Hacking Humans

We've got followup on bank scams and ransomware. Joe describes a highly sophisticated multinational business scam. Dave shares a story about private school parents falling for a Bitcoin discount scam. Our guest is Jordan Harbinger, host of The Jordan Harbinger Show, with insights on influence and social engineering. Links to this week's stories:https://www.cpomagazine.com/cyber-security/cyber-fraud-by-chinese-hackers-makes-headlines-in-india/https://www.bbc.com/news/uk-england-tyne-46920810Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Dave reviews tips on protecting yourself from ransomware. Joe describes a clever way to trick people into enabling macros. An attempt at celebrity friendship is our catch of the day. Carole Theriault returns and speaks with Dr. Jessica Barker from Cygenta about effective training techniques.Links to stories mentioned: https://www.csoonline.com/article/3331981/ransomware/how-to-protect-backups-from-ransomware.html https://myonlinesecurity.co.uk/agent-tesla-reborn-via-fake-order/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter. 

Joe shares the tale of a prisoner running a variety of romance scams from the inside. Dave outlines direct deposit scams. The catch of the day is a clever variation from (where else?) Nigeria. Our guest is Sam Small from ZeroFox.Links to stories: https://hubpages.com/politics/The-Games-That-Inmates-Play https://ogletree.com/shared-content/content/blog/2018/january/diverting-employees-payroll-direct-deposits-the-latest-wave-of-phishing-scamshttps://www.kansas.com/news/local/crime/article223873805.htmlHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Dave warns of scammers gaining access to homes by pretending to be workers from the local utility company. Joe shares a story of a sophisticated bank transfer scam in the UK. Our catch of the day outlines an attempted email scam targeting an architectural firm. Carole Theriault is back with the second part of her interview with the pen tester who goes by the name freaky clown.Links to today's stories: https://www.wxyz.com/news/michigan-energy-company-warns-of-increase-in-imposters-trying-to-enter-homes https://inews.co.uk/inews-lifestyle/money/lost-19960-life-savings-phone-scam-natwestHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Joe describes a reply-all scenario gone wrong. Dave explains the criminal use of steganography in memes as a command and control technique. Our catch-of-the-day features alluring photos texted to an unimpressed listener. Carole Theriault interviews physical pen tester Freaky Clown. Links to stories mentioned in this week's show: https://blog.trendmicro.com/trendlabs-security-intelligence/cybercriminals-use-malicious-memes-that-communicate-with-malware/https://www.cygenta.co.uk/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter

We follow up on critical feedback of last week's show. Dave describes how online extortionists have pivoted from sex to explosives. We've got an auto-responding catch of the day from one of Joe's colleagues. Guest is Sean Brooks, Director of the Citizen Clinic and a Research Fellow at the Center for Long-Term Cybersecurity at UC Berkeley. He shares their research into online attacks of politically vulnerable organizations.From our EV certs follow-up: https://www.troyhunt.com/extended-validation-certificates-are-dead/ https://casecurity.org/2018/12/06/ca-security-council-casc-2019-predictions-the-good-the-bad-and-the-ugly/Bomb threat catch of the day:https://www.zdnet.com/article/extortion-emails-carrying-bomb-threats-cause-panic-across-the-us/Sean Brooks interview:Report: http://cltc.berkeley.edu/defendingpvos/Clinic: http://cltc.berkeley.edu/citizen-clinic/ Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Joe describes a Nigerian gang called London Blue that focuses on business email compromise. Dave shares surprising Cyber Monday phishing statistics. Guest Chris Bailey from Entrust Datacard teaches us how to detect lookalike sites online and better protect ourselves from fraud.Links to today's stories: https://www.agari.com/insights/whitepapers/london-blue-report/ https://www.zscaler.com/blogs/research/cyber-monday-biggest-day-cyberattacks-not-long-shotHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Listener follow-up on a URL issue. Dave describes an elderly couple scammed out of savings. Joe wonders if it's wise to unsubscribe. Guest Andre McGregor from TLDR Capital describes his work as a former FBI agent, and his experience consulting on Mr. Robot.Bank account transfer scam:https://abc11.com/troubleshooter-durham-couple-loses-$8900-in-computer-virus-scam/4782799/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Joe explains URLs and DNS. Dave has tips to prevent holiday skimming. A bogus bank barrister is the catch of the day. Writer Ben Yagoda explains cognitive biases.Links:Wikipedia page on URLs -https://en.wikipedia.org/wiki/URLTips to prevent skimming -  https://www.social-engineer.org/newsletter/social-engineer-newsletter-vol-07-issue-96/ Ben Yagoda's article from the Atlantic - https://www.theatlantic.com/magazine/archive/2018/09/cognitive-bias/565775/Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Listener feedback on the "Can you hear me?" scam. Dave shares an ongoing Elon Musk Bitcoin giveaway scam. Joe describes the malicious use of a compromised DHL email address. This week's catch of the day comes from down under. (Apologies to the fine citizens of Australia.) Carole Theriault returns with an interview with MimeCast's Matthew Gardiner. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.