DiscoverHacking Humans
Hacking Humans
Claim Ownership

Hacking Humans

Author: N2K Networks

Subscribed: 4,799Played: 227,829
Share

Description

Deception, influence, and social engineering in the world of cyber crime.

532 Episodes
Reverse
Cybersecurity interview with ChatGPT. In part one of CyberWire’s Interview with the AI, Brandon Karpf interviews ChatGPT about topics related to cybersecurity. Rick Howard joins Brandon to analyze the conversation and discuss potential use cases for the cybersecurity community. ChatGPT is a chatbot launched by OpenAI and built on top of OpenAI’s GPT-3 family of large language models. Cyber questions answered by ChatGPT in part one of the interview. What were the most significant cybersecurity incidents up through 2021? What leads you to characterize these specific events as significant? What were the specific technical vulnerabilities associated with these incidents? Who were the cyber actors involved in each of these attacks? Do you think it's valuable to attribute cyber attacks to specific actors?
Trevin Edgeworth, Red Team Practice Director at Bishop Fox, is discussing how change, like M&A, staff, tech, lack of clarity or even self-promotion within and around security environments presents windows of opportunity for attackers. Joe and Dave share some listener follow up, the first one comes from Erin, who writes in from Northern Ireland, shares an interesting new find about scammers now keeping up with the news. The second one comes from listener Johnathan who shared thoughts on reconsidering his view on defining Apple's non-rate-limited MFA notifications as a "vulnerability." Lastly, we have follow up from listener Anders who shares an article on AI. Joe shares a story from Amazon sellers, and how they are being plagued in scam returns. Dave brings us the story of how to save yourself and your loved ones from AI robocalls. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Theory Is All You Need: AI, Human Cognition, and Decision Making Amazon Sellers Plagued by Surge in Scam Returns How to Protect Yourself (and Your Loved Ones) From AI Scam Calls News Insights: Does X Mark a Target? with Trevin Edgeworth, Director of Red Team Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
Dr. Robert Blumofe, CTO at Akamai, sits down to talk about the AI doomsday versus a "very bad day" scenario. Dave shares a story from The Knowledge Project Podcast, where the host talks to Adam Robinson, a multifaceted individual known for his work as an author, educator, entrepreneur, and hedge fund advisor, and he talks about what is all incorporated into the term "stupidity." Dave goes on to share that while most people may feel stupid when falling for a scam, this research suggests otherwise, and you should never feel that way for falling for any scam. Joe's story comes from Hayley Compton at BBC, and is on a Facebook scam sneaking it's way into a family's home after a couple just had their first child. Our catch of the day comes from listener Michael, who shares an email he received that caught him off guard at first. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: How Not to Be Stupid 'Facebook scammer tricked his way into our home' Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story about Apple users reporting that they are being targeted in elaborate phishing attacks that involve's a bug in Apple’s password reset feature. Joe and Dave share some listener follow up from Leo who shares some thoughts on episode 282 and the recruiter scam that was discussed. Dave shares a story from Mexico on one of the most violent criminal groups and drug cartels, Jalisco New Generation. They have been running call centers that offer to buy retirees’ vacation properties and then empty the victims’ bank accounts. Joe has the story of Facebook spying on users' Snapchats in a secret project. Our catch of the day comes from listener Van, who writes in to share a voicemail they received related to a tax scam. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Recent ‘MFA Bombing’ Attacks Targeting Apple Users A Mexican Drug Cartel’s New Target? Seniors and Their Timeshares Facebook snooped on users’ Snapchat traffic in secret project, documents reveal You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
Graham Cluley joins to discuss trends he’s been seeing lately in online scams. N2K's very own Gina Johnson shares some insights on a discussion a few episode ago on why people need a prescription for oxygen in the US. Joe brings up the topic of getting and exploiting access to your infrastructure, and shares an article that deals with the rise of social engineering fraud in business email compromise. Dave shares a personal story this week, on how he got scammed from a Facebook post, sharing that it can happen to anyone. Our catch of the day comes from listener Vance, who writes in to share a scam he found via "snail mail," regarding a life insurance policy that he needs to collect on. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: The Rise of Social Engineering Fraud in Business Email Compromise How Sophisticated Social Engineering Attacks Are Targeting IT Service Desks Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. She shares the story on scammers posing as recruiters on LinkedIn to get you to fall for an age old phishing scam. Dave and Joe share some listener follow up, the first being from listener Alex who shared a video on scammers being forced to prove they are not robots. Listener Chloe wrote in with a question, asking about a potential scam she encountered. Joe has a story from the BBC this week regarding a love scam in the Philippines. Finally, Dave shares the story on the FCC approving a voluntary cybersecurity labeling program for wireless IoT products. Our catch of the say comes from Mark, who shares a personal story on a recruiting scam nightmare. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Heads Up, Tech Professionals: Protect Yourself From Phishing Scams Presenting as Recruiters Forcing Scammers To Prove They're Not Robots Hundreds rescued from love scam centre in the Philippines FCC adopts voluntary 'Cyber Trust Mark' labeling rule for IoT devices You can hear more from the T-Minus space daily show here. And be sure to join our live webinar: CISOs are the new Architects (of the Workforce) Join N2K’s Simone Petrella and Intuit’s Kim Jones on Wednesday, March 27th for an online discussion about the pivotal role security leaders play in shaping the security workforce landscape, and how we can start showing up for the future of our industry. Learn more and register on the event page. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
This week we are joined by N2K CyberWire's very own Catherine Murphy, and she is sharing her family's experiences with Lurie Children's Hospital's recent cybersecurity incident. Dave shares a story on the dangers of Googling airline customer service numbers when an issue occurs. Joe shares another story on scary scams that are costing people millions of dollars, now getting the FBI involved. Our catch of the day was found from the Washington University in St. Louis from their Scam of the Month posting, which shares another tale of a scam, this time trying to recruit for an open vacancy as a research assistant for undergraduates. The scammers pose as a Professor of Computer Science and Engineering to try and get students to sign up for this fake job posting. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: I’m begging you not to Google for airline customer service numbers Elaborate scam involves gold bars and couriers; cost a Maryland woman $2 million Scammers Use Couriers to Retrieve Cash and Precious Metals from Victims of Tech Support and Government Impersonation Scams Scam of the Month: RESEARCH ASSISTANT VACANCY FOR UNDERGRADUATE Ransomware gang claims to have made $3.4 million after attacking children’s hospital Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. She discusses how AI is being used as a possible solution to one of the oldest scams in the book in Japan. Dave and Joe share some listener follow up, one from listener Alan and one from Clinton, who both write in about a recent episode and they share their thoughts on the story of Charlotte Cowles being scammed out of $50,000. Dave shares a story about calendar meeting links, from Calendly, a popular application for scheduling appointments and meetings, being used to spread mac malware. Joe shares write ins from several listeners, some writing in to share experiences with scams they have come across, others writing to warn others on scams they have seen used in the real world. Our catch of the day comes from Zach with an oddity, getting scammed by mail! Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Japan’s new ATMs automatically play anti-fraud videos to people talking on mobile phones【Video】 Fraudsters in Japan use foreigners' bank accounts in cash grab 【警察庁】ATMで携帯電話…AIで検知し警告表示 特殊詐欺の被害増受け Calendar Meeting Links Used to Spread Mac Malware IDcare You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
Mike Kosak, Principal Intelligence Analyst at LastPass, is discussing passkeys, threat actors, and Volt Typhoon. Joe shares a new free certification you could get if you are looking to get into the field. Joe also shares a terrifying story about how everyone can be conned, and it's not as obvious as it may seem sometimes. Dave's story is warning Costco members of a new phishing scam that attempts to steal their credit card information. Our catch of the day comes from listener Pryce who shares an email they received regarding a charge they are getting from "NortonLifeLock." Links to the stories: FREE Entry-level Cybersecurity Training + Certification Exam Put your smugness away. You are not too clever to be conned. New Costco Membership Scam Targets Members' Credit Card Information Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
Scamming the innocent.

Scamming the innocent.

2024-02-2245:39

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. She brings us a scary story from a woman who never thought she'd ever be scammed. Dave and Joe shares some follow up before getting into their stories, they share a story from a listener who sent in a LinkedIn link about scammers targeting Walmart. They also share a question from listener Cynthia, who asks about bank scam covered before, and how to respond to these scams. Dave shares a story from an anonymous source this week, who writes in about the dangers of crypto scams. Joe has two stories for us this week, the first one being from a friend of his that works for a company that specializes in military contracts. This company was hiring an employee and received three emails that all were very similar to one another, sharing that this is a red flag and wanted to write in to share the dangers of this scam. The second story is a very similar story to the one covered on Andy Cohen a few episode ago, and shares how a Jefferson county couple were scammed out of hundreds of thousands of dollars. Our catch of the day comes from listener Thomas who shares a story on AI voices sounding like famous people and his experience. Links to the stories: The Day I Put $50,000 in a Shoe Box and Handed It to a Stranger I never thought I was the kind of person to fall for a scam. Phishing scam dupes Jefferson County couple out of $137K Phishing bank scam dupes Golden couple out of $137K SCAM HELL Walmart ‘gift card scammers’ caught spending $15k on jewelry, big-screen TVs and lobster tails at Sam’s Club You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
Aaron Walton, Threat Intel Analyst from Expel is discussing some things to look out for in 2024. Joe and Dave share some listener follow up from Mateusz, who shares some positive news with us. Dave's story is about a romance scammer coming clean after failing to woo CBS News reporter, Erica Johnson. Joe's story is on the latest decision from the FCC, and how they voted to ban scam robocalls that use AI-generated voices. Our catch of the day comes from listener Chuck, just in time for tax season, he warns against a phishing scam he received about his taxes. Links to the stories: Romance scammer reveals how he tricks women after failing to fool Go Public reporter FCC votes to ban scam robocalls that use AI-generated voices Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
This week, we are joined by host of N2K's T-Minus Space Daily podcast, Maria Varmazis, she sits down with Joe and Dave to discuss sextorion materials that were found on popular social media apps such as, TikTok, Instagram, Snapchat and YouTube. Joe and Dave share quite a bit of follow up, Joe starts with an anonymous listener writing in sharing their story on gift card scams. Dave shares another anonymous listeners comments, sharing about what they think of Andy Cohen going public on how he got scammed. Finally, Joe and Dave hear from a listener by the name of "The Computrix," who says they need to defend Walmart. Dave share's his story about the most common phishing email themes of 2023. Joe's got the story of ransomware not being paid the same way as it used to be by companies, and share the two different angles on that. Our catch of the day comes from listener William, who writes in with a phishing scam that caught his eye. Links to the stories: Sextortion training materials found on TikTok, Instagram, Snapchat and YouTube, according to new report Most Common Phishing Email Themes of 2023 Companies aren’t paying ransoms like they used to New Ransomware Reporting Requirements Kick in as Victims Increasingly Avoid Paying FBI: Scammers Are Sending Couriers to Collect Cash From Victims You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
Quiz scam nightmare.

Quiz scam nightmare.

2024-02-0146:061

Jaeson Schultz, Technical Leader from Cisco Talos, is discussing "Spammers abuse Google Forms’ quiz to deliver scams." Dave's story discusses the disturbing new trick up a scammers sleeve to get you to fall for their schemes. Joe has two stories this week, the first a warning to those who pick up scammers phone calls and what that can lead to after gaining access to your voice. Joe's second story follows a band of organized thieves and how they have been targeting high-end homes across Metro Detroit. Our catch of the day comes from listener Van, who writes in to share a fun catch from a scammer who left a voicemail. Links to the stories: Spammers abuse Google Forms’ quiz to deliver scams Scammers are stealing people's faces for live video calls All it takes is one sentence for AI to clone your voice Expert says alleged recording of racist, antisemitic rant by Pikesville High principal could be fake Videos: Organized crews smash glass, use jammers to break into high-end Metro Detroit homes Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
Phishing for mail.

Phishing for mail.

2024-01-2551:02

Abhilash Garimella from Bolster joins to discuss a USPS phishing campaign abusing freemium dynamic DNS and SaaS providers. Dave and Joe share some follow up, one was from listener Mike who wrote in to tell us about a breach at Resend, another was regarding a previous episode on grief and the internet, and finally Joe and Dave discuss a listeners response to a previous episode regarding an SMS scam a listener wrote in about. Dave shares a story on Walmarts relaxed security methods and how scammers may be exploiting them. Joe shares a couple articles relating to the ever growing pop star Taylor Swift and how criminals are using her face to scam. Our catch of the day comes from Joe this week, and he shares an interesting looking email he received from "Apple." Links to the stories: Facebook users targeted with “I’ll miss him so much” scam Incident report for January 10, 2024 How Walmart’s Financial Services Became a Fraud Magnet Taylor Swift, Selena Gomez deepfakes used in Le Creuset giveaway scam No, That’s Not Taylor Swift Peddling Le Creuset Cookware Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
This week we are joined by the host of T-Minus, N2Ks very own Maria Varmazis brings her own story and discusses with Dave and Joe. We start off with Joe, and he brings in the story of Andy Cohen and how he fell victim to a credit card scam and shares what he had learned through the experience. Maria shares Arctic Wolf Labs' story and how they have investigated several cases of Royal and Akira ransomware victims being targeted in follow-on extortion attacks dating back to October of 2023. Lastly, Dave shares his story warning YouTube users about videos promoting cracked software that is distributing Lumma Stealer. Our catch of the day comes from listener Jon, he shares and email that had made it through his spam filter. You can hear more from the T-Minus space daily show here. Links to the stories: Exclusive: Andy Cohen fell victim to a credit card scam. Here's what he learned Follow-On Extortion Campaign Targeting Victims of Akira and Royal Ransomware Beware! YouTube Videos Promoting Cracked Software Distribute Lumma Stealer Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
Frank Riccardi sits down to discuss how cybercriminals exploit people’s fondness for reused passwords to launch credential stuffing attacks. Dave and Joe share a bit of follow up, one from a listener named Steve who shares some push back from the 23andMe story from last week, and the other from a listener named Michael who shares a story of unpaid toll scams. Joe shares the story of a Utah exchange student and how he fell victim to a cybersecurity kidnapping, and now authorities are trying to figure out how it happened. Dave shares a scam about tragic fake posts that lead to a "win now" website, that has been flooding his Facebook feed. Our catch of the day comes from Jon who writes in to share a suspicious email that made it through the spam filter in Google. Links to the stories: After Utah exchange student cyber kidnapping, we're looking at how the scam works Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
Alethe Denis from Bishop Fox is talking with Dave and Joe with her take on the 23AndMe breach. Dave and Joe share some follow up from listener Michael, who writes in to share thoughts on our catch of the day from last episode, regarding the voice mail from Spectrum. Dave shares a story on email security, and how human factors have a heavy influence on it, especially with people's vulnerability to phishing and social engineering. Joe has two stories this week, his first story is a good wrap on the holiday's and gift card scams. Joe's second story is a jump on tax season quickly approaching, and how the IRS is helping taxpayers by providing penalty relief. Our catch of the day is a good example of what not to do when phishing/scamming people, luckily the receiver was smarter than the sender. Links to the stories: How Human Elements Impact Email Security "Vanilla Gift" card issuer faces lawsuit over card-draining scam risk IRS helps taxpayers by providing penalty relief on nearly 5 million 2020 and 2021 tax returns; restart of collection notices in 2024 marks end of pandemic-related pause News Insights: 23AndMe with Alethe Denis, Security Expert - Red Team Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
Stolen personality?

Stolen personality?

2023-12-2844:30

Matt Lewis from the NCC Group joins to discuss how cybercriminals can decode your personality through AI conversations to launch targeted attacks at you. Dave and Joe share some follow up from listener Sydney, who writes in to share her thoughts on an FCC proceeding and how it could be of greater relevance to IoT security than SBOMs and HBOMs. Dave also shares a story from a listener from last Christmas, sending a warning to holiday shoppers. Dave has two stories this week, he shares one regarding an announcement on holiday scams coming out. His other story follows Zelle finally caving in to provide some relief to scam victims. Joe's story follows new crypto-theft attacks and warns people against the new tactics. Links to the stories: 2023 Holiday Shopping Scams Zelle finally caves after years of refusing to refund scam victims Microsoft: BlueNoroff hackers plan new crypto-theft attacks Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
Adam Bateman, Co-Founder & CEO at Push Security, is sharing some of the latest phishing trends his team has been observing. Dave and Joe share some listener follow up from Michael, who writes in with a new idea, calling it "eDeception." With the holiday season practically here, Joe shares a story about gift card scams, reminding everyone to be safe this holiday season. Dave's story follows a new iPhone update regarding stolen device protection in an upcoming version of iOS. Our catch of the day comes from listener Van who sent in an audio catch about Spectrum users. Links to the stories: Amid holiday shopping, thieves utilize new scam eliminating gift card balances iOS 17.3, Now in Beta, Includes New ‘Stolen Device Protection’ Feature Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
Shielding your inbox.

Shielding your inbox.

2023-12-1452:31

Seth Blank, CTO of Valimail, joins to discuss the implications on email security on behalf of DMARC. Joe and Dave share some follow up regarding Meta, who is the parent company to Facebook and Instagram, and how they are now in a lawsuit over steering predators to children in New Mexico. Joe shares how he was almost hacked, as scammers used Peacock to lure him in. Dave's story continues with popular streaming apps being impersonated, this time with Disney+ falling victim. Joe's story follows the U.S. Attorney’s Office, the FBI, and State and Local Law Enforcement Officials sharing another "Don't click December" PSA. Our catch of the day comes from listener Mauricio, who writes in sharing a phishing email, from "PayPal," saying he has an invoice of almost $600. Links to the stories: Facebook and Instagram Steer Predators to Children, New Mexico Attorney General Alleges in Lawsuit Threat actors impersonate Disney+ with considerable guile U.S. Attorney’s Office, the FBI, and State and Local Law Enforcement Officials Release Second “Don’t Click December” PSA Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
loading
Comments (7)

Priya Dharshini

🔴WATCH>>ᗪOᗯᑎᒪOᗩᗪ>>👉https://co.fastmovies.org

Jan 16th
Reply

Vincent Smith

John Hopkins. How a organization that had done such atrocities throughout its history is able to influence, study, or even being allowed to exist blows my mind.

Apr 8th
Reply

Clinton Knight

or not pay attention to the fact "tag along" installs are default agreed upon.

Jun 11th
Reply

Asiko

The app lock for iOS is somehow quite different from the process used to lock apps on Android devices. The use of a password lock app in iOS and setting time limits for apps is used to lock apps on iOS.

Oct 12th
Reply

Emma Edwards

Awesome podcast, learn new things without it being boring. Love the catch of the week!

Sep 15th
Reply

Edge Kazeshiro

puppy

Sep 14th
Reply

KeyboardMonkey

Love this podcast! Keep erm coming!!!

Mar 21st
Reply
Download from Google Play
Download from App Store