DiscoverHacking Humans
Hacking Humans
Claim Ownership

Hacking Humans

Author: N2K Networks

Subscribed: 4,703Played: 225,549
Share

Description

Deception, influence, and social engineering in the world of cyber crime.

522 Episodes
Reverse
Cybersecurity interview with ChatGPT. In part one of CyberWire’s Interview with the AI, Brandon Karpf interviews ChatGPT about topics related to cybersecurity. Rick Howard joins Brandon to analyze the conversation and discuss potential use cases for the cybersecurity community. ChatGPT is a chatbot launched by OpenAI and built on top of OpenAI’s GPT-3 family of large language models. Cyber questions answered by ChatGPT in part one of the interview. What were the most significant cybersecurity incidents up through 2021? What leads you to characterize these specific events as significant? What were the specific technical vulnerabilities associated with these incidents? Who were the cyber actors involved in each of these attacks? Do you think it's valuable to attribute cyber attacks to specific actors? Learn more about your ad choices. Visit megaphone.fm/adchoices
This week we are joined by N2K CyberWire's very own Catherine Murphy, and she is sharing her family's experiences with Lurie Children's Hospital's recent cybersecurity incident. Dave shares a story on the dangers of Googling airline customer service numbers when an issue occurs. Joe shares another story on scary scams that are costing people millions of dollars, now getting the FBI involved. Our catch of the day was found from the Washington University in St. Louis from their Scam of the Month posting, which shares another tale of a scam, this time trying to recruit for an open vacancy as a research assistant for undergraduates. The scammers pose as a Professor of Computer Science and Engineering to try and get students to sign up for this fake job posting. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: I’m begging you not to Google for airline customer service numbers Elaborate scam involves gold bars and couriers; cost a Maryland woman $2 million Scammers Use Couriers to Retrieve Cash and Precious Metals from Victims of Tech Support and Government Impersonation Scams Scam of the Month: RESEARCH ASSISTANT VACANCY FOR UNDERGRADUATE Ransomware gang claims to have made $3.4 million after attacking children’s hospital Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. She discusses how AI is being used as a possible solution to one of the oldest scams in the book in Japan. Dave and Joe share some listener follow up, one from listener Alan and one from Clinton, who both write in about a recent episode and they share their thoughts on the story of Charlotte Cowles being scammed out of $50,000. Dave shares a story about calendar meeting links, from Calendly, a popular application for scheduling appointments and meetings, being used to spread mac malware. Joe shares write ins from several listeners, some writing in to share experiences with scams they have come across, others writing to warn others on scams they have seen used in the real world. Our catch of the day comes from Zach with an oddity, getting scammed by mail! Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Japan’s new ATMs automatically play anti-fraud videos to people talking on mobile phones【Video】 Fraudsters in Japan use foreigners' bank accounts in cash grab 【警察庁】ATMで携帯電話…AIで検知し警告表示 特殊詐欺の被害増受け Calendar Meeting Links Used to Spread Mac Malware IDcare You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
Mike Kosak, Principal Intelligence Analyst at LastPass, is discussing passkeys, threat actors, and Volt Typhoon. Joe shares a new free certification you could get if you are looking to get into the field. Joe also shares a terrifying story about how everyone can be conned, and it's not as obvious as it may seem sometimes. Dave's story is warning Costco members of a new phishing scam that attempts to steal their credit card information. Our catch of the day comes from listener Pryce who shares an email they received regarding a charge they are getting from "NortonLifeLock." Links to the stories: FREE Entry-level Cybersecurity Training + Certification Exam Put your smugness away. You are not too clever to be conned. New Costco Membership Scam Targets Members' Credit Card Information Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
Scamming the innocent.

Scamming the innocent.

2024-02-2245:39

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. She brings us a scary story from a woman who never thought she'd ever be scammed. Dave and Joe shares some follow up before getting into their stories, they share a story from a listener who sent in a LinkedIn link about scammers targeting Walmart. They also share a question from listener Cynthia, who asks about bank scam covered before, and how to respond to these scams. Dave shares a story from an anonymous source this week, who writes in about the dangers of crypto scams. Joe has two stories for us this week, the first one being from a friend of his that works for a company that specializes in military contracts. This company was hiring an employee and received three emails that all were very similar to one another, sharing that this is a red flag and wanted to write in to share the dangers of this scam. The second story is a very similar story to the one covered on Andy Cohen a few episode ago, and shares how a Jefferson county couple were scammed out of hundreds of thousands of dollars. Our catch of the day comes from listener Thomas who shares a story on AI voices sounding like famous people and his experience. Links to the stories: The Day I Put $50,000 in a Shoe Box and Handed It to a Stranger I never thought I was the kind of person to fall for a scam. Phishing scam dupes Jefferson County couple out of $137K Phishing bank scam dupes Golden couple out of $137K SCAM HELL Walmart ‘gift card scammers’ caught spending $15k on jewelry, big-screen TVs and lobster tails at Sam’s Club You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
Aaron Walton, Threat Intel Analyst from Expel is discussing some things to look out for in 2024. Joe and Dave share some listener follow up from Mateusz, who shares some positive news with us. Dave's story is about a romance scammer coming clean after failing to woo CBS News reporter, Erica Johnson. Joe's story is on the latest decision from the FCC, and how they voted to ban scam robocalls that use AI-generated voices. Our catch of the day comes from listener Chuck, just in time for tax season, he warns against a phishing scam he received about his taxes. Links to the stories: Romance scammer reveals how he tricks women after failing to fool Go Public reporter FCC votes to ban scam robocalls that use AI-generated voices Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
This week, we are joined by host of N2K's T-Minus Space Daily podcast, Maria Varmazis, she sits down with Joe and Dave to discuss sextorion materials that were found on popular social media apps such as, TikTok, Instagram, Snapchat and YouTube. Joe and Dave share quite a bit of follow up, Joe starts with an anonymous listener writing in sharing their story on gift card scams. Dave shares another anonymous listeners comments, sharing about what they think of Andy Cohen going public on how he got scammed. Finally, Joe and Dave hear from a listener by the name of "The Computrix," who says they need to defend Walmart. Dave share's his story about the most common phishing email themes of 2023. Joe's got the story of ransomware not being paid the same way as it used to be by companies, and share the two different angles on that. Our catch of the day comes from listener William, who writes in with a phishing scam that caught his eye. Links to the stories: Sextortion training materials found on TikTok, Instagram, Snapchat and YouTube, according to new report Most Common Phishing Email Themes of 2023 Companies aren’t paying ransoms like they used to New Ransomware Reporting Requirements Kick in as Victims Increasingly Avoid Paying FBI: Scammers Are Sending Couriers to Collect Cash From Victims You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
Quiz scam nightmare.

Quiz scam nightmare.

2024-02-0146:061

Jaeson Schultz, Technical Leader from Cisco Talos, is discussing "Spammers abuse Google Forms’ quiz to deliver scams." Dave's story discusses the disturbing new trick up a scammers sleeve to get you to fall for their schemes. Joe has two stories this week, the first a warning to those who pick up scammers phone calls and what that can lead to after gaining access to your voice. Joe's second story follows a band of organized thieves and how they have been targeting high-end homes across Metro Detroit. Our catch of the day comes from listener Van, who writes in to share a fun catch from a scammer who left a voicemail. Links to the stories: Spammers abuse Google Forms’ quiz to deliver scams Scammers are stealing people's faces for live video calls All it takes is one sentence for AI to clone your voice Expert says alleged recording of racist, antisemitic rant by Pikesville High principal could be fake Videos: Organized crews smash glass, use jammers to break into high-end Metro Detroit homes Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
Phishing for mail.

Phishing for mail.

2024-01-2551:02

Abhilash Garimella from Bolster joins to discuss a USPS phishing campaign abusing freemium dynamic DNS and SaaS providers. Dave and Joe share some follow up, one was from listener Mike who wrote in to tell us about a breach at Resend, another was regarding a previous episode on grief and the internet, and finally Joe and Dave discuss a listeners response to a previous episode regarding an SMS scam a listener wrote in about. Dave shares a story on Walmarts relaxed security methods and how scammers may be exploiting them. Joe shares a couple articles relating to the ever growing pop star Taylor Swift and how criminals are using her face to scam. Our catch of the day comes from Joe this week, and he shares an interesting looking email he received from "Apple." Links to the stories: Facebook users targeted with “I’ll miss him so much” scam Incident report for January 10, 2024 How Walmart’s Financial Services Became a Fraud Magnet Taylor Swift, Selena Gomez deepfakes used in Le Creuset giveaway scam No, That’s Not Taylor Swift Peddling Le Creuset Cookware Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
This week we are joined by the host of T-Minus, N2Ks very own Maria Varmazis brings her own story and discusses with Dave and Joe. We start off with Joe, and he brings in the story of Andy Cohen and how he fell victim to a credit card scam and shares what he had learned through the experience. Maria shares Arctic Wolf Labs' story and how they have investigated several cases of Royal and Akira ransomware victims being targeted in follow-on extortion attacks dating back to October of 2023. Lastly, Dave shares his story warning YouTube users about videos promoting cracked software that is distributing Lumma Stealer. Our catch of the day comes from listener Jon, he shares and email that had made it through his spam filter. You can hear more from the T-Minus space daily show here. Links to the stories: Exclusive: Andy Cohen fell victim to a credit card scam. Here's what he learned Follow-On Extortion Campaign Targeting Victims of Akira and Royal Ransomware Beware! YouTube Videos Promoting Cracked Software Distribute Lumma Stealer Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
Frank Riccardi sits down to discuss how cybercriminals exploit people’s fondness for reused passwords to launch credential stuffing attacks. Dave and Joe share a bit of follow up, one from a listener named Steve who shares some push back from the 23andMe story from last week, and the other from a listener named Michael who shares a story of unpaid toll scams. Joe shares the story of a Utah exchange student and how he fell victim to a cybersecurity kidnapping, and now authorities are trying to figure out how it happened. Dave shares a scam about tragic fake posts that lead to a "win now" website, that has been flooding his Facebook feed. Our catch of the day comes from Jon who writes in to share a suspicious email that made it through the spam filter in Google. Links to the stories: After Utah exchange student cyber kidnapping, we're looking at how the scam works Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
Alethe Denis from Bishop Fox is talking with Dave and Joe with her take on the 23AndMe breach. Dave and Joe share some follow up from listener Michael, who writes in to share thoughts on our catch of the day from last episode, regarding the voice mail from Spectrum. Dave shares a story on email security, and how human factors have a heavy influence on it, especially with people's vulnerability to phishing and social engineering. Joe has two stories this week, his first story is a good wrap on the holiday's and gift card scams. Joe's second story is a jump on tax season quickly approaching, and how the IRS is helping taxpayers by providing penalty relief. Our catch of the day is a good example of what not to do when phishing/scamming people, luckily the receiver was smarter than the sender. Links to the stories: How Human Elements Impact Email Security "Vanilla Gift" card issuer faces lawsuit over card-draining scam risk IRS helps taxpayers by providing penalty relief on nearly 5 million 2020 and 2021 tax returns; restart of collection notices in 2024 marks end of pandemic-related pause News Insights: 23AndMe with Alethe Denis, Security Expert - Red Team Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
Stolen personality?

Stolen personality?

2023-12-2844:30

Matt Lewis from the NCC Group joins to discuss how cybercriminals can decode your personality through AI conversations to launch targeted attacks at you. Dave and Joe share some follow up from listener Sydney, who writes in to share her thoughts on an FCC proceeding and how it could be of greater relevance to IoT security than SBOMs and HBOMs. Dave also shares a story from a listener from last Christmas, sending a warning to holiday shoppers. Dave has two stories this week, he shares one regarding an announcement on holiday scams coming out. His other story follows Zelle finally caving in to provide some relief to scam victims. Joe's story follows new crypto-theft attacks and warns people against the new tactics. Links to the stories: 2023 Holiday Shopping Scams Zelle finally caves after years of refusing to refund scam victims Microsoft: BlueNoroff hackers plan new crypto-theft attacks Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
Adam Bateman, Co-Founder & CEO at Push Security, is sharing some of the latest phishing trends his team has been observing. Dave and Joe share some listener follow up from Michael, who writes in with a new idea, calling it "eDeception." With the holiday season practically here, Joe shares a story about gift card scams, reminding everyone to be safe this holiday season. Dave's story follows a new iPhone update regarding stolen device protection in an upcoming version of iOS. Our catch of the day comes from listener Van who sent in an audio catch about Spectrum users. Links to the stories: Amid holiday shopping, thieves utilize new scam eliminating gift card balances iOS 17.3, Now in Beta, Includes New ‘Stolen Device Protection’ Feature Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
Shielding your inbox.

Shielding your inbox.

2023-12-1452:31

Seth Blank, CTO of Valimail, joins to discuss the implications on email security on behalf of DMARC. Joe and Dave share some follow up regarding Meta, who is the parent company to Facebook and Instagram, and how they are now in a lawsuit over steering predators to children in New Mexico. Joe shares how he was almost hacked, as scammers used Peacock to lure him in. Dave's story continues with popular streaming apps being impersonated, this time with Disney+ falling victim. Joe's story follows the U.S. Attorney’s Office, the FBI, and State and Local Law Enforcement Officials sharing another "Don't click December" PSA. Our catch of the day comes from listener Mauricio, who writes in sharing a phishing email, from "PayPal," saying he has an invoice of almost $600. Links to the stories: Facebook and Instagram Steer Predators to Children, New Mexico Attorney General Alleges in Lawsuit Threat actors impersonate Disney+ with considerable guile U.S. Attorney’s Office, the FBI, and State and Local Law Enforcement Officials Release Second “Don’t Click December” PSA Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
Mike Price from ZeroFox sits down to discuss what 2023 phishing trends mean for the broader industry as we quickly approach 2024. Dave and Joe share a serious write in from listener Michelle who shares her pleads for her aunt, who she believes is being catfished. Listener Marc also writes in with an email that claims to be from "Walmart," that he is quite suspicious of. Joe's story follows Meta, and how they have designed products to target and harm kids. Dave's story is on bad bots and the dangers they pose with fake businesses that are maximizing their illicit earnings. Our catch of the day comes from listener Konstantin, who shares and email received from scammers claiming to be "McAfee," trying to get payment of almost $600. Links to the stories: Meta Designed Products to Capitalize on Teen Vulnerabilities, States Allege Breaking (Bad) Bots: Bot Abuse Analysis and Other Fraud Benchmarks Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
John Wilson, Senior Fellow, Threat Research at Fortra, joins to discuss email impersonation attacks which found that nearly 99% of these threats can be classified as business email compromise. Dave and Joe share some listener follow up from Terry, who writes in with some comments on episode 262 regarding cybersecurity jargon used. Joe's story comes from a listener this week, this individual writes in sharing the horror story he had to deal with when him and his wife ended up on a target list for scammers. Dave's story follows Elon Musk and Joanna Gaines, co-host of the HGTV show "Fixer Upper," and how they are selling a scam device that claims to lower your electricity bills. Our catch of the day comes from listener William, who writes in sharing an email he received from the"Tampa International Airport Police Department Florida," saying they want to release his fund with the service of DHL Courier Company. Links to the stories: Worst fake "power saver" plug yet Better Business Bureau Elon Musk Energy Saving Device: The Scam You Need to Know About Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
This week we are joined by Harry Maugans from Privacy Bee who sits down to discuss how our digital breadcrumbs, old and new, are coming back to haunt us. Joe and Dave discuss some follow up from listener Phil, who writes in with a question about the safety of IoT and consumer devices. Dave's story follows the ever so popular YouTube, and its implemented measures to prevent users with ad blockers from watching videos. Joe shares a personal story from a friend regarding a scam he had fallen for, where the scammer got personal information and threatened him, asking for $500. Our catch of the day comes from listener John who found a hilarious text conversation on reddit that he just had to share. Links to the stories: YouTube's ‘War’ on Adblockers Shows How Google Controls the Internet Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
James Dyer and Jack Chapman of Egress join to discuss "Cybercriminals don’t take holidays: How bad actors use this two-step phishing campaign to weaponize out-of-office replies." Dave and Joe share some listener follow up from Ron, who has a suggestion about registration specific email accounts. Joe has two stories this week, one where he shares some good news on a scammer who received some justice after taking part in a $66K romance scam. His second story is on social media and how it is a breeding ground for scammers. Dave's story this week follows how Google-hosted malvertising leads to a fake keepass site that looks genuine. Our catch of the day comes from our very own editorial staff who share an interesting email they received from the infamous National Security Department. Links to the stories: N.J. man sentenced to prison for taking part in $66K romance scam Social media: a golden goose for scammers Google-hosted malvertising leads to fake Keepass site that looks genuine Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
Mallory Sofastaii, a consumer investigative reporter from WMAR TV, is joining Dave and Joe to discuss some recent scams she's seen in her reporting. Dave and Joe share some listener follow up from Kenneth who writes in with a suggestion on creating separate email addresses. Dave's story this week follows fake browser scams and how one has gotten a face lift, and what it looks like now. Joe's story is on a new term WIRED is calling "obituary pirates," people who create YouTube videos themselves casually reciting information about loved ones deaths. Our catch of the day comes from Joe this week, he shares an email he received from one of his old email addresses. Links to the stories: Widow loses life savings in romance scam that started on a gaming app Tech support scams escalating: Victims’ computers locked, accounts emptied The Fake Browser Update Scam Gets a Makeover The Bizarre Cottage Industry of YouTube Obituary Pirates Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
loading
Comments (7)

Priya Dharshini

🔴WATCH>>ᗪOᗯᑎᒪOᗩᗪ>>👉https://co.fastmovies.org

Jan 16th
Reply

Vincent Smith

John Hopkins. How a organization that had done such atrocities throughout its history is able to influence, study, or even being allowed to exist blows my mind.

Apr 8th
Reply

Clinton Knight

or not pay attention to the fact "tag along" installs are default agreed upon.

Jun 11th
Reply

Asiko

The app lock for iOS is somehow quite different from the process used to lock apps on Android devices. The use of a password lock app in iOS and setting time limits for apps is used to lock apps on iOS.

Oct 12th
Reply

Emma Edwards

Awesome podcast, learn new things without it being boring. Love the catch of the week!

Sep 15th
Reply

Edge Kazeshiro

puppy

Sep 14th
Reply

KeyboardMonkey

Love this podcast! Keep erm coming!!!

Mar 21st
Reply
Download from Google Play
Download from App Store