Hacking Humans

Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave to share her story on how recent research by security firm Veriti reveals a phishing campaign targeting Trump’s 2024 supporters, soliciting cryptocurrency donations through fake WinRed-branded domains, with limited transactions and some activity traced to China. Dave and Maria share some follow-up from a listener, including suggestions for protecting Dave's father's computer from phishing scams by using LibreWolf browser, UBlock Origin extension, and NextDNS, as well as a listener sharing insights on the pronunciation of "Ports-Muth." Dave's story follows how in June, Ferrari CEO Benedetto Vigna was impersonated via deepfake technology in an attempted scam to deceive a Ferrari executive into signing a Non-Disclosure Agreement for a fictitious acquisition, but the ruse was detected and the company emerged unscathed. Dave also goes on to share news about his own home state Maryland and their gift card policy. Our catch of the day come from the scam subreddit and follows a text message where a scammer is trying to intimidate the recipient. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Ferrari exec foils deepfake attempt by asking the scammer a question only CEO Benedetto Vigna could answer Maryland becomes first state to pass law against gift card draining TRUMP CAMPAIGN CRYPTO SCAM: UNVEILING THE PHISHING PLOT You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

This week we celebrate 300 episodes! Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe and shares a PSA on the CrowdStrike outage. Her story focuses on the Olympics, as this was the first week the Olympics started, and she shares about a recent fraud campaign that is targeting iPhone users in India, posing as India Post through smishing attacks. Our hosts discuss some follow up, from listener Brie, who writes in to share how one police force is helping folks stay safe from scam callers. They also share a story from listener Mark, who writes in about his 77-year-old mom's Facebook account being hacked, and she was tricked into downloading an app and opening her banking app while on a fake customer service call. Dave's story is on Gina Russell, who posed as a psychic and led an elaborate extortion scheme with her family, coercing victims into giving them millions of dollars under threats of harm. Joe has the story of social media giant Meta saying sextortion scams are increasing, with criminals from Nigeria often targeting adult men in the U.S.. Our catch of the day comes from an anonymous listener, who shared a post they found on the social media platform "Shared," about a scammer getting messed with. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Phishing Campaign Targeting Mobile Users in India Using India Post Lures Sextortion scams run by Nigerian criminals are targeting American men, Meta says ‘Psychic’ and family of extortionists scam Md. man out of $4.2 million You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

This week, Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe, as they celebrate Maria joining the Hacking Humans podcast every week! Maria's story is from a listener this week who writes in with a story on an IT company that is a third party for a healthcare company, and the dangers that can come from that. Dave and Joe share some listener follow up from Michael, who shares some thoughts on AI. Dave's story follows how a recent study found that 40% of elderly adults in the UK regularly face phone-based fraud attempts, with significant impacts on their mental health and quality of life. Joe follows a Scottsdale couple, Alexandra Gehrke and Jeffrey King, and how they have been indicted for a $900 million fraud scheme targeting hospice patients, receiving $330 million in illegal kickbacks used to purchase luxury items. Our catch of the day comes from listener Jim who writes in with a letter about a concerned beneficiary who received a letter from the FBI about their overdue inheritance with the National Bank of Belgium. The message confirmed the legitimacy of their claim but warned of potential scams by individuals impersonating bank officials. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Two-Fifths of Senior Citizens Suffer Frequent Fraud Attempts ‘It’s really disgusting’: Scottsdale couple accused of $900 million fraud scheme targeting hospice patients, according to DOJ You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

This week, Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe, as they celebrate Maria joining the Hacking Humans podcast every week! Maria's story is on supplement scams, as there has been a significant surge in health-related supplement scams on social media platforms, utilizing advanced technologies like AI-generated images and deepfake videos to promote fake products endorsed by celebrities and medical professionals. Joe's story follows Airplane WiFi, now essential for many travelers, and how it poses unexpected risks as recent incidents highlight dangers like "evil twin" attacks, urging caution with VPNs and verifying network legitimacy to safeguard personal data midair. Dave has the story on 2 women charged in a romance scheme, defrauding elderly men out of $7 million. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Deep Dive on Supplement Scams: How AI Drives ‘Miracle Cures’ and Sponsored Health-Related Scams on Social Media Federal Agency Issues New Security Advice If You Use Airplane WiFi 2 women charged in 'romance schemes' to defraud elderly men out of $7 million, feds say You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

This week Dave shares a story on Business email compromise (BEC) scams, and how they are a major threat, costing $26 billion annually. The story shares how it's crucial for employees to verify suspicious emails through a secondary channel and for companies to foster transparent communication to mitigate such risks. Joe shares two stories with us this week. The first is from a listener named Jay, who received a story from a relative. In this story, someone claiming to be a constable calls to warn about a person who has gift cards with the victim's name on them, then tries to get the caller to call the police to confirm. Joe's second story comes from Allison Gormly at Consumer reporter at WTHR in Indianapolis. Allison share's videos videos on Instagram that all start with “Hey Allison,” this one starts with Hey Allison, a stranger sent me money on Venmo, should I send it back? Our catch of the day comes from listener Cameron, who shares how he is a business owner with a public-facing email address, and how he gets his fair share of scam emails, but this one takes the cake. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: How to Spot a Business Email Compromise Scam Scam alert on Venmo, CashApp & Zelle! Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

This week Joe and Dave share some interesting follow up from a few episodes ago where Dave shared his love for baby grand pianos and how scammers we're using that to lure people into traps. Listener George wrote in to share about a show on UK Channel 4, called "The Piano," it's a music competition where visitors play a public piano in a train station, judged by hidden famous pianists, with winners performing at the UK Royal Festival Hall. Joe's story is a warning to travel goers using booking.com, as they share scams are at a all time high. Dave's story follows some neighborhood Facebook groups, and how they are inundated with posts about air duct cleaning services, prompting an investigation that reveals a scam involving fake profiles, telemarketers in Pakistan, and local technicians. Our catch of the day comes from listener Christopher, who writes in to share an outlandish message he received from a hacker with too much time on their hands. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Note by Note: The Making of a Steinway Piano | Musical Instrument | ENDEVR Documentary Booking.com warns of up to 900% increase in travel scams Air Duct Cleaning Scam Exposed! Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Brandon Kovacs, a Senior Red Team Consultant at Bishop Fox, is talking about how Artificial Intelligence is shaping the future of social engineering. Listener Adina wrote in to share their thoughts on an earlier episode on Google. Dave share's listener Tony's write in for his story this week. Joe and Dave discuss some questions Tony shared about preparing for an overseas trip when his bank account was locked due to security measures triggered by setting up a backup phone and using a VPN. Joe has two stories for this week, one from Blair Young at WBAL, where Maryland Lottery is warning the public about a phone scam claiming Powerball winnings. The second comes from listener Don who shares a story on people who hold posters up saying they need money for children's funerals. Our catch of the day comes from a listener that found a "task scam" on Reddit. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Maryland Lottery warns public about phone scam claiming Powerball winnings ‘It’s a scam’: Poster-holders aren’t really raising money for a child’s funeral Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria's story covers the escalating efforts of pro-Russian propagandists to tarnish the Paris Summer Olympics and erode Western support for Ukraine, employing bold tactics like using AI to mimic Tom Cruise's voice. Joe and Dave share quite a bit of listener follow up, the first on is regarding the AirBnB story from a few weeks ago, the second one is from listener Lawrence who wrote in to verify dave’s comments about American Express, and the last one is from listener Tait, who shares some info on how they stay safe with banking. Joe has two stories for this week, the first one is on how the FBI is investigating the city of Gooding after they sent $1 million to a contractor for a wastewater project but later learned it was the victim of a scam. Joe's second story follows how a scammer dupes a Las Vegas woman out of $9,000 using a simple trick after turning up on her doorstep. Dave shares Avast's Q1, 2024 threat report. Our catch of the day comes from listener Clinton who wrote in to share and invoice he received from Apple Global requesting almost $1400. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: City of Gooding scammed out of $1 million, officials say Scammer dupes Las Vegas woman out of $9,000 using a simple trick after turning up on her doorstep... so can you spot it? Avast Q1/2024 Threat Report Russians target Olympics with fake AI-generated Tom Cruise video You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

This week, we are joined by Dr. Chris Pierson CEO at Black Cloak, and he is talking about some of the social engineering attacks his team is tracking. Joe's story follows how Microsoft Threat Intelligence has observed the financially motivated cybercriminal group Storm-1811 misusing the client management tool Quick Assist in social engineering attacks. Dave share's the story of the lure of a free baby grand piano to deceive over 125,000 email recipients, mainly targeting North American university students and faculty, earning at least $900,000. Our catch of the day comes from listener Chuck who writes in to share some of his junk mail he has been receiving recently, and shares concerns for other listeners. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Threat actors misusing Quick Assist in social engineering attacks leading to ransomware Free Piano phish targets American university students, staff Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story from a listener, who writes in on an AirBnB debacle he was dealing with. Joe shares the newly released 2024 Data Breach Investigations Report from Verizon. Dave shares a story From the New York Magazine, written by Ezra Marcus, on a college sophomore from University of Miami who was found to be tangled up in a refund fraud scam that granted him a lavish lifestyle. Our catch of the day comes from Joe's mother this week. She happened to receive an email with the subject line being "your order is confirmed," coming from what looks to be "McAfee." Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: The Package King of Miami 2024 Data Breach Investigations Report You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

This week, we are joined by host of 8th Layer Insights, Perry Carpenter from KnowBe4 and Dr. Jessica Barker from Cygenta to discuss human risk: awareness, behavior and beyond. Joe and Dave share some listener follow up, the first being from Richard, who writes in to share some tips and tricks regarding relationship scams mentioned in a previous show. The second is from Michael, who writes in with some thoughts on social engineering to compromise open source projects from episode 288. Dave shares a story on researchers observing millions of daily emails from "Jenny Green," facilitated by the Phorpiex botnet, distributing LockBit 3.0 ransomware that has affected millions of people. Joe share's Paul Raffile's story, a gentleman who got fired from Facebook before he even started. Our catch of the day comes from listener Gordy who shared an email with us regarding his "McAfee security." Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Security Experts Issue Jenny Green Email Warning For Millions LinkedIn Paul Raffile (Part 1) LinkedIn Paul Raffile (Part 2) Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story about how ransomware infections are beginning to change to form a more psychological attack against victims' organizations, as criminals are using personal and aggressive tactics to force them to pay. Dave and Joe share some listener follow up, from Bob, who writes in to share how he shares stories with his family members, and mentions one specifically on a Best Buy Geek Squad scam. Dave share's a story on bank scams, and how scammers are using genuine push notifications to trick their victims. Joe shares a story regarding email security loopholes, and how these loopholes are the latest path for North Korean social engineering attacks. Our catch of the day is from our follow up listener Bob, as he shares the story of trying to figure out the difference between a real email from the U.S social security department and a fake one. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Ransomware crooks now SIM swap executives' kids to pressure their parents Bank scammers using genuine push notifications to trick their victims Email security loopholes are latest path for North Korean social engineering attacks You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Bogdan Botezatu from Bitdefender is discussing research on "Audio deepfakes: Celebrity-endorsed giveaway scams and fraudulent investment opportunities flood social media platforms." Dave and Joe shares some follow up from listener Lara, who writes in to discuss a few topics regarding a previous episode. Joe's story is sharing a game changer in the social engineering world. Dave shares the story of a listener's grandmother who had fallen victim to a pig butchering scam. Our catch of the day comes from listener Kenneth who shares an email he received from a "Cardiologist" on some puppies. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Audio deepfakes: Celebrity-endorsed giveaway scams and fraudulent investment opportunities flood social media platforms PCI DSS v4.0 a game-changer in social engineering awareness, prevention Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Blair Cohen from AuthenticID joins Dave to discuss how generative AI and authentication go hand in hand. Joe and Dave share some follow up from listener Robert who discusses an ad for a device that uses ChatGPT to record phone calls on your device. Dave helps his dad out with his computer and shares the tale. Dave also shares a story this week on the FBI warning against scammers who are posing as NFT devs to try and steal your crypto. Joe and Dave test their scammer catching skills while taking a test to see if they are smarter than the average scammer. Our catch of the day comes from listener Steve who writes in to share a receipt he received that looked quite suspicious. Links to stories: FBI warns of scammers posing as NFT devs to steal your crypto Are you smarter than a scammer? Play this game. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story from Canada on a gentleman who thought he was calling Best Buy's Geek Squad, but instead ended up getting scammed out of $25,000. Dave and Joe share quite a bit of listener follow up, the first one is from Raul who shares how they saw an infamous Facebook scam. The second one is from listener Alec who shares some thoughts on episode 286's catch of the day. Lastly, Paula shares some thoughts on a recent discussion on why people are on the phone when a flight gets cancelled. Joe brings back answers to an old scam featured on an episode back in January on toll scams, as well as sharing about how the OpenSSF and OpenJS Foundations have issued an alert for social engineering takeovers of open source projects. Dave shares updates from the ex-athletic director accused of framing principal with AI and how he was arrested at the airport with a gun. Our catch of the day comes from listener Kenneth who shares an email from a "doctor" who has puppies for sale. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: An Ontario senior thought he called Geek Squad for help with his printer. Instead, he got scammed out of $25,000 Smishing Scam Regarding Debt for Road Toll Services Open Source Security (OpenSSF) and OpenJS Foundations Issue Alert for Social Engineering Takeovers of Open Source Projects Ex-athletic director accused of framing principal with AI arrested at airport with gun You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.