Hacking Humans

N2K Networks
Hacking Humans

Deception, influence, and social engineering in the world of cyber crime.

  1. 9 HR AGO

    Final approach to scammer advent.

    On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week, the team shares follow up about FEMA and Hurricane Helene relief. Dave's story is about romance scams involving an impersonator of a WWE star scamming a grandfather out of their retirement savings, Maria shares a story about a valid-looking document impersonating DocuSign's API (application programming interface). Joe's got a few stories including one about a CVE (Common Vulnerabilities Enumeration) relating to an Okta bug and one from the Better Business Bureau with a new twist on online shopping scams where your get a "card declined" message. Our Catch of the Day comes from listener William about an email from the "United Nations." Resources and links to stories: DisasterAssistance.gov They’re Giving Scammers All Their Money. The Kids Can’t Stop Them. Attackers Abuse DocuSign API to Send Authentic-Looking Invoices At Scale DMARC: Domain-based Message Authentication, Reporting & Conformance CVE-2024-10327 BBB Scam Alert: 'Card declined' error may lead to multiple fraudulent charges You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

    43 min
  2. 7 NOV

    Happy hour hacking.

    Maria Varmazis, host of N2K's daily space show T-Minus, joins Dave and Joe to share the story of the five types of social engineers Deanne Lewis encountered while tending bar, revealing how each barroom personality reflects a common cybersecurity threat. Our hosts share some follow-up from a friend of the show, JJ, who reports a rise in tech support scams targeting non-tech-savvy users by locking their screens and persuading them to call scammers, often leading to credit card fraud and unauthorized remote access through tools like AnyDesk or TeamViewer. Joe has two stories this week: one covering JPMorgan Chase's lawsuits against individuals who exploited an ATM glitch to withdraw fake deposits, a scam popularized on TikTok; and the second on four suspects in Maryland charged with conning an elderly woman out of nearly $40,000 in a "pigeon drop" scam, where victims are promised a cut of "found" money in exchange for collateral. Dave's story is on a viral AI-generated hoax spreading on Facebook, where fake posts about neighbors egging cars over Halloween decorations are stirring moral panic and sowing distrust, especially among older users. Finally, our catch of the day comes from some text threads about a scammer trying to get clever while buying a used car. Links to the stories: The Five Types of Social Engineers I Met Tending Bar (And What They Taught Me About InfoSec) JPMorgan Chase is suing customers over 'infinite money glitch' ATM scam Four charged in ‘pigeon drop’ scam targeting elderly in Maryland The newest AI slop on Facebook exploits suburban fear You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

    48 min
  3. The Malware Mash

    31 OCT

    The Malware Mash

    Happy Halloween from the team at N2K Networks! We hope you share in our Halloween tradition of listening to the Malware Mash. You can check out our video here. Lyrics I was coding in the lab late one night when my eyes beheld an eerie sight  for my malware threat score began to rise  and suddenly to my surprise... It did the Mash  It did the Malware Mash  The Malware Mash  It was a botnet smash  It did the Mash  It caught on 'cause of Flash  The Malware Mash  It did the Malware Mash From the Stuxnet worm squirming toward the near east  to the dark web souqs where the script kiddies feast  the APTs left their humble abodes  to get installed from rootkit payloads.  They did the Mash  They did the Malware Mash  The Malware Mash  It was an adware smash  They did the Mash  It caught on 'cause of Flash  The Malware Mash  They did the Malware Mash The botnets were having fun  The DDoS had just begun  The viruses hit the darknet,  with ransomware yet to come.  The keys were logging, phishing emails abound,  Snowden on chains, backed by his Russian hounds.  The Shadow Brokers were about to arrive  with their vocal group, "The NotPetya Five." They did the Mash  They played the Malware Mash The Malware Mash  It was a botnet smash  They did the Mash  It caught on 'cause of Flash  The Malware Mash  They played the Malware Mash Somewhere in Moscow Vlad's voice did ring  Seems he was troubled by just one thing.  He opened a shell then shook his fist  and said, "Whatever happened to my Turla Trojan twist."  It's now the Mash  It's now the Malware Mash  The Malware Mash  And it's a botnet smash  It's now the Mash  It caught on 'cause of Flash  The Malware Mash  It's now the Malware Mash Now everything's cool, Vlad's a part of the band  And the Malware Mash is the hit of the land.  For you, defenders, this mash was meant to  when you get to my door, tell them Creeper sent you. Then you can Mash  Then you can Malware Mash  The Malware Mash  And be a botnet smash  It is the Mash  Don't you dare download Flash  The Malware Mash  Just do the Malware Mash

    4 min
  4. 31 OCT

    How political donations can be deceiving.

    Maria Varmazis, host of N2K's daily space show T-Minus, joins Dave and Joe to share the story of a relentless wave of political donation texts that go well beyond simple annoyance, revealing an unsettling impact on vulnerable populations. CNN's investigation exposes how these texts, with their urgent and personal tone, have led seniors, including those with dementia, to make thousands of donations—sometimes unknowingly amassing hundreds of thousands of dollars for campaigns. Joe's story highlights a dash cam video capturing a car colliding with another vehicle while backing up on a busy highway. The footage raises questions about driver awareness and road safety in high-traffic situations. Dave's story shares the alarming potential of OpenAI's real-time voice API, which allows scammers to create AI agents capable of executing phone scams for as little as $0.75. Researchers from the University of Illinois Urbana-Champaign revealed that these agents can autonomously conduct scams, raising serious concerns about the misuse of voice-enabled AI technology despite previous safety precautions. And finally, our catch of the day shares how the Library of Congress is cracking down on copy write infringement. Links to the stories: Age of fraud: Are seniors more vulnerable to financial scams? How elderly dementia patients are unwittingly fueling political campaigns Apparent attempt at insurance scam caught on camera Voice-enabled AI agents can automate everything, even your phone scams Bank account transfer scam You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

    50 min

About

Deception, influence, and social engineering in the world of cyber crime.

You Might Also Like

To listen to explicit episodes, sign in.

Stay up to date with this show

Sign in or sign up to follow shows, save episodes and get the latest updates.

Select a country or region

Africa, Middle East, and India

Asia Pacific

Europe

Latin America and the Caribbean

The United States and Canada