Hacking Humans

Ari Parker, Lead Advisor from Chapter, discussing "Tips for Avoiding Medicare Scams." Joe and Dave share some follow up from several listeners, who write in about various scams they have encountered. Joe's story is on Facebook messenger and how more and more victims are being claimed to scams and cons through the popular social media app. Dave's story shares disturbing information regarding LinkedIn scams, explaining how North Koreans are stealing resumes off the job site in a new crypto job search scam. Our catch of the day comes from listener Jon who writes in about him receiving $10,500,000.00 and how he needs to claim this offer before the end of 2021. Sadly he missed the deadline and wanted to share.Links to stories: Understand and Avoid Medicare Scams Facebook Messenger scam snags 10 million victims, more conned every day North Koreans Steal LinkedIn Resumes in Crypto Job Search Scam Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

A browser configuration control that prevents accessing resources within a private network.CyberWire Glossary link:Audio reference link: “TPM (Trusted Platform Module) - Computerphile,” Computerphile, 23 July 2021

Raj Sarkar, CMO from 1Password and Julien Benichou, Senior Director of Partnership, Strategy, and Execution from Gen.G, join Dave to discuss making the online world a safer place and talk about helping reduce the risk of gamers being the target of hackers. Joe and Dave share some followup from listener Ryan who writes in about the catch of the day from last week's episode, and what struck him most with the scam. Dave's story is on how the government was able to seize millions in stolen cryptocurrency. Joe's story is on a scam involving diamonds and how one scammer was caught, now sentenced to 12 years in prison. Our catch of the day comes from listener Jeremy who writes in about a suspicious email he received from one of his mothers friends. She wrote him asking if he could buy her gift cards and she would pay him back. He shares how he dealt with the scammer and informed his mom, one of her friends emails may have been compromised.Links to stories: How governments seize millions in stolen cryptocurrency Jeweler who sold Trump-Maples ring sentenced to 12 years in multimillion-dollar ‘Yellow Rose’ diamond scam Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

A browser configuration control that prevents accessing resources within a private network.CyberWire Glossary link:Audio reference link: “Chrome Limits Access to Private Networks,” by Daniel Lowrie, ITProTV, YouTube, 19 January 2022.

Romain Basset, Director of Customer Service, at Vade joins Dave to discuss the threat of initial contact spearphishing emails now that many employees are returning to the office. Dave and Joe share some listener follow up from listener Will who writes in about a troubling debate over if it should be "Joe and Dave" or "Dave and Joe." Will shares a website about ablaut reduplication, sharing his thoughts on the matter. Joe shares some good news following a story of a homeless man being robbed of $400,000 after a GoFundMe scam. Joe's story is on a woman who loses almost $150,000 over the phone with someone claiming to be a DEA agent. Dave's story is on a woman who gets scam calls up to 20 times a day. She was diagnosed with cancer in 2021, and can't afford to miss any calls from potential doctors or possible nurses trying to schedule appointments. Our catch of the day comes from listener Alex who writes in sharing how his Apple ID was hacked and locked, although the scammers got one crucial detail wrong, his email.Links to stories: Lincoln woman loses $149,000 in DEA phone scam GoFundMe scam: Kate McClure sentenced to 1 year in federal prison The nonstop scam economy is costing us more than just money Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

This week, Carole Theriault sits down to talk with Paul Ducklin from Sophos on extortion scams targeting LGBTQ+ communities. Joe and Dave share multiple pieces of listener follow up, the first from Matt and Kevin, who write in to share a Wikipedia link regarding N.B. (Nota Bene, or note well) and an ad from 1801. The second one is a write in from someone who is referred to as "P," who shares more information on the Facebook link shortener discussion. Finally, Joe and Dave get a great piece of listener feedback from listener and friend of the show Jonathan, who writes in about resist fingerprinting and how Firefox doesn't block fingerprinting. Dave's story is on trafficking victims being forced to scam people. Joe's story is on a credit union being targeted for phone scams. Our catch of the day comes from listener Ian, who shares how his son was trying to get college housing accommodations and went through Facebook, only to find out that not everyone is as trustworthy as they seem.Links to stories: From Industrial-Scale Scam Centers, Trafficking Victims Are Being Forced to Steal Billions Don’t fall for a scam targeting Ent Credit Union customers Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

The potential next evolution of the worldwide web that decentralizes interaction between users and content away from the big silicon valley social media platforms like Twitter, Facebook, and YouTube, and towards peer-to-peer interaction using blockchain as the underlying technology. CyberWire Glossary link: https://thecyberwire.com/glossary/web-30Audio reference link: “What Elon Musk Just Said about Metaverse, Web3 and Neuralink,” By Clayton Morris, Crypto News Daily, YouTube. 2 December 2021.

Kelly Shortridge, a Senior Principal from Fastly, joins Dave to discuss her talk at RSAC on why behavioral science and behavioral economics matters for InfoSec. Joe's story shares an old scam with a new twist, it's about packages being delivered to you that you never ordered. Dave's story is on how a large scale phishing campaign compromised one million Facebook credentials. Our catch of the day comes from listener Will who was reached out to by someone claiming to be the "Head IMF/EUROPEAN UNION coordinator," who claimed to want to give Will one million dollars in compensation.Links to stories: Package scam delivers unordered items, victims billed hundreds of dollars One Million Facebook Credentials Compromised in Four Months by Ongoing Phishing Campaign Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

A set of solutions for ensuring that the right users can only access the appropriate resources.CyberWire Glossary link: https://thecyberwire.com/glossary/identity-and-access-managementAudio reference link: “The Wrath of Khan (1982) ‘Kirk’s Response,’” by Russell, YouTube, 16 May 2017.

Josh Yavor, CISO at Tessian, joins Dave to discuss a new report they released on cyber mistakes and why employees make them. Joe and Dave share a listener follow-up from Jon, who writes in about mental illness, a serious epidemic taking over the nation. Jon shares interesting tidbits on social media linking to mental illness and the impact it's creating. Dave's story is on hackers trying an old trick with new mechanics: impersonating well known companies. This time, hackers are posing as Quickbooks. Joe's story describes how LinkedIn users are being targeted yet again. These fraudsters are now creating significant threats to users, according to the FBI. Finally, our catch of the day comes from listener Jennifer, who writes in and shares her story of a scammer using SMS to tell her that her Venmo account was hacked, even though she does not have one.Links to stories: Sending Phishing Emails from QuickBooks FBI says fraud on LinkedIn a ‘significant threat’ to platform and consumers Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter