Hacking Humans

Guest Herb Stapleton, the FBI’s cyber division sector chief, joins Dave to talk about the FBI's Internet Crime Complaint Center (IC3) annual report and its findings, Joe's story is about an ongoing IRS impersonation scam targeting educational organizations, Dave shares a story from the BBC about people using their pets names as passwords (tell us that hasn't crossed your mind or your keyboard before), and our Catch of the Day comes from the Land Down Under via Gareth and Kingsley. COTD note: Just to be clear their jurisdiction is a single party consent jurisdiction.Links to stories: IRS warns university students and staff of impersonation email scam Pets' names used as passwords by millions, study finds Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

On-demand pay-as-you-go Internet delivered compute, storage, infrastructure, and security services that are partially managed by the cloud provider and partially managed by the customer.

Guest Peter Warmka, founder of the Counterintelligence Institute, joins Dave to talk about how insider targets are chosen and assessed, Joe shares a weird phone call he received, Dave's story from a Twitter use named Jake on flower shop scams, Joe has a story about student loan forgiveness scams, and our Catch of the Day comes from a listener named Andrew about a pricey software subscription renewal scam.Links to stories: Twitter thread with flower shop scams from Australia 3 Ways to Spot Student Loan Scams Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

An acronym for Advanced Persistent Threat to describe hacker groups or campaigns normally, but not always, associated with nation state cyber espionage and continuous low-level cyber conflict operations.

Guest Fleming Shi of Barracuda joins Dave to talk about about travel-related phishing attacks now that vaccines are more readily available, Dave and Joe share listener advice about preventative email blocking, Joe shares a story about romance scams by someone that includes fake W2s and other documents in the process, Dave's got a story about a phone scammer posing as McDonald's CEO, and our Catch of the Day is from a listener named Tarik with an email about his reported death. Tarik awards this email the Unlikely Phishing Hook of the Year Award presented by the Institute of Questionable Intentions.Links to stories: Irvine man accused of $1 million romance scam Phone scammer pretending to be McDonald's CEO nearly cons Pennsylvania restaurant out of thousands: report Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

An undocumented or publicly unknown method to access a computer system undetected or to break a cypher used to encode messages.

Guest Ming Yang of Orchard joins Dave to talk about ways to help your parents with technology (aka providing tech support for our parents). Dave shares the FBI's advisory warning of an expected increase in the use of deepfakes for social engineering attacks, Joe's got a story about phantom debts, and our Catch of the Day is from a listener named Anthony about an email from federalcrimeofinvestigation@gmail.com. Hmmm...seems legit.Links to stories: Malicious Actors Almost Certainly Will Leverage Synthetic Content for Cyber and Foreign Influence Operations Beware Scammers Trying to Collect Phantom Debts Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

From the intrusion kill chain model, a technique where the hacker compromises sites commonly visited by members of a targeted community in order to deliver a malicious payload to the intended victim.

Guest professional magician Brandon Williams talks with Joe about the art of deception. we have some follow-up on a watering hole attack we discussed a few episodes back, Joe's story is about the Attorney General of Vermont's top scams of 2020 report (no surprise #1 was SSN phishing), Dave's got a story about the level of sophistication of cybercriminals (hint: not all are that sophisticated), and our Catch of the Day is from a listener named Jo about a well-written request for donation.Links to stories: Top 10 scams of 2020 released by attorney general Not all cybercriminals are sophisticated Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Network observation systems designed to monitor globally unreachable but unused Internet address space or the Deep Web in order to study a wide range of interesting Internet phenomena.