Hacking Humans

Dave outlines a church donation scam. Joe shares reporting from Ars Technica on romance scams coming out of Africa. The catch of the day is courtesy of London comedian James Veitch Our guest is Garry Berman from Cyberman Security who's developed a cyber security comic book series to help raise awareness.Links to this week's stories: https://www.churchlawandtax.com/blog/2018/june/what-to-know-about-new-donation-scam.html https://arstechnica.com/information-technology/2019/07/im-not-100-with-anybody-ars-dissects-a-nigerian-twitter-catfish-scam/ https://www.boredpanda.com/funny-phishing-scam-emails-dot-con-james-veitch/https://www.cyberheroescomics.com/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Joe shares a story on the market economy of phishing. Dave explains how gamers are being taken advantage of on popular chat app Discord. The catch of the day included a little bit of showbiz razzle-dazzle. Our anonymous guest this week shares his efforts to keep his father from falling for online scams.Links to stories: https://blogs.akamai.com/sitr/2019/06/phishing-factories-and-economies.htmlhttps://twitter.com/Splatter_Shah/status/1143556723266994176Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Dave shares a listener story of scammers calling drug stores to try to gather customer rewards points. Joe describes federal contractors being scammed out of over $10 million of hardware, some of it classified communications equipment. The catch of the day starts with a bank email scam and ends with a Rick roll. Carole Theriault speaks with Michael Madon, head of security at Mimecast about the cyber security skills gap.Links to stories - https://qz.com/1661537/us-defense-contractor-falls-for-3-million-email-scam/https://www.newshub.co.nz/home/entertainment/2018/01/man-sets-up-rick-astley-hotline-to-rescue-people-from-annoying-salespeople.htmlHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter. 

Joe shares the heartbreaking tale of a catphishing case that leads to murder. Dave describes a shoe company using an unusual method to trick engagement with an online ad. The catch of the day engages a Nigerian scammer promising a fortune in precious minerals. Dave interview Michael Coates, head of Altitude Networks and former CISO at Twitter. Links to this week's stories -  https://www.nbcnews.com/news/us-news/after-alaska-teen-s-murder-cybersecurity-experts-warn-catfishing-predators-n1019536 https://medium.com/shanghaiist/chinese-shoe-company-tricks-people-into-swiping-instagram-ad-with-fake-strand-of-hair-54d8a2d8ec1dhttps://www.419eater.com/html/user_subs/godfather/godfather.htmhttps://altitudenetworks.com/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

We're taking a break for the Independence Day holiday in the US, so enjoy this episode from the early days of our show. Dave shares a story of airport penetration testing with high degree of yuck-factor. Joe explores research on protecting passwords from social engineering. The catch-of-the-day comes courtesy of Graham Cluley's email spam box. Dave interviews Wired's Security Staff Writer Lily Hay Newman on her article tracking Nigerian email scammers.  Thanks to our show sponsor KnowBe4.

Dave shares the story of one Katie Jones, the fake online persona used to gain the confidence of high-status individuals. Joe describes the tragic case of Christine Lu, a Harvard Medical professor who was scammed out of her life savings. The Catch of the Day warns recipients not to trust the FBI. Carole Theriault interviews Akamai's Larry Cashdollar about scammers using Google Translate to obfuscate web sites.Links to this week's stories:https://www.apnews.com/bc2f19097a4c4fffaa00de6770b8a60dhttps://thispersondoesnotexist.com/ https://www.nbcboston.com/on-air/as-seen-on/Woman-Scammed-Into-Giving-Away-Life-Savings_NECN-511108952.htmlHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Joe shares the story of an elaborate check fraud scam involving HR impersonators. Dave reads an email from a listener who got phished by his own company, and has questions about authorization app vs. hardware keys. Our catch of the day involves an orphan looking to share her inheritance. Dave interviews author Perry Carpenter, who's new book is Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us about Driving Secure Behaviors.Links to stories:https://twitter.com/sigalow/status/1138918411394781185?s=12https://www.yubico.com/2019/01/yubico-launches-the-security-key-nfc-and-a-private-preview-of-the-yubikey-for-lightning-at-ces-2019/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Dave describes researchers spotting scammers on dating sites using AI. Joe shares a phishing scheme that asks users to manage undelivered mail. The catch of the day involves cute puppies and Mogwai meat. Dave interview Avi Solomon, director of information technology for Rumberger, Kirk and Caldwell, an Orlando, Florida litigation firm.Links to today's stories:https://www.bbc.com/news/technology-48472811https://arxiv.org/pdf/1905.12593.pdf https://www.bleepingcomputer.com/news/security/new-phishing-scam-asks-you-to-manage-your-undelivered-email/https://www.419eater.com/html/tommy_mark.htmHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Joe describes one of history's great con artists, Victor Lustig, who sold the Eiffel Tower. Twice. Dave shares a story from a listener involving a UPS tracking number scam. The catch of the day involves am attempted romance scam on the XBOX platform. Dave interviews Sherri Davidoff, CEO of LMG Security and is the hacker named "Alien" in Jeremy Smith's book, "Breaking and Entering." She has her own book coming out this summer, "Data Breaches: Crisis and Opportunity." Links to this week's stories:http://mentalfloss.com/article/12809/smooth-operator-how-victor-lustig-sold-eiffel-towerhttps://community.ebay.com/t5/Archive-Shipping-Returns/Seller-Scam-UPS-Tracking-Shows-Delivered/td-p/26206551Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Dave reviews Google's recent security report on basic account hygiene. Joe describes passive social engineering, including USB charging stations at airports. The catch of the day exposes a trunk box scam involving ill-gotten war profits. Carole Theriault speaks with the head of a group that call themselves Scam Survivors.Links to stories:https://security.googleblog.com/2019/05/new-research-how-effective-is-basic.htmlhttps://www.forbes.com/sites/suzannerowankelleher/2019/05/21/why-you-should-never-use-airport-usb-charging-stations/#4116498a5955https://scamsurvivors.com/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.