Hacking Humans

A game of loans.

This week, while Maria is on vacation, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/dave-bittner-27231a4/] and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/joecarrigan/] are joined by ⁠Michele Kellerman⁠ [https://www.linkedin.com/in/michele-kellerman-cissp-b2933378/] as they discuss the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow up: a quick shoutout to Blood Cancer United and then we get into a listener “Chicken Chat” from Sue about handling an aggressive rooster. Joe’s got the story of how former Luther Davis allegedly teamed up with a partner to impersonate NFL players using fake companies, documents, and disguises to secure nearly $20 million in fraudulent loans—charges they are now expected to plead guilty to. Michele’s story is on how scammers are targeting families of recently arrested individuals by posing as officials who promise quick releases in exchange for hard-to-trace payments, prompting warnings from law enforcement—including changes like taking jail rosters offline—to cut off these schemes. Joe’s got the story on how Amazon is leaning heavily on AI, continuous monitoring, and global enforcement partnerships to proactively block fraud, counterfeit goods, and scams—often before customers or brands ever spot them. For our Catch of the Day, we have a string of texts from Reddit where a user could have possibly been talking to Sir Paul McCartney, possibly. Resources and links to stories: * Michele's Visionaries of the Year Fundraiser [https://pages.lls.org/voy/ma/ma26/mkellerman] * It's Time to Take on Your Debt [https://www.googleadservices.com/pagead/aclk?sa=L&ai=C6bf4fRnyaY-TO6z9uvQPjM726QKa0rzEhgG38bP_4RX1mODzygEQASC8luEQYMmOiomIpIQQoAHNu4PKA8gBAeACAKgDAcgDCqoEmwNP0ExMjvrVNBZ5g3XNgJNz19Dht32RxghTWMa1U0qCB5A4Pb-jDPqkhnFpxRzGye42vJraffxvyJ_S95p27TR1GzOZ8bWbIj_laQV1yd2wygmrofgOMgT8XjDznSqhXYIHxZUhTApsJBwAVU0gpP3qlqstPS669oCMEOSsdwAlI48FwsopHHdVtchtiq4z5NJroIIWES84Q3nGbms6yglAT1eAfo5WNNZXl1n0qXt3CiJdmMLNND9nEIResDkQ-Unw5itxQ3Zj4cNn3wF257wSnoysQlBaUNAlaGVWF0octIT0yVQXbOGPY09uPqqLtIHEkMZY_h2zAOQ74w6oqHqeEEA-AaOmjWPdUZGWbrwJr3SY5wCRv0RTL-5ITJ1Hx3irDvK8Qe5--QaqhZkmDXLVuE8NUfSasefNQkGCRo9f02lMOnRvIN4MRc2qrfxcGTjtp4toOnpm9u81YklOPuBxdF1r6dxIpcj2OoztAJZdgn4z9NNwWbiwI16vG2X_fRTggM06j56IzBY4pRjtQ8Trfjy65K6atmaoTV7ABNGshKzkBOAEAYgFsseEkE-AB-6e9zWoB6fMsQKoB-LYsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB5jFsQKoB_-esQKoB9-fsQKoB_jCsQKoB_vCsQLYBwHSCDAIgGEQARidATIIioKAgICAgAg6DoBAgMCAgICAqIACqIMQSL39wTpY6NLcq6aTlAOaCURodHRwczovL3d3dy5zb2ZpLmNvbS9wZXJzb25hbC1sb2Fucy9jcmVkaXQtY2FyZC1jb25zb2xpZGF0aW9uLWxvYW5zL7EJynNn_qfcYqyACgPICwHgCwGiDAOQAQGqDQJVU8gNAeINEwihzt2rppOUAxWsvo4IHQynPS3qDRMIp-Dgq6aTlAMVrL6OCB0Mpz0tiA7___________8BsA71m7GaGNgTDNAVAZgWAcoWAgoA-BYBgBcBshcQGAEqCjY3MzE4NDAyNTBQBroXAjgBqhgXCQAAAIC2jFNBEgo2NzMxODQwMjUwGAGyGAkSAvFOGAEiAQDQGAHoGAHCGQIIAQ&gclid=EAIaIQobChMIz8Xpq6aTlAMVrL6OCB0Mpz0tEAEYASAAEgIrp_D_BwE&num=1&cid=CAQS0QEABaugfXrCoZTIJ27xuRG9wj8LBJAtEu2k_UAa1Ic-mHlEvzsbgkg7TBejlRJki5ZQSADOtS9IuvKEy_3W3NrypZpMt9CueHv_3b-hBxDJ5CunQddUv53JYsOVMQgpMvkSlwWtJz7GURPunazhORYKe3wZX1PCnKqNeqdzVd87gBXNCybTeOGvTrER0B93AMrluKDJ0-WhaStDk4w4t8PXZpf3OnKroq1bdU3GJYgTvLGJyBnymkm7dMAAB03q4ZcaGRyChIt86-Fbqupb8YI8TBgB&sig=AOD64_3mtvJpB3XOeXWLNBY6XFkH_HYtuQ&client=ca-pub-2012933198307164&rf=4&nb=0&adurl=https://ad.doubleclick.net/searchads/link/click%3Flid%3D58700008707912438%26ds_a_cid%3D111526742%26ds_a_caid%3D21240029446%26ds_a_agid%3D%26ds_a_fiid%3D%26ds_a_lid%3D%26ds_a_extid%3D%26%26ds_e_adid%3D%26ds_e_matchtype%3D%26ds_e_device%3Dc%26ds_e_network%3Dx%26%26ds_url_v%3D2%26ds_dest_url%3Dhttps://www.sofi.com/atr/p/v1/c%3Fcid%3Dadd3759b-cb9e-4304-bdb5-d3295e380fee%26ds_eid%3D4675362581%26ds_cid%3D21240029446%26ds_agid%3D%26ds_kid%3D%26ovrd_url%3Dhttps://www.sofi.com/personal-loans/credit-card-consolidation-loans/%253Fcampaign%253DMRKT_SEM_LND_PL_NONBRA_ACQ_BRD_ALL_tCPA_E300_20240501_PMAX_PSE_GOG_NONE_US_EN_SFao6h3ybhlm92xrywuejc__x_c__%2526utm_source%253DMRKT_ADWORDS%2526utm_medium%253DSEM%2526utm_campaign%253DMRKT_SEM_LND_PL_NONBRA_ACQ_BRD_ALL_tCPA_E300_20240501_PMAX_PSE_GOG_NONE_US_EN_SFao6h3ybhlm92xrywuejc__x_c__%2526cl_vend%253Dgoogle%2526cl_ch%253D%2526cl_camp%253D21240029446%2526cl_adg%253D%2526cl_crtv%253D%2526cl_kw%253D%2526cl_pub%253D%2526cl_place%253D%2526cl_dvt%253Dc%2526cl_pos%253D%2526cl_mt%253D%2526cl_gtid%253D%2526opti_ca%253D21240029446%2526opti_ag%253D%2526opti_ad%253D%2526opti_key%253D%2526gclid%253D%257Bgclid%257D%2526gclsrc%253Daw.ds%2526gad_source%253D5%2526gad_campaignid%253D21240030130] * Franklin County Sheriff's Office warns of scam targeting family of recently arrested, incarcerated people [https://spectrumnews1.com/oh/columbus/news/2026/04/20/franklin-county-sheriff-s-warns-of-scam-targeting-family-of-recently-arrested--incarcerated-people] * Cass County sheriff takes jail roster offline to cut off scammers targeting inmate families [https://www.wowt.com/2026/02/25/cass-county-sheriff-takes-jail-roster-offline-cut-off-scammers-targeting-inmate-families/] * Trustworthy Shopping Experience Report [https://trustworthyshopping.aboutamazon.com/2025-trustworthy-shopping-experience-report] * Paul McCartney pt 1 [https://www.reddit.com/r/scambait/comments/1spw7ey/paul_mccartney_pt_1/?solution=ce61edfa48f25984ce61edfa48f25984&js_challenge=1&token=bbbe4bf1c9a2b5160829c4be34da5861495beb9d82bccd7af58c7b390705d4ba&jsc_orig_r=] ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.ghanaweb.com/GhanaHomePage/business/Inside-the-alleged-2-5-million-Dubai-Crown-Prince-romance-scam-2020297]Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://therecord.media/fin6-recruitment-scam-malware-campaign]⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [hackinghumans@n2k.com].

PUP (noun) [Word Notes]

Please enjoy this encore of Word Notes. A software program installed unintentionally by a user that typically performs tasks not asked for by the installer.  CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/potentially-unwanted-program⁠ [https://thecyberwire.com/glossary/potentially-unwanted-program] Audio reference link: Butler, S., 2022. Potentially Unwanted Programs (PUPS) EXPLAINED [Video]. YouTube. URL ⁠https://www.youtube.com/watch?v=5L429Iahbww⁠ [https://www.youtube.com/watch?v=5L429Iahbww] (accessed 1.6.23).

SLAM, scam, thank you ma’am.

This week, while Maria is on vacation, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/dave-bittner-27231a4/] and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/joecarrigan/] are joined by Michele Kellerman [https://www.linkedin.com/in/michele-kellerman-cissp-b2933378/] as they discuss the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Dave brings us a lively follow-up from his recent theater outing the conversation circles back to chicken talk. Michele also highlights the work of Blood Cancer United [https://pages.lls.org/voy/ma/ma26/mkellerman] sharing insight into their mission and impact. Dave’s story is on the SLAM method, a simple phishing-defense framework that teaches users to evaluate suspicious emails by checking the sender, links, attachments, and message for common signs of deception and social engineering. Michele’s got the story on a potential turning point in online scams, where rising pressure—from revelations that Meta Platforms has profited from fraudulent ads, to banks and regulators like Jerome Powell and Scott Bessent warning about systemic risks—suggests liability may soon expand beyond banks to include social media, telecoms, and other upstream players. Joe’s story is on two cousins, Shray Goel and Shaunik Raheja, who pleaded guilty in a nationwide $8.5 million scheme using fake listings, double bookings, and last-minute cancellations across platforms like Airbnb and Vrbo to maximize profits while deceiving thousands of travelers. On our catch of the day, A Reddit user shares a message they got from a scammer posing as their child. Resources and links to stories: * SLAM Method for a Comprehensive Phishing Prevention Guide [https://www.picussecurity.com/resource/blog/slam-method-for-a-comprehensive-phishing-prevention-guide] * Meta tolerates rampant ad fraud from China to safeguard billions in revenue [https://www.reuters.com/investigations/meta-tolerates-rampant-ad-fraud-china-safeguard-billions-revenue-2025-12-15/] * Banks cannot save the UK financial system from fraud alone [https://www.thebanker.com/content/b19eacbc-2e24-4627-b9eb-986627e03bec] * Bessent, Powell warned bank CEOs about Anthropic model risks, sources say [https://www.reuters.com/business/finance/bessent-powell-warn-bank-ceos-about-anthropic-model-risks-bloomberg-news-reports-2026-04-10/] ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.ghanaweb.com/GhanaHomePage/business/Inside-the-alleged-2-5-million-Dubai-Crown-Prince-romance-scam-2020297]Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://therecord.media/fin6-recruitment-scam-malware-campaign]⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [hackinghumans@n2k.com].

Ransomware (noun) [Word Notes]

Malware that disables a system in exchange for a ransom, usually by encrypting the system's data until the user pays for the decryption key. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/ransomware⁠ [https://thecyberwire.com/glossary/ransomware] Audio reference link: ⁠https://watch.amazon.com/detail?gti=amzn1.dv.gti.d6a9f744-47b0-ac70-aa56-b31fd0f58482&territory=US&ref_=share_ios_season&r=web [https://watch.amazon.com/detail?gti=amzn1.dv.gti.d6a9f744-47b0-ac70-aa56-b31fd0f58482&territory=US&ref_=share_ios_season&r=web]

Who is winning the scam game?

This week, hosts of N2K CyberWire ⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/varmazis/] and⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/dave-bittner-27231a4/] ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/dave-bittner-27231a4/] alongside ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/joecarrigan/] are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. If you thought you could escape chicken talk, you we're wrong, this week Joe shares some more updates on his chickens. Joe’s got two stories this week, one on a New Jersey man arrested while attempting to collect $800,000 in gold as part of a widespread scam targeting elderly victims, and the second is on a new Google-tracked threat group using social engineering and phishing tactics to infiltrate BPOs and steal corporate data for extortion. Maria’s story is on a conversation she had with Sean Colicchio [https://www.linkedin.com/in/seanslinked/], highlighting how trusting human instincts, slowing down, and balancing security training can help individuals and organizations better defend against social engineering attacks. Dave’s got the story on a surge in traffic violation scams now using QR codes in phishing texts to trick victims, alongside ten hard-stop rules emphasizing verification, avoiding links or inbound requests, and slowing down to prevent falling for increasingly sophisticated scams. Our Catch of the Day comes from Reddit, where a user questioned a supposed “Google Play Console partnership” email, and the community quickly flagged it as a likely scam—citing red flags. Resources and links to stories: * ⁠⁠⁠⁠Indian in New Jersey on work visa arrested in gold scam, nabbed when he was going to collect $800,000 in gold [https://timesofindia.indiatimes.com/world/us/indian-in-new-jersey-on-work-visa-arrested-in-gold-scam-nabbed-when-he-was-going-to-collect-800000-in-gold/articleshow/130143807.cms] * Google Warns of New Threat Group Targeting BPOs and Helpdesks [https://www.infosecurity-magazine.com/news/google-warns-group-targeting-bpos/] * Traffic violation scams switch to QR codes in new phishing texts [https://www.bleepingcomputer.com/news/security/traffic-violation-scams-switch-to-qr-codes-in-new-phishing-texts/] * [Nepal] Is this “Google Play Console partnership” email a scam? [https://www.reddit.com/r/Scams/comments/1sggme7/nepal_is_this_google_play_console_partnership/] ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.ghanaweb.com/GhanaHomePage/business/Inside-the-alleged-2-5-million-Dubai-Crown-Prince-romance-scam-2020297]Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://therecord.media/fin6-recruitment-scam-malware-campaign]⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [hackinghumans@n2k.com].