the show, Carole Theriault returns with a conversation with Rebecca McKeown, an independent Chartered Psychologist, with experience researching and evaluating learning and development across the Ministry of Defence. She is studying the psychology of cyber response.

Links to stories:

How to Troll a Nigerian Prince

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

identity theft (noun) [Word Notes]

Tue, 15 Dec 2020 08:00:00 -0000

In this case Identity is the set of credentials, usually electronic that vouch for who you are and theft is to steal. The theft of a person's identity for purposes of fraud.

The landscape has shifted for holiday shopping to online.

Thu, 10 Dec 2020 06:00:00 -0000

Joe provides some listener feedback on allowing site notifications, Dave shares good news in his story about taking down money mules, Joe's got not as good news about a phishing campaign targeting the COVID-19 vaccine cold chain, The Catch of the Day comes from a listener named Virginia who received a phishing email impersonating a bank, and later in the show, Dave's conversation with Neal Dennis from Cyware on the cybersecurity concerns and pitfalls customers need to look out for and why ecommerce has become a goldmine for hackers.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Virtual Private Network (VPN) (noun) [Word Notes}

Tue, 08 Dec 2020 08:00:00 -0000

A software, hardware or hybrid encryption layer between two devices on the network that makes the traffic between the sites opaque to the other devices on the same network.

cyber threat intelligence (CTI) (noun) [Word Notes]

Tue, 08 Dec 2020 08:00:00 -0000

Information used by leadership to make decisions regarding the cybersecurity posture of their organization.

Going behind the scenes and preventing social engineering in financial institutions.

Thu, 03 Dec 2020 06:00:00 -0000

Joe has a story about fake websites with advanced profiling tools and malicious software by OceanLotus, Dave's story is about sites that ask if it's ok to send you notifications, The Catch of the Day comes from a listener named William who received a phishing email from the boss, and later in the show, Dave's conversation with Mike Slaugh from USAA on his predictions for 2021 and best practices for organizations to protect themselves and consumers, including creating better means of identity verification.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Network Time Protocol (NTP) attack (noun) [Word Notes]

Tue, 01 Dec 2020 08:00:00 -0000

smishing (SMS phishing) (noun) [Word Notes]

Tue, 01 Dec 2020 08:00:00 -0000

Encore: Wearing a mask in the Oval Office and the art of deception.

Thu, 26 Nov 2020 06:00:00 -0000

Joe shares his Classic Cons Part 3, Dave has an Apple device scam story, The Catch of the Day is your assassination heads-up, and later in the show our interview with Jonna Mendez, retired CIA intelligence officer and former Chief of Disguise.

Link to story:

Twitter

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

port mirroring (noun) [Word Notes]

Tue, 24 Nov 2020 08:00:00 -0000

The public's expectations are changing.

Thu, 19 Nov 2020 06:00:00 -0000

Dave has a story about the security risks of your outbound email, Joe's story is about a fake company, Ecapitalloans, using fake BBB affiliation, The Catch of the Day comes from a listener named Max with a new work phone with curious activity from previous number owner, and later in the show, Dave's conversation with Bill Coletti, crisis communications and reputation management expert at Kith, and author of the book Critical Moments: A New Mindset for Reputation Management.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

shadow IT (noun) {Word Notes]

Tue, 17 Nov 2020 08:00:00 -0000

Network Detection and Response (NDR) (noun) [Word Notes]

Tue, 17 Nov 2020 08:00:00 -0000

Ransomware: Statistically, it's likely to happen to anybody.

Thu, 12 Nov 2020 06:00:00 -0000

Joe has a story about how Emotet is being used in phishing emails through thread hijacking, Dave's story is a two-fer: one is about bad guys using image manipulation and the other has Elon Musk giving away Bitcoin again taking advantage of the US election, The Catch of the Day is from a listener named John about an email-based vishing attack, and later in the show, we welcome back Kurtis Minder of GroupSense on the burgeoning ransomware negotiation industry.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

remote access Trojan or RAT (noun) [Word Notes}

Tue, 10 Nov 2020 08:00:00 -0000

Too good to be true.

Thu, 05 Nov 2020 06:00:00 -0000

Dave has a story about a fake Facebook copyright violation scam trying to trick you out of your TFA to get into your account, Joe story about the largest elder fraud scam in US history, The Catch of the Day is about a scam using a Google code for verification and includes Hacking Humans in the response, and later in the show, Dave's conversation with Mallory Sofastaii from WMAR Baltimore returns with her reporting on a fake website luring victims through social media ads.

Links to stories and Catch of the Day:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

business email compromise or BEC (noun) [Word Notes]

Tue, 03 Nov 2020 08:00:00 -0000

A social engineering scam where fraudsters spoof an email message from a trusted company officer that directs a staff member to transfer funds to an account controlled by the criminal.

David Sanger on the HBO documentary based off his book, "The Perfect Weapon". [Special Edition]

Sun, 01 Nov 2020 08:00:00 -0000

On this Special Edition, our extended conversation with author and New York Times national security correspondent David E. Sanger. The Perfect Weapon explores the rise of cyber conflict as the primary way nations now compete with and sabotage one another. ‌

The Malware Mash!

Fri, 30 Oct 2020 05:00:00 -0000

New consequences, extortion and cyber insurance.

Thu, 29 Oct 2020 05:00:00 -0000

Joe has a story about a woman who called a fake customer service number and got scammed, Dave's story talks about how phishing kits are not that. hard to find, just check YouTube, The Catch of the Day is an opportunity for a listener remove their name from the BLACKLIST, and later in the show, Dave's conversation with John Pescatore from SANS on Thinking Through the Unthinkable: Should You Pay Off a Ransomware Demand.

Links to stories and Catch of the Day:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

anagram (noun) [Word Notes]

Tue, 27 Oct 2020 07:00:00 -0000

A word, phrase, or sentence formed from another by rearranging its letters. For example, cracking a columnar transposition cipher by hand involves looking for anagrams.

What is true and important versus what is the spin.

Thu, 22 Oct 2020 05:00:00 -0000

Dave's story is about some cybercriminal gangs that have stolen $22 million from users of the Electrum wallet app, Joe's story talks about a business email compromise scam cost a US company $15 million, The Catch of the Day is a gift card scam that includes references to National Treasure movie, and later in the show, Dave's conversation with Bill Harrod, Federal CTO of MobileIron on election disinformation campaigns.

Links to stories and Catch of the Day:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

rogue access point (noun) [Word Notes]

Tue, 20 Oct 2020 05:00:00 -0000

Use a Dance Dance Revolution floor lock for your data centers.

Thu, 15 Oct 2020 05:00:00 -0000

Starting with some listener follow-up on password managers, Joe's story has an angel investor bilking people out of due diligence fees, Dave's story comes from Graham Cluley on a malware campaign talking about details on Donald Trump's COVID-19 status, The Catch of the Day is an animal vaccine phishing scam, and later in the show, we’ve got a special treat for you: David Spark from the The CISO/Security Vendor Relationship Series podcast joins us to play the Best Worst Idea game.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

darknet (noun) [Word Notes]

Tue, 13 Oct 2020 05:00:00 -0000

Don't click any button...even the 'No' button.

Thu, 08 Oct 2020 05:00:00 -0000

Dave's story is about how some adware took a turn for the worse (and how his dad has fallen adware in the past), Joe's story talks about how someone is trying to phish AT&T employees and others, The Catch of the Day is an OfferUp scam on an rtx 3080 (you gamers know what that is), and later in the show, Dave's conversation with Caleb Barlow from Cynergistek reacting to the recent story of the tragic death of a woman due to hospital ransomware.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

phishing (verb) [Word Notes]

Tue, 06 Oct 2020 05:00:00 -0000

Cookies make for some tasty phishing lure.

Thu, 01 Oct 2020 05:00:00 -0000

In addition to his regular story Dave shares a situation where his mom almost took the bait, Dave's story is about an SMS phishing (smishing) Apple scam in UK (ps, there's never a free iPhone & Joe is still not an Apple fan), Joe's story talks about why you don't trust anything political on a social network, The Catch of the Day is from a Reddit user invited to join the Illuminati game, and later in the show, Dave's conversation with Alex Mosher from MobileIron on MobileIron's Phishing with Cookies Campaign.

Links to stories and Catch of the Day:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

credential stealing (verb) [Word Notes]

Tue, 29 Sep 2020 05:00:00 -0000

It's human nature.

Thu, 24 Sep 2020 05:00:00 -0000

Dave and Joe have some follow-up from a listener on OG accounts, Joe's story talks about a new phishing campaign inspired by Twitter from earlier this summer, Dave shares a story about using security awareness training as phishing lures, The Catch of the Day is a SunTrust phishing scam, and later in the show, Dave's conversation with Tim Sadler from Tessian on the Psychology of Human Error report.

Links to stories and Catch of the Day:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

The Bombe (noun) [Word Notes]

Tue, 22 Sep 2020 05:00:00 -0000

Your information is already on the Dark Web.

Thu, 17 Sep 2020 05:00:00 -0000

Dave and Joe have some follow-up on mobile banking apps, Dave talks about the website bitcoinabuse.com, Joe's story Brian Krebs did on old Gmail emails and people using them either errantly or maliciously to create accounts, The Catch of the Day is about a Netflix-themed campaign that's currently running, and later in the show, Dave's conversation with Shai Cohen from TransUnion on identity fraud at center of many digital COVID-19 scams.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

cross-site scripting (noun) [Word Notes]

Tue, 15 Sep 2020 05:00:00 -0000

The story is what gets people in.

Thu, 10 Sep 2020 05:00:00 -0000

Joe shares a story on the ability to make a scam work through storytelling skills, Dave's story is about a guy duping a convenience store clerk into taking over her shift and later robbing the place, The Catch of the Day is about an email from a fake landlord, and later in the show, Dave's conversation with Mallory Sofastaii a reporter and anchor at WMAR2 on Impostor uses Maryland man's identity to steal unemployment insurance benefits.

Links to stories and Catch of the Day:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

penetration test (noun) [Word Notes]

Tue, 08 Sep 2020 05:00:00 -0000

It's evolving rapidly and getting more furious by the minute.

Thu, 03 Sep 2020 05:00:00 -0000

Dave & Joe have a tip as some follow-up on cloning social media accounts, Dave's story is about turning the tables on hackers in the UK, Joe talks about Kaspersky's Spam and phishing report, The Catch of the Day is is from a listener, Bob, who received an email from Eddy looking for the love of a woman (but, Bob is not a woman), and later in the show, Dave's conversation with Max Heinemeyer from Darktrace on threats that he and his team have tracked throughout the onset and spread of COVID.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

social engineering (noun) [Word Notes]

Tue, 01 Sep 2020 05:03:00 -0000

Take a deep breath.

Thu, 27 Aug 2020 05:00:00 -0000

Joe's story is about the effectiveness of social media account cloning, Dave talks about toll fraud, The Catch of the Day is a Bitcoin scam with some scam baiting on the side, and later in the show, Dave's conversation with Ben Rothke from Tapad on Medium piece: A conversation with an iTunes card scammer.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

man trap (noun) [Word Notes]

Tue, 25 Aug 2020 05:00:00 -0000

Many times it is less sophisticated than we think.

Thu, 20 Aug 2020 05:00:00 -0000

Dave's story is about robocalls to a telephony honeypot, Joe talks about postcards impersonating HIPAA communications (you have one? please let Joe know), The Catch of the Day is an email that our editor, Tom, received from the FBI about his COVID-19 death,, and later in the show, Dave's conversation with Rachel Tobac from SocialProof with her insights on the Twitter hack.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Zero-day (adjective) [Word Notes]

Tue, 18 Aug 2020 05:00:00 -0000

Flying under the radar.

Thu, 13 Aug 2020 05:00:00 -0000

Dave's story is about a forgotten scam, Joe talks about the recent Twitter hack, The Catch of the Day is a pretty standard phishing email for you to be on the lookout for, and later in the show, Dave's conversation with Carolyn Crandall from Attivo Networks on why human-controlled ransomware, Ransomware 2.0, is so threatening to today’s remote businesses.

Links to stories:

Catch of the Day:

Fake email notice for business owners on Bluehost.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

NMAP (noun) [Word Notes]

Tue, 11 Aug 2020 04:00:00 -0000

Ignore the actor, focus on the behavior.

Thu, 06 Aug 2020 05:00:00 -0000

Dave shares an horrific cyberstalking story from the local area, Joe's story is about a phishing campaign impersonating voicemail alerts, The Catch of the Day is an HR front for a check floating scam, and later in the show, Dave's conversation with Johnathan Hunt of GitLab on his perspective of dealing with bad actors: ignore them.

Links to stories:

Catch of the Day:

I was just super bored. But now I have something to do.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Be the custodian of your own digital identity.

Thu, 30 Jul 2020 05:00:00 -0000

Dave talks about a deepfake recording impersonating a CEO, Joe's story is about a new phishing campaign, The Catch of the Day is a very persistent cash app scammer, and later in the show, Dave's conversation with Bruce Esposito from One Identity on digital identities and what they could mean for privacy.

Links to stories:

Catch of the Day:

Monica played dumb with a cash app scammer for 3 days.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Never think of security as a destination.

Thu, 23 Jul 2020 05:00:00 -0000

Dave talks about gift card scams associated with YouTube live streams, Joe's story is about a scam impersonating Canadian hospital staff, The Catch of the Day is phish impersonating a small game developer going after podcasters, and later in the show, Dave's conversation with Richard Torres from Syntax on phishing attacks increasing 350% during COVID-19.

Links to stories:

Catch of the Day:

Cellar Door Games impersonation

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

A little dose of skepticism.

Thu, 16 Jul 2020 05:00:00 -0000

We have some listener follow-up sharing dnstwister.report site, Dave has a story of consent phishing, Joe talks about calendar invite phishing, The Catch of the Day is a lazy money multiplying scam, and later in the show, Dave's conversation with Don MacLennan from Barracuda Networks on brand impersonation.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Send me money so I know you are real.

Thu, 09 Jul 2020 05:00:00 -0000

We have some follow-up, and this time, Joe was not right, Dave's story is about poison-selling scam, Joe about an impersonation site, The Catch of the Day claims to be notice of a United Nations payment, and later in the show, Dave's conversation with Satnam Narang from Tenable on the increase of scams on Venmo, PayPal and Cash App on giveaways due to the opportunity provided by the economic fallout of COVID-19.

Links to stories:

Catch of the Day:

7 Spam Email Examples that Will Make You LOL

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Because they deserve the money!

Thu, 02 Jul 2020 05:00:00 -0000

Dave's story shows Macs are not immune, Joe talks about a dark place in his soul (aka survey scams), some listener follow-up saying Joe was right!, The Catch of the Day an advanced fee scam from the US government, and later in the show, Dave's conversation with Aviv Grafi from Votiro on a multistage attack using a zero day exploit to deliver a trojan relating to COVID-19 Stay at Home orders.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Close in your pajamas.

Thu, 25 Jun 2020 05:00:00 -0000

Joe shares a different spin on ransom attacks, Dave has a story on phone number reuse, The Catch of the Day is a notice from British Gas (accent included), and later in the show, Dave's conversation with Stan Holland from Atlantic Bay Mortgage on their experience adapting to COVID-19.

Links to stories:

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

It can happen to anybody.

Thu, 18 Jun 2020 05:00:00 -0000

Dave shares a story of an attempt on his father's Verizon account, Joe has the story of an Amazon gift card phishing attempt, The Catch of the Day is a funny phishing email, and later in the show, Joe checks in with Kurtis Minder from GroupSense. They dig a little deeper into some of the topics Kurtis discussed in his previous appearance on our show.

Link to story:

Multifactor Authentication Hacking is Getting Real

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Taking a selfie with your ID.

Thu, 11 Jun 2020 05:00:00 -0000

Joe talks about HROs (High Reliability Organizations), Dave has a scam on Upwork gigs, The Catch of the Day talks about giving a scammer the runaround, and later in the show our interview with Sanjay Gupta from Mitek on how cybercriminals are capitalizing on the recently-deceased and creating synthetic identities.

Link to stories:

The Unaddressed Gap in Cybersecurity: Human Performance

People who turned to Upwork to find freelance gigs say they've lost thousands of dollars to scams

Catch of the Day:

Person Tests Scammer’s Patience By Pretending To Be Not The Sharpest Tool In The Shed

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Seniors and millennials more alike than people think.

Thu, 04 Jun 2020 05:00:00 -0000

Dave has a ransomware story from inside a virtual machine, Joe talks phishing with Google firebase storage URLs, some listener follow-up, The Catch of the Day comes from Joe's daughter and "Apple", and later in the show our interview with Paige Schaffer from Generali Global Assistance on the digital habits of seniors and millennials and the latest scams.

Link to stories:

The ransomware that attacks you from inside a virtual machine

Phishing in a Bucket: Utilizing Google Firebase Storage

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

HH Extra - Happy 100 shows!

Thu, 28 May 2020 05:00:00 -0000

We'd like to thank you, our dear listeners, for sticking with us and our podcast through thick and thin, bad accents and even worse ones, with this - a collection of some of our favorite Catch of the Day segments. From Australia to Brazil, Italy to the Oval Office, they're all here.

Here's to another 100 episodes.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Wearing a mask in the Oval Office.

Thu, 28 May 2020 05:00:00 -0000

Link to story:

Twitter

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

How scammers fill the gap.

Thu, 21 May 2020 05:00:00 -0000

Dave has a story on a possible Disney-styled phishing email, Joe has the skinny on a circular pyramid scheme, some listener follow-up, The Catch of the Day is a YouTube verification badge for you, and later in the show our interview with Neill Feather from SiteLock. He joins us to explain how scammers fill the gap when popular retail items are sold out.

Link to story:

New phishing/scam email attempt

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Every day you're a firefighter.

Thu, 14 May 2020 05:00:00 -0000

Dave and Joe have a follow up for a listener, Joe has two stories on different levels of effort of phishing schemes, The Catch of the Day is looking for a sugar baby, and later in the show our interview with Marcus Carey, enterprise architect at ReliaQuest. He’s the author of the book Tribe of Hackers, and he wonders if we are living in a cybersecurity groundhog day.

Links to stories:

Anatomy of a Well-Crafted UPS, FedEX, and DHL Phishing Email During COVID-19

Phishers target investment brokers, aim for Office, SharePoint login credentials

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Exploiting our distractions.

Thu, 07 May 2020 05:00:00 -0000

Dave has the story of PR firms selling lies online, Joe has the story of a sophisticated Business Email Compromise attack, The Catch of the Day advises you to update your account information IMMEDIATELY, and later in the show our interview with Dave Baggett, CEO and Founder of INKY. This will be a discussion of fake stimulus payment phishing scam recently found by INKY.

Links to stories:

Disinformation For Hire: How A New Breed Of PR Firms Is Selling Lies Online

IR Case: The Florentine Banker Group

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Passwords are the easiest things to steal.

Thu, 30 Apr 2020 05:00:00 -0000

Joe takes a look at a massive sextortion spam scheme, Dave has some advice for all of us, the Catch of the Day comes from down under, and later in the show our conversation with Andrew Shikiar, Executive Director and Chief Marketing Officer at FIDO Alliance on why phishing and passwords remain such a huge security problem and options for doing away with passwords.

Links to stories:

Following the money in a massive “sextortion” spam scheme

When in Doubt: Hang Up, Look Up, & Call Back

The Catch of the Day

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Wallet inspector.

Thu, 23 Apr 2020 05:00:00 -0000

Dave warns of fake QR code websites stealing Bitcoin, Joe has the return of classic cons, the Catch of the Day forgets one crucial element, and later in the show, our interview with Kurtis Minder. He’s with a company called Groupsense and they’ve been commemorating the 20th anniversary of the Dark Web.

Links to stories:

Network of fake QR code generators will steal your Bitcoin

Paris Gold Ring Scam

The Simpsons - Wallet Inspector

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

They're getting smart, but we're getting smarter.

Thu, 16 Apr 2020 05:00:00 -0000

Joe has the story of a cold-calling conman, Dave has a story of vindication for seniors who lost money in phone scams, the Catch of the Day has Joe doing his research, and later in the show my conversation with Dustin Warren from SpyCloud. His team has been monitoring criminal forums during the COVID-19 pandemic, and he’s here to share what they’ve been seeing.

Links to stories:

Coronavirus conman barges in on 83-year-old woman

Western Union Paying $153M In Compensation To Seniors Who Lost Money In Phone Scams

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Even famous people get scammed.

Thu, 09 Apr 2020 05:00:00 -0000

Dave has the story of a Walking Dead actress raising money for a scammer, Joe has an article warning of Government websites giving bad security advice, the Catch of the Day tries to put the fear of God in it's victim, and later in the show Carole Theriault returns with an interview with a couple of researchers from a firm called Lookout, who analyzed a phishing scam with over four thousand victims.

Links to stories:

Lehigh Valley cancer scammer ensnares ‘Walking Dead’ actress

US Government Sites Give Bad Security Advice

It’s Way Too Easy to Get a .gov Domain Name

The Catch of the Day:

https://twitter.com/thedave2006/status/1223736469568851969

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Shedding light on the human element.

Thu, 02 Apr 2020 05:00:00 -0000

Joe has the story of a very exposing scam, Dave has the scoop on a rare BadUSB attack, The Catch of the Day is a 'lame scammer who needs to get a life' and later in the show our conversation with Tom Miller from ClearForce on continuous discovery in the workplace, and the human side of protecting your business.

Links to stories:

‘What kind of breast check-up would need my face?’: Woman falls victim to Facebook Messenger scam

Rare BadUSB attack detected in the wild against US hospitality provider

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Paging Dr. Dochterman.

Thu, 26 Mar 2020 05:00:00 -0000

Dave shares an example of modern-day snake oil, Joe brings us his favorite old-time scams, the Catch of the Day is straight from Dr. Dochterman - you really can't make this stuff up - and later in the show Joe speaks with Scott Knauss - a security consultant who was targeted by scammers.

Links to stories:

Coronavirus Scam Alert: Beware Fake Fox News Articles Promising A CBD Oil Cure

Slowing the Scammers

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Disinformation vs. misinformation.

Thu, 19 Mar 2020 05:00:00 -0000

Dave shares the story of a malicious website posing as a Coronavirus map supposedly from Johns Hopkins University, Joe has the story of an elderly woman who lost a lot of money to two men claiming her grandson was in a car accident, the Catch of the Day's dying wish is to give you money to build an orphanage, and later in the show Carole Theriault returns and speaks with Samuel C. Woolley from University of Texas at Austin on disinformation campaigns.

Links to stories:

the Botometer

The Catch of the Day:

Been going back and forth with these a-holes for a few weeks now. More pictures in comments.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Winking emoji.

Thu, 12 Mar 2020 05:00:00 -0000

Joe shares the story of a phishing website posing as the Singapore Police site, Dave shares a harmful, simple little message, the Catch of the Day drags her scammer through the mud and asks if he wants his casserole dish back. Later in the show our conversation with Gretel Egan from Proofpoint on their 2020 State of the Phish report.

Links to stories:

SPF warns of phishing website posing as police site

Nemty Ransomware Actively Distributed via 'Love Letter' Spam

2020 State of the Phish Report

The Catch of the Day:

“My Wife Spent Three Days Trolling A Scammer”

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Don't go looking for morality here.

Thu, 05 Mar 2020 06:00:00 -0000

Links to stories:

Revealed: fake 'traders' allegedly prey on victims in global investment scam

Coronavirus: Scammers follow the headlines

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

The art of cheating.

Thu, 27 Feb 2020 06:00:00 -0000

Joe shares some insights into the art of cheating travelers, Dave has a story of a woman facing drug charges trying to kidnap another woman's baby, an update on last week's bizarre phone scam, The Catch of the Day features otters, sexy ham, frustrated scammers and... you're just going to need to listen. Later in the show, our interview with Tim Sadler from Tessian on human element of cybersecurity and phishing schemes.

Links to stories:

The art of cheating travelers at dhabas

Woman who posed as baby photographer charged after drugging a mother and planning to steal her child, prosecutors say

The Catch of the Day

Inside a scam call center

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Hi, I'm trying to steal your money.

Thu, 20 Feb 2020 06:00:00 -0000

Dave shares the most bizarrely honest phone scam of all time, Joe has a pretend PayPal phishing scam, the Catch of the Day finally lets Dave show us his best Blanche Devereaux, and later in the show Christopher Hadnagy from Social Engineer LLC returns with an update on the trends he’s been tracking.

Links to stories:

Active PayPal Phishing Scam Targets SSNs, Passport Photos

Current PayPal phishing campaign or "give me all your personal information"

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Fake news and misplaced trust.

Thu, 13 Feb 2020 06:00:00 -0000

Joe shares a collection of romance scams from the great plains, Dave has a report which uncovered a root system of fake news, the catch of the day comes straight from... Warren Buffett? Later in the show Carole Theriault speaks with Lisa Forte from Red Goat on how her experiences working with the police have informed her perspective on the human factors in cyber security.

Links to stories:

Don't Get CatPhished This Valentine's Day By a Scammer

These Fake Local News Sites Have Confused People For Years. We Found Out Who Created Them.

Researchers propose detecting deepfakes with surprising new tool: Mice

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

I wouldn't want my computer to be disappointed.

Thu, 06 Feb 2020 06:00:00 -0000

Dave finally has good news. Joe shares a fake website created by the US Trading Commission... which doesn't exist. The catch of the day threatens FULL DATA LOSS! Later in the show, Anna Collard is the founder of security content publisher of Popcorn Training – a South African company that promotes Cyber Security awareness by using story-based techniques. Our conversation centers on the state of cyber security in Africa.

Links to stories:

DOJ sues US telecom providers for connecting Indian robocall scammers

The aforementioned DOJ complaint

Uncle Sam compensates you for data leaks (yeah, right)

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

They had no idea.

Thu, 30 Jan 2020 06:00:00 -0000

Dave shares a particularly exposing sextortion scam. Joe has a story of a million-dollar scam that targeted college students in Miami just trying to pay their tuition. The catch of the day comes straight from The U.S. President. Later in the show, part two of Carole Theriault's interview with Jamie Bartlett, the brains and host behind The Missing Cryptoqueen, an amazing BBC podcast about trying to get to the bottom of the OneCoin scam.

Links to stories:

Fresh New Nest Video Extortion Scam Plays Out Like a Spy Game

WeChat and stolen credit cards: How scammers victimized Miami Chinese college students

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Flipping the script.

Thu, 23 Jan 2020 06:00:00 -0000

Dave's phone is blowing up with smishing attempts. Joe shares a story about fake license renewal attempts from The New Zealand Transportation Agency. The catch of the day flips the script on their attacker. Later in the show Carole Theriault speaks with Jamie Bartlett, the brains and host behind The Missing Cryptoqueen, an amazing BBC podcast about trying to get to the bottom of the OneCoin scam.

Links to stories:

Fresh Apple #Phishing found

The catch of the day

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Life in the (second) age of pirates.

Thu, 16 Jan 2020 06:00:00 -0000

Dave has an account from a man who was almost scammed by an impersonation of his own close friend. Joe has the story of a sophisticated phishing scheme involving Microsoft Office 365. The catch of the day goes all the way back to the age of pirates. Carole Theriault interviews Andrew Brandt from Sophos regarding their 2020 threat report.

Links to stories:

Tricky Phish Angles for Persistence, Not Passwords

SophosLabs 2020 Threat Report

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Ransomware is a reality.

Thu, 09 Jan 2020 06:00:00 -0000

Dave has a master list of cyberbadness. Joe has some handy red flags this tax season straight from our beloved IRS. The catch of the day features an alluring proposition from someone who is probably not "Sofia". Our guest is Devon Kerr with Elastic Security Intelligence and Analytics who shares his insights about Ransomware.

Links to stories:

7 types of virus – a short glossary of contemporary cyberbadness

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Leading by example and positive reenforcement.

Thu, 02 Jan 2020 06:00:00 -0000

Dave has a warning from a galaxy far, far away. Joe has a report of a scam attempt on a listener who fancies fancy pens. The catch of the day features a Tinder dating app bot scam. Our guest is Dennis Dillman from Barracuda Networks, sharing his thoughts on employee training.

Links to stories:

https://www.bleepingcomputer.com/news/security/fake-star-wars-streaming-sites-steal-fans-credit-cards/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Telling The Truth In A Dishonest Way - Rebroadcast

Thu, 26 Dec 2019 06:00:00 -0000

Today's episode is a re-broadcast of an episode from August 2018.

Dave looks at Hollywood script pitch event scams. Joe describes a romance scam murder scheme. Spontaneously combusting ATM cards. Guest Jayson E. Street from SphereNY describes his security awareness engagements.

Links to stories mentioned in this week's show:

https://www.hollywoodreporter.com/news/why-are-wannabe-screenwriters-getting-scammed-1130919

https://nakedsecurity.sophos.com/2018/08/17/romance-scam-victim-allegedly-plotted-to-kill-her-mother-for-cash/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Managing access and insider threats.

Thu, 19 Dec 2019 06:00:00 -0000

Joe's wife has been getting suspicious shipping notices. Dave describes a phone scam where crooks intercept phone calls. The catch of the day turns the tables on a would-be scammer. Carole Theriault speaks with Peter Draper from Gurucul about their 2020 Insider Threat Report.

Links to stories:

https://www.ctvnews.ca/canada/police-warn-of-new-phone-scam-where-criminals-intercept-your-calls-1.4706758

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

If you didn't ask for it don't install it.

Thu, 12 Dec 2019 06:00:00 -0000

Dave describes a gas-pump hidden camera scam. Joe shares the story of a fraudulent Microsoft Windows Update notice. The catch of the day involves a scammer making use of an online celebrity's profile picture. Our guest is Karl Sigler from Trustwave with tips for staying safe online through the holidays.

Links to stories:

https://krebsonsecurity.com/2019/11/hidden-cam-above-bluetooth-pump-skimmer/

https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/fake-windows-update-spam-leads-to-cyborg-ransomware-and-its-builder/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

I really wanted that shed.

Thu, 05 Dec 2019 06:00:00 -0000

Joe shares the story of a woman losing her life savings to a scammer claiming to be from the FBI. Dave describes the $139 shed scam. The catch of the day is another threat of revealing compromising photos. Carole Theriault speaks with Chris Bush from ObserveIT about security threats from employee burnout.

Links to stories:

https://www.wsj.com/articles/robocall-scams-exist-because-they-workone-womans-story-shows-how-11574351204

https://youtu.be/zFQUCCbodHc

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Security has to be friendly.

Thu, 21 Nov 2019 06:00:00 -0000

Dave wonders about Juice Jacking warnings. Joe shares findings from Agari's latest email fraud and identity deception report. The catch of the day promises romance in exchange for airline tickets. Our guests are David Spark and Allan Alford, cohosts of the Defense in Depth podcast.

Links to stories:

https://www.goodmorningamerica.com/travel/story/travelers-beware-juice-jacking-public-charging-stations-safely-67004765

https://www.agari.com/cyber-intelligence-research/e-books/q4-2019-report.pdf

https://cisoseries.com/introducing-defense-in-depth-podcast/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Skepticism is the first step.

Thu, 14 Nov 2019 06:00:00 -0000

Joe shares stories of typo-squatting. Dave reminds warns us against responding to malicious email, even just for fun. The catch of the day is from a listener, leading on a romance scammer. Carole Theriault returns with an interview with Chris Olson from The Media Trust on how targeted advertising can enable election interference.

Links from this week's stories:

https://www.securityweek.com/err-human-squat-criminal

https://info.phishlabs.com/blog/dont-respond-suspicious-emails

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

When you are the target, objectivity is gone.

Thu, 07 Nov 2019 06:00:00 -0000

Joe shares a report on who's more susceptible for scams. Dave shares a story from a listener who what hit by a scam attempt while staying at a hotel. Our catch of the day involves an attempt to scam someone selling a motorcycle. Our guest is Maria Konnikova, an award-winning author, journalist, and international champion poker player. Her latest book is The Biggest Bluff.

Links to stories:

https://www.washingtonpost.com/business/2019/10/28/this-might-surprise-you-seniors-are-not-more-susceptible-scams-younger-adults-are/

https://www.ftc.gov/system/files/documents/reports/protecting-older-consumers-2018-2019-report-federal-trade-commission/p144401_protecting_older_consumers_2019_1.pdf

https://twentytwowords.com/man-gets-revenge-on-craigslist-scammer-in-the-most-satisfying-way-imaginable/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

The Malware Mash!

Thu, 31 Oct 2019 12:01:00 -0000

Happy Halloween from Joe, Dave, and everyone at the CyberWire!

Don't dismiss the fraudsters.

Thu, 31 Oct 2019 05:00:00 -0000

Dave describes a credential gathering scam targeting users of the Stripe online payment system. Joe responds to an email message from his boss, and learns a valuable lesson. Our catch of the day follows someone as they string along a text messaging scammer. Carole Theriault returns with an interview with J Bennett of Signifyd, an AI firm fighting romance scams.

Links to stories:

https://cofense.com/credential-phish-masks-scam-page-url-thwart-vigilant-users/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

The ability to fundamentally deceive someone.

Thu, 24 Oct 2019 05:00:00 -0000

Joe has the story of a convincing scammer who makes an innocent woman doubt herself. Dave describes an online utility that helps users delete unwanted user accounts and also rates the difficulty of doing so. The catch of the day requests help in an investment scam (but lacks punctuation). Our guest is Henry Ajder from Deeptrace Labs on their research on Deep Fakes.

Links to stories:

https://www.walesonline.co.uk/news/wales-news/swansea-mum-scammed-out-1000-17065476

https://backgroundchecks.org/justdeleteme/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

The fallacy of futility.

Thu, 17 Oct 2019 05:00:00 -0000

Dave describes a ponzi scheme that bought up legitimate investment firms. Joe shares research into deep fakes. The catch of the day includes an invitation to join the illuminati. Ray [REDACTED] returns with followup from his prior visit, along with new information to share.

Links to stories:

https://13wham.com/news/local/feds-in-rochester-to-detail-multi-million-dollar-ponzi-scheme

https://nakedsecurity.sophos.com/2019/10/09/deepfakes-have-doubled-overwhelmingly-targeting-women/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Don't trust ransomware to tell you its real name.

Thu, 10 Oct 2019 05:00:00 -0000

Joe describes online redirect scams, URL encoding and the clever combination of the two. Dave shares delightful satire about Russian brides and Nigerian princes, together at last. The catch of the day involves a student getting the best of scammers, getting them to send him money. Our guest is Fabian Wosar from Emsisoft, well-known for decrypting ransomware.

Links from today's stories -

https://waterfordwhispersnews.com/2019/09/25/hot-woman-in-your-area-marries-nigerian-prince-whos-email-you-ignored/

https://www.thesun.co.uk/tech/10052181/student-limerick-online-scammer-charity/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

The ultimate hacking tool.

Thu, 03 Oct 2019 05:00:00 -0000

Joe reviews highlights from a Proofpoint report on the human aspects of cyber attacks. Dave describes the FTC's cases against online dating site Match.com. The catch of the day comes straight from Her Majesty the Queen. Carole Theriault returns with an interview with Corin Imai, Senior Security advisor at DomainTools, about phishing attacks they’ve been tracking in the UK.

Links to stories:

https://www.helpnetsecurity.com/2019/09/10/cyberattacks-human-interaction/

https://techcrunch.com/2019/09/26/dating-app-maker-match-sued-by-ftc-for-fraud/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

The usefulness of single sign on.

Thu, 26 Sep 2019 05:00:00 -0000

Joe outlines online threats from social media. Dave shares a story of scammers try to scare a community into purchasing security products. The catch of the day features a promise of riches from Facebook's Mark Zuckerberg. Our guest is Yaser Masoudnia from LastPass who addresses listener questions about Single Sign On.

Links to stories:

https://info.phishlabs.com/blog/how-social-media-is-abused-for-phishing-attacks

http://www.pressandguide.com/news/police_fire/email-scam-trying-to-convince-dearborn-residents-crime-is-up/article_249b1f2c-cb34-11e9-a5b0-cf725769167a.html

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Algorithms controlling truth in our society.

Thu, 19 Sep 2019 05:00:00 -0000

Special guest host Graham Cluley joins Dave while Joe takes a short break. Dave shares the success of the FBI's reWired campaign which has apprehended alleged scammers around the world. Graham describes a website hoping to spare users the hardship of multifactor authentication. The catch of the day involves a generous soccer star. Our guest is Matt Price from ZeroFOX with insights on Deep Fake technology.

Links to today's stories:

https://www.fbi.gov/news/stories/operation-rewired-bec-takedown-091019

https://dontduo.com/

https://www.smashingsecurity.com/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

An ethical hacker can be a teacher.

Thu, 12 Sep 2019 05:00:00 -0000

A listener updates us on "notice of arrest" policies. Dave notes increased instances of Google Calendar spam. Joe shares a claim that AI voice mimicry was used to dupe a company out of nearly a quarter million dollars. (Dave is skeptical.) The catch of the day accuses the target of naughty behavior. Carole Theriault interviews ethical hacker Zoe Rose.

Links to stories:

https://www.popsci.com/google-calendar-spam-what-to-do/

https://www.wsj.com/articles/fraudsters-use-ai-to-mimic-ceos-voice-in-unusual-cybercrime-case-11567157402

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Think before you post.

Thu, 05 Sep 2019 05:00:00 -0000

Follow-up from down under. Joe shares the story of a Mom scammed out of Gaelic Football League tickets. Dave describes a bounty hunter hoaxing suicide threats to get location information from mobile providers. The catch of the day requires a response from the grave. Our guest is Ben Yelin, senior law and policy analyst from the University of Maryland Center for Health and Homeland Security. He digs in to a particular Facebook scam that refuses to die.

Links to stories:

https://m.independent.ie/irish-news/news/im-just-broken-up-mother-devastated-as-shes-scammed-out-of-money-while-trying-to-buy-allireland-final-tickets-38446401.html

https://www.thedailybeast.com/feds-say-bounty-hunter-matthew-marre-used-suicide-hoax-to-con-verizon-t-mobile-out-of-customer-data

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Securing your SMS.

Thu, 29 Aug 2019 05:00:00 -0000

Dave shares a story of digital voice assistants being channeled toward scammers. Joe tracks scammers taking advantage of social tools on the Steam gaming platform. The catch of the day involves South African kickbacks. Our guest is researcher/technologist Ray [REDACTED], who shares his expertise on scammers targeting SMS.

Links to stories:

https://nakedsecurity.sophos.com/2019/08/20/scammers-use-bogus-search-results-to-fool-voice-assistants/

https://www.bleepingcomputer.com/news/security/steam-accounts-being-stolen-through-elaborate-free-game-scam/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Backups backups backups.

Thu, 22 Aug 2019 05:00:00 -0000

Joe describes a primitive (but effective) phishing scheme being tracked by Bleeping Computer. Dave shares news from a Black Hat presentation on phishing stats from Google. The catch of the day is a friendly invitation from Hawaii. Our guest is Michael Gillespie from Emsisoft describing the ID Ransomware project.

Links from today's stories:

https://www.bleepingcomputer.com/news/security/beware-of-emails-asking-you-to-confirm-your-unsubscribe-request/

https://www.fastcompany.com/90387855/we-keep-falling-for-phishing-emails-and-google-just-revealed-why

https://id-ransomware.malwarehunterteam.com/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Swamping search results for reputation management.

Thu, 15 Aug 2019 05:00:00 -0000

Dave shares the story of a small community hospital dealing with a ransomware attack. Joe reviews the different types of extortion emails. The catch of the day is an inheritance scam from Canada. Carole Theriault interviews Craig Silverman from Buzzfeed about online reputation management companies.

Links to stories:

https://www.azcentral.com/story/news/local/arizona/2019/07/30/how-4-technicians-saved-arizona-hospital-hacker-ransomware-wickenburg-community-hospital/1842572001/

https://www.bleepingcomputer.com/news/security/extortion-emails-on-the-rise-a-look-at-the-different-types/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Positive pretexting on the rise.

Thu, 08 Aug 2019 05:00:00 -0000

Joe shares a cautionary Facebook tale from his own life. Dave has the story of an Australian IT company put out of business by scammers. The catch of the day tracks the response writer and comedian Dave Holmes had to scammers pretending to be from the IRS. Rachel Tobac from Social Proof Security returns with voting security information and the latest scams she's been tracking.

Links to today's stories:

https://www.crn.com.au/news/it-suppliers-forced-to-close-after-procurement-scam-528609

https://cheezburger.com/719877/troll-comedian-gets-a-scam-call-and-decides-to-play-along

https://www.vampirecaveman.com/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Images are the language of the brain.

Thu, 01 Aug 2019 05:00:00 -0000

Dave outlines a church donation scam. Joe shares reporting from Ars Technica on romance scams coming out of Africa. The catch of the day is courtesy of London comedian James Veitch Our guest is Garry Berman from Cyberman Security who's developed a cyber security comic book series to help raise awareness.

Links to this week's stories:

https://www.churchlawandtax.com/blog/2018/june/what-to-know-about-new-donation-scam.html

https://arstechnica.com/information-technology/2019/07/im-not-100-with-anybody-ars-dissects-a-nigerian-twitter-catfish-scam/

https://www.boredpanda.com/funny-phishing-scam-emails-dot-con-james-veitch/

https://www.cyberheroescomics.com/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Looking after Dad.

Thu, 25 Jul 2019 05:00:00 -0000

Joe shares a story on the market economy of phishing. Dave explains how gamers are being taken advantage of on popular chat app Discord. The catch of the day included a little bit of showbiz razzle-dazzle. Our anonymous guest this week shares his efforts to keep his father from falling for online scams.

Links to stories:

https://blogs.akamai.com/sitr/2019/06/phishing-factories-and-economies.html

https://twitter.com/Splatter_Shah/status/1143556723266994176

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

The skills gap disconnect.

Thu, 18 Jul 2019 05:00:00 -0000

Dave shares a listener story of scammers calling drug stores to try to gather customer rewards points. Joe describes federal contractors being scammed out of over $10 million of hardware, some of it classified communications equipment. The catch of the day starts with a bank email scam and ends with a Rick roll. Carole Theriault speaks with Michael Madon, head of security at Mimecast about the cyber security skills gap.

Links to stories -

https://qz.com/1661537/us-defense-contractor-falls-for-3-million-email-scam/

https://www.newshub.co.nz/home/entertainment/2018/01/man-sets-up-rick-astley-hotline-to-rescue-people-from-annoying-salespeople.html

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Know and spot the patterns.

Thu, 11 Jul 2019 05:00:00 -0000

Joe shares the heartbreaking tale of a catphishing case that leads to murder. Dave describes a shoe company using an unusual method to trick engagement with an online ad. The catch of the day engages a Nigerian scammer promising a fortune in precious minerals. Dave interview Michael Coates, head of Altitude Networks and former CISO at Twitter.

Links to this week's stories -

https://www.nbcnews.com/news/us-news/after-alaska-teen-s-murder-cybersecurity-experts-warn-catfishing-predators-n1019536

https://medium.com/shanghaiist/chinese-shoe-company-tricks-people-into-swiping-instagram-ad-with-fake-strand-of-hair-54d8a2d8ec1d

https://www.419eater.com/html/user_subs/godfather/godfather.htm

https://altitudenetworks.com/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Encore — Separating fools from money.

Thu, 04 Jul 2019 05:00:00 -0000

We're taking a break for the Independence Day holiday in the US, so enjoy this episode from the early days of our show.

Thanks to our show sponsor KnowBe4.

Be wary of all emails.

Thu, 27 Jun 2019 05:00:00 -0000

Dave shares the story of one Katie Jones, the fake online persona used to gain the confidence of high-status individuals. Joe describes the tragic case of Christine Lu, a Harvard Medical professor who was scammed out of her life savings. The Catch of the Day warns recipients not to trust the FBI. Carole Theriault interviews Akamai's Larry Cashdollar about scammers using Google Translate to obfuscate web sites.

Links to this week's stories:

https://www.apnews.com/bc2f19097a4c4fffaa00de6770b8a60d

https://thispersondoesnotexist.com/

https://www.nbcboston.com/on-air/as-seen-on/Woman-Scammed-Into-Giving-Away-Life-Savings_NECN-511108952.html

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

The knowledge / intention behavior gap.

Thu, 20 Jun 2019 05:00:00 -0000

Joe shares the story of an elaborate check fraud scam involving HR impersonators. Dave reads an email from a listener who got phished by his own company, and has questions about authorization app vs. hardware keys. Our catch of the day involves an orphan looking to share her inheritance. Dave interviews author Perry Carpenter, who's new book is Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us about Driving Secure Behaviors.

Links to stories:

https://twitter.com/sigalow/status/1138918411394781185?s=12

https://www.yubico.com/2019/01/yubico-launches-the-security-key-nfc-and-a-private-preview-of-the-yubikey-for-lightning-at-ces-2019/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Just because I trusted you yesterday doesn't mean I trust you today.

Thu, 13 Jun 2019 05:00:00 -0000

Dave describes researchers spotting scammers on dating sites using AI. Joe shares a phishing scheme that asks users to manage undelivered mail. The catch of the day involves cute puppies and Mogwai meat. Dave interview Avi Solomon, director of information technology for Rumberger, Kirk and Caldwell, an Orlando, Florida litigation firm.

Links to today's stories:

https://www.bbc.com/news/technology-48472811

https://arxiv.org/pdf/1905.12593.pdf

https://www.bleepingcomputer.com/news/security/new-phishing-scam-asks-you-to-manage-your-undelivered-email/

https://www.419eater.com/html/tommy_mark.htm

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

The best way to break in is to walk through the front door.

Thu, 06 Jun 2019 05:00:00 -0000

Joe describes one of history's great con artists, Victor Lustig, who sold the Eiffel Tower. Twice. Dave shares a story from a listener involving a UPS tracking number scam. The catch of the day involves am attempted romance scam on the XBOX platform. Dave interviews Sherri Davidoff, CEO of LMG Security and is the hacker named "Alien" in Jeremy Smith's book, "Breaking and Entering." She has her own book coming out this summer, "Data Breaches: Crisis and Opportunity."

Links to this week's stories:

http://mentalfloss.com/article/12809/smooth-operator-how-victor-lustig-sold-eiffel-tower

https://community.ebay.com/t5/Archive-Shipping-Returns/Seller-Scam-UPS-Tracking-Shows-Delivered/td-p/26206551

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Be willing to admit you don't know everything.

Thu, 30 May 2019 05:00:00 -0000

Dave reviews Google's recent security report on basic account hygiene. Joe describes passive social engineering, including USB charging stations at airports. The catch of the day exposes a trunk box scam involving ill-gotten war profits. Carole Theriault speaks with the head of a group that call themselves Scam Survivors.

Links to stories:

https://security.googleblog.com/2019/05/new-research-how-effective-is-basic.html

https://www.forbes.com/sites/suzannerowankelleher/2019/05/21/why-you-should-never-use-airport-usb-charging-stations/#4116498a5955

https://scamsurvivors.com/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

People aren't perfectly rational.

Thu, 23 May 2019 05:00:00 -0000

A listener writes in with the results of his phishing attempt on his wife. Joe describes research from F-Secure on the most dangerous email attachment types. Dave shares the story of scammers impersonating local hospitals to scare a response from their victims. Our catch of the day involves a LinkedIn scam impersonating a fighter pilot.

Joe interviews Elissa Redmiles, an incoming assistant professor of computer science at Princeton University. She studies behavioral modeling to understand why people behave the way they do online.

Links to stories from today's show:

https://labsblog.f-secure.com/2019/05/08/spam-trends-top-attachments-and-campaigns/

https://www.nbc15.com/content/news/Text-message-scam-impersonates-local-hospitals-509615981.html

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Live at KB4CON 2019.

Thu, 16 May 2019 05:00:00 -0000

It's a special edition of the Hacking Humans show recorded live at the KB4CON conference in Orlando, FL. Join Joe, Dave and their special guests Stu Sjouwerman, KnowBe4's CEO, and Kevin Mitnick, world-famous hacker and KnowBe4's chief hacking officer, as they discuss malicious scams making the rounds and how to protect yourself and your organization against them.

Dave describes a late-night phone call scam, Joe explains a Social Security scheme, Stu shares deadly catch of the day, and Kevin shares stories from his own hacking experience, and takes questions from the audience.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

A data-driven approach to trust.

Thu, 09 May 2019 05:00:00 -0000

Joe describes a church scammed out of millions of dollars. Dave shares good news about a group of scammers being apprehended and arrested. The catch of the day involves a Vietnamese investment offer that's almost too good to pass up on. Dave speaks with Dr. Richard Ford from Forcepoint about the models of trust.

Links to stories in today's show:

https://www.grahamcluley.com/hackers-steal-1-75-million-from-catholic-church-in-ohio/

https://www.justice.gov/usao-sdny/pr/nine-defendants-arrested-new-york-florida-and-texas-multimillion-dollar-wire-fraud

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Twitter bots amplifying divisive messages.

Thu, 02 May 2019 05:00:00 -0000

Followup from listeners on Google search result scams. Dave describes the city of Ottawa sending $100K to a fraudster. Joe shares results from the FBI's Internet Crime Report. The catch of the day involves a dating site and an offer to be someone's "sugar daddy." Our guest is Andy Patel from F-Secure, describing how Twitter bots are amplifying divisive messages.

Links to storys:

https://www.cbc.ca/news/canada/ottawa/city-treasurer-sent-100k-to-fraudster-1.5088744

https://threatpost.com/fbi-bec-scam-losses-double/144038/

https://www.ic3.gov/media/annualreport/2018_IC3Report.pdf

https://labsblog.f-secure.com/2019/04/03/discovering-hidden-twitter-amplification/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Let's play, "Covered by cyber insurance — true or false?"

Thu, 25 Apr 2019 05:00:00 -0000

Dave and Joe answer a listener question about a mysterious Netflix account. Dave describes a service for Airbnb scammers. Joe explains a particularly "nasty" Instagram scam. Carole Theriault interviews cyber insurance expert Martin Overton from OMG Cyber.

Links to stories:

https://www.bleepingcomputer.com/news/security/the-nasty-list-phishing-scam-is-sweeping-through-instagram/

https://krebsonsecurity.com/2019/04/land-lordz-service-powers-airbnb-scams/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

I have been practicing honesty and truthfulness my whole life.

Thu, 18 Apr 2019 05:00:00 -0000

Followup from an Australian listener. Dave shares a Paypal scam leveraging Google ads. Joe describes TechCrunch reporting on a spam service that was left out in the open. The catch of the day promises a lifetime supply of gold. Dave interviews Asaf Cidon from Barracuda Networks

https://techcrunch.com/2019/04/02/inside-a-spam-operation/

https://www.barracuda.com/spear-phishing-report

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Scammers have no ethics whatsoever.

Thu, 11 Apr 2019 05:00:00 -0000

Joe describes a study of people's perceptions when presented with a magic trick. Dave shares the story of fake boyfriend app. Our catch of the day involves the promise of millions from a bank in Africa. Dave interviews Chris Parker from WhatIsMyIPaddress.com.

Links to stories:

http://nautil.us/issue/70/variables/a-magician-explains-why-we-see-whats-not-there

https://youtu.be/vJG698U2Mvo

https://www.pedestrian.tv/tech/fake-boyfriend-app/

https://whatismyipaddress.com/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Girl Scouts empowering cyber security leaders.

Thu, 04 Apr 2019 05:00:00 -0000

Dave describes a survey of call center security methods. Joe explains a spam campaign raising the specter of a flu pandemic to scare people into enabling macros in an Office document. The catch of the day highlights a Facebook scammer promising a prize-winning windfall. Carole Theriault returns with a story about special badges Girls Scouts can earn for cyber security.

Links to stories:

https://marketing.trustid.com/acton/attachment/32513/f-0039/1/-/-/-/-/TRUSTID_2018_State_of_Call_Center_Authentication_Survey.pdf

https://www.bleepingcomputer.com/news/security/fake-cdc-emails-warning-of-flu-pandemic-push-ransomware/

http://blog.girlscouts.org/2018/07/girl-scouts-introduces-30-new-badges-to.html

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Pick a persona to match the goal.

Thu, 28 Mar 2019 05:00:00 -0000

Followup on remotely previewing websites. Joe has the story of scammer bilking Facebook and Google out of millions. Dave reviews best practices for deleting data on devices you dispose of. The catch of the day is an offer of criminal partnering with the CIA. Our guest is Jeremy N. Smith, author of the book Breaking and Entering - the extraordinary story of a hacker called Alien.

Links from today's stories:

https://urlscan.io/

https://www.theregister.co.uk/2019/03/21/facebook_google_scam/

https://blog.rapid7.com/2019/03/19/buy-one-device-get-data-free-private-information-remains-on-donated-devices/

https://www.amazon.com/dp/B0789KP775

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Kids are a great target.

Thu, 21 Mar 2019 05:00:00 -0000

A listener recommends an online tool for safely previewing web sites. Dave shares research on what time of the work week is best for scams. Joe explains credential stuffing. Our guest is Frances Dewing, the CEO and co-founder of Rubica. They recently published a report on how crooks are accessing parents’ mobile devices via apps their kids load.

Links to stories mentioned in today's show:

https://screenshot.guru/

https://www.aarp.org/money/scams-fraud/info-2019/phone-scams-peak-time.html

https://www.digitalnewsasia.com/insights/how-lose-money-credential-stocking-stuffers

https://rubica.com/wp-content/uploads/2019/02/Rubica-Report-Cyber-Crime-Privacy-Risks-in-Free-Mobile-Kids-Apps.pdf

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

When we rush we make bad decisions.

Thu, 14 Mar 2019 05:00:00 -0000

Joe tracks the surprising number of malicious links hosted on legit websites and why it's dangerous. Dave describes an extortion scheme targeting podcasters. Our catch of the day involves a lonely Russian woman promoting a dating site. Dave interviews Gary Noesner, author of Stalling for Time: My Life as an FBI Hostage Negotiator.

Links to stories mentioned in today's show:

https://www-cdn.webroot.com/9315/5113/6179/2019_Webroot_Threat_Report_US_Online.pdf

https://rebelbasemedia.io/podcast-review-extortion/

https://www.amazon.com/Stalling-Time-Life-Hostage-Negotiator/dp/1400067251

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Don't assume younger people get it.

Thu, 07 Mar 2019 06:00:00 -0000

Followup on last week's TLD discussion. Dave shares a sextortion scam with a tragic ending. Joe highlights conveyance scams that rely on certain days of the week. Our catch of the day features a wealthy Londoner hoping to pass on her fortune. Guest Dale Zabriskie from Proofpoint has results from their State of the Phish report.

Links to stories:

https://www.dailymail.co.uk/news/article-6744421/Army-veteran-PTSD-committed-suicide-targeted-prison-inmates-sextortion-scam.html

https://www.todaysconveyancer.co.uk/main-news/law-firms-wising-up-conveyancing-scams/

https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/45597.pdf

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Delivering yourself to a kidnapper.

Thu, 28 Feb 2019 06:00:00 -0000

Joe describes fraudsters taking advantage of top-level domain name confusion. Dave explains how a Google Nest security system shipped with an undocumented microphones. Our catch of the day involves a postcard missed package campaign. Our guest is Matt Devost from OODA LLC describing their work protecting high-net-worth individuals.

Links to today's stories:

https://rebootcamp.militarytimes.com/news/your-air-force/2019/02/13/watch-out-for-fake-dod-websites-like-this/

https://nakedsecurity.sophos.com/2019/02/21/sorry-we-didnt-mean-to-keep-that-secret-microphone-a-secret-says-google/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Stop and think before you click that link.

Thu, 21 Feb 2019 06:00:00 -0000

We've got followup from a listener on cognitive dissonance and behavioral science. Dave shares a listener story about a University Dean's List scam. Joe shares statistics from a government agency phishing test. Our catch of the day involves funds from the FBI, the IMF, and yes, Nigeria. Dave interviews Crane Hassold from Agari with phishing trends they've been tracking, plus his experiences as a former FBI agent.

Links to stories in today's show:

https://fcw.com/articles/2019/02/11/cyber-phishing-oig-fhfa.aspx

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

The trauma is multifactored.

Thu, 14 Feb 2019 06:00:00 -0000

On this Valentines Day edition of Hacking Humans, Joe and Dave examine romance scams, including the sad tale of woman bilked out of hundreds of thousands of dollars. There's a silly, non-murdering catch of the day, and Dave interviews Max Kilger from UTSA on the six motivations of bad actors.

Links to today's stories:

https://www.bbb.org/article/news-releases/17057-online-romance-scams-a-bbb-study-on-how-scammers-use-impersonation-blackmail-and-trickery-to-steal-from-unsuspecting-daters

https://www.aarp.org/money/scams-fraud/info-2015/online-dating-scam.html

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Make it seem like the real answer is impossible to know.

Thu, 07 Feb 2019 06:00:00 -0000

Dave shares a bank spoofing scam with a reminder to mind those links, especially on mobile devices. Joe describes a case of someone turning the tables on a Twitter scammer. Our catch of the day involves a clumsy claim of physical harm. Dave interviews author Dave Levitan about his book Not a Scientist: How politicians mistake, misrepresent and utterly mangle science.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

The excitement of tricking someone wears off quickly.

Thu, 31 Jan 2019 06:00:00 -0000

We've got followup on bank scams and ransomware. Joe describes a highly sophisticated multinational business scam. Dave shares a story about private school parents falling for a Bitcoin discount scam. Our guest is Jordan Harbinger, host of The Jordan Harbinger Show, with insights on influence and social engineering.

Links to this week's stories:

https://www.cpomagazine.com/cyber-security/cyber-fraud-by-chinese-hackers-makes-headlines-in-india/

https://www.bbc.com/news/uk-england-tyne-46920810

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Opening your eyes to the reality in which we live.

Thu, 24 Jan 2019 06:00:00 -0000

Dave reviews tips on protecting yourself from ransomware. Joe describes a clever way to trick people into enabling macros. An attempt at celebrity friendship is our catch of the day. Carole Theriault returns and speaks with Dr. Jessica Barker from Cygenta about effective training techniques.

Links to stories mentioned:

https://www.csoonline.com/article/3331981/ransomware/how-to-protect-backups-from-ransomware.html

https://myonlinesecurity.co.uk/agent-tesla-reborn-via-fake-order/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Prisoners have nothing but time.

Thu, 17 Jan 2019 06:00:00 -0000

Joe shares the tale of a prisoner running a variety of romance scams from the inside. Dave outlines direct deposit scams. The catch of the day is a clever variation from (where else?) Nigeria. Our guest is Sam Small from ZeroFox.

Links to stories:

https://hubpages.com/politics/The-Games-That-Inmates-Play

https://ogletree.com/shared-content/content/blog/2018/january/diverting-employees-payroll-direct-deposits-the-latest-wave-of-phishing-scams

https://www.kansas.com/news/local/crime/article223873805.html

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Trained humans are your strongest link.

Thu, 10 Jan 2019 06:00:00 -0000

Dave warns of scammers gaining access to homes by pretending to be workers from the local utility company. Joe shares a story of a sophisticated bank transfer scam in the UK. Our catch of the day outlines an attempted email scam targeting an architectural firm. Carole Theriault is back with the second part of her interview with the pen tester who goes by the name freaky clown.

Links to today's stories:

https://www.wxyz.com/news/michigan-energy-company-warns-of-increase-in-imposters-trying-to-enter-homes

https://inews.co.uk/inews-lifestyle/money/lost-19960-life-savings-phone-scam-natwest

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

At some point you're probably going to have to do some running.

Thu, 03 Jan 2019 06:00:00 -0000

Joe describes a reply-all scenario gone wrong. Dave explains the criminal use of steganography in memes as a command and control technique. Our catch-of-the-day features alluring photos texted to an unimpressed listener. Carole Theriault interviews physical pen tester Freaky Clown.

Links to stories mentioned in this week's show:

https://blog.trendmicro.com/trendlabs-security-intelligence/cybercriminals-use-malicious-memes-that-communicate-with-malware/

https://www.cygenta.co.uk/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

Truth emerges from the clash of ideas.

Thu, 20 Dec 2018 06:00:00 -0000

We follow up on critical feedback of last week's show. Dave describes how online extortionists have pivoted from sex to explosives. We've got an auto-responding catch of the day from one of Joe's colleagues. Guest is Sean Brooks, Director of the Citizen Clinic and a Research Fellow at the Center for Long-Term Cybersecurity at UC Berkeley. He shares their research into online attacks of politically vulnerable organizations.

From our EV certs follow-up:

https://www.troyhunt.com/extended-validation-certificates-are-dead/

https://casecurity.org/2018/12/06/ca-security-council-casc-2019-predictions-the-good-the-bad-and-the-ugly/

Bomb threat catch of the day:

https://www.zdnet.com/article/extortion-emails-carrying-bomb-threats-cause-panic-across-the-us/

Sean Brooks interview:

Report: http://cltc.berkeley.edu/defendingpvos/

Clinic: http://cltc.berkeley.edu/citizen-clinic/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

A pesky problem that doesn't go away.

Thu, 13 Dec 2018 06:00:00 -0000

Joe describes a Nigerian gang called London Blue that focuses on business email compromise. Dave shares surprising Cyber Monday phishing statistics. Guest Chris Bailey from Entrust Datacard teaches us how to detect lookalike sites online and better protect ourselves from fraud.

Links to today's stories:

https://www.agari.com/insights/whitepapers/london-blue-report/

https://www.zscaler.com/blogs/research/cyber-monday-biggest-day-cyberattacks-not-long-shot

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Bringing trust to a trustless world.

Thu, 06 Dec 2018 06:00:00 -0000

Listener follow-up on a URL issue. Dave describes an elderly couple scammed out of savings. Joe wonders if it's wise to unsubscribe. Guest Andre McGregor from TLDR Capital describes his work as a former FBI agent, and his experience consulting on Mr. Robot.

Bank account transfer scam:

https://abc11.com/troubleshooter-durham-couple-loses-$8900-in-computer-virus-scam/4782799/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Be very aware of your desire to be right.

Thu, 29 Nov 2018 06:00:00 -0000

Joe explains URLs and DNS. Dave has tips to prevent holiday skimming. A bogus bank barrister is the catch of the day. Writer Ben Yagoda explains cognitive biases.

Links:

Wikipedia page on URLs -

https://en.wikipedia.org/wiki/URL

Tips to prevent skimming -

https://www.social-engineer.org/newsletter/social-engineer-newsletter-vol-07-issue-96/

Ben Yagoda's article from the Atlantic -

https://www.theatlantic.com/magazine/archive/2018/09/cognitive-bias/565775/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

CEOs can be the weakest link.

Thu, 15 Nov 2018 06:00:00 -0000

Listener feedback on the "Can you hear me?" scam. Dave shares an ongoing Elon Musk Bitcoin giveaway scam. Joe describes the malicious use of a compromised DHL email address. This week's catch of the day comes from down under. (Apologies to the fine citizens of Australia.) Carole Theriault returns with an interview with MimeCast's Matthew Gardiner.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Human sources are essential.

Thu, 08 Nov 2018 06:00:00 -0000

Joe gathers open source information online. Dave wonders if a tow truck driver got the better of him. A listener shares a possible custom app scam. Former FBI agent Dennis Franks shares his experience developing human intelligence sources.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Scams are fraud and fraud is crime.

Thu, 01 Nov 2018 05:00:00 -0000

We get listener followup on the church pastor scam. Dave explores a phony investment web site. Joe explains phishing, spear phishing and whaling. Fake federal agents are featured in our catch of the day. Carole Theriault interviews Max Bruce from Action Fraud UK.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Fear, flattery, greed and timing.

Thu, 25 Oct 2018 05:00:00 -0000

We get followup feedback on gift cards. Joe describes a banking payment scam on a Canadian university. Dave reveals some sneaky apps. A reader shares a story worth its weight in gold. Jenny Radcliffe from Human Factor Security shares her insights on social engineering.

Links to stories in this episode:

https://www.thestar.com/edmonton/2018/10/09/how-a-fraudster-got-12-million-out-of-a-canadian-university-they-just-asked-for-it.html

https://www.forbes.com/sites/johnkoetsier/2018/10/04/app-scams-cheap-utility-apps-are-stealing-260-2500-or-even-4700-each-year-per-user/#9de2b67162ac

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Waste my time and I'll waste yours back.

Thu, 18 Oct 2018 05:00:00 -0000

Dave reveals a stealthy trademark scam. Joe describes the invocation of a judge's name to lure a victim. A listener shares a business scam from India. Joe interviews "Shannon," a listener who enjoys wasting phone scammer's time.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Information is the life blood of social engineering.

Thu, 11 Oct 2018 05:00:00 -0000

Joe ponders how a phone number is obtained. Dave's friend avoids a Google gift card scam. Christopher Hadnagy returns with an update to his book, The Science of Social Engineering.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Easier to trick than to hack.

Thu, 04 Oct 2018 05:00:00 -0000

Dave dodges a local theater scam. Joe shares survey results from Black Hat attendees. A listener's calendar pops up alluring invitations. Carole Theriault interviews Sophos Naked Security writer Mark Stockley about password shortcomings.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Kidnappers, robots and deep fakes.

Thu, 27 Sep 2018 05:00:00 -0000

Joe shares a kidnapping scam targeting foreign students. Dave describes social engineering involving robots. Our guest is Robert Anderson from the Chertoff Group, discussing Deep Fake technology and how it erodes trust.

Links to stories mentioned in this week's show:

https://searchsecurity.techtarget.com/news/252448458/Robot-social-engineering-works-because-people-personify-robots

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Stringing along a scammer.

Thu, 20 Sep 2018 05:00:00 -0000

Dave warns of scammers taking advantage of hurricane Florence, both on the phone and in person. Joe shares a scheme targeting the kindness of local churchgoers. A cosmic variation on the Nigerian email scam. Joe interviews his Johns Hopkins University colleague Chris Venghaus, who leads a tech support scammer on a wild goose chase.

Links to stories mentioned in this week's show:

https://www.13newsnow.com/video/weather/hurricanes/hurricane-florence/hurricane-scammers-target-hampton-roads/291-8250736

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Influence versus manipulation.

Thu, 13 Sep 2018 10:00:00 -0000

Joe describes a law firm impersonating a rival to funnel business away from them. Dave has a story of pontiff impersonation. Our guest is Joe Gray from Advanced Persistent Security.

Links to stories mentioned in this week's show:

https://www.theregister.co.uk/2018/08/27/lawyers_impersonating_rivals/

https://www.ccn.com/pope-francis-latest-target-of-twitter-crypto-scam/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Real estate transactions in the crosshairs.

Thu, 06 Sep 2018 10:00:00 -0000

Dave gets scammed on an exit ramp. Joe describes real estate transaction scams. Is LinkedIn moonlighting in Himalayan tourism? Guest Asaf Cidon from Barracuda Networks shares social engineering trends his team is tracking.

Links to stories mentioned in this week's show:

http://www.baltimoresun.com/news/maryland/crime/bs-md-ramp-scam-20161018-story.html

https://www.cyberradio.com/2018/08/threat-actors-targeting-homebuyers-with-phishing-attacks/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Red teaming starts with research.

Thu, 30 Aug 2018 10:00:00 -0000

Joe describes an Office 365 phishing campaign. Dave warns of dangerous USB cables. A listener shares a fax from the UK. Joe interviews security consultant and pen tester Justin White.

Links to stories mentioned in this week's show:

https://www.helpnetsecurity.com/2018/08/15/office-365-phishing-sharepoint/

https://srlabs.de/bites/usb-peripherals-turn/

https://www.bleepingcomputer.com/news/security/usbharpoon-is-a-badusb-attack-with-a-twist/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Telling the truth in a dishonest way.

Thu, 23 Aug 2018 10:00:00 -0000

Links to stories mentioned in this week's show:

https://www.hollywoodreporter.com/news/why-are-wannabe-screenwriters-getting-scammed-1130919

https://nakedsecurity.sophos.com/2018/08/17/romance-scam-victim-allegedly-plotted-to-kill-her-mother-for-cash/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Sometimes less is more.

Thu, 16 Aug 2018 10:00:00 -0000

Joe shares the story of a retiree scammed by a clever scheme. Dave describes a tech-support scam with a Russian twist. Our Catch of the Day features an adorable puppy. Guest Michael Murray from Lookout explains mobile device vulnerabilities.

Links to stories mentioned in this week's show:

https://www.scamwatch.gov.au/get-help/real-life-stories/investment-scam-how-steve-lost-200-000-to-an-investment-scam

https://www.grahamcluley.com/phone-scam-exploits-russian-hacking-fears/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Focus, technology, and training fight phishing.

Thu, 09 Aug 2018 10:00:00 -0000

Dave describes a phishing attempt to infiltrate U.S. election systems. Joe shares a story of government agencies receiving malicious CDs in the mail. University employees are lured by greed. And David Baggett from Inky joins us to describe phishing techniques they are seeing and offers ways to best protect yourself and your organization.

Links to stories mentioned in this week's show:

https://theintercept.com/2018/06/01/election-hacking-voting-systems-email/

https://krebsonsecurity.com/2018/07/state-govts-warned-of-malware-laden-cd-sent-via-snail-mail-from-china/

http://hci2018.bcs.org/prelim_proceedings/papers/Work-in-Progress%20Track/BHCI-2018_paper_95.pdf

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Luring unsuspecting money mules.

Thu, 02 Aug 2018 10:00:00 -0000

Joe describes clever gift card scams. Dave follows up on last week's proposal to waste phone scammer's time. A more plausible phishing scheme comes through. Guest David Shear from Flashpoint describes methods scammers use to lure people into being money mules.

Links:

https://securelist.com/giftcard-generators/86522/

https://jollyrogertelephone.com/

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Nothing up my sleeve.

Thu, 26 Jul 2018 10:00:00 -0000

Dave shares a story of deception right out of Hollywood.

https://www.hollywoodreporter.com/features/hunting-con-queen-hollywood-1125932

Joe proposes changing the financial incentives for scammers.

A porn-shaming catch of the day courtesy of Johannes Ulrich.

An interview with atomic physicist and close-up magician Adam West.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Think like an attacker.

Thu, 19 Jul 2018 11:00:00 -0000

Joe describes a con law enforcement agencies use to lure crooks. Dave shares a tech support scan spreading in chat forums. A listener from Dublin has a fake email from Apple. We welcome Rachel Tobac, CEO of SocialProof Security.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Presidential prank, pensioner pilfered.

Thu, 12 Jul 2018 11:00:00 -0000

Dave recounts the news that US President Trump likely fell for a prank phone call. Joe outlines the sad story of a woman robbed of her retirement savings. Twitter account recovery scams. Charles Arthur, author of Cyber Wars - Hacks that Shocked the Business World, joins us for an interview.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Phone scams, phantom employees and sitting Ducks.

Thu, 05 Jul 2018 11:00:00 -0000

Joe warns of a harrowing phone scam technique, Dave reveals an alternate persona, a listener tries to sell a truck, and Carole Theriault from the Smashing Security Podcast interviews Sophos' Paul Ducklin.

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Separating fools from money.

Thu, 28 Jun 2018 11:00:00 -0000

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Playing on kindness.

Thu, 21 Jun 2018 05:00:00 -0000

Joe explains the Ben Franklin effect. Dave describes job applicants tricked unto money laundering. A listener tells a tale of being fooled by an appeal to greed. Joe interviews Stacey Cameron from DirectDefense about her physical penetration testing work.

Gaming pro athletes online.

Thu, 14 Jun 2018 05:00:00 -0000

Joe warns of scammers taking advantage of natural disasters, Dave explores romance scams, and gets a strange voice mail.

Stephen Frank from the National Hockey League Players Association joins us to share how professional athletes protect themselves from online scams.

A flood of misinformation and fake news.

Thu, 07 Jun 2018 05:00:00 -0000

In this episode, Joe examines the anatomy of a phishing attack, Dave explores pretexting, and a scammer targets real estate agents.

Professor Stephen Lewandowsky from the University of Bristol joins us to share his research on misinformation, fake news, and inoculating people against them.

Social Engineering works because we're human.

Wed, 30 May 2018 05:00:00 -0000

In this premier episode of the Hacking Humans podcast, cohosts Dave Bittner from the CyberWire and Joe Carrigan from the Johns Hopkins University Information Security Institute discuss noteworthy social engineering schemes and ways to detect them.

Author Christopher Hadnagy discusses his book The Art of Human Hacking.