Hacking Humans

Defending against unlimited penalty shots. [Hacking Humans Live!]

This week, hosts of N2K CyberWire ⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/varmazis/] and⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/dave-bittner-27231a4/] ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/dave-bittner-27231a4/] head to Orlando to attend ThreatLocker [https://www.threatlocker.com/]'s Zero Trust World 2026 [https://ztw.com/] (ZTW). There, they discussed the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe Carrigan was unable to join the team, but they have a very special guest, host of the BowTieSecurityGuy After Dark [https://bowtiesecurityguyafterdark.podbean.com/] podcast, Rob Whetstine [https://www.linkedin.com/in/bowtiesecurityguy/]. He is one of the featured speakers this week at Zero Trust World, and he shared experiences from his career at companies like Disney and highlights from his ZTW presentation on Phishing.  Maria's story involves a Maine Supreme Court hearing on a case involving a financial advisory firm that was mislead by a client. Dave highlights a malvertising campaign by a threat actor researchers call D-Shortiez. In our Catch of the Day, comes from the Scambait Subreddit where Mavis offers up large sums of money for a $50 Visa Debit card. We thank Rob for joining us as our special guest. Resources and links to stories: * Maine Law Court hears oral arguments in $1.3M elder scam case [https://www.pressherald.com/2026/03/03/maine-law-court-hears-oral-arguments-in-1-3m-elder-scam-case/]. * Disrupting 59M Malicious Impressions: Inside D-Shortiez Testing Infrastructure and Campaign Management [https://blog.confiant.com/p/disrupting-59m-malicious-impressions]. * Rob Whetstine's ⁠BowTieSecurityGuy After Dark⁠ [https://bowtiesecurityguyafterdark.podbean.com/] podcast. ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.ghanaweb.com/GhanaHomePage/business/Inside-the-alleged-2-5-million-Dubai-Crown-Prince-romance-scam-2020297]Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://therecord.media/fin6-recruitment-scam-malware-campaign]⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [hackinghumans@n2k.com].

Pretexting (noun) [Word Notes]

Please enjoy this encore of Word Notes. A social engineering technique in which a threat actor poses as a trusted person or entity in order to trick the victim into disclosing information or performing an action that benefits the attacker. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/pretexting⁠ [https://thecyberwire.com/glossary/pretexting] Audio reference link: “⁠Batch Pin Hurt Charlize Theron Skin | the Italian Job (2003) Movie Scene.⁠ [https://www.youtube.com/watch?v=Wz6UEWQ9vdI]” YouTube, YouTube, 22 Nov. 2016.

Identity theft gets a raise.

This week, hosts of N2K CyberWire ⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/varmazis/] and⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/dave-bittner-27231a4/] ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/dave-bittner-27231a4/] alongside ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/joecarrigan/] are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. For our follow up this week we get an update Merriam-Webster dictionary for Joe, and listener Michael Amezquita suggested that customizable ChatGPT personality settings may explain why Joe and Dave received different responses on Hacking Humans. Dave shares reporting on a Binary Defense case where attackers used social engineering and a help desk reset to hijack a physician’s identity and reroute payroll deposits through a trusted internal system without triggering security alerts. Maria highlights a surge in AI-powered publishing scams targeting authors, where fraudsters use flattery and impersonate legitimate organizations to charge bogus marketing and promotion fees. Joe covers multi-state raids tied to a massive gold bar scam that stole tens of millions from seniors, with stolen gold allegedly melted down through cooperating jewelry stores. In our Catch of the Day, a Reddit scambaiter shared a bizarre ongoing conversation with someone claiming to be “Keanu Reeves from Brokeback Mountain” who reached out to non‑fans in Norway. Resources and links to stories: * Payroll pirates are conning help desks to steal workers' identities and redirect paychecks [https://www.theregister.com/2026/02/11/payroll_pirates_business_social_engineering/] * What is it like to attend a predatory conference? [https://www.nature.com/articles/d41586-024-02358-w] * Hungry for Affirmation, Vulnerable to Scams: As a Writer, I Know the Feeling [https://www.nytimes.com/2026/02/25/books/review/publishing-scams.html] * Third North Texas jewelry store raided over alleged connections to $74 million gold scam targeting seniors [https://www.cbsnews.com/texas/news/gold-bar-scam-raid-richardson-jewelry-store/#] * Federal and state authorities raid jewelry stores in multi-state $50 million gold bar scam [https://www.cbsnews.com/atlanta/news/federal-and-state-authorities-raid-jewelry-stores-in-multi-state-50-million-gold-bar-scam/] * Jewelry store raids in Irving, Frisco linked to $55 million gold scam targeting seniors, officials say [https://www.cbsnews.com/texas/news/jewelry-store-raids-in-irving-frisco-linked-to-55-million-gold-scam-targeting-seniors/] * Keanu Reeves from Brokeback Mountain reaches out to non-fans in Norway! - Part 1 [https://www.reddit.com/r/scambait/comments/1rf7r9w/keanu_reeves_from_brokeback_mountain_reaches_out/] ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.ghanaweb.com/GhanaHomePage/business/Inside-the-alleged-2-5-million-Dubai-Crown-Prince-romance-scam-2020297]Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://therecord.media/fin6-recruitment-scam-malware-campaign]⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [hackinghumans@n2k.com].

Web Application Firewall (noun) [Word Notes]

Please enjoy this encore of Word Notes. A layer seven firewall designed to block threats at the application layer of the open system interconnection model, the OSI model.  CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/web-application-firewall⁠ [https://thecyberwire.com/glossary/web-application-firewall] Audio reference link: “VCF East 9.1 - Ches' Computer Security Adventures - Bill Cheswick.” YouTube, 29 Dec. 2015, ⁠https://youtu.be/trR1cuBtcPs⁠ [https://www.youtube.com/watch?v=trR1cuBtcPs].

AI ate my homework.

This week, hosts of N2K CyberWire ⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/varmazis/] and⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/dave-bittner-27231a4/] ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/dave-bittner-27231a4/] alongside ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/joecarrigan/] are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Maria’s story covers a BBC experiment by Thomas Germain showing how easily major AI tools like ChatGPT and Google’s Gemini repeated a completely fabricated claim he posted online, highlighting what experts call a “renaissance for spam” as SEO-style manipulation resurfaces in the age of AI. Dave’s story examines Elizabeth Chamblee Burch’s book The Pain Brokers, which details how women with pelvic mesh implants were allegedly cold-called and steered into surgeries as part of a $40 million mass-tort recruitment scheme fueled by litigation finance and regulatory gaps. Joe’s story reports on an alleged decade-long ticket fraud ring at the Louvre in Paris, where tour guides and museum employees are accused of reusing tickets and bribery, costing more than €10 million before French authorities made multiple arrests. Our catch of the day comes from Reddit, where a user tested the limits of a land developer. Resources and links to stories: * ⁠ [https://www.technadu.com/apple-pay-users-targeted-by-sophisticated-phishing-scam-leveraging-voice-and-email/619646/]I hacked ChatGPT and Google's AI - and it only took 20 minutes [https://www.bbc.com/future/article/20260218-i-hacked-chatgpt-and-googles-ai-and-it-only-took-20-minutes] * A Terrifying Scam and the System That Made It Possible [https://www.newyorker.com/books/under-review/a-terrifying-scam-and-the-system-that-made-it-possible] * The Pain Brokers: How Con Men, Call Centers, and Rogue Doctors Fuel America's Lawsuit Factory  [https://www.amazon.com/Pain-Brokers-Centers-Doctors-Americas/dp/1668068869] * Louvre tour guides accused of orchestrating $16m ticket fraud ring over a decade [https://www.abc.net.au/news/2026-02-17/how-louvre-ticket-guides-ran-alleged-ticket-fraud-ring/106353046] * T&T&T Land&Sea [https://www.reddit.com/r/scambait/comments/1r8ie6x/ttt_landsea/] ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.ghanaweb.com/GhanaHomePage/business/Inside-the-alleged-2-5-million-Dubai-Crown-Prince-romance-scam-2020297]Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://therecord.media/fin6-recruitment-scam-malware-campaign]⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [hackinghumans@n2k.com].