Hacking Humans

Certification (noun) [Word Notes]

Please enjoy this encore of Word Notes. A credential demonstrating an individual's knowledge in the field of cybersecurity, usually obtained by passing an exam or series of exams.  CyberWire Glossary link: https://thecyberwire.com/glossary/certification Audio reference link: Bombal, D., 2022. Are certifications important in Cybersecurity? [Video]. YouTube. URL ⁠www.youtube.com/watch?v=Zdgf_Wr82rs⁠ [https://www.youtube.com/watch?v=Zdgf_Wr82rs].

Fraud goes door-to-door.

This week, hosts of N2K CyberWire ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/varmazis/] and⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/dave-bittner-27231a4/] ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/dave-bittner-27231a4/] alongside ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/joecarrigan/] are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up on an editorial examining whether AI could signal the beginning of the end for traditional social engineering, as attackers increasingly target AI systems instead of people. Dave's got the story on an FBI warning that crypto scammers are using cash couriers to collect money from victims and bypass banking safeguards. Maria's got the story on AI-powered impersonators posing as members of the rock band Sons of Legion to scam fans through fake relationships and fraudulent requests for money. Joe's got two stories: one on HSBC Australia facing a proposed $246 million penalty over alleged scam protection failures, and another on two Michigan gold scam busts that prevented victims from losing hundreds of thousands of dollars. Our catch of the day is a reflection on a past interaction where the author initially held out hope someone might reappear, but ultimately accepts they’re gone and shares the story in hindsight, including their own strongly emotional reaction at the time. Resources and links to stories: * The Beginning of the End of Social Engineering [https://www.darkreading.com/cyberattacks-data-breaches/beginning-end-social-engineering] * FBI Warns Courier Cash Pickups Are Driving Crypto Scams [https://www.infosecurity-magazine.com/news/fbi-warns-courier-cash-pickups/] * A Rock Band Went Viral. Then AI Scammers Moved In [https://time.com/article/2026/06/17/ai-scam-music-sons-legion/] * HSBC's Australia unit to pay $24.6 million fine over scam protection failures, court rules [https://www.reuters.com/business/finance/hsbcs-australia-unit-faces-246-million-penalty-over-scam-protection-failures-2026-06-18/] * A Couple Was Told To Turn $250,000 Into Gold. Police Stopped The Courier Scam [https://www.yahoo.com/news/us/articles/couple-told-turn-250-000-172354384.html?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAACoO7q4vRhd33ftG3Ak2pN42Aw23uyziwT35V0ggRRHVx1EEkH46nZkEOoHn8vaeSYg_8jknuCkpTYYilp5WPyGjngMUZAO_VtrltdU4LNsMCULF_RUqpv98tSe5S0GDER8kHHa_1Rmpyjh9fRrbJSPr9Kr5IIxrlLLzbAYFn6Gv] * Video: Deputies nab suspect in attempted $700,000 gold coin scam [https://www.woodtv.com/news/kent-county/video-deputies-nab-suspect-in-attempted-700000-gold-coin-scam/] * Eric - failed bait because I'm such a b**ch - part 1 [https://www.reddit.com/r/scambait/comments/1u41hjl/eric_failed_bait_because_im_such_a_bitch_part_1/] ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.ghanaweb.com/GhanaHomePage/business/Inside-the-alleged-2-5-million-Dubai-Crown-Prince-romance-scam-2020297]Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://therecord.media/fin6-recruitment-scam-malware-campaign]⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [hackinghumans@n2k.com].

Network slicing (noun) [Word Notes]

Please enjoy this encore of Word Notes. A technique used to create virtual networks within a shared physical network infrastructure. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/network-slicing⁠ [https://thecyberwire.com/glossary/network-slicing] Audio reference link: Whitehead, D.N., 2021. 5G Smart Networks Part 1: Network Slicing [Video]. YouTube. URL ⁠www.youtube.com/watch?v=dCt3rYODZ7g⁠ [https://www.youtube.com/watch?v=dCt3rYODZ7g].

Never gonna give you up, never gonna take this call.

This week, hosts of N2K CyberWire ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/varmazis/] and⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/dave-bittner-27231a4/] ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/dave-bittner-27231a4/] alongside ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.linkedin.com/in/joecarrigan/] are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. This week, we have follow up on a listener-submitted trick for diverting unwanted calls to a different number, including the famous Rickroll hotline, along with a discussion about whether Joe should launch a podcast dedicated entirely to the trials and tribulations of raising backyard chickens. Maria has the story of a journalist who infiltrated a sophisticated North Korean hiring scam that uses fake job interviews, real freelance recruiters, and malware-laced coding tests to steal passwords and cryptocurrency. Dave’s got a viral gas station scam warning involving screws placed in fuel pumps, and why investigators found no evidence that the alleged scheme is actually happening. Joe’s first story is on a new Maryland law that gives banks and credit unions the authority to temporarily pause suspicious transactions in an effort to better protect customers from fraud and financial exploitation. On this week's Catch of the Day, a scammer serves up a blood-curdling tale involving "Dr. Prince Andrew" and a very questionable beverage choice. Resources and links to stories: * I Made The World's First Self-Cooling Clothes [https://www.youtube.com/watch?v=FnKNOPlR2Yo] * Cools Surfaces Up To 15°F Below The Air Temperature [https://cryox.co/] * I got inside a North Korean hiring scam. What I found reveals a troubling shift in tactics [https://indicator.media/p/i-got-inside-a-north-korean-hiring-scam-what-i-found-reveals-a-troubling-shift-in-tactics] * Gas pump 'screw method' scam warning is a hoax [https://www.snopes.com/fact-check/gas-pump-screw-scam/] * Maryland law gives banks and credit unions power to pause suspicious transactions [https://www.wmar2news.com/matterformallory/maryland-law-gives-banks-and-credit-unions-power-to-pause-suspicious-transactions#google_vignette] * Longevity Ready Maryland, Fraud Protections, Support for Caregivers Among Wins for Older Marylanders [https://www.aarp.org/states/maryland/aarp-maryland-2026-legislative-priorities/#:~:text=Protecting%20Vulnerable%20Adults] * Dr. Prince Andrew admits to drinking blood "occasionally" [https://www.reddit.com/r/scambait/comments/1th0ob5/dr_prince_andrew_admits_to_drinking_blood/] ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://www.ghanaweb.com/GhanaHomePage/business/Inside-the-alleged-2-5-million-Dubai-Crown-Prince-romance-scam-2020297]Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://therecord.media/fin6-recruitment-scam-malware-campaign]⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [hackinghumans@n2k.com].

Device trust (noun) [Word Notes]

The process of verifying that a device is known, secure, and uncompromised before allowing it to connect to a network or access resources. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/device-trust⁠ [https://thecyberwire.com/glossary/device-trust] Audio reference link: “Favorite Scene of Alan Rickman from Die Hard.” YouTube, YouTube, 14 Jan. 2016, ⁠https://www.youtube.com/watch?v=mklnXM3LIXo.⁠ [https://www.youtube.com/watch?v=mklnXM3LIXo]