James Dyer and Jack Chapman of Egress join to discuss "Cybercriminals don’t take holidays: How bad actors use this two-step phishing campaign to weaponize out-of-office replies." Dave and Joe share some listener follow up from Ron, who has a suggestion about registration specific email accounts. Joe has two stories this week, one where he shares some good news on a scammer who received some justice after taking part in a $66K romance scam. His second story is on social media and how it is a breeding ground for scammers. Dave's story this week follows how Google-hosted malvertising leads to a fake keepass site that looks genuine. Our catch of the day comes from our very own editorial staff who share an interesting email they received from the infamous National Security Department.

Links to the stories:

• N.J. man sentenced to prison for taking part in $66K romance scam


• Social media: a golden goose for scammers


• Google-hosted malvertising leads to fake Keepass site that looks genuine

Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.