Hacking Humans

Joe shares the story of an elaborate check fraud scam involving HR impersonators. Dave reads an email from a listener who got phished by his own company, and has questions about authorization app vs. hardware keys. Our catch of the day involves an orphan looking to share her inheritance. Dave interviews author Perry Carpenter, who's new book is Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us about Driving Secure Behaviors.Links to stories:https://twitter.com/sigalow/status/1138918411394781185?s=12https://www.yubico.com/2019/01/yubico-launches-the-security-key-nfc-and-a-private-preview-of-the-yubikey-for-lightning-at-ces-2019/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Dave describes researchers spotting scammers on dating sites using AI. Joe shares a phishing scheme that asks users to manage undelivered mail. The catch of the day involves cute puppies and Mogwai meat. Dave interview Avi Solomon, director of information technology for Rumberger, Kirk and Caldwell, an Orlando, Florida litigation firm.Links to today's stories:https://www.bbc.com/news/technology-48472811https://arxiv.org/pdf/1905.12593.pdf https://www.bleepingcomputer.com/news/security/new-phishing-scam-asks-you-to-manage-your-undelivered-email/https://www.419eater.com/html/tommy_mark.htmHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Joe describes one of history's great con artists, Victor Lustig, who sold the Eiffel Tower. Twice. Dave shares a story from a listener involving a UPS tracking number scam. The catch of the day involves am attempted romance scam on the XBOX platform. Dave interviews Sherri Davidoff, CEO of LMG Security and is the hacker named "Alien" in Jeremy Smith's book, "Breaking and Entering." She has her own book coming out this summer, "Data Breaches: Crisis and Opportunity." Links to this week's stories:http://mentalfloss.com/article/12809/smooth-operator-how-victor-lustig-sold-eiffel-towerhttps://community.ebay.com/t5/Archive-Shipping-Returns/Seller-Scam-UPS-Tracking-Shows-Delivered/td-p/26206551Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Dave reviews Google's recent security report on basic account hygiene. Joe describes passive social engineering, including USB charging stations at airports. The catch of the day exposes a trunk box scam involving ill-gotten war profits. Carole Theriault speaks with the head of a group that call themselves Scam Survivors.Links to stories:https://security.googleblog.com/2019/05/new-research-how-effective-is-basic.htmlhttps://www.forbes.com/sites/suzannerowankelleher/2019/05/21/why-you-should-never-use-airport-usb-charging-stations/#4116498a5955https://scamsurvivors.com/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

A listener writes in with the results of his phishing attempt on his wife. Joe describes research from F-Secure on the most dangerous email attachment types. Dave shares the story of scammers impersonating local hospitals to scare a response from their victims. Our catch of the day involves a LinkedIn scam impersonating a fighter pilot.Joe interviews Elissa Redmiles, an incoming assistant professor of computer science at Princeton University. She studies behavioral modeling to understand why people behave the way they do online.Links to stories from today's show: https://labsblog.f-secure.com/2019/05/08/spam-trends-top-attachments-and-campaigns/ https://www.nbc15.com/content/news/Text-message-scam-impersonates-local-hospitals-509615981.htmlHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

It's a special edition of the Hacking Humans show recorded live at the KB4CON conference in Orlando, FL. Join Joe, Dave and their special guests Stu Sjouwerman, KnowBe4's CEO, and Kevin Mitnick, world-famous hacker and KnowBe4's chief hacking officer, as they discuss malicious scams making the rounds and how to protect yourself and your organization against them. Dave describes a late-night phone call scam, Joe explains a Social Security scheme, Stu shares deadly catch of the day, and Kevin shares stories from his own hacking experience, and takes questions from the audience.Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Joe describes a church scammed out of millions of dollars. Dave shares good news about a group of scammers being apprehended and arrested. The catch of the day involves a Vietnamese investment offer that's almost too good to pass up on. Dave speaks with Dr. Richard Ford from Forcepoint about the models of trust.Links to stories in today's show: https://www.grahamcluley.com/hackers-steal-1-75-million-from-catholic-church-in-ohio/ https://www.justice.gov/usao-sdny/pr/nine-defendants-arrested-new-york-florida-and-texas-multimillion-dollar-wire-fraudHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Followup from listeners on Google search result scams. Dave describes the city of Ottawa sending $100K to a fraudster. Joe shares results from the FBI's Internet Crime Report. The catch of the day involves a dating site and an offer to be someone's "sugar daddy." Our guest is Andy Patel from F-Secure, describing how Twitter bots are amplifying divisive messages.Links to storys: https://www.cbc.ca/news/canada/ottawa/city-treasurer-sent-100k-to-fraudster-1.5088744 https://threatpost.com/fbi-bec-scam-losses-double/144038/ https://www.ic3.gov/media/annualreport/2018_IC3Report.pdf https://labsblog.f-secure.com/2019/04/03/discovering-hidden-twitter-amplification/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Dave and Joe answer a listener question about a mysterious Netflix account. Dave describes a service for Airbnb scammers. Joe explains a particularly "nasty" Instagram scam. Carole Theriault interviews cyber insurance expert Martin Overton from OMG Cyber. Links to stories: https://www.bleepingcomputer.com/news/security/the-nasty-list-phishing-scam-is-sweeping-through-instagram/  https://krebsonsecurity.com/2019/04/land-lordz-service-powers-airbnb-scams/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Asaf Cidon, an expert from Barracuda Networks specializing in spear phishing and social engineering, dives into the evolving landscape of online scams. He reveals alarming statistics about compromised credentials and educates listeners on the critical differences between spear phishing and traditional phishing. The discussion highlights a recent incident affecting millions and underscores the importance of multifactor authentication. Asaf also shares insights on protective measures businesses can adopt to thwart growing threats like business email compromise.