Hacking Humans

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow up, this time involving a surprising new flock of chickens and a listener note from Belgium. Via Peter Janssen, as he’s seen the same fake “employee discount” scams we covered, only this time targeting backpacks and other products. Dave's story is on a new “podcast imposter” scam, where fake invites trick business owners and influencers into giving remote access so attackers can hijack their accounts. Joe's got a story on Workday disclosing a breach after attackers used social engineering to infiltrate a third-party CRM system, and why this matters given Workday’s wide use as the front end for so many companies’ HR departments. Maria brings two quick hits this week: a fake FedEx text scam making the rounds, and a look at whether covering kids’ faces with emojis in photos really protects their privacy — or if it’s more illusion than protection. On today's catch of the day, Dave got a text claiming he’s been recommended for a high-paying, no-experience-needed YouTube job—classic signs of a scam promising easy money and “free training.” Complete our annual ⁠⁠⁠⁠⁠⁠⁠⁠audience survey⁠⁠⁠⁠⁠⁠⁠⁠ before August 31. Resources and links to stories: ⁠⁠Dumbest Friend Just Bought 20 Chickens Executives Warned About Celebrity Podcast Scams Workday Discloses Data Breach Following CRM-Targeted Social Engineering Attack Will covering your child’s face with an emoji actually protect their privacy? ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Please enjoy this encore of Word Notes. A software development model that relies on a series of sequential steps that flow into each other, like a series of waterfalls.  CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/waterfall-software-development⁠ Audio reference link: “⁠Creating Video Games - Agile Software Development,⁠” by Sara Verrilli, MIT OpenCourseWare, YouTube, 10 December 2015

Dive into the cunning world of modern scams, where criminals use GPS-enabled phones to track and steal cars from unsuspecting owners. Discover the alarming details of a $5 million grandparent scam and how investigators uncovered it through keen observations. Learn about a deceptive job scam that mimicked Spotify's recruitment page, showcasing the risks of social media for job seekers. Plus, enjoy some light-hearted banter about chicken farming, blending humor with serious discussions on cybersecurity and scams.

Dive into the fascinating world of agile software development, where incremental delivery and team collaboration reign supreme. Explore its evolution from traditional methods, highlighting the Agile Manifesto's transformative impact. Discover how breaking down complex tasks enhances adaptability and security in software systems. The discussion illuminates the challenges faced by pioneers in the field, shedding light on the ongoing importance of agility in modern programming.

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe's story is on WhatsApp rolling out new anti-scam tools, disrupting over 6.8 million scam-linked accounts, and partnering with experts to share tips on spotting and avoiding sophisticated cross-platform scams run by organized crime networks. Dave's got the story of how “PharmaFraud” — a global network of fake online pharmacies — scams consumers with counterfeit or dangerous medications, stealing money and personal data while putting health and safety at serious risk. Maria dives into the story on a new twist to jury duty scams, where callers posing as police direct victims to fake government websites to steal personal data and money, often demanding payment through cryptocurrency or other untraceable methods. Our catch of the day comes from listener Adam who shares a SiriusXM payment scam they received through an email. Complete our annual ⁠⁠⁠⁠⁠⁠audience survey⁠⁠⁠⁠⁠⁠ before August 31. Resources and links to stories: New WhatsApp Tools and Tips to Beat Messaging Scams Disrupting malicious uses of AI: June 2025 PharmaFraud: how illegal online pharmacies endanger your health and your wallet Scammers are using fake websites in a twist on jury duty scams ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Please enjoy this encore of Word Notes. The flagship product of the controversial Israeli spyware vendor, the NSO Group, use for remotely hacking mobile devices, most notably iPhones, via zero-click exploits. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/pegasus⁠ Audio reference link:⁠“Cybersecurity beyond the Headlines: A Conversation with Journalist Nicole Perlroth⁠,” Kristen Eichensehr, and Nicole Perlroth, University of Virginia School of Law, YouTube, 14 February 2022

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up on an Arizona woman sentenced to over eight years in prison for running a “laptop farm” that helped North Korean IT workers pose as U.S. employees at hundreds of American companies, funneling over $17 million to Pyongyang through stolen identities and remote access. We also share an update on Joe's Profile picture. We start with Dave’s story on a Facebook scam falsely claiming insider access to a secret Yeti cooler deal from Dick’s Sporting Goods, using a fake emotional backstory to lure users into clicking a malicious link under the guise of an employee-only loophole. Maria’s story is on escalating violence at the Thailand-Cambodia border, where a long-standing territorial dispute has reignited after a leaked phone call between leaders fractured a decades-old political friendship, sparking deadly clashes, diplomatic fallout, and rising tensions fueled by personal betrayal, political instability, and mutual economic pressures. Joe’s story follows the indictment of a former Tri-Cities pastor who allegedly used his position and a fake cryptocurrency scheme called “Solano Fi” to defraud his congregation and others out of millions, promising risk-free returns while siphoning the funds for himself and his co-conspirators. Our catch of the day comes from Joe who shares an interesting email from "Xfinity." Complete our annual ⁠⁠⁠⁠⁠audience survey⁠⁠⁠⁠⁠ before August 31. Resources and links to stories: ⁠⁠⁠⁠⁠Arizona woman sentenced over $17 million North Korea worker fraud scheme⁠ Facebook: Ava Davis  Facebook Facebook Facebook The fractured friendship behind the fight at the Thailand-Cambodia border Lethal Cambodia-Thailand border clash linked to cyber-scam slave camps Beneath the Border: Scam Centers and the Thailand–Cambodia Conflict Grand Jury Charges Pastor, Wife in Alleged Multi-Million Dollar Cryptocurrency Scam Former Tri-Cities Pastor Indicted for Multi-Million Dollar Cryptocurrency Scam ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠⁠Selena Larson⁠⁠⁠, ⁠⁠⁠Proofpoint⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠DISCARDED⁠⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠N2K Networks⁠⁠⁠ ⁠⁠⁠Dave Bittner⁠⁠⁠ and ⁠⁠Keith Mularski⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠Qintel⁠⁠. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our three hosts discuss several articles covering a new wave of social engineering attacks tied to the so-called Contagious Interview campaign. In this operation, threat actors linked to North Korea are reportedly posing as tech recruiters to trick job seekers into downloading malware. The discussion highlights updates to two malware strains—BeaverTail and InvisibleFerret—that have been retooled with cross-platform capabilities and new data theft features, raising fresh concerns about how targeted individuals could become a gateway into larger organizational networks. You can find the links to the stories here: Lazarus Group Infostealer Malwares Attacking Developers In New Campaign Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware North Korean State Sponsored Supply Chain Attack on Tech Innovation Lazarus Group Targets Organizations with Sophisticated LinkedIn Recruiting Scam

Please enjoy this encore of Word Notes. An open source email authentication protocol designed to prevent emails, spoofing in phishing, business email compromise or BEC, and other email-based attacks.  CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/pegasus⁠ Audio reference link:"⁠Global Cyber Alliance's Phil Reitinger talks DMARC adoption⁠" “Global Cyber Alliance’s Phil Reitinger Talks DMARC Adoption.” YouTube Video. YouTube, April 27, 2018

In this discussion, Rob Allen, Chief Product Officer at ThreatLocker, examines the notorious cybercriminal group, Scattered Spider. Known for their youthful and agile members, Scattered Spider relies on social engineering rather than traditional hacking. They manipulate support staff to access sensitive information, using tactics as sophisticated as AI-generated voices. Rob highlights the importance of recognizing red flags in communications, illustrated by a listener’s phishing attempt about a salary increase, urging organizations to enhance cybersecurity training.