Hacking Humans

A listener writes in with the results of his phishing attempt on his wife. Joe describes research from F-Secure on the most dangerous email attachment types. Dave shares the story of scammers impersonating local hospitals to scare a response from their victims. Our catch of the day involves a LinkedIn scam impersonating a fighter pilot.Joe interviews Elissa Redmiles, an incoming assistant professor of computer science at Princeton University. She studies behavioral modeling to understand why people behave the way they do online.Links to stories from today's show: https://labsblog.f-secure.com/2019/05/08/spam-trends-top-attachments-and-campaigns/ https://www.nbc15.com/content/news/Text-message-scam-impersonates-local-hospitals-509615981.htmlHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

It's a special edition of the Hacking Humans show recorded live at the KB4CON conference in Orlando, FL. Join Joe, Dave and their special guests Stu Sjouwerman, KnowBe4's CEO, and Kevin Mitnick, world-famous hacker and KnowBe4's chief hacking officer, as they discuss malicious scams making the rounds and how to protect yourself and your organization against them. Dave describes a late-night phone call scam, Joe explains a Social Security scheme, Stu shares deadly catch of the day, and Kevin shares stories from his own hacking experience, and takes questions from the audience.Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Joe describes a church scammed out of millions of dollars. Dave shares good news about a group of scammers being apprehended and arrested. The catch of the day involves a Vietnamese investment offer that's almost too good to pass up on. Dave speaks with Dr. Richard Ford from Forcepoint about the models of trust.Links to stories in today's show: https://www.grahamcluley.com/hackers-steal-1-75-million-from-catholic-church-in-ohio/ https://www.justice.gov/usao-sdny/pr/nine-defendants-arrested-new-york-florida-and-texas-multimillion-dollar-wire-fraudHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Followup from listeners on Google search result scams. Dave describes the city of Ottawa sending $100K to a fraudster. Joe shares results from the FBI's Internet Crime Report. The catch of the day involves a dating site and an offer to be someone's "sugar daddy." Our guest is Andy Patel from F-Secure, describing how Twitter bots are amplifying divisive messages.Links to storys: https://www.cbc.ca/news/canada/ottawa/city-treasurer-sent-100k-to-fraudster-1.5088744 https://threatpost.com/fbi-bec-scam-losses-double/144038/ https://www.ic3.gov/media/annualreport/2018_IC3Report.pdf https://labsblog.f-secure.com/2019/04/03/discovering-hidden-twitter-amplification/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Dave and Joe answer a listener question about a mysterious Netflix account. Dave describes a service for Airbnb scammers. Joe explains a particularly "nasty" Instagram scam. Carole Theriault interviews cyber insurance expert Martin Overton from OMG Cyber. Links to stories: https://www.bleepingcomputer.com/news/security/the-nasty-list-phishing-scam-is-sweeping-through-instagram/  https://krebsonsecurity.com/2019/04/land-lordz-service-powers-airbnb-scams/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Asaf Cidon, an expert from Barracuda Networks specializing in spear phishing and social engineering, dives into the evolving landscape of online scams. He reveals alarming statistics about compromised credentials and educates listeners on the critical differences between spear phishing and traditional phishing. The discussion highlights a recent incident affecting millions and underscores the importance of multifactor authentication. Asaf also shares insights on protective measures businesses can adopt to thwart growing threats like business email compromise.

Joe describes a study of people's perceptions when presented with a magic trick. Dave shares the story of fake boyfriend app. Our catch of the day involves the promise of millions from a bank in Africa. Dave interviews Chris Parker from WhatIsMyIPaddress.com.Links to stories: http://nautil.us/issue/70/variables/a-magician-explains-why-we-see-whats-not-there https://youtu.be/vJG698U2Mvohttps://www.pedestrian.tv/tech/fake-boyfriend-app/https://whatismyipaddress.com/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Dave describes a survey of call center security methods. Joe explains a spam campaign raising the specter of a flu pandemic to scare people into enabling macros in an Office document. The catch of the day highlights a Facebook scammer promising a prize-winning windfall. Carole Theriault returns with a story about special badges Girls Scouts can earn for cyber security. Links to stories: https://marketing.trustid.com/acton/attachment/32513/f-0039/1/-/-/-/-/TRUSTID_2018_State_of_Call_Center_Authentication_Survey.pdf https://www.bleepingcomputer.com/news/security/fake-cdc-emails-warning-of-flu-pandemic-push-ransomware/ http://blog.girlscouts.org/2018/07/girl-scouts-introduces-30-new-badges-to.htmlHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Followup on remotely previewing websites. Joe has the story of scammer bilking Facebook and Google out of millions. Dave reviews best practices for deleting data on devices you dispose of. The catch of the day is an offer of criminal partnering with the CIA. Our guest is Jeremy N. Smith, author of the book Breaking and Entering - the extraordinary story of a hacker called Alien.Links from today's stories:https://urlscan.io/ https://www.theregister.co.uk/2019/03/21/facebook_google_scam/ https://blog.rapid7.com/2019/03/19/buy-one-device-get-data-free-private-information-remains-on-donated-devices/https://www.amazon.com/dp/B0789KP775Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

A listener recommends an online tool for safely previewing web sites. Dave shares research on what time of the work week is best for scams. Joe explains credential stuffing. Our guest is Frances Dewing, the CEO and co-founder of Rubica. They recently published a report on how crooks are accessing parents’ mobile devices via apps their kids load. Links to stories mentioned in today's show: https://screenshot.guru/ https://www.aarp.org/money/scams-fraud/info-2019/phone-scams-peak-time.html https://www.digitalnewsasia.com/insights/how-lose-money-credential-stocking-stuffers https://rubica.com/wp-content/uploads/2019/02/Rubica-Report-Cyber-Crime-Privacy-Risks-in-Free-Mobile-Kids-Apps.pdfHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.