Hacking Humans Click for a pay bump?
16 snips
Jul 31, 2025 In this discussion, Rob Allen, Chief Product Officer at ThreatLocker, examines the notorious cybercriminal group, Scattered Spider. Known for their youthful and agile members, Scattered Spider relies on social engineering rather than traditional hacking. They manipulate support staff to access sensitive information, using tactics as sophisticated as AI-generated voices. Rob highlights the importance of recognizing red flags in communications, illustrated by a listener’s phishing attempt about a salary increase, urging organizations to enhance cybersecurity training.
AI Snips
Chapters
Transcript
Episode notes
Scattered Spider's Social Engineering Tactics
- Scattered Spider is a young, loosely affiliated ransomware group specializing in social engineering over technical hacks.
- They manipulate overworked support staff to gain access, focusing on persuasion rather than system breaches.
Cybersecurity Staff Fallen for Test
- ThreatLocker's CEO tested staff by sending a fake executable link via Teams.
- Despite training, 40% of his cybersecurity staff tried to run the file, revealing human weaknesses.
Scam Uses Real Password to Intimidate
- A man received a threatening scam email that included his actual old password to add credibility.
- This tactic made the generic scam seem believable and caused significant distress.