Podcast Summary: Hacking Humans Episode: Back to the Office, Back to the Threats
Host/Author: N2K Networks
Release Date: January 23, 2025

Introduction

In the episode titled "Back to the Office, Back to the Threats," hosts Dave Buettner, Joe Kerrigan, and Maria Varmazes delve into the evolving landscape of social engineering and cyber threats in the context of the workforce returning to physical offices. Released on January 23, 2025, this episode from N2K Networks' "Hacking Humans" podcast provides insightful discussions on the challenges and security vulnerabilities that accompany the shift from remote to in-office work environments.

Segment 1: The Return to Office and Security Implications

Timestamp: [01:18]

The episode opens with Dave elaborating on the recent trends in companies mandating a return to the office after extended periods of remote work. He references a Boston Globe article shared by Bishop Fox, highlighting that many employees are struggling to adapt to in-office protocols not just socially but also in terms of security practices. Dave emphasizes the importance of revisiting security awareness training to address both digital and physical security measures.

Key Points:

• Red Teaming and Penetration Testing: Dave explains red teaming as a more comprehensive form of pen testing that includes attempts to breach both digital and physical security.
• Employee Readiness: He questions whether employees remember their security training, such as identifying phishing attempts and adhering to badging etiquette.
• Management Buy-In: Dave stresses the difficulty security teams face in securing management support for robust security practices.

Notable Quote:

"Do you remember things like badging etiquette, things like that?" – Dave Buettner [01:30]

Segment 2: Personal Experiences with Security Challenges

Timestamp: [04:05]

Maria shares her experience working at Accuvant (now part of Optiv) where physical penetration tests were a standard part of their security assessments. She recounts instances where coworkers enforced strict badging protocols, ensuring that unauthorized individuals could not access sensitive areas.

Key Points:

• Corporate Culture in Security: Maria highlights how a culture of vigilance and mutual support enhances security measures.
• Physical Security Enforcement: She provides examples of colleagues stopping unauthorized access attempts, reinforcing the importance of adherence to security policies.

Notable Quote:

"You're probably gonna know if you set yourself up for red teaming." – Maria Varmazes [04:10]

Personal Anecdote: Dave shares a harrowing experience where a colleague attempted to bypass badging protocols, illustrating the real-world challenges of maintaining physical security in the workplace.

Notable Quote:

"I was like, no, I can't do that. That goes against corporate policy." – Dave Buettner [04:51]

Segment 3: Green Mirage Scam – Mortgage-Related Fraud

Timestamp: [12:53]

Maria introduces a concerning scam identified by the FCC, named "Green Mirage." This group targets individuals in financial distress by impersonating mortgage lenders. They exploit information potentially obtained through insider threats or data breaches to deceive homeowners.

Key Points:

• Targeted Victims: The scammers specifically target individuals who have contacted their mortgage companies due to financial difficulties.
• Method of Fraud: They call victims posing as mortgage representatives and instruct them to send payments to fraudulent accounts, often using methods like money orders or third-party transfers.
• Impact: Over $400,000 has been reportedly siphoned off, with actual losses likely being higher due to underreporting.

Notable Quote:

"They're calling people posing as their mortgage lenders... they have information and one of the more interesting pieces I'll get to in a minute is actually pretty scary." – Maria Varmazes [13:54]

Discussion: The hosts discuss potential sources of this threat, hypothesizing insider involvement given the precision of targeting individuals experiencing financial distress. They also explore the motivations behind targeting such an audience, balancing between the emotional vulnerability of victims and the monetary gains for scammers.

Notable Quote:

"I would hope so." – Dave Buettner [19:58]

Conclusion: The episode underscores the importance of vigilance and verification when receiving unsolicited communications, especially those requesting financial transactions. The hosts advise maintaining direct contact with official mortgage companies and avoiding sharing sensitive information through non-secure channels.

Segment 4: Airbnb Scam – Red Flags and Prevention

Timestamp: [22:29]

Joe shares an anonymous listener's story from the Airbnb Hosts subreddit, detailing a sophisticated scam targeting Airbnb hosts. The scam involves creating fake rental inquiries, requesting off-platform communications, and manipulating hosts into sending payments to fraudulent accounts.

Key Points:

• Initial Contact: Scammers create new Airbnb accounts and request video walkthroughs of properties, then push for communication outside Airbnb’s platform.
• Red Flags: Immediate requests to move conversations to platforms like WhatsApp and unusually high rental offers compared to market rates signal potential scams.
• Potential Scam Types:
  • Overpayment Scam: Victims receive payments exceeding the rental amount and are asked to refund the difference, leading to financial loss when the initial payment is reversed.
  • Fake Rental Listings: Scam artists use genuine property visuals to create fake listings, deceiving future renters.
  • Pig Butchering Scheme: Long-term grooming of hosts through rapport-building to extract significant funds under false pretenses.

Notable Quote:

"They are calling people posing as their mortgage lenders because they're in some kind of financial distress." – Maria Varmazes [17:07]

Discussion: The hosts analyze the scam mechanics, emphasizing the importance of adhering to platform policies and recognizing suspicious behaviors. They discuss the use of AI in enhancing scam effectiveness and speculate on the psychological tactics employed by scammers, such as leveraging universally appealing personas to maximize engagement.

Notable Quote:

"Why do these scammers always use young, attractive Asian women? It seems like an image that works around the world." – Joe Kerrigan [32:25]

Conclusion: Hosts advise Airbnb hosts to remain within the platform’s communication channels, verify all rental inquiries, and report suspicious activities to prevent falling victim to such scams.

Segment 5: Crypto Scam Alert – Seed Phrase Vulnerability

Timestamp: [34:56]

The hosts present an alert about a prevalent crypto scam involving fraudulent emails that threaten the security of users' seed phrases. These emails claim that vulnerabilities could lead to unauthorized access and fund withdrawal, urging recipients to generate new seed phrases via provided QR codes.

Key Points:

• Scam Mechanics: Recipients are tricked into scanning QR codes that generate new, compromised seed phrases, granting scammers access to their crypto wallets.
• Target Audience: Even individuals without crypto holdings are targeted, indicating the broad reach and deceptive tactics of scammers.
• Awareness and Prevention: Hosts stress the importance of recognizing unsolicited requests for sensitive information and understanding secure practices for handling crypto assets.

Notable Quote:

"Unsolicited QR codes immediately suspicious, which is good." – Maria Varmazes [36:29]

Explanation: Maria clarifies the difference between seed phrases and recovery phrases, explaining how scammers exploit misunderstandings to gain unauthorized access to crypto wallets.

Notable Quote:

"They are trying to get you to use a different private key, one that they have knowledge of by going to this website." – Maria Varmazes [38:13]

Conclusion: The hosts recommend never sharing seed phrases or recovery information, using trusted platforms for crypto transactions, and remaining skeptical of unsolicited security alerts. They also highlight the importance of educating oneself about secure crypto practices to mitigate the risk of falling victim to such scams.

Final Thoughts and Takeaways

Throughout the episode, the hosts emphasize the necessity of maintaining robust security practices as the workforce transitions back to office environments. They highlight the multifaceted nature of modern scams, ranging from financial fraud targeting homeowners to sophisticated phishing schemes in the crypto space. The discussions underscore the importance of continual security training, adherence to corporate policies, and vigilance against evolving social engineering tactics.

Key Takeaways:

• Vigilance in Security Practices: Both digital and physical security measures are crucial, especially during organizational transitions.
• Recognizing Red Flags: Understanding and identifying common scam indicators can prevent financial and personal loss.
• Adherence to Policies: Following established security protocols, such as badging etiquette and platform-specific communication guidelines, enhances overall security.
• Continuous Education: Staying informed about the latest scam tactics and security best practices is essential for both individuals and organizations.

Closing Quote:

"We always say you kind of take things in your own hands is very risky because the people you're up against here do this every day, and chances are they're better at it than you are." – Joe Kerrigan [30:56]

Conclusion

"Back to the Office, Back to the Threats" provides a comprehensive examination of the security challenges emerging as organizations navigate the complexities of returning to physical workplaces. By sharing personal experiences, listener stories, and expert insights, the hosts offer valuable guidance on safeguarding against sophisticated social engineering and cybercrime tactics. This episode serves as a critical resource for understanding and mitigating the evolving threats in the modern workplace.

For More Information:

• Visit: hackinghumans2k.com
• Contact: Email the hosts with stories or questions at hackinghumans2k.com
• Sponsor: ThreatLocker – Visit threatlocker.com/HH for Zero Trust Endpoint Protection.