Hacking Humans

CIRT (noun) [Word Notes]

Please enjoy this encore of Word Notes. A team responsible for responding to and managing cybersecurity incidents involving computer systems and networks in order to minimize the damage and to restore normal operations as quickly as possible. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/cirt⁠ [https://thecyberwire.com/glossary/cirt] Audio reference link: Avery, B., 2017. 24 TV May 05 Season4 [WWW Document]. YouTube. URL ⁠https://www.youtube.com/watch?v=Gq_2xPuqI-E&list=PLGHedLavrFoGsea1ZCHBm9-nK5FdM3_Kd&index=10. [https://www.youtube.com/watch?v=Gq_2xPuqI-E]

Mythbehavior under investigation. [OMITB]

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠⁠⁠⁠⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/selenalarson/], ⁠⁠⁠⁠⁠⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.proofpoint.com/] intelligence analyst and host of their podcast ⁠⁠⁠⁠⁠⁠⁠⁠⁠DISCARDED⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.proofpoint.com/us/podcasts/discarded]. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.n2k.com/] ⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/dave-bittner-27231a4/] and ⁠⁠⁠⁠⁠⁠⁠⁠Keith Mularski⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/keith-mularski-b737551/], former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠⁠⁠⁠⁠⁠Qintel⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/company/qintel/]. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode of Mythb…oops, we mean Only Malware in the Building, our hosts take on some cyber myths. Dave busts the idea that small organizations aren’t targets, Selena digs into whether AI is really making attackers smarter, and Keith breaks down why identifying a hacker doesn’t mean law enforcement can just go make an arrest. Three myths, one truth: in cybersecurity, nothing is ever that simple.

A game of loans.

This week, while Maria is on vacation, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/dave-bittner-27231a4/] and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/joecarrigan/] are joined by ⁠Michele Kellerman⁠ [https://www.linkedin.com/in/michele-kellerman-cissp-b2933378/] as they discuss the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow up: a quick shoutout to Blood Cancer United and then we get into a listener “Chicken Chat” from Sue about handling an aggressive rooster. Joe’s got the story of how former Luther Davis allegedly teamed up with a partner to impersonate NFL players using fake companies, documents, and disguises to secure nearly $20 million in fraudulent loans—charges they are now expected to plead guilty to. Michele’s story is on how scammers are targeting families of recently arrested individuals by posing as officials who promise quick releases in exchange for hard-to-trace payments, prompting warnings from law enforcement—including changes like taking jail rosters offline—to cut off these schemes. Joe’s got the story on how Amazon is leaning heavily on AI, continuous monitoring, and global enforcement partnerships to proactively block fraud, counterfeit goods, and scams—often before customers or brands ever spot them. For our Catch of the Day, we have a string of texts from Reddit where a user could have possibly been talking to Sir Paul McCartney, possibly. Resources and links to stories: * Michele's Visionaries of the Year Fundraiser [https://pages.lls.org/voy/ma/ma26/mkellerman] * It's Time to Take on Your Debt [https://www.googleadservices.com/pagead/aclk?sa=L&ai=C6bf4fRnyaY-TO6z9uvQPjM726QKa0rzEhgG38bP_4RX1mODzygEQASC8luEQYMmOiomIpIQQoAHNu4PKA8gBAeACAKgDAcgDCqoEmwNP0ExMjvrVNBZ5g3XNgJNz19Dht32RxghTWMa1U0qCB5A4Pb-jDPqkhnFpxRzGye42vJraffxvyJ_S95p27TR1GzOZ8bWbIj_laQV1yd2wygmrofgOMgT8XjDznSqhXYIHxZUhTApsJBwAVU0gpP3qlqstPS669oCMEOSsdwAlI48FwsopHHdVtchtiq4z5NJroIIWES84Q3nGbms6yglAT1eAfo5WNNZXl1n0qXt3CiJdmMLNND9nEIResDkQ-Unw5itxQ3Zj4cNn3wF257wSnoysQlBaUNAlaGVWF0octIT0yVQXbOGPY09uPqqLtIHEkMZY_h2zAOQ74w6oqHqeEEA-AaOmjWPdUZGWbrwJr3SY5wCRv0RTL-5ITJ1Hx3irDvK8Qe5--QaqhZkmDXLVuE8NUfSasefNQkGCRo9f02lMOnRvIN4MRc2qrfxcGTjtp4toOnpm9u81YklOPuBxdF1r6dxIpcj2OoztAJZdgn4z9NNwWbiwI16vG2X_fRTggM06j56IzBY4pRjtQ8Trfjy65K6atmaoTV7ABNGshKzkBOAEAYgFsseEkE-AB-6e9zWoB6fMsQKoB-LYsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB5jFsQKoB_-esQKoB9-fsQKoB_jCsQKoB_vCsQLYBwHSCDAIgGEQARidATIIioKAgICAgAg6DoBAgMCAgICAqIACqIMQSL39wTpY6NLcq6aTlAOaCURodHRwczovL3d3dy5zb2ZpLmNvbS9wZXJzb25hbC1sb2Fucy9jcmVkaXQtY2FyZC1jb25zb2xpZGF0aW9uLWxvYW5zL7EJynNn_qfcYqyACgPICwHgCwGiDAOQAQGqDQJVU8gNAeINEwihzt2rppOUAxWsvo4IHQynPS3qDRMIp-Dgq6aTlAMVrL6OCB0Mpz0tiA7___________8BsA71m7GaGNgTDNAVAZgWAcoWAgoA-BYBgBcBshcQGAEqCjY3MzE4NDAyNTBQBroXAjgBqhgXCQAAAIC2jFNBEgo2NzMxODQwMjUwGAGyGAkSAvFOGAEiAQDQGAHoGAHCGQIIAQ&gclid=EAIaIQobChMIz8Xpq6aTlAMVrL6OCB0Mpz0tEAEYASAAEgIrp_D_BwE&num=1&cid=CAQS0QEABaugfXrCoZTIJ27xuRG9wj8LBJAtEu2k_UAa1Ic-mHlEvzsbgkg7TBejlRJki5ZQSADOtS9IuvKEy_3W3NrypZpMt9CueHv_3b-hBxDJ5CunQddUv53JYsOVMQgpMvkSlwWtJz7GURPunazhORYKe3wZX1PCnKqNeqdzVd87gBXNCybTeOGvTrER0B93AMrluKDJ0-WhaStDk4w4t8PXZpf3OnKroq1bdU3GJYgTvLGJyBnymkm7dMAAB03q4ZcaGRyChIt86-Fbqupb8YI8TBgB&sig=AOD64_3mtvJpB3XOeXWLNBY6XFkH_HYtuQ&client=ca-pub-2012933198307164&rf=4&nb=0&adurl=https://ad.doubleclick.net/searchads/link/click%3Flid%3D58700008707912438%26ds_a_cid%3D111526742%26ds_a_caid%3D21240029446%26ds_a_agid%3D%26ds_a_fiid%3D%26ds_a_lid%3D%26ds_a_extid%3D%26%26ds_e_adid%3D%26ds_e_matchtype%3D%26ds_e_device%3Dc%26ds_e_network%3Dx%26%26ds_url_v%3D2%26ds_dest_url%3Dhttps://www.sofi.com/atr/p/v1/c%3Fcid%3Dadd3759b-cb9e-4304-bdb5-d3295e380fee%26ds_eid%3D4675362581%26ds_cid%3D21240029446%26ds_agid%3D%26ds_kid%3D%26ovrd_url%3Dhttps://www.sofi.com/personal-loans/credit-card-consolidation-loans/%253Fcampaign%253DMRKT_SEM_LND_PL_NONBRA_ACQ_BRD_ALL_tCPA_E300_20240501_PMAX_PSE_GOG_NONE_US_EN_SFao6h3ybhlm92xrywuejc__x_c__%2526utm_source%253DMRKT_ADWORDS%2526utm_medium%253DSEM%2526utm_campaign%253DMRKT_SEM_LND_PL_NONBRA_ACQ_BRD_ALL_tCPA_E300_20240501_PMAX_PSE_GOG_NONE_US_EN_SFao6h3ybhlm92xrywuejc__x_c__%2526cl_vend%253Dgoogle%2526cl_ch%253D%2526cl_camp%253D21240029446%2526cl_adg%253D%2526cl_crtv%253D%2526cl_kw%253D%2526cl_pub%253D%2526cl_place%253D%2526cl_dvt%253Dc%2526cl_pos%253D%2526cl_mt%253D%2526cl_gtid%253D%2526opti_ca%253D21240029446%2526opti_ag%253D%2526opti_ad%253D%2526opti_key%253D%2526gclid%253D%257Bgclid%257D%2526gclsrc%253Daw.ds%2526gad_source%253D5%2526gad_campaignid%253D21240030130] * Franklin County Sheriff's Office warns of scam targeting family of recently arrested, incarcerated people [https://spectrumnews1.com/oh/columbus/news/2026/04/20/franklin-county-sheriff-s-warns-of-scam-targeting-family-of-recently-arrested--incarcerated-people] * Cass County sheriff takes jail roster offline to cut off scammers targeting inmate families [https://www.wowt.com/2026/02/25/cass-county-sheriff-takes-jail-roster-offline-cut-off-scammers-targeting-inmate-families/] * Trustworthy Shopping Experience Report [https://trustworthyshopping.aboutamazon.com/2025-trustworthy-shopping-experience-report] * Paul McCartney pt 1 [https://www.reddit.com/r/scambait/comments/1spw7ey/paul_mccartney_pt_1/?solution=ce61edfa48f25984ce61edfa48f25984&js_challenge=1&token=bbbe4bf1c9a2b5160829c4be34da5861495beb9d82bccd7af58c7b390705d4ba&jsc_orig_r=] ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.ghanaweb.com/GhanaHomePage/business/Inside-the-alleged-2-5-million-Dubai-Crown-Prince-romance-scam-2020297]Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://therecord.media/fin6-recruitment-scam-malware-campaign]⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [hackinghumans@n2k.com].

PUP (noun) [Word Notes]

Please enjoy this encore of Word Notes. A software program installed unintentionally by a user that typically performs tasks not asked for by the installer.  CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/potentially-unwanted-program⁠ [https://thecyberwire.com/glossary/potentially-unwanted-program] Audio reference link: Butler, S., 2022. Potentially Unwanted Programs (PUPS) EXPLAINED [Video]. YouTube. URL ⁠https://www.youtube.com/watch?v=5L429Iahbww⁠ [https://www.youtube.com/watch?v=5L429Iahbww] (accessed 1.6.23).

SLAM, scam, thank you ma’am.

This week, while Maria is on vacation, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/dave-bittner-27231a4/] and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/joecarrigan/] are joined by Michele Kellerman [https://www.linkedin.com/in/michele-kellerman-cissp-b2933378/] as they discuss the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Dave brings us a lively follow-up from his recent theater outing the conversation circles back to chicken talk. Michele also highlights the work of Blood Cancer United [https://pages.lls.org/voy/ma/ma26/mkellerman] sharing insight into their mission and impact. Dave’s story is on the SLAM method, a simple phishing-defense framework that teaches users to evaluate suspicious emails by checking the sender, links, attachments, and message for common signs of deception and social engineering. Michele’s got the story on a potential turning point in online scams, where rising pressure—from revelations that Meta Platforms has profited from fraudulent ads, to banks and regulators like Jerome Powell and Scott Bessent warning about systemic risks—suggests liability may soon expand beyond banks to include social media, telecoms, and other upstream players. Joe’s story is on two cousins, Shray Goel and Shaunik Raheja, who pleaded guilty in a nationwide $8.5 million scheme using fake listings, double bookings, and last-minute cancellations across platforms like Airbnb and Vrbo to maximize profits while deceiving thousands of travelers. On our catch of the day, A Reddit user shares a message they got from a scammer posing as their child. Resources and links to stories: * SLAM Method for a Comprehensive Phishing Prevention Guide [https://www.picussecurity.com/resource/blog/slam-method-for-a-comprehensive-phishing-prevention-guide] * Meta tolerates rampant ad fraud from China to safeguard billions in revenue [https://www.reuters.com/investigations/meta-tolerates-rampant-ad-fraud-china-safeguard-billions-revenue-2025-12-15/] * Banks cannot save the UK financial system from fraud alone [https://www.thebanker.com/content/b19eacbc-2e24-4627-b9eb-986627e03bec] * Bessent, Powell warned bank CEOs about Anthropic model risks, sources say [https://www.reuters.com/business/finance/bessent-powell-warn-bank-ceos-about-anthropic-model-risks-bloomberg-news-reports-2026-04-10/] ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.ghanaweb.com/GhanaHomePage/business/Inside-the-alleged-2-5-million-Dubai-Crown-Prince-romance-scam-2020297]Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://therecord.media/fin6-recruitment-scam-malware-campaign]⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [hackinghumans@n2k.com].