Hacking Humans

Episodios disponibles

5 de 691

Social engineering served sunny-side up.
This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow up, this time involving a surprising new flock of chickens and a listener note from Belgium. Via Peter Janssen, as he’s seen the same fake “employee discount” scams we covered, only this time targeting backpacks and other products. Dave's story is on a new “podcast imposter” scam, where fake invites trick business owners and influencers into giving remote access so attackers can hijack their accounts. Joe's got a story on Workday disclosing a breach after attackers used social engineering to infiltrate a third-party CRM system, and why this matters given Workday’s wide use as the front end for so many companies’ HR departments. Maria brings two quick hits this week: a fake FedEx text scam making the rounds, and a look at whether covering kids’ faces with emojis in photos really protects their privacy — or if it’s more illusion than protection. On today's catch of the day, Dave got a text claiming he’s been recommended for a high-paying, no-experience-needed YouTube job—classic signs of a scam promising easy money and “free training.” Complete our annual ⁠⁠⁠⁠⁠⁠⁠⁠audience survey⁠⁠⁠⁠⁠⁠⁠⁠ before August 31. Resources and links to stories: ⁠⁠Dumbest Friend Just Bought 20 Chickens Executives Warned About Celebrity Podcast Scams Workday Discloses Data Breach Following CRM-Targeted Social Engineering Attack Will covering your child’s face with an emoji actually protect their privacy? ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠[email protected]⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.
--------
48:57
--------
48:57
Waterfall Software Development Method (noun) [Word Notes]
Please enjoy this encore of Word Notes. A software development model that relies on a series of sequential steps that flow into each other, like a series of waterfalls. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/waterfall-software-development⁠ Audio reference link: “⁠Creating Video Games - Agile Software Development,⁠” by Sara Verrilli, MIT OpenCourseWare, YouTube, 10 December 2015
--------
6:25
--------
6:25
Scammers hit the right notes in the wrong way.
This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow up from Chris Martin, a long-time listener and fan of the show. Chris shares that his employer uses Hoxhunt for cybersecurity awareness training and came across a fun gem worth mentioning. Next, Jay writes in with a heads-up about a scam running in large cities. Criminals are reportedly sticking phones to desirable cars and then using the tracking features to show up at victims’ homes to steal the vehicles. Joe has more info on his chickens. Maria shares the story of a Spotify job recruitment scam and the email she received, where scammers used a convincing fake site to mimic Spotify’s real careers page in an attempt to steal logins. Joe has two stories this week, the first on federal investigators charging 13 people in a $5 million “grandparent scam” that targeted hundreds of elderly victims, a scheme uncovered after Uber flagged suspicious activity to the FBI when its drivers were unknowingly used to move cash. His second story looks at Northern California, where two suspects were arrested in a “cash drop scam” linked to more than 40 cases across six states, after a sharp-eyed loss prevention agent recognized the scheme and alerted police. Dave’s story this week covers federal investigators charging 13 people in a $5 million “grandparent scam” that targeted hundreds of elderly victims, uncovered after Uber flagged suspicious activity to the FBI when its drivers were unknowingly used to move cash. Our Catch of the Day comes from Patrick, who shared a scam email claiming to be from the IMF offering a $9.8 million “compensation fund” paid out in daily $5,000 MoneyGram transfers—if the recipient just hands over all their personal details. Complete our annual ⁠⁠⁠⁠⁠⁠⁠audience survey⁠⁠⁠⁠⁠⁠⁠ before August 31. Resources and links to stories: ⁠Spotify Job Recruitment scam Uber drivers help end scam targeting hundreds of grandparents, U.S. attorney says ‘Cash drop scam’ in Northern California leads to two arrests, linked to 40 cases Good Morning Britain Correspondent Noel Phillips Loses Life Savings in Elaborate Phone Scam. How Can Your Stay Safe living nightmare Good Morning Britain host loses ‘whole life savings’ to phone scam and admits ‘the shame is devastating’ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠[email protected]⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.
--------
49:06
--------
49:06
Agile Software Development Method (noun) [Word Notes]
Please enjoy this encore of Word Notes. A software development philosophy that emphasizes incremental delivery, team collaboration, continual planning, and continual learning CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/agile-software-development⁠ Audio reference link: "⁠Velocity 09: John Allspaw and Paul Hammond, "10+ Deploys Pe,⁠" John Allspaw and Paul Hammond, 2009 Velocity Conference, YouTube, 25 June 2009.
--------
7:45
--------
7:45
This scam is now in session.
This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe's story is on WhatsApp rolling out new anti-scam tools, disrupting over 6.8 million scam-linked accounts, and partnering with experts to share tips on spotting and avoiding sophisticated cross-platform scams run by organized crime networks. Dave's got the story of how “PharmaFraud” — a global network of fake online pharmacies — scams consumers with counterfeit or dangerous medications, stealing money and personal data while putting health and safety at serious risk. Maria dives into the story on a new twist to jury duty scams, where callers posing as police direct victims to fake government websites to steal personal data and money, often demanding payment through cryptocurrency or other untraceable methods. Our catch of the day comes from listener Adam who shares a SiriusXM payment scam they received through an email. Complete our annual ⁠⁠⁠⁠⁠⁠audience survey⁠⁠⁠⁠⁠⁠ before August 31. Resources and links to stories: New WhatsApp Tools and Tips to Beat Messaging Scams Disrupting malicious uses of AI: June 2025 PharmaFraud: how illegal online pharmacies endanger your health and your wallet Scammers are using fake websites in a twist on jury duty scams ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠[email protected]⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.
--------
45:05
--------
45:05