Hacking Humans

Dave's phone is blowing up with smishing attempts. Joe shares a story about fake license renewal attempts from The New Zealand Transportation Agency. The catch of the day flips the script on their attacker. Later in the show Carole Theriault speaks with Jamie Bartlett, the brains and host behind The Missing Cryptoqueen, an amazing BBC podcast about trying to get to the bottom of the OneCoin scam. Links to stories: Fresh Apple #Phishing found The catch of the day Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Dave has an account from a man who was almost scammed by an impersonation of his own close friend. Joe has the story of a sophisticated phishing scheme involving Microsoft Office 365. The catch of the day goes all the way back to the age of pirates. Carole Theriault interviews Andrew Brandt from Sophos regarding their 2020 threat report. Links to stories: Tricky Phish Angles for Persistence, Not Passwords SophosLabs 2020 Threat Report Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Dave has a master list of cyberbadness. Joe has some handy red flags this tax season straight from our beloved IRS. The catch of the day features an alluring proposition from someone who is probably not "Sofia". Our guest is Devon Kerr with Elastic Security Intelligence and Analytics who shares his insights about Ransomware. Links to stories: 7 types of virus – a short glossary of contemporary cyberbadness Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Dave has a warning from a galaxy far, far away. Joe has a report of a scam attempt on a listener who fancies fancy pens. The catch of the day features a Tinder dating app bot scam. Our guest is Dennis Dillman from Barracuda Networks, sharing his thoughts on employee training. Links to stories: https://www.bleepingcomputer.com/news/security/fake-star-wars-streaming-sites-steal-fans-credit-cards/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Today's episode is a re-broadcast of an episode from August 2018. Dave looks at Hollywood script pitch event scams. Joe describes a romance scam murder scheme. Spontaneously combusting ATM cards. Guest Jayson E. Street from SphereNY describes his security awareness engagements. Links to stories mentioned in this week's show: https://www.hollywoodreporter.com/news/why-are-wannabe-screenwriters-getting-scammed-1130919 https://nakedsecurity.sophos.com/2018/08/17/romance-scam-victim-allegedly-plotted-to-kill-her-mother-for-cash/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Joe's wife has been getting suspicious shipping notices. Dave describes a phone scam where crooks intercept phone calls. The catch of the day turns the tables on a would-be scammer. Carole Theriault speaks with Peter Draper from Gurucul about their 2020 Insider Threat Report. Links to stories: https://www.ctvnews.ca/canada/police-warn-of-new-phone-scam-where-criminals-intercept-your-calls-1.4706758 Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Dave describes a gas-pump hidden camera scam. Joe shares the story of a fraudulent Microsoft Windows Update notice. The catch of the day involves a scammer making use of an online celebrity's profile picture. Our guest is Karl Sigler from Trustwave with tips for staying safe online through the holidays. Links to stories: https://krebsonsecurity.com/2019/11/hidden-cam-above-bluetooth-pump-skimmer/ https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/fake-windows-update-spam-leads-to-cyborg-ransomware-and-its-builder/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Joe shares the story of a woman losing her life savings to a scammer claiming to be from the FBI. Dave describes the $139 shed scam. The catch of the day is another threat of revealing compromising photos. Carole Theriault speaks with Chris Bush from ObserveIT about security threats from employee burnout. Links to stories: https://www.wsj.com/articles/robocall-scams-exist-because-they-workone-womans-story-shows-how-11574351204 https://youtu.be/zFQUCCbodHc Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Dave wonders about Juice Jacking warnings. Joe shares findings from Agari's latest email fraud and identity deception report. The catch of the day promises romance in exchange for airline tickets. Our guests are David Spark and Allan Alford, cohosts of the Defense in Depth podcast. Links to stories: https://www.goodmorningamerica.com/travel/story/travelers-beware-juice-jacking-public-charging-stations-safely-67004765 https://www.agari.com/cyber-intelligence-research/e-books/q4-2019-report.pdf https://cisoseries.com/introducing-defense-in-depth-podcast/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Joe shares stories of typo-squatting. Dave reminds warns us against responding to malicious email, even just for fun. The catch of the day is from a listener, leading on a romance scammer. Carole Theriault returns with an interview with Chris Olson from The Media Trust on how targeted advertising can enable election interference. Links from this week's stories: https://www.securityweek.com/err-human-squat-criminal https://info.phishlabs.com/blog/dont-respond-suspicious-emails Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Joe shares a report on who's more susceptible for scams. Dave shares a story from a listener who what hit by a scam attempt while staying at a hotel. Our catch of the day involves an attempt to scam someone selling a motorcycle. Our guest is Maria Konnikova, an award-winning author, journalist, and international champion poker player. Her latest book is The Biggest Bluff. Links to stories: https://www.washingtonpost.com/business/2019/10/28/this-might-surprise-you-seniors-are-not-more-susceptible-scams-younger-adults-are/ https://www.ftc.gov/system/files/documents/reports/protecting-older-consumers-2018-2019-report-federal-trade-commission/p144401_protecting_older_consumers_2019_1.pdf https://twentytwowords.com/man-gets-revenge-on-craigslist-scammer-in-the-most-satisfying-way-imaginable/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Happy Halloween from Joe, Dave, and everyone at the CyberWire!

Dave describes a credential gathering scam targeting users of the Stripe online payment system. Joe responds to an email message from his boss, and learns a valuable lesson. Our catch of the day follows someone as they string along a text messaging scammer. Carole Theriault returns with an interview with J Bennett of Signifyd, an AI firm fighting romance scams. Links to stories: https://cofense.com/credential-phish-masks-scam-page-url-thwart-vigilant-users/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Joe has the story of a convincing scammer who makes an innocent woman doubt herself. Dave describes an online utility that helps users delete unwanted user accounts and also rates the difficulty of doing so. The catch of the day requests help in an investment scam (but lacks punctuation). Our guest is Henry Ajder from Deeptrace Labs on their research on Deep Fakes. Links to stories: https://www.walesonline.co.uk/news/wales-news/swansea-mum-scammed-out-1000-17065476 https://backgroundchecks.org/justdeleteme/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Dave describes a ponzi scheme that bought up legitimate investment firms. Joe shares research into deep fakes. The catch of the day includes an invitation to join the illuminati. Ray [REDACTED] returns with followup from his prior visit, along with new information to share. Links to stories: https://13wham.com/news/local/feds-in-rochester-to-detail-multi-million-dollar-ponzi-scheme https://nakedsecurity.sophos.com/2019/10/09/deepfakes-have-doubled-overwhelmingly-targeting-women/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Joe describes online redirect scams, URL encoding and the clever combination of the two. Dave shares delightful satire about Russian brides and Nigerian princes, together at last. The catch of the day involves a student getting the best of scammers, getting them to send him money. Our guest is Fabian Wosar from Emsisoft, well-known for decrypting ransomware. Links from today's stories - https://waterfordwhispersnews.com/2019/09/25/hot-woman-in-your-area-marries-nigerian-prince-whos-email-you-ignored/ https://www.thesun.co.uk/tech/10052181/student-limerick-online-scammer-charity/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Joe reviews highlights from a Proofpoint report on the human aspects of cyber attacks. Dave describes the FTC's cases against online dating site Match.com. The catch of the day comes straight from Her Majesty the Queen. Carole Theriault returns with an interview with Corin Imai, Senior Security advisor at DomainTools, about phishing attacks they’ve been tracking in the UK. Links to stories: https://www.helpnetsecurity.com/2019/09/10/cyberattacks-human-interaction/ https://techcrunch.com/2019/09/26/dating-app-maker-match-sued-by-ftc-for-fraud/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Joe outlines online threats from social media. Dave shares a story of scammers try to scare a community into purchasing security products. The catch of the day features a promise of riches from Facebook's Mark Zuckerberg. Our guest is Yaser Masoudnia from LastPass who addresses listener questions about Single Sign On. Links to stories: https://info.phishlabs.com/blog/how-social-media-is-abused-for-phishing-attacks http://www.pressandguide.com/news/police_fire/email-scam-trying-to-convince-dearborn-residents-crime-is-up/article_249b1f2c-cb34-11e9-a5b0-cf725769167a.html Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Special guest host Graham Cluley joins Dave while Joe takes a short break. Dave shares the success of the FBI's reWired campaign which has apprehended alleged scammers around the world. Graham describes a website hoping to spare users the hardship of multifactor authentication. The catch of the day involves a generous soccer star. Our guest is Matt Price from ZeroFOX with insights on Deep Fake technology. Links to today's stories: https://www.fbi.gov/news/stories/operation-rewired-bec-takedown-091019 https://dontduo.com/ https://www.smashingsecurity.com/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

A listener updates us on "notice of arrest" policies. Dave notes increased instances of Google Calendar spam. Joe shares a claim that AI voice mimicry was used to dupe a company out of nearly a quarter million dollars. (Dave is skeptical.) The catch of the day accuses the target of naughty behavior. Carole Theriault interviews ethical hacker Zoe Rose. Links to stories: https://www.popsci.com/google-calendar-spam-what-to-do/ https://www.wsj.com/articles/fraudsters-use-ai-to-mimic-ceos-voice-in-unusual-cybercrime-case-11567157402 Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Follow-up from down under. Joe shares the story of a Mom scammed out of Gaelic Football League tickets. Dave describes a bounty hunter hoaxing suicide threats to get location information from mobile providers. The catch of the day requires a response from the grave. Our guest is Ben Yelin, senior law and policy analyst from the University of Maryland Center for Health and Homeland Security. He digs in to a particular Facebook scam that refuses to die. Links to stories: https://m.independent.ie/irish-news/news/im-just-broken-up-mother-devastated-as-shes-scammed-out-of-money-while-trying-to-buy-allireland-final-tickets-38446401.html https://www.thedailybeast.com/feds-say-bounty-hunter-matthew-marre-used-suicide-hoax-to-con-verizon-t-mobile-out-of-customer-data Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Dave shares a story of digital voice assistants being channeled toward scammers. Joe tracks scammers taking advantage of social tools on the Steam gaming platform. The catch of the day involves South African kickbacks. Our guest is researcher/technologist Ray [REDACTED], who shares his expertise on scammers targeting SMS. Links to stories: https://nakedsecurity.sophos.com/2019/08/20/scammers-use-bogus-search-results-to-fool-voice-assistants/ https://www.bleepingcomputer.com/news/security/steam-accounts-being-stolen-through-elaborate-free-game-scam/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Joe describes a primitive (but effective) phishing scheme being tracked by Bleeping Computer. Dave shares news from a Black Hat presentation on phishing stats from Google. The catch of the day is a friendly invitation from Hawaii. Our guest is Michael Gillespie from Emsisoft describing the ID Ransomware project. Links from today's stories: https://www.bleepingcomputer.com/news/security/beware-of-emails-asking-you-to-confirm-your-unsubscribe-request/ https://www.fastcompany.com/90387855/we-keep-falling-for-phishing-emails-and-google-just-revealed-why https://id-ransomware.malwarehunterteam.com/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Dave shares the story of a small community hospital dealing with a ransomware attack. Joe reviews the different types of extortion emails. The catch of the day is an inheritance scam from Canada. Carole Theriault interviews Craig Silverman from Buzzfeed about online reputation management companies. Links to stories: https://www.azcentral.com/story/news/local/arizona/2019/07/30/how-4-technicians-saved-arizona-hospital-hacker-ransomware-wickenburg-community-hospital/1842572001/ https://www.bleepingcomputer.com/news/security/extortion-emails-on-the-rise-a-look-at-the-different-types/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Joe shares a cautionary Facebook tale from his own life. Dave has the story of an Australian IT company put out of business by scammers. The catch of the day tracks the response writer and comedian Dave Holmes had to scammers pretending to be from the IRS. Rachel Tobac from Social Proof Security returns with voting security information and the latest scams she's been tracking. Links to today's stories: https://www.crn.com.au/news/it-suppliers-forced-to-close-after-procurement-scam-528609 https://cheezburger.com/719877/troll-comedian-gets-a-scam-call-and-decides-to-play-along https://www.vampirecaveman.com/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Dave outlines a church donation scam. Joe shares reporting from Ars Technica on romance scams coming out of Africa. The catch of the day is courtesy of London comedian James Veitch Our guest is Garry Berman from Cyberman Security who's developed a cyber security comic book series to help raise awareness. Links to this week's stories: https://www.churchlawandtax.com/blog/2018/june/what-to-know-about-new-donation-scam.html https://arstechnica.com/information-technology/2019/07/im-not-100-with-anybody-ars-dissects-a-nigerian-twitter-catfish-scam/ https://www.boredpanda.com/funny-phishing-scam-emails-dot-con-james-veitch/ https://www.cyberheroescomics.com/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Joe shares a story on the market economy of phishing. Dave explains how gamers are being taken advantage of on popular chat app Discord. The catch of the day included a little bit of showbiz razzle-dazzle. Our anonymous guest this week shares his efforts to keep his father from falling for online scams. Links to stories: https://blogs.akamai.com/sitr/2019/06/phishing-factories-and-economies.html https://twitter.com/Splatter_Shah/status/1143556723266994176 Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Dave shares a listener story of scammers calling drug stores to try to gather customer rewards points. Joe describes federal contractors being scammed out of over $10 million of hardware, some of it classified communications equipment. The catch of the day starts with a bank email scam and ends with a Rick roll. Carole Theriault speaks with Michael Madon, head of security at Mimecast about the cyber security skills gap. Links to stories - https://qz.com/1661537/us-defense-contractor-falls-for-3-million-email-scam/ https://www.newshub.co.nz/home/entertainment/2018/01/man-sets-up-rick-astley-hotline-to-rescue-people-from-annoying-salespeople.html Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Joe shares the heartbreaking tale of a catphishing case that leads to murder. Dave describes a shoe company using an unusual method to trick engagement with an online ad. The catch of the day engages a Nigerian scammer promising a fortune in precious minerals. Dave interview Michael Coates, head of Altitude Networks and former CISO at Twitter. Links to this week's stories - https://www.nbcnews.com/news/us-news/after-alaska-teen-s-murder-cybersecurity-experts-warn-catfishing-predators-n1019536 https://medium.com/shanghaiist/chinese-shoe-company-tricks-people-into-swiping-instagram-ad-with-fake-strand-of-hair-54d8a2d8ec1d https://www.419eater.com/html/user_subs/godfather/godfather.htm https://altitudenetworks.com/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

We're taking a break for the Independence Day holiday in the US, so enjoy this episode from the early days of our show. Dave shares a story of airport penetration testing with high degree of yuck-factor. Joe explores research on protecting passwords from social engineering. The catch-of-the-day comes courtesy of Graham Cluley's email spam box. Dave interviews Wired's Security Staff Writer Lily Hay Newman on her article tracking Nigerian email scammers. Thanks to our show sponsor KnowBe4.

Dave shares the story of one Katie Jones, the fake online persona used to gain the confidence of high-status individuals. Joe describes the tragic case of Christine Lu, a Harvard Medical professor who was scammed out of her life savings. The Catch of the Day warns recipients not to trust the FBI. Carole Theriault interviews Akamai's Larry Cashdollar about scammers using Google Translate to obfuscate web sites. Links to this week's stories: https://www.apnews.com/bc2f19097a4c4fffaa00de6770b8a60d https://thispersondoesnotexist.com/ https://www.nbcboston.com/on-air/as-seen-on/Woman-Scammed-Into-Giving-Away-Life-Savings_NECN-511108952.html Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Joe shares the story of an elaborate check fraud scam involving HR impersonators. Dave reads an email from a listener who got phished by his own company, and has questions about authorization app vs. hardware keys. Our catch of the day involves an orphan looking to share her inheritance. Dave interviews author Perry Carpenter, who's new book is Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us about Driving Secure Behaviors. Links to stories: https://twitter.com/sigalow/status/1138918411394781185?s=12 https://www.yubico.com/2019/01/yubico-launches-the-security-key-nfc-and-a-private-preview-of-the-yubikey-for-lightning-at-ces-2019/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Dave describes researchers spotting scammers on dating sites using AI. Joe shares a phishing scheme that asks users to manage undelivered mail. The catch of the day involves cute puppies and Mogwai meat. Dave interview Avi Solomon, director of information technology for Rumberger, Kirk and Caldwell, an Orlando, Florida litigation firm. Links to today's stories: https://www.bbc.com/news/technology-48472811 https://arxiv.org/pdf/1905.12593.pdf https://www.bleepingcomputer.com/news/security/new-phishing-scam-asks-you-to-manage-your-undelivered-email/ https://www.419eater.com/html/tommy_mark.htm Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Joe describes one of history's great con artists, Victor Lustig, who sold the Eiffel Tower. Twice. Dave shares a story from a listener involving a UPS tracking number scam. The catch of the day involves am attempted romance scam on the XBOX platform. Dave interviews Sherri Davidoff, CEO of LMG Security and is the hacker named "Alien" in Jeremy Smith's book, "Breaking and Entering." She has her own book coming out this summer, "Data Breaches: Crisis and Opportunity." Links to this week's stories: http://mentalfloss.com/article/12809/smooth-operator-how-victor-lustig-sold-eiffel-tower https://community.ebay.com/t5/Archive-Shipping-Returns/Seller-Scam-UPS-Tracking-Shows-Delivered/td-p/26206551 Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Dave reviews Google's recent security report on basic account hygiene. Joe describes passive social engineering, including USB charging stations at airports. The catch of the day exposes a trunk box scam involving ill-gotten war profits. Carole Theriault speaks with the head of a group that call themselves Scam Survivors. Links to stories: https://security.googleblog.com/2019/05/new-research-how-effective-is-basic.html https://www.forbes.com/sites/suzannerowankelleher/2019/05/21/why-you-should-never-use-airport-usb-charging-stations/#4116498a5955 https://scamsurvivors.com/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

A listener writes in with the results of his phishing attempt on his wife. Joe describes research from F-Secure on the most dangerous email attachment types. Dave shares the story of scammers impersonating local hospitals to scare a response from their victims. Our catch of the day involves a LinkedIn scam impersonating a fighter pilot. Joe interviews Elissa Redmiles, an incoming assistant professor of computer science at Princeton University. She studies behavioral modeling to understand why people behave the way they do online. Links to stories from today's show: https://labsblog.f-secure.com/2019/05/08/spam-trends-top-attachments-and-campaigns/ https://www.nbc15.com/content/news/Text-message-scam-impersonates-local-hospitals-509615981.html Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

It's a special edition of the Hacking Humans show recorded live at the KB4CON conference in Orlando, FL. Join Joe, Dave and their special guests Stu Sjouwerman, KnowBe4's CEO, and Kevin Mitnick, world-famous hacker and KnowBe4's chief hacking officer, as they discuss malicious scams making the rounds and how to protect yourself and your organization against them. Dave describes a late-night phone call scam, Joe explains a Social Security scheme, Stu shares deadly catch of the day, and Kevin shares stories from his own hacking experience, and takes questions from the audience. Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Joe describes a church scammed out of millions of dollars. Dave shares good news about a group of scammers being apprehended and arrested. The catch of the day involves a Vietnamese investment offer that's almost too good to pass up on. Dave speaks with Dr. Richard Ford from Forcepoint about the models of trust. Links to stories in today's show: https://www.grahamcluley.com/hackers-steal-1-75-million-from-catholic-church-in-ohio/ https://www.justice.gov/usao-sdny/pr/nine-defendants-arrested-new-york-florida-and-texas-multimillion-dollar-wire-fraud Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Followup from listeners on Google search result scams. Dave describes the city of Ottawa sending $100K to a fraudster. Joe shares results from the FBI's Internet Crime Report. The catch of the day involves a dating site and an offer to be someone's "sugar daddy." Our guest is Andy Patel from F-Secure, describing how Twitter bots are amplifying divisive messages. Links to storys: https://www.cbc.ca/news/canada/ottawa/city-treasurer-sent-100k-to-fraudster-1.5088744 https://threatpost.com/fbi-bec-scam-losses-double/144038/ https://www.ic3.gov/media/annualreport/2018_IC3Report.pdf https://labsblog.f-secure.com/2019/04/03/discovering-hidden-twitter-amplification/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Dave and Joe answer a listener question about a mysterious Netflix account. Dave describes a service for Airbnb scammers. Joe explains a particularly "nasty" Instagram scam. Carole Theriault interviews cyber insurance expert Martin Overton from OMG Cyber. Links to stories: https://www.bleepingcomputer.com/news/security/the-nasty-list-phishing-scam-is-sweeping-through-instagram/ https://krebsonsecurity.com/2019/04/land-lordz-service-powers-airbnb-scams/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Followup from an Australian listener. Dave shares a Paypal scam leveraging Google ads. Joe describes TechCrunch reporting on a spam service that was left out in the open. The catch of the day promises a lifetime supply of gold. Dave interviews Asaf Cidon from Barracuda Networks https://techcrunch.com/2019/04/02/inside-a-spam-operation/ https://www.barracuda.com/spear-phishing-report Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Joe describes a study of people's perceptions when presented with a magic trick. Dave shares the story of fake boyfriend app. Our catch of the day involves the promise of millions from a bank in Africa. Dave interviews Chris Parker from WhatIsMyIPaddress.com. Links to stories: http://nautil.us/issue/70/variables/a-magician-explains-why-we-see-whats-not-there https://youtu.be/vJG698U2Mvo https://www.pedestrian.tv/tech/fake-boyfriend-app/ https://whatismyipaddress.com/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Dave describes a survey of call center security methods. Joe explains a spam campaign raising the specter of a flu pandemic to scare people into enabling macros in an Office document. The catch of the day highlights a Facebook scammer promising a prize-winning windfall. Carole Theriault returns with a story about special badges Girls Scouts can earn for cyber security. Links to stories: https://marketing.trustid.com/acton/attachment/32513/f-0039/1/-/-/-/-/TRUSTID_2018_State_of_Call_Center_Authentication_Survey.pdf https://www.bleepingcomputer.com/news/security/fake-cdc-emails-warning-of-flu-pandemic-push-ransomware/ http://blog.girlscouts.org/2018/07/girl-scouts-introduces-30-new-badges-to.html Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Followup on remotely previewing websites. Joe has the story of scammer bilking Facebook and Google out of millions. Dave reviews best practices for deleting data on devices you dispose of. The catch of the day is an offer of criminal partnering with the CIA. Our guest is Jeremy N. Smith, author of the book Breaking and Entering - the extraordinary story of a hacker called Alien. Links from today's stories: https://urlscan.io/ https://www.theregister.co.uk/2019/03/21/facebook_google_scam/ https://blog.rapid7.com/2019/03/19/buy-one-device-get-data-free-private-information-remains-on-donated-devices/ https://www.amazon.com/dp/B0789KP775 Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

A listener recommends an online tool for safely previewing web sites. Dave shares research on what time of the work week is best for scams. Joe explains credential stuffing. Our guest is Frances Dewing, the CEO and co-founder of Rubica. They recently published a report on how crooks are accessing parents’ mobile devices via apps their kids load. Links to stories mentioned in today's show: https://screenshot.guru/ https://www.aarp.org/money/scams-fraud/info-2019/phone-scams-peak-time.html https://www.digitalnewsasia.com/insights/how-lose-money-credential-stocking-stuffers https://rubica.com/wp-content/uploads/2019/02/Rubica-Report-Cyber-Crime-Privacy-Risks-in-Free-Mobile-Kids-Apps.pdf Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Joe tracks the surprising number of malicious links hosted on legit websites and why it's dangerous. Dave describes an extortion scheme targeting podcasters. Our catch of the day involves a lonely Russian woman promoting a dating site. Dave interviews Gary Noesner, author of Stalling for Time: My Life as an FBI Hostage Negotiator. Links to stories mentioned in today's show: https://www-cdn.webroot.com/9315/5113/6179/2019_Webroot_Threat_Report_US_Online.pdf https://rebelbasemedia.io/podcast-review-extortion/ https://www.amazon.com/Stalling-Time-Life-Hostage-Negotiator/dp/1400067251 Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Followup on last week's TLD discussion. Dave shares a sextortion scam with a tragic ending. Joe highlights conveyance scams that rely on certain days of the week. Our catch of the day features a wealthy Londoner hoping to pass on her fortune. Guest Dale Zabriskie from Proofpoint has results from their State of the Phish report. Links to stories: https://www.dailymail.co.uk/news/article-6744421/Army-veteran-PTSD-committed-suicide-targeted-prison-inmates-sextortion-scam.html https://www.todaysconveyancer.co.uk/main-news/law-firms-wising-up-conveyancing-scams/ https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/45597.pdf Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Joe describes fraudsters taking advantage of top-level domain name confusion. Dave explains how a Google Nest security system shipped with an undocumented microphones. Our catch of the day involves a postcard missed package campaign. Our guest is Matt Devost from OODA LLC describing their work protecting high-net-worth individuals. Links to today's stories: https://rebootcamp.militarytimes.com/news/your-air-force/2019/02/13/watch-out-for-fake-dod-websites-like-this/ https://nakedsecurity.sophos.com/2019/02/21/sorry-we-didnt-mean-to-keep-that-secret-microphone-a-secret-says-google/ Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

We've got followup from a listener on cognitive dissonance and behavioral science. Dave shares a listener story about a University Dean's List scam. Joe shares statistics from a government agency phishing test. Our catch of the day involves funds from the FBI, the IMF, and yes, Nigeria. Dave interviews Crane Hassold from Agari with phishing trends they've been tracking, plus his experiences as a former FBI agent. Links to stories in today's show: https://fcw.com/articles/2019/02/11/cyber-phishing-oig-fhfa.aspx Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

On this Valentines Day edition of Hacking Humans, Joe and Dave examine romance scams, including the sad tale of woman bilked out of hundreds of thousands of dollars. There's a silly, non-murdering catch of the day, and Dave interviews Max Kilger from UTSA on the six motivations of bad actors. Links to today's stories: https://www.bbb.org/article/news-releases/17057-online-romance-scams-a-bbb-study-on-how-scammers-use-impersonation-blackmail-and-trickery-to-steal-from-unsuspecting-daters https://www.aarp.org/money/scams-fraud/info-2015/online-dating-scam.html Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.