Scammers gonna scam.

You're listening to the CyberWire Network, powered by N2K.

Hello everyone and welcome to N2K CyberWire's Hacking Humans Podcast, where each week we look behind the social engineering scams. Fishing schemes and criminal exploits that are making headlines and taking a heavy toll on organizations around the world. I'm Dave Bittner, and joining me is Joe Kerrigan. Hey Joe. And our N2K colleague and host of the T-Space Daily podcast, Maria Bermazis. Maria! Hi Dave and hi Joe. Maria, we're really glad you're back. Yes.

No. I mean it's not like we didn't get along or anything. Good time. Oh gosh. happened. No, it hasn't. It hasn't. But uh we Joe and I have a great relationship in and occasionally agreeing to disagree. Yes. Uh All right. Well sometimes it's the best you can hope for. That's fine. We avoid those topics where we where we have these where we have these That's right. Don't discuss it. Which is what reasonable people do when they're friends. There you go.

So there you go. All right, we've got some good stories to share this week. Uh and uh we've we've got some follow up that I'm actually saving for my segment of the show because it is Uh both so good and so complete that I wanna actually make a segment out of it. Excellent. Uh but in the meantime, Joe, uh any chicken update for us?

Uh well, with my busted up ankle I haven't made a lot of progress on the coop, but uh I do have to go out there every day and make sure they have liquid water, which is not the case, like wasn't the case this morning. But I will tell you that uh one of my one of my hens who exhibited a certain behavior when she was a chick is still exhibiting the same behavior. So what would happen when I would walk out to the garage when they were in the garage and I'd take the cover off of the uh

little containment pen with the little chicks in it. This one would always immediately hop up onto the uh onto the edge of the pen and wait for me to pick her up. That's why we call her Snugglebug, because she always wanted me to pick her up. Ha ha ha. Of course you do. Yeah. So I love it. So I uh I told you last week I built this uh chicken run with a really nice Dutch door on it. Right. And uh

I think it was uh Monday night I was out there uh getting getting in there to make sure that they had water for the evening. And uh I opened the the top door and snuggle bug Hops up! directly onto that onto the top of the the bottom door. Mm-hmm. And he's like, Are you gonna pick me up? And I'm like, Yeah, I'll pick you up. And I pick her up and I Take her up to the house and I I let Lisa see her and uh, you know, give her a uh Lisa likes to give her a big hug and she loves it. She's like

Which is really weird, you know? Yeah. Um Well that's good. Yeah. I don't know. None of the other chickens want you to pick'em up. Yeah. They they they just um they they're just not interested in, especially not the rooster, which you're you're actually not supposed to pick up the roosters, but Not yet. No. Okay. I don't expect eggs until another two or three months. Oh.

Okay. That's when I'm expecting to start getting eggs. Now my daughter is getting eggs galore. She has two um she got eight eggs yesterday. Uh huh. And um she has two uh two full cartons of eggs. Wow at the house. So the uh the time of buying eggs and in the Kerrigan households may be coming to an end. Right. Well just don't forget your friends who lost their love eggs. Yes. I'm jealous. Yeah. I'm too far to get fresh eggs from you. So I'm glad for what is it, snuggle bugs?

Snuggle bug. I'm glad for Snuggle Bug, but this this clip came across my desk this week. We're talking about chickens on our s in one of the uh N two K Slack channels and one of our colleagues, Tim, shared uh this clip. So I I just wanna play it here for us now and we can comment on the other side. It's only forty seconds long. This is Uh Werner Herzog, the director and actor, uh well known, and he's talking chickens. Yeah. the enormity of of their flat brain.

The enormity of their stupidity is just overwhelming. You have to do yourself a favor. When you're out in the countryside and you see chicken, try to look a chicken in the eye with great intensity. And the intensity of stupidity that is looking back at you. It's just amazing. Bye. They're very prone to hypnosis. And in one or two films I've actually shown I'm getting my pocket watch out tonight.

There's is there anything he could say that wouldn't make it immediately funny and and also go super hard? Like it's just No. There's a uh definitely an intensity about him that he brings to everything. Everything. Yeah. I don't know. I mean so I mean Snugglebug doesn't sound stupid. Uh she is still a chicken. Okay. All right, so keep our expectations measured. Yeah.

One of the things I was telling my wife when when she was giving her a hug is I I remember they have very small brains. Yeah. Um and I was I actually was looking looking it up on online how small their brain is relative to their body size. And like compared to a crow, there's no comparison. Crows are like really intelligent birds. Right. Yeah, they're they're two intelligent Corvids. They're they're just Yes. Oh They are big brain birds.

I hate blue jays so much. Sorry, I could just I have like a whole thing. We're getting we're talking about birds now. Like I I think that's How about birds? I'm not a fan of blue jays either. Yeah. But I love ravens, but they're very creaky. I've got a bunch that live around my house and they scare the heck out of me. Yeah, I'm try I'm still trying to make friends with the crows. None of them wanna be my buddy. Yeah. But um You know, I do I do.

Walk around with a pocket full of peanuts to just drop on the ground when I see crows. Hey, have a peanut. Yeah. No, they love that. We're going from from chicken talk to bird talk. Is that just the evolution? Okay. This is chicken adjacent because the reason I want the crows to be my friend and be around my house is they will run off the hawks. True. That's true. Arm my chicken.

Yes. I have uh uh we have a lot of crows near my house and we also get a lot of raptors um because I live near a lake and so the raptors come hunting, they they grab fish. It's like National Geographic, you know.

I do, yeah, yeah. And I've I've actually seen that National Geographic moment where the eagle swoops down and grabs a fish and flies away, and it is majestic. That's awesome. And you it's the kind of thing you don't think could actually happen in your backyard because you think This only happens on National Geographic, but it does happen there. But you were sitting on your back deck and saw that happen. Yes. That's amazing. What I've also witnessed is that the crows can be big old jerks.

Thank you. Well they will absolutely run off a bald eagle because The crows have maneuverability that the bald eagle doesn't have, so they'll team up like three crows and they'll just be buzzing around the eagle, pecking him and and harassing him until the eagle flies away. I got a a story, but I can't really tell it here'cause it doesn't really lend itself to a podcast. But I did see a crow Smack a hawk. I'll try to tell it anyway. Yeah.

It's a bad podcast story, but I'm gonna tell it. All right, step in. Our lucky audience. Ha ha ha. All right, chicken talk. Let's just hit the stories. Um uh this crow came off of my neighbor's house and hit a hawk that was carrying like a little sparrow or something. Okay. And the sparrow got away. And the hawk was or apparently the crow was like, yeah, not in my town, buddy. Yeah. Ran that hawk. I have a friend who lives right down the street from our studio here and uh

She had one of those little bird feeders that you attach to the window so you can see the little birds feeding from outside. Yes. And so she was sitting there watching the little birds and all of a sudden there was this big swoop and feathers everywhere. Hawk came in and I have a very similar story, but I'll tell it one another time. It's just uh that's enough about birds, I think.

get to our let's get to our hacking human stories. Hacking birdies. Welcome to yes, Birds Are Us weekly. Right. Um I tell you what, let's take a quick break. We'll be right back. Every attacker counts on one thing, environments that trust too much. Threatlocker closes that gap with default deny at execution. Unknown software? Blocked. Trusted apps contained with ring fencing.

Configurations? Verified with ThreatLocker DAC so you stay secure and compliant. Threatlocker delivers the visibility and control CISOs need Without adding operational pain, making zero trust real for teams of any size. Stop ransomware at its earliest point. Book a demo at threatlocker.com slash N2K.

I'm gonna kick things off for us, but it's actually uh piece of feedback here and it is probably the the best feedback we've ever gotten. Really. I agree. Well it is. I mean it is it's legit, it is complete, it is well written, it is authoritative. Uh so we got a note from uh Tim. I'm just gonna leave it at that, who is a special agent in the IRS criminal investigation department. Who listens to this show? So I have a feeling, Dave, that there's a lot of correction coming from Tim. Well Yeah.

True. Which I appreciate. But Tim does it in the nicest way. Right. And uh so that's why we're sharing it. Good. So I will just read uh Tim's kind note. Tim says. I just got done listening to the episode It's Just Too Good to Be True and couldn't help but send you an email after hearing all of the IRS talk. You guys did a pretty good job of hitting home the main points of scam interactions with the IRS.

I could tell there was some hesitancy around what criminal investigation would or wouldn't do in real interactions and wanted to offer my two cents. So you see what Tim has done here is buttered us up by saying that we did a good job. See now the IRS is offering us money. Should we trust it? Mm-hmm. Two cents.

Right. Yeah. Right. Well, if we ever get audited, you know, my first call is gonna be to Tim. Right. So uh Tim goes on and writes, We in criminal investigation one hundred percent show up to people's houses unannounced. Okay, so Tim does work in criminal investigations. Correct. Okay. Yes. So he says Yeah, make cold calls or send an email to initiate contact. Which for all things that we said they don't do. They correct. So we were wrong.

Yes. Yes, Tim goes on and says, It all just depends on what form of communication we've tried up until that point where criminal investigation agents and the interviewee are located, how adversarial the interaction might be. Uh and so on. When in doubt though, we'll be at your front door and leave a business card if we don't establish contact right then and there. Also, we're happy to try and verify ourselves over the phone or email.

by answering a number of questions and sharing our badge numbers. However, we are prohibited from sending photos of our credentials or badge. Yep. So that is a common hang up between us and people we reach out to. uh that think they're being scammed because the IRS never calls. He put that in air quotes. Right. So he says if someone needs to verify whether or not an IRS special agent is real, they should meet them in person at a public place.

such as the local US Attorney's Office, the local IRS office, or a library, and ask to see their credentials and badge. That seems reasonable to me. It does. Uh Tim goes on and says, in IRS civil You were correct about the forms of communication and all the telltale signs for scams. If it's not a letter or a call or email from someone you've already spoken to, forget about it. And definitely do not buy gift cards to pay off your fake overdue tax liability. Last, do not pay in Bitcoin. Right.

And he said that with a smiley face, which I really And Tim says, and in general, thank you for putting together such informative and entertaining episodes. So Tim's buttering as up to the It's a compliment sandwich. Bye-bye. He's such a... Professional. And I fall for it completely. Thank you, Tim. Right. You can tell Tim's used to interacting with people who are who he is much smarter than. Like us.

Tim says, I'd love to hear about all the scams that are out there and trying to figure out how they might apply to my tax and non-tax casework that dabbles in pig butchering, investment fraud, sim swapping, and account takeovers. Cryptocurrency theft and everything else in the cyber adjacent world, keep up the great work. And that's Tim, who again is a special agent with the IRS. So Tim, thank you so much for taking the time to write. Thank you, Tim.

Absolutely. Amazing. Uh Uh I guess we have to update our Uh Uh our information here. Especially criminal investigations. If yeah, criminal investigation, yes, for sure. So I guess it you have to be you have to have been see and now I'm speculating again. So I'm expecting, you know, part two from Tim. Right. Uh Ha ha ha.

It so what I infer from this, and correct me if if either of you feel as though my inference is incorrect, uh you're probably pretty far down the path with them. Yes. And and by that I mean ignoring them. Yeah. Should never do. Right. Right. So I I'm st I'm guessing you know letters come first and then probably phone calls and emails or whatever. Like also would imagine these agents are not thrilled to have to come out and knock on your door. Like that's probably not a great day for them.

I'm sure it's scary for them too, you know. Yeah. That's true. It's not it's it's not a zero risk job. Yeah, absolutely. No, but I guess that is part of the job. So Yeah. His tip about meeting in a public place like let's meet at the local IRS office, that's a great one. Right. Yeah. Yeah. I'll meet you at the local IRS office. That would be a that would be a good place to meet at the at the uh at the what do you say, the uh not the state.

US attorney US attorney's office. Yeah. I I I'd probably be less inclined to meet at a library just because Anybody can go to a library. And, you know, I I uh yeah. Yeah. I I I w the local IRS office seems optimal to me because nobody's gonna walk into the local IRS office and pretend to be an IRS Right. Right. I mean, somebody might, but that's ballsy as heck, so I'm not sure. Yeah, yeah, exactly.

Now here's here's the comeback to that. Well not really a comeback, but an observation, because I I think that that Tim is probably well aware of this. Yeah. Uh if you're somebody who is under criminal investigation with the IRS. Uh, you're not going to the IRS uh office to meet an agent because you're afraid there's gonna be somebody there to put you in handcuffs or something. Yeah. If they're in crimin if you're in the criminal part of the uh Uh of of their you know, investigative services.

The IRS has a job to do, uh, and I I get it. Um, yeah, I'm not happy with uh you know, you know me, Dave. I'm not happy paying taxes. Right. It might have this. Well Joe, as you know, taxes are the price we pay for civil society. Yes, I understand. This is so Maria, this is one of the areas Joe and I agree not to talk about. Tax policy. No. Oh boy, that's a thrilling conversation. Yeah, yeah.

Th th you know, tax policy happens above the level of the IRS, right? Sure. The IRS is the service that is responsible for enforcing tax policy. Right. Execute the policy that has been given to them by Congress. Yeah. they're the money police yeah All right. I'll tell you right. Thank you, Tim. Thank you, Tim, for for sending this in. Truly. I I Yeah, Tim, I appreciate it.

Really good stuff. Like I said, one of the best bits of feedback that we've ever had. So uh we are thrilled that you took the time to do this and also please dispunch that you're listening to our show and finding value in it. Yeah, that's awesome. Thank you very much. All right, let's move on. Maria, you are up next. What do you got for us here today?

Well, I have an evolution of a fishing campaign, uh a fishing campaign that's been around at least since since twenty twenty. Uh so what I'm gonna do is talk about what it used to look like and then get into what it looks like now. All right. So This fishing campaign was uh being used uh and being sent primarily through um

Mass email clients called like called Sendgrid. So Sendgrid is the primary one that's been uh used for this. I I I know that MailChimp also has been used for these fishes, but I'm gonna concentrate on SendGrid because they've been really highlighted as the the problematic one. So I love the name MailChimp. It's one of my favorite online service names ever. Okay. Melch. Yeah. Twilling that away and useless information that I you know has.

Right. So SendGrid is is similar to MailChimp in that it's a ma it's a mail email service provider? Correct. Yeah. So you you are a business or a small business, presumably, and you've got a list of thousands of emails of clients, presumably, that you want to email. And uh you ha you need to use usually a a a service like SendGrid to mass email people without getting Flagged a spam through. Right.

Any kind of uh email provider. So you use something like SendGrid, you your email account uh sort of is flagged as hey, this is trustworthy. Uh you have a reputation, uh the send grid has a reputation and the email uh the emails go okay, these emails can come through. The email services allow your emails to go through. So um Brian Krebs actually covered a problem with SendGrid fish fishy emails back in 2020, where essentially at that time SendGrid did not have 2FA enabled on their service.

So many, many SendGrid accounts were getting compromised, either through stolen credentials, brute force access, or even just basic old password reuse. And essentially bad actors were compromising legitimate send grid accounts and then spamming the uh people on the legitimate email lists with fishy emails. Uh so ideally what would happen for the attacker would be that somebody would click the fishy link and they would then be taken to a fake SendGrid long in page.

And then the the cycle would continue anew, where now another SendGrid account has been compromised and more fishy emails could go out. So it just keep going over and over. Uh and actually Netcraft in 2024 called this specific situation fish seption. Right. Over and over. Just just keeps going, as fishes all the way down.

Yep. Uh and these the specific send grid fishes back in twenty twenty, um, the emails themselves were always sort of send grid account related. So the emails would say something like, Hey, your account's been compromised. Your payments been declined, your account's been marked for deletion, your account's under review due to bad practices. So that would be that urgency that's often talked about about, you know, that that hooks the person into the fish.

And they would go, oh no, I need to fix something with my send grid account. And of course that means I need to log into my account to fix it. And that's how their account would get compromised. So that's that's sort of the old paradigm for the SendGrid fish. Now there's a new SendGrid fishing tactic being used. And uh this is covered by a gentleman uh named Fred Benenson in his personal blog, because he's been noticing this, and he has dubbed it the rage bait fish.

And this is super fasting. Yeah. That might work out. Uh yeah. I think it might work on a lot of us. I think I do I even need to explain what rage bait is nowadays. It's sort of in the air we breathe. It's yeah, it's it's the it's the media landscape. Uh and uh so one of hundred percent correct. It's pretty much all the internet has become. It's just pure rage bait. So uh what Fred was noticing is he got an email that was a very clear send grid fish.

Uh and it this is how it goes. I'm just gonna read it. The subject line says this, ICE Support Initiative. And this is the text. Hello, we're writing to inform you of an important update to our email platform in response to recent events.

As part of our commitment to supporting U.S. immigration and customs enforcement, we will be adding a support ice donation button to the footer of every email sent through our platform. This button will appear automatically in all outgoing emails starting next week.

what this means for you. All emails sent from your account will include the support ICE footer element. Recipients can click to donate directly to ICE support programs. This change helps us demonstrate our platform's civic commitment. And then the next line is there's an opt-out available. If you prefer to not include this footer in your emails, you can disable it in your account settings. And there's a handy little button there that says go to account settings. We appreciate it.

Wow. I can just see Kermit flailing his arms right now. Yeah. So Fred also had noticed previous fishes in this rage bait vein. One of them was an L G P T pride footer that again would automatically be added to all of the emails that you sent, and another one I was gonna say, I'll bet they do this to the other side of the political spectrum. Here it is.

one that was a an automatic Black Lives Matter footer uh automatically added to any email that you sent. So they're casting the widest possible net. How many people can they possibly hook through Rage Bait and they're trying all of the tactics. So um it's I I I just thought this was remarkable because I was looking for other examples of people noticing this.

uh since I read fr Fred's blog post and um I I haven't seen a lot of instances of this, but that feels like a yet is coming. Uh I I imagine this this seems rather dastardly to me, a fish using rage bait as its hook. And I've gotta imagine this tactic's gonna become very popular very soon if it hasn't already. This is remarkably successful. Oh

Yeah. I mean this is what we always talk about, using your emotions to short circuit your critical thinking. Right. You know, you get somebody wound up You're gonna do what? To my business email. This email. Right. And so they're just gonna smash that uh go to settings button. Yeah. Yeah. Right. A political centrist going, I don't want that on my email because I don't want to alienate a a huge chunk of my of cu my customer base.

I don't want to field those angry emails from either direction. Yeah. I completely understand. Nobody wants that. Yeah, I'm just the marketing intern and I'm seeing this in my inbox and I'm going, uh, I don't want to have to explain that to my boss.

Um yeah, yeah. And then I'm not even thinking about it. I'm literally you know in the bathroom seeing that email panicking before the CMO calls me up going, what the heck is this? And I'm hitting that go to settings button and not even thinking about the fact that I probably just got fished. Right, yeah. This would a hundred percent have worked on me. One hundred percent. Uh,'cause I've been in that situation. I would have panicked so quickly.

So um I guarantee you we're gonna be seeing a lot more of this kind of tactic. I th and again, as far as we know, the goal here is to compromise, send grid accounts to send more of this, to continue the fishception. I wonder if there's a longer long-term play at Here in the background that we don't know about yet, but there's gotta be one.

I guess I think I know what that is actually. And I I don't know. I've never used Sendgrid, but is it possible when you're in SendGrid, when you're in the interface to say, I just need the list of email addresses I have? Oh I'm sure there is. Like a just a quick export. Yeah. Have you know they're valid email addresses and now you have essentially a huge cache of new Refreshed email address. Yeah.

Well yeah, that's true because the the uh the email services like SunGrid also will tell you if those emails are actually healthy. You know, if they're not getting if they're not bouncing back, so that you can you know that they'll actually work. Uh so yeah, that's a pretty good good point. They're just able to get the clean email as they're actually working. So That's my guess. That's a good idea.

The only the only reason I think that is because they're only sending out uh phish to other send grid accounts. Or they're they're sending these this phishing these feet these phishing emails out. They're fishing SendGrid account holders. Yes. And then they're they're not using the SendGrid account to send out actual phishing emails. Right. As far as we know, that's true. Yes. That to me looks like they're just building new email lists. Yeah.

So far that seems to be the case. But again, I I really wouldn't be surprised if there's a really long game at play, but uh we'll see, I guess. Um so the the the news on the SendGrid side of things is that there is actually two FA now available for SendGrid account holders. It's not mandatory though. No. So uh well actually no, I shouldn't say it. I don't know that that's that it's mandatory. Uh if it if it isn't mandatory, please enable it. Yep. Please do. Please.

Uh it and it's it's they were Sendgrid was getting uh reamed uh by Inf InfoSec Press for a while for not having 2FA. Uh so they do have it now, so you should definitely enable that. Um strong, unique passwords because again, a lot of these send grid accounts are being compromised from simple password reuse. Please be aware of this new tactic. So if you see this and it makes you freak out, take a moment. Right.

Don't click the go to settings. Uh maybe try and d another way to get to your settings without clicking a link in an email. So you can give that a shot. Just yeah, be aware of your emotions and if you find yourself Getting wound up over something, stop and check yourself. I know it's easier said than done. Right. Especially when you're over there making all those noises like Dave was. The appropriate noises. Oh voilà. Rebel rabble rabble. Ever ever. Right.

All right. Very good. We will have a link to this story in our show notes. Uh I tell you what, let's take a quick break here. We will be right back after this message from our sponsor. Most environments trust far more than they should, and attackers know it. ThreatLocker solves that by enforcing default deny at the point of execution. With ThreatLocker Allow listing, you stop unknown executables cold.

With ring fencing, you control how trusted applications behave. And with ThreatLocker DAC, defense against configurations. you get real assurance that your environment is free of misconfigurations and clear visibility into whether you meet compliance standards. ThreatLocker is the simplest way to enforce zero trust principles without the operational pain. It's powerful protection.

that gives SISO's real visibility, real control, and real peace of mind. Threatlocker makes zero trust attainable even for small security teams. See why thousands of organizations choose ThreatLocker to minimize alert fatigue. Stop ransomware at the source and regain control over their environments. Schedule your demo at threatlocker.com slash n2k today. And we are back. Uh Joe, you're up. What do you got for us?

I have two stories today, uh, because the first one is again going back to Southeast Asia and uh it's from Reuters and the headline is Cambodia to keep up crackdown on scam centers after arrest of alleged mastermind. Mm. I love when someone gets called a mastermind. Alleged. Right. Yeah. I'm just gonna go over this one really quickly because I don't want we spent a lot of time on this, but they're um the US has indicted this guy, Chen Ji, and he has since been extradited to China.

And uh despite that, Cambodia is saying we're gonna continue to curb these scams. And uh the the article talks about how these scam centers in Myanmar and Cambodia have generated billions of dollars in losses with a B. And uh Cambodia is in clo qu close cooperation with other nations, um, according to the uh the foreign minister of Cambodia.

So good on them. They're gonna keep this up. They they know just capturing one bad guy is not the end of this. Uh, there's a uh a virtually endless chain of people who are willing to they hear the word billions and they go, Oh All right. I'm in. How do I get in on that action? Yeah.

Yeah. Uh my other story comes from WSMV. And this one is about an Uber driver who got scammed out of$300. And here's how this scam works. He was driving along, doing what Dave does. Mining his own. Yeah. Nothing but taxes. Yep. Right. I hope he's paying his taxes. Like every fine upstanding American That's right. Including us. Um and he was uh he gets a phone call on his uh uh phone, naturally. Uh That's weird. Comes the pigeon with the phone call. The shoe just started raining.

I don't know. Yeah, I'm getting a phone call through my glove compartment. Nice. Odd. She uh Maria says shoe, but she probably doesn't remember get smart. Yeah. Maria, do you remember Get Smart? of Get Smart, I've seen I saw the I've seen the remake and a few of the originals, but yeah. W Maxwell Smart had the phone the shoe phone. Yeah. Yeah. Style in the bottom in the heel was hilarious. That was Mel Brooks, by the way. Yeah. One of my favorites. Um, so uh

This guy is uh they're calling him Zach. That's not his name. So he um he has said that he Originally was able to make enough money to live on Uber, but now he's just doing his a side hustle because it it doesn't support him anymore. He's making less and less money with it. Uh, but when he answered the phone, he got an automated message saying that it was Uber support. And they told him that he had been reported as being a drunk driver.

And they said he needed to pull over immediately and go through a verification process. Otherwise he would be banned from the Uber app. So he gets this call, he does what the what the phone call says in the middle of a ride. Um they they told him to cancel the ride and head to a Walgreen. uh for a sobriety test. Then he has to pay

$300 for a sobriety test, which he says if you pass, uh the guy on the phone says if you pass, you'll be instantly refunded the money. But if you fail, you'll be fined another$750 and be permanently banned from from the app.

So he uh they sent him a barcode. He transfers money. I'm not sure which which app this is through, but it's probably through like Venmo or something similar to it, because those work with barcodes. Yeah. Um And he uh sent three hundred dollars and he got back his to his car and w went to the Walgreens to wait for the person to meet him in the parking lot, but no one ever shows up.

And uh that's essentially the scam is they they have scammed him out of three hundred dollars and he's now not making money with with Uber right now'cause he's, you know, hey, somebody told us that you're drunk right now, pull over. Uh Uber, he reached out to Uber and they said, we will never call you um directly from our customer support. Yeah, we've heard that before. Right. Mm-hmm. Next week. Right. We'll read that one out.

Wouldn't it be wouldn't it be just the greatest thing in the world if um Tim was moonlighting as an Uber driver? That would be hilarious. Ha ha ha ha ha. And he called us with the with their real skin. Right. I don't know why that tickles me so much, I mean. Yeah. Right. Uh Uh so anyway, Zach has lost three hundred dollars to this and uh it he's working with Uber to try to get his money back. Uh Uber, I don't think, is probably gonna give him the money back.

Uh, he did have someone break into his Uber account at one time and and essentially steal$700 in credit. Uh, but he got that back. Because that was from Uber's system. How hard do you suppose it is to get an Uber driver's phone number? I don't know. That is one of the nagging questions that underpins this for me how do they know this guy was an Uber driver? Okay. How do they know that he was um in the middle of driving?

In an automated way or a manual way? Because I mean I've had Uber drivers message me from their cell phone, but uh does it go through an intermediary? I would think it would, but Um, I'm thinking like when when someone's picking you up, they're like, hey, I'm here. Right. Usually you get a text message, but I I have presumed all this time that's coming directly from the Uber driver's actual phone number and not, you know, like a third party but

always uh when I use Uber, it's uh I I do everything through the app. Like I'll get a message of where he is and how he's five minutes away or she's five minutes away. And um it's uh you know it's It's all done through the app. I never get text messages. I I've gotten text messages before and I've always thought that was a little odd that I'm getting an actual text message. Yeah. Yeah.

I mean I suppose, given where we are in the world today, that it's not that hard to put the word out that you want to buy a list of phone numbers of Uber drivers in your town. Yeah. And That's probably pretty easy to buy. It could be that simple. Yeah. The other thing that occurred to me is it could be uh the ride that he was actually picking up that uh that guy was in on the scam. Good day. That, um, yeah, that he, uh,

I don't know how that would work. I'd have to I'd have to know more. And this article doesn't have a lot of details on it. So I'm just doing what I do best and speculating why. Well if you get three hundred bucks a pop, then you know That's it's worth it. Lucrative. Yeah. Yeah. Absolutely.

All right, well we will have a link to those stories in the show notes, and of course we would love to hear from you. If there's something you'd like us to consider for the show, you can email us. It's hackinghumans at n2k.com. Joe Maria, it is time to move on to our catch of the...

Dave, our catch of the day comes from the Scambate subreddit. Uh, and honestly, this uh did you do this, Dave? Because it's it's called Dave Part One. Yeah. Yeah. Yeah. Right. And uh is this is this really your submission? No. It's a coincidence. It's a quinky dink. Uh I guess a lot of people are named Dave. The yes, fewer and fewer. I mean, you know.

K the kids today aren't giving their kids normal names anymore. Right. So if it was if someone did name their child Dave these days, there'd be a Y somewhere in there. It'd be like D A Y V E. You know. But uh whatever. You know, our our our generation of parents named us to fit in and today's generation of parents names their kids to stand out. That's the main difference.

All right. So uh we're gonna do this here. Uh tell you what, Maria, how about you partner up with me on this one? Uh I will be the uh I will lead off. Okay. And uh we'll go from here. So I'll be the text in white, you be the text in blue. You got it. Very good. Hello there, Miss Maggie. Good day. I kinda wanna say Merry Christmas, Maggie, and thanks for getting back to me here. Well, good game, so good luck, Maggie. Hello? Where are you from?

Hello there, beautiful Maggie. Well, thanks for your responding to me here, Maggie, and it's nice to meet your acquaintance virtually, and I kinda wanna wish you a happy debows. Fozing day? I am from the United Kingdom. Yes, it's bozing day today. Nice to know that you're from the United Kingdom, Maggie. Well, where in the United Kingdom are you currently from and how's your day been today? Hope you're enjoying the weather out there today, Maggie.

I have never heard of Bosing Day ever. I'll have to look that one up. I'm from England. That's fine, Maggie, then we shouldn't be argue with it if you haven't heard of posing day, Maggie, okay, and I'm so glad you're from England pretty, so nice to meet you here, Maggie. Can you please tell me some few things about yourself, Maggie? The way you look and your smile tells me how gorgeous and beautiful you are, Maggie. Please, can I know something about yourself?

Nobody was arguing. What would you like to know? It's okay, Maggie. So sorry, Maggie. I didn't mean to say we both argue, though it was a joke, and I'd like to say something that funny to Good morning, how are you? Hello there, beautiful Maggie. So nice to hear from you here again, Maggie, and thanks you for getting back to me here, Maggie. So nice it's morning there or getting brighter.

Well it's morning here but still dark. However, nice to see you here, Maggie. And I'd like how gorgeous you look in your profile picture, Maggie. Your smile are so cute and nice, Maggie. Well I'm doing good hearing from you here now, Maggie. Well, how was your night, and hope you're feeling this beautiful day there in England, Maggie? That name just doesn't sound real anymore. Right. Maggie, uh my night was wonderful but cold. How was yours?

Oh, I see, Maggie. So I'm glad your night was wonderful. Sounds like you enjoy sleeping the whole night, Maggie. Well, I'm so sorry if it's cold out there, Maggie. Confused. Uh it's winter so the cold is expected. Be in the good weather these days here, Maggie, but sometimes it might also get cold too. Well my night was good and just got up a while ago to be on the game and I got your message and decided to reply you, Maggie.

And I'm so sorry if I do bother you with my message while we play the game, Maggie. Hope you're okay while we're playing and chat, Maggie. I think um there's a bit missing here but it's fine. Um Yeah, I'll I'll just continue. Yeah. If it's winter season, the cold must be expected, but sometimes we deserve it too. Well, so nice we're chatting this beautiful day. However, how's your day been today? And have you had your breakfast yet, Maggie? I I had breakfast hours ago. What have you eaten?

That's really cool and I hope you enjoy your breakfast, Maggie. And are you the one who made it yourself, Maggie, if I may ask, Maggie? Because I guess you must be good by cooking too, and did you have your coffee before having your breakfast, Maggie? Uh, I asked what you had to eat. I haven't eaten yet, but I have made my coffee. I'm about to start having my first cup of coffee while I'm chatting with you, Maggie. Please. And then I was there.

And it's like he's got Tourette's and Maggie is his tick. I just Ha ha ha. Maria, you were out last week, but last week I was talking about a sales guy I used to work with. who used these Jedi mind tricks to influence people. Uh and it was uh the one we talked about last week was when you when you call and leave a voicemail, tell'em you got good news and they'll always call you back.

Right. Uh and then you have to make up some good news. Right. Um, and that one works really well. And I I share Bastardly one. No, I shared that uh I shared the story about me calling my sister to test it out and it did work and when my sister was uh Called me back. She was very disappointed in me. Um You're out of the will. Good news, I'm talking to you. So anyway She's much younger than I am, so uh it I I don't need to be in her will. Uh she needs to be in mine. Uh the Yeah.

The other Jedi mind trick this guy would always put forth is say people's name a lot. Yeah. And when I came in in the morning, Joe, how are you today, Joe? And I'd be like, oh. Yeah. And I'm like, why do you do that? And he I I point blank asked him, because you know me, Dave. When I see something like that, I will just go, why are you like that? Right. Right. He goes, people like hearing their name, Joe. Th it also helps you remember their name, Joe.

Yeah. I have other tricks for remembering people's names, Maria. Yeah. Is that right, Joe? Yes, Dave. Interesting. Damn. Wow. Okay, Maria. That's great. Yeah. I g it you also reminded me of um Pepe the Prawn, okay? Yeah. We're gonna do this, okay? We're gonna do this, Maggie. One of my favorite Muppets. Yeah. Maggie is an excellent liquid you add to your food. It makes it uh tasty.

Right. Maggie. So obviously this person is, as Joe said, trying to repeat someone's name to build rapport. Correct. Maggie. Uh and it's just a a Gobbly goop of poorly translated uh probably AI generated responses. No, because there's a lot of bad grammar in it. That's true. It's probably just copy and pasted from a script. Uh I will tell you, this is like the single worst.

Jedi mind trick that I've ever heard anybody try to say, like in sales. Yeah. Just keep repeating someone's name in every sentence. Yeah. You know, it's funny, I run into folks uh who have clearly been taught that lesson and taken it to heart. Uh every now and then I'll be interviewing someone for the cyber wire, you know, and I'll say, so uh cybersecurity expert.

No, what color is the sky? And they'll say, Well, Dave, I'm really glad that you asked me about that, Dave. Here's what I think, Dave, about the color of the sky, Dave. I'm like I'm buying time while I think of an answer for you. Right. Right. Right. I I yeah, I've I have no problem with people referring to me by my name, but when you can tell that they're doing it just to try to build a false sense of rapport, it's cloying. So irritating. Yeah, sure is Joe. By the way.

It is not one I ever did, not a trick I ever used. I found I found it insulting to try to use. Is that right? That's correct. You guys are now just trying to irritate me and that's okay. Maggie'cause I get the joke. Yeah. All right. Oh that's great, Joe. All right. So I think I may have even had an episode of my old podcast about this trick. There may this may have been mentioned. This was a oh yeah that would have been For you. All right. People should definitely check that out, Joe. Yes. Yeah.

All right. Well again, we would love to hear from you if there's something you'd like us to consider for our catch of the day, please do email us. It's hacking humans at n two K. Most environments trust too much, and attackers know it. ThreatLocker enforces default deny at execution, blocks unknown apps, and limits what trusted apps can do. Stop ransomware at the source. Get your demo at threatlocker.comslash n2k.

And that is Hacking Humans, Joe, brought to you by N2K Cyberwire. We'd love to know what you think of this podcast. Your feedback is yours. We deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review on your favorite podcast app. Please also fill out the survey in the show notes or send an email to Hankinghumans at n2k.com.

This episode is produced by Liz Stokes. Our executive producer is Jennifer Iben. We're mixed by Elliot Peltzman and Trey Hester. Peter Kielpie is our publisher. I'm Dave Bittner. And I'm Joe Kerrigan, Dave. All right. And I'm Maria Vermaz's Maggie. Thanks for listening.