Hacking Humans

Happy Halloween from Joe, Dave, and everyone at the CyberWire!

Dave describes a credential gathering scam targeting users of the Stripe online payment system. Joe responds to an email message from his boss, and learns a valuable lesson. Our catch of the day follows someone as they string along a text messaging scammer. Carole Theriault returns with an interview with J Bennett of Signifyd, an AI firm fighting romance scams.Links to stories: https://cofense.com/credential-phish-masks-scam-page-url-thwart-vigilant-users/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Joe has the story of a convincing scammer who makes an innocent woman doubt herself. Dave describes an online utility that helps users delete unwanted user accounts and also rates the difficulty of doing so. The catch of the day requests help in an investment scam (but lacks punctuation). Our guest is Henry Ajder from Deeptrace Labs on their research on Deep Fakes. Links to stories:https://www.walesonline.co.uk/news/wales-news/swansea-mum-scammed-out-1000-17065476https://backgroundchecks.org/justdeleteme/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Dave describes a ponzi scheme that bought up legitimate investment firms. Joe shares research into deep fakes. The catch of the day includes an invitation to join the illuminati. Ray [REDACTED] returns with followup from his prior visit, along with new information to share.Links to stories: https://13wham.com/news/local/feds-in-rochester-to-detail-multi-million-dollar-ponzi-scheme https://nakedsecurity.sophos.com/2019/10/09/deepfakes-have-doubled-overwhelmingly-targeting-women/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Joe describes online redirect scams, URL encoding and the clever combination of the two. Dave shares delightful satire about Russian brides and Nigerian princes, together at last. The catch of the day involves a student getting the best of scammers, getting them to send him money. Our guest is Fabian Wosar from Emsisoft, well-known for decrypting ransomware. Links from today's stories - https://waterfordwhispersnews.com/2019/09/25/hot-woman-in-your-area-marries-nigerian-prince-whos-email-you-ignored/ https://www.thesun.co.uk/tech/10052181/student-limerick-online-scammer-charity/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Joe reviews highlights from a Proofpoint report on the human aspects of cyber attacks. Dave describes the FTC's cases against online dating site Match.com. The catch of the day comes straight from Her Majesty the Queen. Carole Theriault returns with an interview with Corin Imai, Senior Security advisor at DomainTools, about phishing attacks they’ve been tracking in the UK.Links to stories: https://www.helpnetsecurity.com/2019/09/10/cyberattacks-human-interaction/ https://techcrunch.com/2019/09/26/dating-app-maker-match-sued-by-ftc-for-fraud/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Joe outlines online threats from social media. Dave shares a story of scammers try to scare a community into purchasing security products. The catch of the day features a promise of riches from Facebook's Mark Zuckerberg. Our guest is Yaser Masoudnia from LastPass who addresses listener questions about Single Sign On.Links to stories: https://info.phishlabs.com/blog/how-social-media-is-abused-for-phishing-attacks http://www.pressandguide.com/news/police_fire/email-scam-trying-to-convince-dearborn-residents-crime-is-up/article_249b1f2c-cb34-11e9-a5b0-cf725769167a.htmlHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Special guest host Graham Cluley joins Dave while Joe takes a short break. Dave shares the success of the FBI's reWired campaign which has apprehended alleged scammers around the world. Graham describes a website hoping to spare users the hardship of multifactor authentication. The catch of the day involves a generous soccer star. Our guest is Matt Price from ZeroFOX with insights on Deep Fake technology.Links to today's stories: https://www.fbi.gov/news/stories/operation-rewired-bec-takedown-091019https://dontduo.com/https://www.smashingsecurity.com/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter. 

A listener updates us on "notice of arrest" policies. Dave notes increased instances of Google Calendar spam. Joe shares a claim that AI voice mimicry was used to dupe a company out of nearly a quarter million dollars. (Dave is skeptical.) The catch of the day accuses the target of naughty behavior. Carole Theriault interviews ethical hacker Zoe Rose.Links to stories:https://www.popsci.com/google-calendar-spam-what-to-do/ https://www.wsj.com/articles/fraudsters-use-ai-to-mimic-ceos-voice-in-unusual-cybercrime-case-11567157402Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Follow-up from down under. Joe shares the story of a Mom scammed out of Gaelic Football League tickets. Dave describes a bounty hunter hoaxing suicide threats to get location information from mobile providers. The catch of the day requires a response from the grave. Our guest is Ben Yelin, senior law and policy analyst from the University of Maryland Center for Health and Homeland Security. He digs in to a particular Facebook scam that refuses to die.Links to stories:https://m.independent.ie/irish-news/news/im-just-broken-up-mother-devastated-as-shes-scammed-out-of-money-while-trying-to-buy-allireland-final-tickets-38446401.htmlhttps://www.thedailybeast.com/feds-say-bounty-hunter-matthew-marre-used-suicide-hoax-to-con-verizon-t-mobile-out-of-customer-dataHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.