Hacking Humans

Bogdan Botezatu from Bitdefender is discussing research on "Audio deepfakes: Celebrity-endorsed giveaway scams and fraudulent investment opportunities flood social media platforms." Dave and Joe shares some follow up from listener Lara, who writes in to discuss a few topics regarding a previous episode. Joe's story is sharing a game changer in the social engineering world. Dave shares the story of a listener's grandmother who had fallen victim to a pig butchering scam. Our catch of the day comes from listener Kenneth who shares an email he received from a "Cardiologist" on some puppies. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Audio deepfakes: Celebrity-endorsed giveaway scams and fraudulent investment opportunities flood social media platforms PCI DSS v4.0 a game-changer in social engineering awareness, prevention Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

An operating system program running in the background designed to perform a specific task when certain conditions or events occur.

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story from Canada on a gentleman who thought he was calling Best Buy's Geek Squad, but instead ended up getting scammed out of $25,000. Dave and Joe share quite a bit of listener follow up, the first one is from Raul who shares how they saw an infamous Facebook scam. The second one is from listener Alec who shares some thoughts on episode 286's catch of the day. Lastly, Paula shares some thoughts on a recent discussion on why people are on the phone when a flight gets cancelled. Joe brings back answers to an old scam featured on an episode back in January on toll scams, as well as sharing about how the OpenSSF and OpenJS Foundations have issued an alert for social engineering takeovers of open source projects. Dave shares updates from the ex-athletic director accused of framing principal with AI and how he was arrested at the airport with a gun. Our catch of the day comes from listener Kenneth who shares an email from a "doctor" who has puppies for sale. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: An Ontario senior thought he called Geek Squad for help with his printer. Instead, he got scammed out of $25,000 Smishing Scam Regarding Debt for Road Toll Services Open Source Security (OpenSSF) and OpenJS Foundations Issue Alert for Social Engineering Takeovers of Open Source Projects Ex-athletic director accused of framing principal with AI arrested at airport with gun You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Also known as spyware and adware, it is a software category where developers design the application neither to cause explicit harm nor to accomplish some conventional legitimate purpose, but when run, usually annoys the user and often performs actions that the developer did not disclose, and that the user regards as undesirable.

Roger Grimes, a Data Driven Defense Evangelist from KnowBe4 and author is discussing his new book, "Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing." Dave and Joe share some listener follow up, the first being from listener Tim, who shares a story of him almost falling for a scam involving some of his investment assets. Lastly, Dave and Joe share a story from an anonymous listener who wrote in to share about a LinkedIn imposter nightmare. Dave's story focuses on a how the LabHost PhaaS platform was disrupted by a year-long global law enforcement operation, resulting in the arrest of 37 suspects, including the original developer. Joe shares the story of an 81 year old Ohio man, who was arrested after shooting a woman after both of them got wrapped up in a phone call scam. Our catch of the day comes from Robert, who writes in with what he believes is a email scam from a Chinese company called "Infoonity." Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: LabHost phishing service with 40,000 domains disrupted, 37 arrested Ohio Man - Daily Mail Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

An automatic software bug and vulnerability discovery technique that inputs invalid, unexpected and/or random data or fuzz into a program and then monitors the program's reaction to it.

Trevin Edgeworth, Red Team Practice Director at Bishop Fox, is discussing how change, like M&A, staff, tech, lack of clarity or even self-promotion within and around security environments presents windows of opportunity for attackers. Joe and Dave share some listener follow up, the first one comes from Erin, who writes in from Northern Ireland, shares an interesting new find about scammers now keeping up with the news. The second one comes from listener Johnathan who shared thoughts on reconsidering his view on defining Apple's non-rate-limited MFA notifications as a "vulnerability." Lastly, we have follow up from listener Anders who shares an article on AI. Joe shares a story from Amazon sellers, and how they are being plagued in scam returns. Dave brings us the story of how to save yourself and your loved ones from AI robocalls. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Theory Is All You Need: AI, Human Cognition, and Decision Making Amazon Sellers Plagued by Surge in Scam Returns How to Protect Yourself (and Your Loved Ones) From AI Scam Calls News Insights: Does X Mark a Target? with Trevin Edgeworth, Director of Red Team Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

A family of multitasking, multi-user computer operating systems that derive from the original Unix system built by Ken Thompson and Dennis Ritchie in the 1960s.

Dr. Robert Blumofe, CTO at Akamai, sits down to talk about the AI doomsday versus a "very bad day" scenario. Dave shares a story from The Knowledge Project Podcast, where the host talks to Adam Robinson, a multifaceted individual known for his work as an author, educator, entrepreneur, and hedge fund advisor, and he talks about what is all incorporated into the term "stupidity." Dave goes on to share that while most people may feel stupid when falling for a scam, this research suggests otherwise, and you should never feel that way for falling for any scam. Joe's story comes from Hayley Compton at BBC, and is on a Facebook scam sneaking it's way into a family's home after a couple just had their first child. Our catch of the day comes from listener Michael, who shares an email he received that caught him off guard at first. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: How Not to Be Stupid 'Facebook scammer tricked his way into our home' Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

A network monitoring and filtering technique that examines both the header information and the payload of every packet traversing a network access point.

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story about Apple users reporting that they are being targeted in elaborate phishing attacks that involve's a bug in Apple’s password reset feature. Joe and Dave share some listener follow up from Leo who shares some thoughts on episode 282 and the recruiter scam that was discussed. Dave shares a story from Mexico on one of the most violent criminal groups and drug cartels, Jalisco New Generation. They have been running call centers that offer to buy retirees’ vacation properties and then empty the victims’ bank accounts. Joe has the story of Facebook spying on users' Snapchats in a secret project. Our catch of the day comes from listener Van, who writes in to share a voicemail they received related to a tax scam. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Recent ‘MFA Bombing’ Attacks Targeting Apple Users A Mexican Drug Cartel’s New Target? Seniors and Their Timeshares Facebook snooped on users’ Snapchat traffic in secret project, documents reveal You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

A clandestine set of applications designed to give hackers access and control over a target device.

Graham Cluley joins to discuss trends he’s been seeing lately in online scams. N2K's very own Gina Johnson shares some insights on a discussion a few episode ago on why people need a prescription for oxygen in the US. Joe brings up the topic of getting and exploiting access to your infrastructure, and shares an article that deals with the rise of social engineering fraud in business email compromise. Dave shares a personal story this week, on how he got scammed from a Facebook post, sharing that it can happen to anyone. Our catch of the day comes from listener Vance, who writes in to share a scam he found via "snail mail," regarding a life insurance policy that he needs to collect on. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: The Rise of Social Engineering Fraud in Business Email Compromise How Sophisticated Social Engineering Attacks Are Targeting IT Service Desks Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

A set of behaviors that precisely describes a cyber adversary attack campaign.

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. She shares the story on scammers posing as recruiters on LinkedIn to get you to fall for an age old phishing scam. Dave and Joe share some listener follow up, the first being from listener Alex who shared a video on scammers being forced to prove they are not robots. Listener Chloe wrote in with a question, asking about a potential scam she encountered. Joe has a story from the BBC this week regarding a love scam in the Philippines. Finally, Dave shares the story on the FCC approving a voluntary cybersecurity labeling program for wireless IoT products. Our catch of the say comes from Mark, who shares a personal story on a recruiting scam nightmare. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Heads Up, Tech Professionals: Protect Yourself From Phishing Scams Presenting as Recruiters Forcing Scammers To Prove They're Not Robots Hundreds rescued from love scam centre in the Philippines FCC adopts voluntary 'Cyber Trust Mark' labeling rule for IoT devices You can hear more from the T-Minus space daily show here. And be sure to join our live webinar: CISOs are the new Architects (of the Workforce) Join N2K’s Simone Petrella and Intuit’s Kim Jones on Wednesday, March 27th for an online discussion about the pivotal role security leaders play in shaping the security workforce landscape, and how we can start showing up for the future of our industry. Learn more and register on the event page. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Information used by leadership to make decisions regarding the cybersecurity posture of their organization.

This week we are joined by N2K CyberWire's very own Catherine Murphy, and she is sharing her family's experiences with Lurie Children's Hospital's recent cybersecurity incident. Dave shares a story on the dangers of Googling airline customer service numbers when an issue occurs. Joe shares another story on scary scams that are costing people millions of dollars, now getting the FBI involved. Our catch of the day was found from the Washington University in St. Louis from their Scam of the Month posting, which shares another tale of a scam, this time trying to recruit for an open vacancy as a research assistant for undergraduates. The scammers pose as a Professor of Computer Science and Engineering to try and get students to sign up for this fake job posting. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: I’m begging you not to Google for airline customer service numbers Elaborate scam involves gold bars and couriers; cost a Maryland woman $2 million Scammers Use Couriers to Retrieve Cash and Precious Metals from Victims of Tech Support and Government Impersonation Scams Scam of the Month: RESEARCH ASSISTANT VACANCY FOR UNDERGRADUATE Ransomware gang claims to have made $3.4 million after attacking children’s hospital Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

In this case Identity is the set of credentials, usually electronic that vouch for who you are and theft is to steal. The theft of a person's identity for purposes of fraud.

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. She discusses how AI is being used as a possible solution to one of the oldest scams in the book in Japan. Dave and Joe share some listener follow up, one from listener Alan and one from Clinton, who both write in about a recent episode and they share their thoughts on the story of Charlotte Cowles being scammed out of $50,000. Dave shares a story about calendar meeting links, from Calendly, a popular application for scheduling appointments and meetings, being used to spread mac malware. Joe shares write ins from several listeners, some writing in to share experiences with scams they have come across, others writing to warn others on scams they have seen used in the real world. Our catch of the day comes from Zach with an oddity, getting scammed by mail! Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Japan’s new ATMs automatically play anti-fraud videos to people talking on mobile phones【Video】 Fraudsters in Japan use foreigners' bank accounts in cash grab 【警察庁】ATMで携帯電話…AIで検知し警告表示 特殊詐欺の被害増受け Calendar Meeting Links Used to Spread Mac Malware IDcare You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

A probability simulation technique used to understand the impact of risk and uncertainty in complex problems.