DiscoverHacking Humans
Claim Ownership
614 Episodes
Reverse
Thinking past the US 2024 Presidential Election, In part three of the series, Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses reducing the impact of propaganda in the future elections with Perry Carpenter, Chief Human Risk Management Strategist at KnowBe4 and host of the 8th Layer Insights Podcast, Nina Jankowicz, Co-Founder and CEO of the The American Sunlight Project, and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber.
Check out Part 1 & 2!
Part 1: Election Propaganda Part 1: How Does Election Propaganda Work? In this episode, Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses personal defensive measures that every citizen can take—regardless of political philosophy—to resist the influence of propaganda. This foundational episode is essential for understanding how to navigate the complex landscape of election messaging.
Part 2: Election Propaganda: Part 2: Modern propaganda efforts. In preparation for the US 2024 Presidential Election, Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses recent international propaganda efforts in the form of nation state interference and influence operations as well as domestic campaigns designed to split the target country into opposing camps. Guests include Nina Jankowicz, Co-Founder and CEO of the The American Sunlight Project and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber.
References:
Rick Howard, 2024. Election Propaganda Part 1: How does election propaganda work? [3 Part Podcast Series]. The CyberWire.
Rick Howard, 2024. Election Propaganda: Part 2: Modern propaganda efforts. [3 Part Podcast Series]. The CyberWire.
Christopher Chabris, Daniel Simons, 2010. The Invisible Gorilla: And Other Ways Our Intuitions Deceive Us [Book]. Goodreads.
Chris Palmer, 2010. TFL Viral - Awareness Test (Moonwalking Bear) [Explainer]. YouTube.
David Ehl, 2024. Why Meta is now banning Russian propaganda [News]. Deutsche Welle.
Eli Pariser, 2011. The Filter Bubble: What the Internet is Hiding From You [Book]. Goodreads.
Kara Swisher, Julia Davis, Alex Stamos, Brandy Zadrozny, 2024. Useful Idiots? How Right-Wing Influencers Got $ to Spread Russian Propaganda [Podcast]. On with Kara Swisher.
Nate Silver, 2024. What’s behind Trump’s surge in prediction markets? [Analysis]. Silver Bulletin.
Niha Masih, 2024. Meta bans Russian state media outlet RT for acts of ‘foreign interference’ [News]. The Washington Post.
Nilay Patel, 2024. The AI election deepfakes have arrived [Podcast]. Decoder.
Nina Jankowicz, 2020. How to Lose the Information War: Russia, Fake News and the Future of Conflict [Book]. Goodreads.
Perry Carpenter, 2024. FAIK: A Practical Guide to Living in a World of Deepfakes, Disinformation, and AI-Generated Deceptions [Book]. Goodreads.
Perry Carpenter, 2021. Meatloaf Recipes Cookbook: Easy Recipes For Preparing Tasty Meals For Weight Loss And Healthy Lifestyle All Year Round [Book]. Goodreads.
Perry Carpenter, n.d. 8th Layer Insights [Podcast]. N2K CyberWire.
Renee DiResta, 2024. Invisible Rulers: The People Who Turn Lies into Reality [Book]. Goodreads.
Robin Stern, Marc Brackett, 2024. 5 Ways to Recognize and Avoid Political Gaslighting [Explainer]. The Washington Post.
Sarah Ellison, Amy Gardner, Clara Ence Morse, 2024. Elon Musk’s misleading election claims reach millions and alarm election officials [News]. The Washington Post.
Scott Small, 2024. Election Cyber Interference Threats & Defenses: A Data-Driven Study [White Paper]. Tidal Cyber.
Staff, n.d. Overview: Coalition for Content Provenance and Authenticity [Website]. C2PA.
Staff, 2021. Foreign Threats to the 2020 US Federal Elections [Intelligence Community Assessment]. DNI.
Staff, n.d. Project Origin [Website]. OriginProject. URL https://www.originproject.info/
Stuart A. Thompson, Tiffany Hsu, 2024. Left-Wing Misinformation Is Having a Moment [Analysis] The New York Times.
In preparation for the US 2024 Presidential Election, Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses recent international propaganda efforts in the form of nation state interference and influence operations as well as domestic campaigns designed to split the target country into opposing camps. Guests include Nina Jankowicz, Co-Founder and CEO of the The American Sunlight Project and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber.
References:
Scott Small, 2024. Election Cyber Interference Threats & Defenses: A Data-Driven Study [White Paper]. Tidal Cyber.
Renee DiResta, 2024. Invisible Rulers: The People Who Turn Lies into Reality [Book]. Goodreads.
Nina Jankowicz, 2020. How to Lose the Information War: Russia, Fake News and the Future of Conflict [Book]. Goodreads.
Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses personal defensive measures that an average citizen, regardless of political philosophy, can take in order to not succumb to propaganda.
References:
David Ehl, 2024. Why Meta is now banning Russian propaganda [News]. Deutsche Welle.
Jeff Berman, Renée DiResta, 2023. Disinformation & How To Combat It [Interview]. Youtube.
Niha Masih, 2024. Meta bans Russian state media outlet RT for acts of ‘foreign interference’ [News]. The Washington Post.
Quentin Hardy, Renée DiResta, 2024. The Invisible Rulers Turning Lies Into Reality [Interview]. YouTube.
Rob Tracinski, Renée DiResta, 2024. The Internet Rumor Mill [Interview]. YouTube.
Robin Stern, Marc Brackett, 2024. 5 Ways to Recognize and Avoid Political Gaslighting [Explainer]. The Washington Post.
Sarah Ellison, Amy Gardner, Clara Ence Morse, 2024. Elon Musk’s misleading election claims reach millions and alarm election officials [News]. The Washington Post.
Scott Small, 2024. Election Cyber Interference Threats & Defenses: A Data-Driven Study [White Paper]. Tidal Cyber.
Staff, 2021. Foreign Threats to the 2020 US Federal Elections [Intelligence Community Assessment]. DNI.
Staff, 2024. Election Cyber Interference Threats & Defenses: A Data-Driven Study [White Paper]. Tidal.
Stuart A. Thompson, Tiffany Hsu, 2024. Left-Wing Misinformation Is Having a Moment [Analysis. The New York Times.
Stuart A. Thompson, 2024. Elon Musk’s Week on X: Deepfakes, Falsehoods and Lots of Memes [News]. The New York Times.
Will Oremus, 2024. Zuckerberg expresses regrets over covid misinformation crackdown [News]. The Washington Post.
Yascha Mounk, Renée DiResta, 2022. How (Not) to Fix Social Media [Interview]. YouTube.
Renee DiResta, 2024. Invisible Rulers: The People Who Turn Lies into Reality [Book]. Goodreads.
Nina Jankowicz, 2020. How to Lose the Information War: Russia, Fake News and the Future of Conflict [Book]. Goodreads.
Cybersecurity interview with ChatGPT.
In part one of CyberWire’s Interview with the AI, Brandon Karpf interviews ChatGPT about topics related to cybersecurity. Rick Howard joins Brandon to analyze the conversation and discuss potential use cases for the cybersecurity community.
ChatGPT is a chatbot launched by OpenAI and built on top of OpenAI’s GPT-3 family of large language models.
Cyber questions answered by ChatGPT in part one of the interview.
What were the most significant cybersecurity incidents up through 2021?
What leads you to characterize these specific events as significant?
What were the specific technical vulnerabilities associated with these incidents?
Who were the cyber actors involved in each of these attacks?
Do you think it's valuable to attribute cyber attacks to specific actors?
On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. First we start off with some follow up, our hosts share some more information on VIN swapping, and a clarification on bank participation in FinCEN. Maria shares a telling tale about a Bethesda couple loosing $367,000 in gold bars to a sophisticated scam involving fake officials and elaborate deceptions, but a police sting led to the arrest of a suspect, highlighting a growing nationwide trend of elderly victims targeted by gold bar fraud. Joe's story comes from KnowBe4 and is on DavidB, their VP of Asia Pacific, thwarting a sophisticated social engineering attack via WhatsApp by recognizing inconsistencies in the impersonator’s behavior and verifying directly with the colleague they claimed to be. Dave's story comes from the FBI on how criminals are exploiting generative AI to enhance fraud schemes, including using AI-generated text, images, audio, and video to create convincing social engineering attacks, phishing scams, and identity fraud, while offering tips to protect against these threats. Our catch of the day comes from a listener who received an urgent email from someone claiming to be an FBI agent with a rather dramatic tale about intercepted consignment boxes, missing documents, and a ticking clock—but let's just say this "agent" might need some better training in both law enforcement and grammar.
Resources and links to stories:
“VIN swap scam costs Las Vegas man $50K, new truck"
FinCEN
Gold bar scammers claimed hackers could fund Russian missiles, police say
Real Social Engineering Attack on KnowBe4 Employee Foiled
Criminals Use Generative Artificial Intelligence to Facilitate Financial Fraud
You can hear more from the T-Minus space daily show here.
Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week, Maria shares two stories this week, the first is from "PayPal" saying they are owed over $200. The second comes from LinkedIn where a gentleman shares the terrifying story of losing everything all because of a scam. Joe's story is on text message scams where strangers pretend to know you, building trust over time to lure victims into schemes like cryptocurrency fraud; he advises ignoring unknown messages, blocking suspicious numbers, avoiding links, and protecting personal information. Dave's story follows Silent Push Threat Analysts tracking "Payroll Pirates," a group leveraging phishing campaigns targeting HR systems like Workday to redirect payroll funds by using search ads, spoofed websites, and credential harvesting, as they alert organizations and share threat intelligence to counter these sophisticated attacks. Our catch of the day comes from a phishing scam email claiming to offer a $1.75 million compensation fund via the "United Bank for Africa," requiring victims to share personal and banking details under the guise of an IMF directive.
Resources and links to stories:
“Wrong Number” Text Scams on the Rise
Hunting Payroll Pirates: Silent Push Tracks HR Redirect Phishing Scam
You can hear more from the T-Minus space daily show here.
Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week, our hosts dive into some follow up from listener Will. who writes in about the Financial Crimes Enforcement Network. They also share after an anonymous listener writes in with a suggestion on filtering scam emails using the DocuSign API. Maria follows the story of how Black Friday is increasingly being dubbed "Black Fraud Day," as criminals exploit the festive shopping frenzy to scam eager bargain hunters, often using AI to create convincing fraud schemes. Joe has two stories this week. The first one is on scammers exploiting financially distressed individuals by posing as the "Bankruptcy Fraud Watchdog Group," threatening bankruptcy filers with false accusations and fines payable in Bitcoin, while warning them against contacting their attorneys. The second story explores the rise of deepfake scams in the U.S., with criminals using AI-generated videos of celebrities like Elon Musk to deceive victims into fraudulent cryptocurrency investments, contributing to over $12 billion in annual fraud losses. Finally, Dave share's a story on a new wave of deepfake scams, where AI-generated videos of Elon Musk trick unsuspecting victims into investing large sums, contributing to billions in fraud losses. Our catch of the day comes from Raul, who shares a scammy text message sent to his mother, sharing his efforts to educate her on spotting fraudulent messages.
Resources and links to stories:
Black Friday turning into Black Fraud Day, says UK cybersecurity chief
U.S. Trustee Program Warns Consumers of Bankruptcy Fraud Alert Scam
Deepfakes of Elon Musk are contributing to billions of dollars in fraud losses in the U.S.
Inside the Mind of Thru-Hiking’s Most Devious Con Man
You can hear more from the T-Minus space daily show here.
Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week, Joe shares a note from listener Michael before getting into stories, and Michael writes in to share that there are VIN cloning scams. Joe brings back the Iota discussion from last week. Joe's up first for stories and focuses on fraud. Dave informs us of the new human-like AI granny who is wasting scammers time. Finally Maria brings us the story of how BforeAI researchers analyzed over 6000 newly registered retail domains, revealing a surge in scam activity targeting shoppers with phishing websites, fake apps, and fraudulent offers, particularly during the holiday season, exploiting brand names, seasonal trends, and emerging technologies like AI and cryptocurrency. Our catch of the day comes from listener Kenneth who writes in about a fraudulent email claiming to be from Emirates Group, inviting a company to register as a vendor or contractor for upcoming projects in 2024/2025. The email emphasizes the company's experience in various sectors and urges a prompt response to initiate the registration process. It is signed by a supposed "Contractors Coordinator," Mr. Steve Ibrahim Ghandi, and includes fake contact details for the Emirates Group.
Resources and links to stories:
VIN cloning
How Cybercriminals Use Vehicle Identification Numbers (VINs) to Hack Cars
Yes, your car's Vehicle Identification Number can be used to steal from you
Geolocation Resources for OSINT Investigations
Person dressed in a bear costume to fake attacks on cars for insurance payout, California officials say
U.S. Trustee Program Warns Consumers of Bankruptcy Fraud Alert Scam
O2 unveils Daisy, the AI granny wasting scammers’ time
2024 Online Holiday Retail Threat Report
You can hear more from the T-Minus space daily show here.
Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week, the team shares follow up about FEMA and Hurricane Helene relief. Dave's story is about romance scams involving an impersonator of a WWE star scamming a grandfather out of their retirement savings, Maria shares a story about a valid-looking document impersonating DocuSign's API (application programming interface). Joe's got a few stories including one about a CVE (Common Vulnerabilities Enumeration) relating to an Okta bug and one from the Better Business Bureau with a new twist on online shopping scams where your get a "card declined" message. Our Catch of the Day comes from listener William about an email from the "United Nations."
Resources and links to stories:
DisasterAssistance.gov
They’re Giving Scammers All Their Money. The Kids Can’t Stop Them.
Attackers Abuse DocuSign API to Send Authentic-Looking Invoices At Scale
DMARC: Domain-based Message Authentication, Reporting & Conformance
CVE-2024-10327
BBB Scam Alert: 'Card declined' error may lead to multiple fraudulent charges
You can hear more from the T-Minus space daily show here.
Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
Maria Varmazis, host of N2K's daily space show T-Minus, joins Dave and Joe to share the story of the five types of social engineers Deanne Lewis encountered while tending bar, revealing how each barroom personality reflects a common cybersecurity threat. Our hosts share some follow-up from a friend of the show, JJ, who reports a rise in tech support scams targeting non-tech-savvy users by locking their screens and persuading them to call scammers, often leading to credit card fraud and unauthorized remote access through tools like AnyDesk or TeamViewer. Joe has two stories this week: one covering JPMorgan Chase's lawsuits against individuals who exploited an ATM glitch to withdraw fake deposits, a scam popularized on TikTok; and the second on four suspects in Maryland charged with conning an elderly woman out of nearly $40,000 in a "pigeon drop" scam, where victims are promised a cut of "found" money in exchange for collateral. Dave's story is on a viral AI-generated hoax spreading on Facebook, where fake posts about neighbors egging cars over Halloween decorations are stirring moral panic and sowing distrust, especially among older users. Finally, our catch of the day comes from some text threads about a scammer trying to get clever while buying a used car.
Links to the stories:
The Five Types of Social Engineers I Met Tending Bar (And What They Taught Me About InfoSec)
JPMorgan Chase is suing customers over 'infinite money glitch' ATM scam
Four charged in ‘pigeon drop’ scam targeting elderly in Maryland
The newest AI slop on Facebook exploits suburban fear
You can hear more from the T-Minus space daily show here.
Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
Maria Varmazis, host of N2K's daily space show T-Minus, joins Dave and Joe to share the story of a relentless wave of political donation texts that go well beyond simple annoyance, revealing an unsettling impact on vulnerable populations. CNN's investigation exposes how these texts, with their urgent and personal tone, have led seniors, including those with dementia, to make thousands of donations—sometimes unknowingly amassing hundreds of thousands of dollars for campaigns. Joe's story highlights a dash cam video capturing a car colliding with another vehicle while backing up on a busy highway. The footage raises questions about driver awareness and road safety in high-traffic situations. Dave's story shares the alarming potential of OpenAI's real-time voice API, which allows scammers to create AI agents capable of executing phone scams for as little as $0.75. Researchers from the University of Illinois Urbana-Champaign revealed that these agents can autonomously conduct scams, raising serious concerns about the misuse of voice-enabled AI technology despite previous safety precautions. And finally, our catch of the day shares how the Library of Congress is cracking down on copy write infringement.
Links to the stories:
Age of fraud: Are seniors more vulnerable to financial scams?
How elderly dementia patients are unwittingly fueling political campaigns
Apparent attempt at insurance scam caught on camera
Voice-enabled AI agents can automate everything, even your phone scams
Bank account transfer scam
You can hear more from the T-Minus space daily show here.
Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
Maria Varmazis, host of N2K's daily space show T-Minus, joins Dave and Joe to share the story of how ESET Research revealed that Telekopye, a scam toolkit used by cybercriminals, has expanded its operations from online marketplaces to accommodation booking platforms like Booking.com and Airbnb. Joe’s story is on the elaborate "blessing scam" targeting older Chinese women, where scammers pose as spiritual healers to swindle victims out of their valuables by convincing them their loved ones are in danger—a criminal act spanning across the UK, US, Australia, and Canada, leaving families desperate to catch the perpetrators. Dave follows the story of a new rule passed by the US Federal Trade Commission (FTC) to make subscription cancellations easier with a simple "click to cancel" process. Our catch of the day comes from Reddit where a user was contacted via text message claiming that they were mixed up in a romance scam.
Links to the stories:
Telekopye scammer network targets Booking.com and Airbnb
'Your son will die': How blessing scammers prowl streets
FTC “click to cancel” rule seeks to end free trial traps, sneaky auto-enrollments
You can hear more from the T-Minus space daily show here.
Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
Maria Varmazis, host of N2K's daily space show T-Minus, joins Dave and Joe to share the story of how cybercriminals are exploiting the chaos following Hurricane Helene in Florida by launching scams and phishing attacks. Veriti’s research highlights three key threats: FEMA claim scams, phishing using hurricane-related domains, and malicious files disguised as FEMA documents, all targeting vulnerable individuals. This week, Joe's got three hard-hitting stories lined up! First, U.S. authorities have charged 18 individuals and companies for pulling off fraudulent schemes to manipulate cryptocurrency markets. Next, leaders from four crypto firms and market makers face charges for wash-trading and inflating prices to lure in investors. Finally, in a groundbreaking move, federal prosecutors have launched the first-ever criminal case targeting wash trading in digital assets, shaking up the crypto world. Dave share's a Facebook watch you can't say no too. Our catch of the day comes from Reddit, and follows a chain of messages where a scammer is sharing news that sounds a bit too good to be true.
Links to the stories:
Exploiting Hurricane Helene with FEMA Scams and Phishing Threats
Eighteen Individuals and Entities Charged in International Operation Targeting Widespread Fraud and Manipulation in the Cryptocurrency Markets
Seeking Information in Cryptocurrency Investment Fraud Investigation
U.S. Federal Prosecutors File First-Ever Criminal Charges for Crypto Market Manipulation
You can hear more from the T-Minus space daily show here.
Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
Maria Varmazis, host of N2K's daily space show T-Minus, joins Dave and Joe to share the story of a South Carolina couple, and how they were devastated to discover their vacant land in Concord, Massachusetts was fraudulently sold by thieves who posed as them, with the new owners already building a home on the property, prompting a lawsuit and an FBI investigation.
Our hosts share some follow-up on two intriguing listener contributions. John blocks Google ads using NextDNS, which catches ad wrappers unless manually disabled. Georgi from Japan describes a new Visa card with no visible number or CVV.
Dave's story is on triangulation fraud, a scam on e-commerce platforms like Amazon, where a fraudster lures buyers with fake listings for popular products at enticingly low prices, then uses stolen payment information to purchase the legitimate product from a seller, ultimately leaving the buyer unaware until debt collection notices arrive. Meanwhile, Joe has two stories this week. Police arrested five individuals in connection with a fake Brad Pitt scam that defrauded two women of $362,000. He also explores insights from the 2024 Global State of Authentication survey in a Q&A with Yubico VP Derek Hanson, who discusses the future of passkeys. Our catch of the day shares some royal secrets you won't want to miss.
Links to the stories:
Valuable land in Concord, Massachusetts stolen from couple. Now a home is being built there
The Amazon triangle scam: What it is, how it works, and what to do
Police arrest five people over fake Brad Pitt scam after two women lost $362,000
2024 Global State of Authentication survey: Q&A with Yubico VP Derek Hanson on a passkey future
You can hear more from the T-Minus space daily show here.
Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
It's all in the details, folks. Pay attention to those and you can avoid unnecessary stress. Dave Bittner, Maria Varmazis, and Joe Carrigan swap stories on email password-stealing attacks, Google ads scams, and fake banks this week. The team shares follow up from listener Steven from the UK about the hazards of shoulder surfing when they received their new debit card with all PII on the same side of the card. A friend of the show JJ shared a story and a warning about fake checks. Never accept a check from a stranger.
Dave's story covers Action Fraud, the UK’s national fraud and cyber reporting center, warning iPhone users of a new Apple ID phishing campaign. Maria talks about new research that uncovers a new scam that takes advantage of public wishlists on ecommerce websites, which in this case is Walmart, but is similar to those found on Amazon and other sites. Joe's story is about a firm in Singapore with an email from a supplier requesting that a pending payment be sent to a new bank account based in East Timor.
Our Catch of the Day is from Reddit on the /scambait subreddit "THE Dolly Parton is going to let ME in her VIP club."
Links to the stories:
iPhone Users Warned As New Email Password-Stealing Attacks Reported
Walmart customers scammed via fake shopping lists, threatened with arrest
Police recover over USD 40 million from international email scam
THE Dolly Parton is going to let ME in her VIP club.
You can hear more from the T-Minus space daily show here.
Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
This week, Dave and Joe share some listener follow-up from Clayton about credit card fraud and the potential issues with automatic update services that some cards provide. Dave's story is on sextortion scams targeting spouses, where scammers claim a partner is cheating and provide links to fake "proof." Joe has two stories this week, the first one is on how Police in Lebanon County arrested an alleged grandparent scammer after a sting operation. Joe's second story is on scam victims being compensated under a new Labor plan in Australia, which would fine banks, telcos, and social media platforms up to $50 million for failing to meet anti-scam obligations. Our catch of the day comes from Reddit, where someone posted a text message thread of their conversation with a scammer about a potential job.
Links to the stories:
Sextortion scams now use your "cheating" spouse’s name as a lure
Police in Lebanon County arrest alleged grandparent scammer after sting operation
Scam victims to be compensated under Labor plan to fine banks and social media platforms $50m
Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
Maria Varmazis, host of N2K's daily space show T-Minus, joins Dave and Joe to share the story on the "Hello pervert" sextortion scam, where scammers now use threats of Pegasus spyware and photos of victims' homes to intensify their demands. We have quite a bit of follow-up today. Scott from Australia shared how self-service checkouts now display scam warnings when purchasing gift cards to prevent fraud. Jim highlighted a vulnerability in YubiKey encryption libraries that allows key cloning with an oscilloscope, while a former US Marshal reminded us that Zelle is marketed specifically for transfers between friends and family. Joe's story is on Loria Stern, a small bakery owner who fell victim to a counterfeit check scam after receiving a $7,500 payment for a large cupcake order that was later halved, resulting in her bank withdrawing the funds. Dave's story follows the scams targeting grieving individuals on Facebook, where cybercriminals use fake funeral live stream links or donation requests to steal money and credit card details. Our catch of the day comes from listener Anne, who shares a phishing email sent to a friend. The email emphasized the importance of thorough testing in the software development lifecycle and came with a suspicious PDF attachment, likely containing a malicious link. Anne hopes the campaign has zero success.
Links to the stories:
“Hello pervert” sextortion scam includes new threat of Pegasus—and a picture of your home
LA bakery owner takes big financial hit after receiving scam order of 1,000 cupcakes, paid for with a $7.5K counterfeit check — her bank’s promise of protection fell through
Fake funeral “live stream” scams target grieving users on Facebook
You can hear more from the T-Minus space daily show here.
Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
Maria Varmazis, host of N2K's daily space show T-Minus, joins Dave and Joe to share the story of how the ease of registering an LLC in Colorado has led to a surge in fraudulent businesses. She discusses how residents receiving suspicious mail addressed to fake LLCs registered at their homes are overwhelming the state's Secretary of State with thousands of complaints. Joe's story is on how scammers used a seaside hotel and former bank offices on the Isle of Man to defraud victims in China out of millions of dollars. Dave's story follows a phishing campaign where attackers impersonated HR departments by sending fake mid-year employee engagement surveys to steal Microsoft Office 365 credentials. Our catch of the day comes from Mitch, who received a scam email claiming to be an invitation to join the "Great Illuminati Brotherhood." The email promises wealth, fame, and protection, urging the recipient to contact them to solve financial problems and join the so-called "Elite Family."
Links to the stories:
Colorado has a backlog of shady LLCs to investigate
China scam run from Isle of Man
Mid-Year Engagement Trap: How Fake Surveys Are Used in Phishing
You can hear more from the T-Minus space daily show here.
Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
This week Joe and Dave share some listener follow up from Tim, who writes in to give some more information on a payment apps story in episode 302. Joe's story is on Suzy Enos, whose sister died, only for scammers to impersonate a family member and take over her phone number, leading to fraudulent charges on her accounts. Enos fought back to secure her late sister's assets and raise awareness about protecting accounts after a loved one's death. Dave's story follows how scammers exploit the "Automatic Billing Update" (ABU) program to enroll people in fake subscriptions and charge them even after their credit cards are replaced. To avoid this, you need to inform your issuer that it's a subscription scam and request them to block the merchant from using ABU to get your new card number. Our catch of the day comes from listener Felipe, who writes in share a letter he got in the mail where scammers were trying to convince him that he is owed money from a family member he has never heard of before.
Links to the stories:
Her sister died. Then scammers took over her phone number and started racking up bills.
Mastodon Royce Williams
The little-known credit card program that lets companies share your information
Keep your cards on file always up-to-date
MasterCard Automatic Billing Updater Service
Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe to share her story on how AI-generated scams have infiltrated the world of crochet and other crafts, selling fake patterns that often result in impossible or frustrating projects. Dave's story is on the rise of "digital arrest" scams in India, where criminals posing as law enforcement officers coerce victims into making payments to avoid fake charges against their loved ones. Joe's story come's from a listener this week, and follows the latest evolution of the classic invoice scam, where scammers are now embedding unrelated but meaningful text to bypass spam filters. Our catch of the day comes from listener William, who shares a classic Nigerian Banker Scam. In this version, a young bank employee named Zayas Yovani claims to have discovered your overdue funds at the Central Bank of Nigeria. He offers to release the money if you help him flee the country, requiring you to purchase special hard drives and share your banking details.
Please take a moment to fill out an audience survey! Let us know how we are doing!
Links to the stories:
This is what happens when ChatGPT tries to create crochet patterns
'Digital arrest' scams are big in India and may be spreading
You can hear more from the T-Minus space daily show here.
Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
Top Podcasts
The Best New Comedy Podcast Right Now – June 2024The Best News Podcast Right Now – June 2024The Best New Business Podcast Right Now – June 2024The Best New Sports Podcast Right Now – June 2024The Best New True Crime Podcast Right Now – June 2024The Best New Joe Rogan Experience Podcast Right Now – June 20The Best New Dan Bongino Show Podcast Right Now – June 20The Best New Mark Levin Podcast – June 2024
United States
Japanese women are adorable.
Japanese women are so beautiful.
something is wrong w/ this podcast .... I think it's an ssl error preventing anyone downloading or even listening to it
I would say, real psychics hide talent so to they don't end up like character played movie by Nicolas Cage where gov compels service... QED... -tibor
🔴WATCH>>ᗪOᗯᑎᒪOᗩᗪ>>👉https://co.fastmovies.org
John Hopkins. How a organization that had done such atrocities throughout its history is able to influence, study, or even being allowed to exist blows my mind.
or not pay attention to the fact "tag along" installs are default agreed upon.
The app lock for iOS is somehow quite different from the process used to lock apps on Android devices. The use of a password lock app in iOS and setting time limits for apps is used to lock apps on iOS.
Awesome podcast, learn new things without it being boring. Love the catch of the week!
puppy
Love this podcast! Keep erm coming!!!