Hacking Humans

An IT governance framework developed by ISACA. CyberWire Glossary link: https://thecyberwire.com/glossary/cobitAudio reference link: isacappc. “How Do You Explain Cobit to Your Dad – or Your CEO?” YouTube, YouTube, 24 Aug. 2016, https://www.youtube.com/watch?v=EYATVkddIyw. 

Brett Johnson, Chief Criminal Officer at Arkose Labs, sits down with Dave to discuss his history & ways to make fraud efforts less lucrative for bad actors. Dave and Joe share some listener follow up from Graham about one way that helps him stay safe against fake URLs. Dave's story is about bomb email attacks, in which someones email is spammed with hundreds to thousands of emails in hopes of hiding important information contained in one of the thousands of emails, perhaps from a financial institute. Joe's story is on how the FBI is warning the public to beware of tech support scammers and how they are targeting financial accounts using remote desktop software. Our catch of the day comes from listener Norman, who shares a story about how his Steam account got hijacked and how a hacker impersonating a Steam employee was trying to help him.Links to stories: New Registration Bomb Email Attack Distracts Victims of Financial Fraud FBI Warns Public to Beware of Tech Support Scammers Targeting Financial Accounts Using Remote Desktop Software Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

A security architecture that incorporates the cloud shared responsibility model, a vendor provided security stack, and network peering with one or more of the big content providers and their associated fiber networks. CyberWire Glossary link: https://thecyberwire.com/glossary/security-service-edgeAudio reference link: Netskope (2022). What is Security Service Edge (SSE). YouTube. Available at: https://www.youtube.com/watch?v=Z9H84nvgBqw [Accessed 21 Oct. 2022].

Kurtis Minder, CEO of GroupSense joins Dave to discuss how ransomware new laws leave small business behind. Dave and Joe share some follow up on Elon Musk after his big purchase and the changes that now follow. Joe's story follows Kalamazoo County residents and a new scam that is popping up, where they are being targeted by scammers through Facebook messenger video calls. Dave shares a story that hits home for him about an email that his father received from Best Buy claiming that he will be charged $500 for Geek Squad services. Our catch of the day comes from an anonymous listener who writes in to share an email they received from a Mrs. Phong Dung, who wants to send 1 million to the person who received the email. The receiver knows this email is a fake and writes into the show to ask Joe and Dave if these emails ever actually work on anyone.Links to stories:Kalamazoo County residents targeted in Facebook messenger video call scamHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

A social engineering tactic in which hackers build a malicious domain to mimic a legitimate one.CyberWire Glossary link: https://thecyberwire.com/glossary/domain-spoofingAudio reference link: “Mission Impossible Fallout - Hospital Scene.” YouTube, YouTube, 8 Oct. 2018,

We’re sharing a preview of a podcast we enjoy called “What’s Your Problem?” Every week on What’s Your Problem, entrepreneurs talk about the future they’re trying to build and the problems they have to solve to get there. How do you build cars that can actually drive themselves? How do you use technology to bring down the cost of airfares? And how do you teach a computer to understand sports? Hosted by former Planet Money host Jacob Goldstein, What’s Your Problem? helps listeners understand the problems really smart people are trying to solve right now. Listen to What’s Your Problem? at https://podcasts.pushkin.fm/wyphumans

Jameeka Green Aaron, CISO, Customer Identity at Okta, sits down with Dave to speak about their State of Secure Identity report. Dave and Joe share some listener follow up from Richard, who writes in to share his thoughts on the discussion of the phishing kit targeting WordPress sites in a previous episode, and also writes in about last episode’s discussion on how companies were turning on employees who are overworked with two remote jobs and shares how Equifax was one of these companies. Dave's story follows typosquatting, which is when a scammer registers a website that is very similar to the real one, but will have a typo in it (ex: amozon, homdepot, gougle) and how a large typosquatting campaign is delivering tech support scams. Joe's story follows a South Bay man who had the misfortune of accepting hundreds of open house offers, but the houses weren't for sale. Our catch of the day comes from listener Chris who writes in that he's never gotten a phishing email on his work email or personal email, but that he received his first phish from PayPal, which seemed to me a notification at first glance rather than a message telling him there is fraudulent activity happening in his account.Links to stories: Large typosquatting campaign delivers tech support scams A South Bay man accepted hundreds of offers from open houses. But the homes weren’t for sale Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

A layer seven firewall that sits in line at the boundary between the internet and an organization's network perimeter that allows security policy enforcement and can perform certain prevention and detection tasks.CyberWire Glossary link: https://thecyberwire.com/glossary/secure-web-gatewayAudio reference link: ‌Vintage Computer Federation (2015). VCF East 9.1 - Ches’ Computer Security Adventures - Bill Cheswick. YouTube. Available at: https://www.youtube.com/watch?v=trR1cuBtcPs.

Enjoy this CyberWire classic.They did the Mash...the did the Malware Mash...

Kim Allman from NortonLifeLock, and Carrie Neill from the National PTA, sit down with Dave to discuss the Smart Talk 2.0 tool. Joe and Dave share some follow up on an exciting new position Joe has accepted as the Director of Cyber Science at a company called Harbor Labs. This week, Joe's story comes from listener Beau, who writes in about an ATM scam he fell victim to, sharing how the scammers were spamming his phone with texts, emails, and calls before he figured out what was going on. Dave's story follows the growing new trend of overworking, or having two remote jobs at once and working at both. One company's CEO calls it a form of theft and deception. Our catch of the day comes from listener Rodney who writes in, sharing about his son's girlfriend who is looking for work and received an email pointing her in the direction of a new prospect. Sadly, Rodney had to share the news that the email seemed to be a scam.Links to stories:Tech CEO calls overemployment trend a 'new form of theft and deception' after firing 2 engineers secretly working multiple full-time jobs at onceHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.