Hacking Humans

Hacking Humans

thecyberwire.com/podcasts/hacking-humans
Deception, influence, and social engineering in the world of cyber crime.


Presenting: NMAP (noun) - Word Notes
Aug 11 • 3 min
A network mapping tool that pings IP addresses looking for a response and can discover host names, open communications ports, operating system names and versions. Written and maintained by Gordon Lyon, a.k.a. Fyodor, it is a free and open source software…
Ignore the actor, focus on the behavior.
Aug 6 • 33 min
Dave shares an horrific cyberstalking story from the local area, Joe’s story is about a phishing campaign impersonating voicemail alerts, The Catch of the Day is an HR front for a check floating scam, and later in the show, Dave’s conversation with…
Be the custodian of your own digital identity.
Jul 30 • 33 min
Dave talks about a deepfake recording impersonating a CEO, Joe’s story is about a new phishing campaign, The Catch of the Day is a very persistent cash app scammer, and later in the show, Dave’s conversation with Bruce Esposito from One Identity on…
Never think of security as a destination.
Jul 23 • 36 min
Dave talks about gift card scams associated with YouTube live streams, Joe’s story is about a scam impersonating Canadian hospital staff, The Catch of the Day is phish impersonating a small game developer going after podcasters, and later in the show,…
A little dose of skepticism.
Jul 16 • 34 min
We have some listener follow-up sharing dnstwister.report site, Dave has a story of consent phishing, Joe talks about calendar invite phishing, The Catch of the Day is a lazy money multiplying scam, and later in the show, Dave’s conversation with Don…
Send me money so I know you are real.
Jul 9 • 37 min
We have some follow-up, and this time, Joe was not right, Dave’s story is about poison-selling scam, Joe about an impersonation site, The Catch of the Day claims to be notice of a United Nations payment, and later in the show, Dave’s conversation with…
Because they deserve the money!
Jul 2 • 36 min
Dave’s story shows Macs are not immune, Joe talks about a dark place in his soul (aka survey scams), some listener follow-up saying Joe was right!, The Catch of the Day an advanced fee scam from the US government, and later in the show, Dave’s…
Close in your pajamas.
Jun 25 • 36 min
Joe shares a different spin on ransom attacks, Dave has a story on phone number reuse, The Catch of the Day is a notice from British Gas (accent included), and later in the show, Dave’s conversation with Stan Holland from Atlantic Bay Mortgage on their…
It can happen to anybody.
Jun 18 • 44 min
Dave shares a story of an attempt on his father’s Verizon account, Joe has the story of an Amazon gift card phishing attempt, The Catch of the Day is a funny phishing email, and later in the show, Joe checks in with Kurtis Minder from GroupSense. They dig…
Taking a selfie with your ID.
Jun 11 • 38 min
Joe talks about HROs (High Reliability Organizations), Dave has a scam on Upwork gigs, The Catch of the Day talks about giving a scammer the runaround, and later in the show our interview with Sanjay Gupta from Mitek on how cybercriminals are capitalizing…
Presenting: Ask more people to dance. - Career Notes
Jun 9 • 5 min
Introducing the newest podcast in the CyberWire family - Career Notes. Each week we’re going to step inside the diverse and fascinating worlds of cybersecurity professionals around the globe and hear their personal stories in their own words. This will be…
Seniors and millennials more alike than people think.
Jun 4 • 35 min
Dave has a ransomware story from inside a virtual machine, Joe talks phishing with Google firebase storage URLs, some listener follow-up, The Catch of the Day comes from Joe’s daughter and “Apple”, and later in the show our interview with Paige Schaffer…
Wearing a mask in the Oval Office.
May 28 • 43 min
Joe shares his Classic Cons Part 3, Dave has an Apple device scam story, The Catch of the Day is your assassination heads-up, and later in the show our interview with Jonna Mendez, retired CIA intelligence officer and former Chief of Disguise. Link to…
HH Extra - Happy 100 shows!
May 28 • 8 min
We’d like to thank you, our dear listeners, for sticking with us and our podcast through thick and thin, bad accents and even worse ones, with this - a collection of some of our favorite Catch of the Day segments. From Australia to Brazil, Italy to the…
How scammers fill the gap.
May 21 • 36 min
Dave has a story on a possible Disney-styled phishing email, Joe has the skinny on a circular pyramid scheme, some listener follow-up, The Catch of the Day is a YouTube verification badge for you, and later in the show our interview with Neill Feather…
Every day you’re a firefighter.
May 14 • 37 min
Dave and Joe have a follow up for a listener, Joe has two stories on different levels of effort of phishing schemes, The Catch of the Day is looking for a sugar baby, and later in the show our interview with Marcus Carey, enterprise architect at…
Exploiting our distractions.
May 7 • 35 min
Dave has the story of PR firms selling lies online, Joe has the story of a sophisticated Business Email Compromise attack, The Catch of the Day advises you to update your account information IMMEDIATELY, and later in the show our interview with Dave…
Passwords are the easiest things to steal.
Apr 30 • 43 min
Joe takes a look at a massive sextortion spam scheme, Dave has some advice for all of us, the Catch of the Day comes from down under, and later in the show our conversation with Andrew Shikiar, Executive Director and Chief Marketing Officer at FIDO…
Wallet inspector.
Apr 23 • 35 min
Dave warns of fake QR code websites stealing Bitcoin, Joe has the return of classic cons, the Catch of the Day forgets one crucial element, and later in the show, our interview with Kurtis Minder. He’s with a company called Groupsense and they’ve been…
They’re getting smart, but we’re getting smarter.
Apr 16 • 27 min
Joe has the story of a cold-calling conman, Dave has a story of vindication for seniors who lost money in phone scams, the Catch of the Day has Joe doing his research, and later in the show my conversation with Dustin Warren from SpyCloud. His team has…
Even famous people get scammed.
Apr 9 • 35 min
Dave has the story of a Walking Dead actress raising money for a scammer, Joe has an article warning of Government websites giving bad security advice, the Catch of the Day tries to put the fear of God in it’s victim, and later in the show Carole…
Shedding light on the human element.
Apr 2 • 32 min
Joe has the story of a very exposing scam, Dave has the scoop on a rare BadUSB attack, The Catch of the Day is a ‘lame scammer who needs to get a life’ and later in the show our conversation with Tom Miller from ClearForce on continuous discovery in the…
Paging Dr. Dochterman.
Mar 26 • 42 min
Dave shares an example of modern-day snake oil, Joe brings us his favorite old-time scams, the Catch of the Day is straight from Dr. Dochterman - you really can’t make this stuff up - and later in the show Joe speaks with Scott Knauss - a security…
Disinformation vs. misinformation.
Mar 19 • 30 min
Dave shares the story of a malicious website posing as a Coronavirus map supposedly from Johns Hopkins University, Joe has the story of an elderly woman who lost a lot of money to two men claiming her grandson was in a car accident, the Catch of the Day’s…
Winking emoji.
Mar 12 • 32 min
Joe shares the story of a phishing website posing as the Singapore Police site, Dave shares a harmful, simple little message, the Catch of the Day drags her scammer through the mud and asks if he wants his casserole dish back. Later in the show our…
Don’t go looking for morality here.
Mar 5 • 38 min
Dave has a story of an investment scam featuring celebrities, Joe warns of scams surrounding the Coronavirus, the Catch of the Day features Joe’s son-in-law’s adventure with thousands of bot infiltrations, and later in the show, Dave’s extended interview…
The art of cheating.
Feb 27 • 34 min
Joe shares some insights into the art of cheating travelers, Dave has a story of a woman facing drug charges trying to kidnap another woman’s baby, an update on last week’s bizarre phone scam, The Catch of the Day features otters, sexy ham, frustrated…
Hi, I’m trying to steal your money.
Feb 20 • 30 min
Dave shares the most bizarrely honest phone scam of all time, Joe has a pretend PayPal phishing scam, the Catch of the Day finally lets Dave show us his best Blanche Devereaux, and later in the show Christopher Hadnagy from Social Engineer LLC returns…
Fake news and misplaced trust.
Feb 13 • 34 min
Joe shares a collection of romance scams from the great plains, Dave has a report which uncovered a root system of fake news, the catch of the day comes straight from… Warren Buffett? Later in the show Carole Theriault speaks with Lisa Forte from Red Goat…
I wouldn’t want my computer to be disappointed.
Feb 6 • 30 min
Dave finally has good news. Joe shares a fake website created by the US Trading Commission… which doesn’t exist. The catch of the day threatens FULL DATA LOSS! Later in the show, Anna Collard is the founder of security content publisher of Popcorn…
They had no idea.
Jan 30 • 31 min
Dave shares a particularly exposing sextortion scam. Joe has a story of a million-dollar scam that targeted college students in Miami just trying to pay their tuition. The catch of the day comes straight from The U.S. President. Later in the show, part…
Flipping the script.
Jan 23 • 31 min
Dave’s phone is blowing up with smishing attempts. Joe shares a story about fake license renewal attempts from The New Zealand Transportation Agency. The catch of the day flips the script on their attacker. Later in the show Carole Theriault speaks with…
Life in the (second) age of pirates.
Jan 16 • 32 min
Dave has an account from a man who was almost scammed by an impersonation of his own close friend. Joe has the story of a sophisticated phishing scheme involving Microsoft Office 365. The catch of the day goes all the way back to the age of pirates.…
Ransomware is a reality.
Jan 9 • 29 min
Dave has a master list of cyberbadness. Joe has some handy red flags this tax season straight from our beloved IRS. The catch of the day features an alluring proposition from someone who is probably not “Sofia”. Our guest is Devon Kerr with Elastic…
Leading by example and positive reenforcement.
Jan 2 • 29 min
Dave has a warning from a galaxy far, far away. Joe has a report of a scam attempt on a listener who fancies fancy pens. The catch of the day features a Tinder dating app bot scam. Our guest is Dennis Dillman from Barracuda Networks, sharing his thoughts…
Telling The Truth In A Dishonest Way - Rebroadcast
Dec 26, 2019 • 30 min
Today’s episode is a re-broadcast of an episode from August 2018. Dave looks at Hollywood script pitch event scams. Joe describes a romance scam murder scheme. Spontaneously combusting ATM cards. Guest Jayson E. Street from SphereNY describes his security…
Managing access and insider threats.
Dec 19, 2019 • 32 min
Joe’s wife has been getting suspicious shipping notices. Dave describes a phone scam where crooks intercept phone calls. The catch of the day turns the tables on a would-be scammer. Carole Theriault speaks with Peter Draper from Gurucul about their 2020…
If you didn’t ask for it don’t install it.
Dec 12, 2019 • 28 min
Dave describes a gas-pump hidden camera scam. Joe shares the story of a fraudulent Microsoft Windows Update notice. The catch of the day involves a scammer making use of an online celebrity’s profile picture. Our guest is Karl Sigler from Trustwave with…
I really wanted that shed.
Dec 5, 2019 • 30 min
Joe shares the story of a woman losing her life savings to a scammer claiming to be from the FBI. Dave describes the $139 shed scam. The catch of the day is another threat of revealing compromising photos. Carole Theriault speaks with Chris Bush from…
Security has to be friendly.
Nov 21, 2019 • 27 min
Dave wonders about Juice Jacking warnings. Joe shares findings from Agari’s latest email fraud and identity deception report. The catch of the day promises romance in exchange for airline tickets. Our guests are David Spark and Allan Alford, cohosts of…
Skepticism is the first step.
Nov 14, 2019 • 31 min
Joe shares stories of typo-squatting. Dave reminds warns us against responding to malicious email, even just for fun. The catch of the day is from a listener, leading on a romance scammer. Carole Theriault returns with an interview with Chris Olson from…
When you are the target, objectivity is gone.
Nov 7, 2019 • 29 min
Joe shares a report on who’s more susceptible for scams. Dave shares a story from a listener who what hit by a scam attempt while staying at a hotel. Our catch of the day involves an attempt to scam someone selling a motorcycle. Our guest is Maria…
The Malware Mash!
Oct 31, 2019 • 3 min
Happy Halloween from Joe, Dave, and everyone at the CyberWire!
Don’t dismiss the fraudsters.
Oct 31, 2019 • 33 min
Dave describes a credential gathering scam targeting users of the Stripe online payment system. Joe responds to an email message from his boss, and learns a valuable lesson. Our catch of the day follows someone as they string along a text messaging…
The ability to fundamentally deceive someone.
Oct 24, 2019 • 30 min
Joe has the story of a convincing scammer who makes an innocent woman doubt herself. Dave describes an online utility that helps users delete unwanted user accounts and also rates the difficulty of doing so. The catch of the day requests help in an…
The fallacy of futility.
Oct 17, 2019 • 28 min
Dave describes a ponzi scheme that bought up legitimate investment firms. Joe shares research into deep fakes. The catch of the day includes an invitation to join the illuminati. Ray [REDACTED] returns with followup from his prior visit, along with new…
Don’t trust ransomware to tell you its real name.
Oct 10, 2019 • 29 min
Joe describes online redirect scams, URL encoding and the clever combination of the two. Dave shares delightful satire about Russian brides and Nigerian princes, together at last. The catch of the day involves a student getting the best of scammers,…
The ultimate hacking tool.
Oct 3, 2019 • 31 min
Joe reviews highlights from a Proofpoint report on the human aspects of cyber attacks. Dave describes the FTC’s cases against online dating site Match.com. The catch of the day comes straight from Her Majesty the Queen. Carole Theriault returns with an…
The usefulness of single sign on.
Sep 26, 2019 • 28 min
Joe outlines online threats from social media. Dave shares a story of scammers try to scare a community into purchasing security products. The catch of the day features a promise of riches from Facebook’s Mark Zuckerberg. Our guest is Yaser Masoudnia from…
Algorithms controlling truth in our society.
Sep 19, 2019 • 29 min
Special guest host Graham Cluley joins Dave while Joe takes a short break. Dave shares the success of the FBI’s reWired campaign which has apprehended alleged scammers around the world. Graham describes a website hoping to spare users the hardship of…
An ethical hacker can be a teacher.
Sep 12, 2019 • 33 min
A listener updates us on “notice of arrest” policies. Dave notes increased instances of Google Calendar spam. Joe shares a claim that AI voice mimicry was used to dupe a company out of nearly a quarter million dollars. (Dave is skeptical.) The catch of…
Think before you post.
Sep 5, 2019 • 29 min
Follow-up from down under. Joe shares the story of a Mom scammed out of Gaelic Football League tickets. Dave describes a bounty hunter hoaxing suicide threats to get location information from mobile providers. The catch of the day requires a response from…
Securing your SMS.
Aug 29, 2019 • 30 min
Dave shares a story of digital voice assistants being channeled toward scammers. Joe tracks scammers taking advantage of social tools on the Steam gaming platform. The catch of the day involves South African kickbacks. Our guest is researcher/technologist…
Backups backups backups.
Aug 22, 2019 • 28 min
Joe describes a primitive (but effective) phishing scheme being tracked by Bleeping Computer. Dave shares news from a Black Hat presentation on phishing stats from Google. The catch of the day is a friendly invitation from Hawaii. Our guest is Michael…
Swamping search results for reputation management.
Aug 15, 2019 • 34 min
Dave shares the story of a small community hospital dealing with a ransomware attack. Joe reviews the different types of extortion emails. The catch of the day is an inheritance scam from Canada. Carole Theriault interviews Craig Silverman from Buzzfeed…
Positive pretexting on the rise.
Aug 8, 2019 • 29 min
Joe shares a cautionary Facebook tale from his own life. Dave has the story of an Australian IT company put out of business by scammers. The catch of the day tracks the response writer and comedian Dave Holmes had to scammers pretending to be from the…
Images are the language of the brain.
Aug 1, 2019 • 29 min
Dave outlines a church donation scam. Joe shares reporting from Ars Technica on romance scams coming out of Africa. The catch of the day is courtesy of London comedian James Veitch Our guest is Garry Berman from Cyberman Security who’s developed a cyber…
Looking after Dad.
Jul 25, 2019 • 30 min
Joe shares a story on the market economy of phishing. Dave explains how gamers are being taken advantage of on popular chat app Discord. The catch of the day included a little bit of showbiz razzle-dazzle. Our anonymous guest this week shares his efforts…
The skills gap disconnect.
Jul 18, 2019 • 33 min
Dave shares a listener story of scammers calling drug stores to try to gather customer rewards points. Joe describes federal contractors being scammed out of over $10 million of hardware, some of it classified communications equipment. The catch of the…
Know and spot the patterns.
Jul 11, 2019 • 32 min
Joe shares the heartbreaking tale of a catphishing case that leads to murder. Dave describes a shoe company using an unusual method to trick engagement with an online ad. The catch of the day engages a Nigerian scammer promising a fortune in precious…
Encore — Separating fools from money.
Jul 4, 2019 • 29 min
We’re taking a break for the Independence Day holiday in the US, so enjoy this episode from the early days of our show. Dave shares a story of airport penetration testing with high degree of yuck-factor. Joe explores research on protecting passwords from…
Be wary of all emails.
Jun 27, 2019 • 34 min
Dave shares the story of one Katie Jones, the fake online persona used to gain the confidence of high-status individuals. Joe describes the tragic case of Christine Lu, a Harvard Medical professor who was scammed out of her life savings. The Catch of the…
The knowledge / intention behavior gap.
Jun 20, 2019 • 29 min
Joe shares the story of an elaborate check fraud scam involving HR impersonators. Dave reads an email from a listener who got phished by his own company, and has questions about authorization app vs. hardware keys. Our catch of the day involves an orphan…
Just because I trusted you yesterday doesn’t mean I trust you today.
Jun 13, 2019 • 29 min
Dave describes researchers spotting scammers on dating sites using AI. Joe shares a phishing scheme that asks users to manage undelivered mail. The catch of the day involves cute puppies and Mogwai meat. Dave interview Avi Solomon, director of information…
The best way to break in is to walk through the front door.
Jun 6, 2019 • 29 min
Joe describes one of history’s great con artists, Victor Lustig, who sold the Eiffel Tower. Twice. Dave shares a story from a listener involving a UPS tracking number scam. The catch of the day involves am attempted romance scam on the XBOX platform. Dave…
Be willing to admit you don’t know everything.
May 30, 2019 • 33 min
Dave reviews Google’s recent security report on basic account hygiene. Joe describes passive social engineering, including USB charging stations at airports. The catch of the day exposes a trunk box scam involving ill-gotten war profits. Carole Theriault…
People aren’t perfectly rational.
May 23, 2019 • 29 min
A listener writes in with the results of his phishing attempt on his wife. Joe describes research from F-Secure on the most dangerous email attachment types. Dave shares the story of scammers impersonating local hospitals to scare a response from their…
Live at KB4CON 2019.
May 16, 2019 • 45 min
It’s a special edition of the Hacking Humans show recorded live at the KB4CON conference in Orlando, FL. Join Joe, Dave and their special guests Stu Sjouwerman, KnowBe4’s CEO, and Kevin Mitnick, world-famous hacker and KnowBe4’s chief hacking officer, as…
A data-driven approach to trust.
May 9, 2019 • 29 min
Joe describes a church scammed out of millions of dollars. Dave shares good news about a group of scammers being apprehended and arrested. The catch of the day involves a Vietnamese investment offer that’s almost too good to pass up on. Dave speaks with…
Twitter bots amplifying divisive messages.
May 2, 2019 • 27 min
Followup from listeners on Google search result scams. Dave describes the city of Ottawa sending $100K to a fraudster. Joe shares results from the FBI’s Internet Crime Report. The catch of the day involves a dating site and an offer to be someone’s “sugar…
Let’s play, “Covered by cyber insurance — true or false?”
Apr 25, 2019 • 34 min
Dave and Joe answer a listener question about a mysterious Netflix account. Dave describes a service for Airbnb scammers. Joe explains a particularly “nasty” Instagram scam. Carole Theriault interviews cyber insurance expert Martin Overton from OMG Cyber.…
I have been practicing honesty and truthfulness my whole life.
Apr 18, 2019 • 30 min
Followup from an Australian listener. Dave shares a Paypal scam leveraging Google ads. Joe describes TechCrunch reporting on a spam service that was left out in the open. The catch of the day promises a lifetime supply of gold. Dave interviews Asaf Cidon…
Scammers have no ethics whatsoever.
Apr 11, 2019 • 29 min
Joe describes a study of people’s perceptions when presented with a magic trick. Dave shares the story of fake boyfriend app. Our catch of the day involves the promise of millions from a bank in Africa. Dave interviews Chris Parker from…
Girl Scouts empowering cyber security leaders.
Apr 4, 2019 • 32 min
Dave describes a survey of call center security methods. Joe explains a spam campaign raising the specter of a flu pandemic to scare people into enabling macros in an Office document. The catch of the day highlights a Facebook scammer promising a…
Pick a persona to match the goal.
Mar 28, 2019 • 29 min
Followup on remotely previewing websites. Joe has the story of scammer bilking Facebook and Google out of millions. Dave reviews best practices for deleting data on devices you dispose of. The catch of the day is an offer of criminal partnering with the…
Kids are a great target.
Mar 21, 2019 • 34 min
A listener recommends an online tool for safely previewing web sites. Dave shares research on what time of the work week is best for scams. Joe explains credential stuffing. Our guest is Frances Dewing, the CEO and co-founder of Rubica. They recently…
When we rush we make bad decisions.
Mar 14, 2019 • 28 min
Joe tracks the surprising number of malicious links hosted on legit websites and why it’s dangerous. Dave describes an extortion scheme targeting podcasters. Our catch of the day involves a lonely Russian woman promoting a dating site. Dave interviews…
Don’t assume younger people get it.
Mar 7, 2019 • 27 min
Followup on last week’s TLD discussion. Dave shares a sextortion scam with a tragic ending. Joe highlights conveyance scams that rely on certain days of the week. Our catch of the day features a wealthy Londoner hoping to pass on her fortune. Guest Dale…
Delivering yourself to a kidnapper.
Feb 28, 2019 • 29 min
Joe describes fraudsters taking advantage of top-level domain name confusion. Dave explains how a Google Nest security system shipped with an undocumented microphones. Our catch of the day involves a postcard missed package campaign. Our guest is Matt…
Stop and think before you click that link.
Feb 21, 2019 • 27 min
We’ve got followup from a listener on cognitive dissonance and behavioral science. Dave shares a listener story about a University Dean’s List scam. Joe shares statistics from a government agency phishing test. Our catch of the day involves funds from the…
The trauma is multifactored.
Feb 14, 2019 • 30 min
On this Valentines Day edition of Hacking Humans, Joe and Dave examine romance scams, including the sad tale of woman bilked out of hundreds of thousands of dollars. There’s a silly, non-murdering catch of the day, and Dave interviews Max Kilger from UTSA…
Make it seem like the real answer is impossible to know.
Feb 7, 2019 • 29 min
Dave shares a bank spoofing scam with a reminder to mind those links, especially on mobile devices. Joe describes a case of someone turning the tables on a Twitter scammer. Our catch of the day involves a clumsy claim of physical harm. Dave interviews…
The excitement of tricking someone wears off quickly.
Jan 31, 2019 • 29 min
We’ve got followup on bank scams and ransomware. Joe describes a highly sophisticated multinational business scam. Dave shares a story about private school parents falling for a Bitcoin discount scam. Our guest is Jordan Harbinger, host of The Jordan…
Opening your eyes to the reality in which we live.
Jan 24, 2019 • 32 min
Dave reviews tips on protecting yourself from ransomware. Joe describes a clever way to trick people into enabling macros. An attempt at celebrity friendship is our catch of the day. Carole Theriault returns and speaks with Dr. Jessica Barker from Cygenta…
Prisoners have nothing but time.
Jan 17, 2019 • 30 min
Joe shares the tale of a prisoner running a variety of romance scams from the inside. Dave outlines direct deposit scams. The catch of the day is a clever variation from (where else?) Nigeria. Our guest is Sam Small from ZeroFox. Links to stories:…
Trained humans are your strongest link.
Jan 10, 2019 • 34 min
Dave warns of scammers gaining access to homes by pretending to be workers from the local utility company. Joe shares a story of a sophisticated bank transfer scam in the UK. Our catch of the day outlines an attempted email scam targeting an architectural…
At some point you’re probably going to have to do some running.
Jan 3, 2019 • 31 min
Joe describes a reply-all scenario gone wrong. Dave explains the criminal use of steganography in memes as a command and control technique. Our catch-of-the-day features alluring photos texted to an unimpressed listener. Carole Theriault interviews…
Truth emerges from the clash of ideas.
Dec 20, 2018 • 29 min
We follow up on critical feedback of last week’s show. Dave describes how online extortionists have pivoted from sex to explosives. We’ve got an auto-responding catch of the day from one of Joe’s colleagues. Guest is Sean Brooks, Director of the Citizen…
A pesky problem that doesn’t go away.
Dec 13, 2018 • 23 min
Joe describes a Nigerian gang called London Blue that focuses on business email compromise. Dave shares surprising Cyber Monday phishing statistics. Guest Chris Bailey from Entrust Datacard teaches us how to detect lookalike sites online and better…
Bringing trust to a trustless world.
Dec 6, 2018 • 29 min
Listener follow-up on a URL issue. Dave describes an elderly couple scammed out of savings. Joe wonders if it’s wise to unsubscribe. Guest Andre McGregor from TLDR Capital describes his work as a former FBI agent, and his experience consulting on Mr.…
Be very aware of your desire to be right.
Nov 29, 2018 • 33 min
Joe explains URLs and DNS. Dave has tips to prevent holiday skimming. A bogus bank barrister is the catch of the day. Writer Ben Yagoda explains cognitive biases. Links: Wikipedia page on URLs - https://en.wikipedia.org/wiki/URL Tips to prevent skimming -…
CEOs can be the weakest link.
Nov 15, 2018 • 35 min
Listener feedback on the “Can you hear me?” scam. Dave shares an ongoing Elon Musk Bitcoin giveaway scam. Joe describes the malicious use of a compromised DHL email address. This week’s catch of the day comes from down under. (Apologies to the fine…
Human sources are essential.
Nov 8, 2018 • 29 min
Joe gathers open source information online. Dave wonders if a tow truck driver got the better of him. A listener shares a possible custom app scam. Former FBI agent Dennis Franks shares his experience developing human intelligence sources. Have a Catch of…
Scams are fraud and fraud is crime.
Nov 1, 2018 • 29 min
We get listener followup on the church pastor scam. Dave explores a phony investment web site. Joe explains phishing, spear phishing and whaling. Fake federal agents are featured in our catch of the day. Carole Theriault interviews Max Bruce from Action…
Fear, flattery, greed and timing.
Oct 25, 2018 • 29 min
We get followup feedback on gift cards. Joe describes a banking payment scam on a Canadian university. Dave reveals some sneaky apps. A reader shares a story worth its weight in gold. Jenny Radcliffe from Human Factor Security shares her insights on…
Waste my time and I’ll waste yours back.
Oct 18, 2018 • 29 min
Dave reveals a stealthy trademark scam. Joe describes the invocation of a judge’s name to lure a victim. A listener shares a business scam from India. Joe interviews “Shannon,” a listener who enjoys wasting phone scammer’s time. Have a Catch of the Day…
Information is the life blood of social engineering.
Oct 11, 2018 • 29 min
Joe ponders how a phone number is obtained. Dave’s friend avoids a Google gift card scam. Christopher Hadnagy returns with an update to his book, The Science of Social Engineering. Have a Catch of the Day you’d like to share? Email it to us at…
Easier to trick than to hack.
Oct 4, 2018 • 34 min
Dave dodges a local theater scam. Joe shares survey results from Black Hat attendees. A listener’s calendar pops up alluring invitations. Carole Theriault interviews Sophos Naked Security writer Mark Stockley about password shortcomings. Have a Catch of…
Kidnappers, robots and deep fakes.
Sep 27, 2018 • 27 min
Joe shares a kidnapping scam targeting foreign students. Dave describes social engineering involving robots. Our guest is Robert Anderson from the Chertoff Group, discussing Deep Fake technology and how it erodes trust. Links to stories mentioned in this…
Stringing along a scammer.
Sep 20, 2018 • 28 min
Dave warns of scammers taking advantage of hurricane Florence, both on the phone and in person. Joe shares a scheme targeting the kindness of local churchgoers. A cosmic variation on the Nigerian email scam. Joe interviews his Johns Hopkins University…
Influence versus manipulation.
Sep 13, 2018 • 29 min
Joe describes a law firm impersonating a rival to funnel business away from them. Dave has a story of pontiff impersonation. Our guest is Joe Gray from Advanced Persistent Security. Links to stories mentioned in this week’s show:…
Real estate transactions in the crosshairs.
Sep 6, 2018 • 29 min
Dave gets scammed on an exit ramp. Joe describes real estate transaction scams. Is LinkedIn moonlighting in Himalayan tourism? Guest Asaf Cidon from Barracuda Networks shares social engineering trends his team is tracking. Links to stories mentioned in…
Red teaming starts with research.
Aug 30, 2018 • 29 min
Joe describes an Office 365 phishing campaign. Dave warns of dangerous USB cables. A listener shares a fax from the UK. Joe interviews security consultant and pen tester Justin White. Links to stories mentioned in this week’s show:…
Telling the truth in a dishonest way.
Aug 23, 2018 • 29 min
Dave looks at Hollywood script pitch event scams. Joe describes a romance scam murder scheme. Spontaneously combusting ATM cards. Guest Jayson E. Street from SphereNY describes his security awareness engagements. Links to stories mentioned in this week’s…
Sometimes less is more.
Aug 16, 2018 • 29 min
Joe shares the story of a retiree scammed by a clever scheme. Dave describes a tech-support scam with a Russian twist. Our Catch of the Day features an adorable puppy. Guest Michael Murray from Lookout explains mobile device vulnerabilities. Links to…
Focus, technology, and training fight phishing.
Aug 9, 2018 • 28 min
Dave describes a phishing attempt to infiltrate U.S. election systems. Joe shares a story of government agencies receiving malicious CDs in the mail. University employees are lured by greed. And David Baggett from Inky joins us to describe phishing…
Luring unsuspecting money mules.
Aug 2, 2018 • 29 min
Joe describes clever gift card scams. Dave follows up on last week’s proposal to waste phone scammer’s time. A more plausible phishing scheme comes through. Guest David Shear from Flashpoint describes methods scammers use to lure people into being money…
Nothing up my sleeve.
Jul 26, 2018 • 29 min
Dave shares a story of deception right out of Hollywood. https://www.hollywoodreporter.com/features/hunting-con-queen-hollywood-1125932 Joe proposes changing the financial incentives for scammers. A porn-shaming catch of the day courtesy of Johannes…
Think like an attacker.
Jul 19, 2018 • 28 min
Joe describes a con law enforcement agencies use to lure crooks. Dave shares a tech support scan spreading in chat forums. A listener from Dublin has a fake email from Apple. We welcome Rachel Tobac, CEO of SocialProof Security. Have a Catch of the Day…
Presidential prank, pensioner pilfered.
Jul 12, 2018 • 29 min
Dave recounts the news that US President Trump likely fell for a prank phone call. Joe outlines the sad story of a woman robbed of her retirement savings. Twitter account recovery scams. Charles Arthur, author of Cyber Wars - Hacks that Shocked the…
Phone scams, phantom employees and sitting Ducks.
Jul 5, 2018 • 29 min
Joe warns of a harrowing phone scam technique, Dave reveals an alternate persona, a listener tries to sell a truck, and Carole Theriault from the Smashing Security Podcast interviews Sophos’ Paul Ducklin. Have a Catch of the Day you’d like to share? Email…
Separating fools from money.
Jun 28, 2018 • 29 min
Dave shares a story of airport penetration testing with high degree of yuck-factor. Joe explores research on protecting passwords from social engineering. The catch-of-the-day comes courtesy of Graham Cluley’s email spam box. Dave interviews Wired’s…
Playing on kindness.
Jun 21, 2018 • 22 min
Joe explains the Ben Franklin effect. Dave describes job applicants tricked unto money laundering. A listener tells a tale of being fooled by an appeal to greed. Joe interviews Stacey Cameron from DirectDefense about her physical penetration testing work.
Gaming pro athletes online.
Jun 14, 2018 • 29 min
Joe warns of scammers taking advantage of natural disasters, Dave explores romance scams, and gets a strange voice mail. Stephen Frank from the National Hockey League Players Association joins us to share how professional athletes protect themselves from…
A flood of misinformation and fake news.
Jun 7, 2018 • 29 min
In this episode, Joe examines the anatomy of a phishing attack, Dave explores pretexting, and a scammer targets real estate agents. Professor Stephen Lewandowsky from the University of Bristol joins us to share his research on misinformation, fake news,…
Social Engineering works because we’re human.
May 30, 2018 • 29 min
In this premier episode of the Hacking Humans podcast, cohosts Dave Bittner from the CyberWire and Joe Carrigan from the Johns Hopkins University Information Security Institute discuss noteworthy social engineering schemes and ways to detect them. Author…