A

You're listening to the Cyberwire Network, powered by N2K.

B

Hello, everyone, and welcome to N2K, CyberWire's hacking humans podcast, where each week we look behind the social engineering scams, phishing schemes and criminal exploits that are making headlines and taking a heavy toll on organizations around the world. I'm Dave Buettner, and joining me is Joe Kerrigan. Hey, Joe.

C

Hi, Dave.

B

And our N2K. Okay. Colleague and host of the T Minus Space Daily podcast, Maria Vermazes. Maria.

A

Hi, Dave. And. Hi, Joe.

B

Maria, we're really glad you're back.

C

Yes.

B

It wasn't the same without you. I mean, it's not like we didn't get along or anything.

C

No, we had a good time.

B

We didn't come to blows or anything.

A

Are they boys fighting again? Oh, gosh.

C

Well, I don't know if that's ever happened.

B

No, it hasn't. It hasn't. But Joe and I have a great relationship. And occasionally agreeing to disagree.

C

Yes.

B

All right.

A

Well, sometimes it's the best you can hope for. That's fine.

C

We avoid those topics where we have these disagreements.

B

That's right.

C

Don't discuss it. Which is what reasonable people do when they're friends.

B

There you go. There you go. All right, we've got some good stories to share this week and we've got some follow up that I'm actually saving for my segment of the show because it is both so good and so complete that I want to actually make a segment out of it.

C

Excellent.

B

But in the meantime, Joe, any chicken update for us?

C

Well, with my busted up ankle, I haven't made a lot of progress on the coop, But I do have to go out there every day and make sure they have liquid water, which is not the case, like wasn't the case this morning. But I will tell you that one of my hens who exhibited a certain behavior when she was a chick is still exhibiting the same behavior. So what would happen when I would walk out to the garage, when they were in the garage, and I'd take the COVID off of the little containment pen with the little chicks in it? This one would always immediately hop up onto the edge, the pen and wait for me to pick her up.

B

Ain't that sweet? That's why sweet.

C

That's why we call her Snuggle Bug. She always wanted me to pick her up.

B

Of course you do. Yeah. So I love it.

C

So I. I told you last week I built this chicken run with a really nice Dutch door on it.

B

Right.

C

And I think it was Monday night. I was out there getting. Getting in there to make sure that they had water for the evening. And I opened the. The top door, and Snugglebug hops up directly onto that. Onto the top of the bottom door. And he's like, are you going to pick me up? And I'm like, yeah, I'll pick you up. And I pick her up, and I take her up to the house and I. I let Lisa see her and, you know, give her a. Lisa likes to give her a big hug, and she loves it. She's like, this is so nice. Which is really weird, you know?

B

Yeah. Well, that's good.

C

Yeah. I don't know. It's really weird that this chicken likes to be handled as much. It's not. None of the other chickens want you to pick them up.

B

Yeah, they.

C

They just. They. They're just not interested in it. Especially not the rooster, which you're actually not supposed to pick up the roosters.

B

Are you. You have not yet gotten any eggs?

C

Not yet, no.

B

Okay.

C

I don't expect eggs until another two or three months.

B

Oh, okay.

C

That's when I'm expecting to start getting eggs. Now my daughter is getting eggs galore. She has two. She got eight eggs yesterday, and she has two. Two full cartons of eggs.

B

Wow.

C

At the house. So the time of buying eggs in the Kerrigan households may be coming to an end.

B

All right, well, just don't forget your friends, who also love eggs.

C

Yes.

A

I'm jealous. I'm too far to get fresh eggs from you, Joe.

B

I'm glad for. What is it? Snugglebug. Snugglebug, yes, Snugglebug. I'm glad for Snugglebug. But this clip came across my desk this week. We were talking about chickens in one of the N2K Slack channels, and one of our colleagues, Tim, shared this clip. So I just want to play it here for us now and we can comment on the other side. It's only 40 seconds long. This is Werner Herzog, the director and actor, well known, and he's talking chickens. Here he is.

D

The enormity of their flat brain, the enormity of their stupidity is just overwhelming. You have to do yourself a favor. When you're out in the countryside and you see chicken, try to look a chicken in the eye with great intensity. And the intensity of stupidity that is looking back at you is just amazing. By the way, it's very easy to hypnotize a chicken. They're very prone to hypnosis. And in one or Two films I've actually shown that.

C

I'm getting my pocket watch out tonight.

A

Yeah. Is there anything he could say that wouldn't make it immediately funny and also go super hard? Like, it's just.

B

No, there's definitely an intensity about him that he brings to everything.

A

Everything.

B

Yeah. I don't know. I mean. I mean, snugglebug doesn't sound stupid.

C

Well, she is still a chicken. Okay.

A

All right. So keep our expectations measured. Yeah.

C

One of the things. One of the things I was telling my wife when. When she was giving her a hug is I remember they have very small brains.

B

Yeah.

C

And I was. I actually was looking, looking it up on online, how small their brain is relative to their body size. And, like, compared to a crow, there's no comparison. Crows are, like, really intelligent birds, right?

A

Yeah, they're. They're intelligent corvids. They're. They're just.

C

Oh, they are big brain birds.

A

I hate blue jays so much. Sorry.

B

I could just.

A

I have, like, a whole thing we're getting. We're talking about birds now. Like, let's talk about birds.

C

I'm not a fan of blue jays either.

A

Yeah. But I love ravens, but they're very creaky. I've got a bunch that live around my house, and they scare the heck out of me.

C

Yeah. I'm still trying to make friends with the crows. None of them want to be my buddy.

B

Yeah.

C

But, you know, I do. I do walk around with a pocket full of peanuts to just drop on the ground when I see crows. Hey, I have a peanut. Apparently, they love that.

B

They do.

A

We're going from chicken talk to bird talk. Is that just the evolution of that?

B

Well, this is talk.

C

This is chicken adjacent. Because the reason I want the crows to be my friend and be around my house is they will run off the hawks who will harm. Harm my chickens.

B

Yes. We have a lot of crows near my house. And we also get a lot of raptors because I live near a lake. And so the raptors come hunting, they grab fish. It's like National Geographic, you know?

C

Like, you get bald eagles from time to time.

E

I do, yeah.

B

Yeah. And I've actually seen that National Geographic moment where the eagle swoops down and grabs a fish and flies away. And it is majestic.

C

That's awesome.

B

And it's the kind of thing you don't think could actually happen in your backyard because you think this only happens on National Geographic, but it does happen there.

C

But you were sitting on your back deck and saw that happen. Yes, that's amazing.

B

But what I've also witnessed is that the crows can be big old jerks, right? They will absolutely run off a bald eagle because the crows have maneuverability that the bald eagle doesn't have. So they'll team up like three crows, and they'll just be buzzing around the eagle, pecking him and harassing him until the eagle flies away.

C

Yeah, I got a story, but I can't really tell it here because it doesn't really lend itself to a podcast, but I did see a crow smack a hawk. I'll try to tell it anyway.

A

It's a bad podcast story, but I'm gonna tell it our hockey audience.

C

Right? Yes. All right, chicken talk. Let's just hit to the stories. This crow came off of my neighbor's house and hit a hawk that was carrying, like a little sparrow or something.

B

Okay.

C

And the sparrow got away. And the hawk, or apparently the crow was like, yeah, not in my town, buddy.

B

Yeah, ran that hawk off. I have a friend who lives right down the street from our studio here, and she had one of those little bird feeders that you attach to the window so you can see the little birds feeding from outside.

C

Yes.

A

So cute.

B

And so she was sitting there watching the little birds, and all of a sudden there was this big swoop and feathers everywhere. Everywhere. A hawk came in and puffed themselves to the buffet.

C

I'll save my related story. I have a very similar story, but I'll tell it when another time.

B

It's just.

C

That's enough about birds.

B

Well, let's get to our. Let's get to our hacking human stories.

A

Hacking birdies.

B

Welcome to yes. Birds R Us Weekly.

C

Right.

B

I tell you what, let's take a quick break. We'll be right back. Every attacker counts on one thing. Environments that Trust too much. ThreatLocker closes that gap with default deny at execution. Unknown software blocked. Trusted apps contained with ring fencing Configurations verified with Threat Locker DAC so you stay secure and compliant. ThreatLocker delivers the visibility and control CISOs need without adding operational pain, making zero trust real for teams of any size. Stop ransomware at its earliest point. Book a demo@threatlocker.com N2K. I'm going to kick things off for us, but it's actually a piece of feedback here, and it is probably the best feedback we've ever gotten.

A

Really?

B

I agree. Well, it is. I mean, it's legit. It is complete. It is well written. It is authoritative. So we got a note from Tim. I'm just gonna leave it at that. Who is A special agent in the IRS Criminal Investigation department who listens to this show.

C

Thank you, Tim. I have a feeling, Dave, that there's a lot of correction coming from Tim.

A

Well, gentle, professional correction.

B

That is true.

C

Which I appreciate, Tim.

B

And Tim does it in the nicest way. And so that's why we're sharing it. Good. So I will just read Tim's kind note. Tim says, I just got done listening to the episode. It's just too good to be true. And couldn't help but send you an email. After hearing all of the IRS talk, you guys did a pretty good job of hitting home the main points of scam interactions with the irs. I could tell there was some hesitancy around what criminal investigation would or wouldn't do in real interactions and wanted to offer my 2 cents. So you see, what Tim has done here is buttered us up by saying that we did a good job.

C

Yes.

B

And here's the thing.

A

Well, see, now the IRS is offering us money. Should we trust it? Two cents, right?

B

Yeah.

A

Right.

B

Well, if we ever get audited, you know, my first call is going to be with Tim. Right. So Tim goes on and writes, we in criminal investigation 100% show up to people's houses unannounced.

C

Okay. So Tim does work in criminal investigation, correct? Okay.

B

Yes.

E

So he says, yeah, make cold calls.

B

Or send an email to initiate contact, which are all things that we said they don't do.

C

Correct.

B

So we were wrong.

C

Yes.

A

Yes.

B

Tim goes on and says, it all just depends on what form of communication we've tried up until that point where criminal investigation agents and the interviewee are located, how adversarial the interaction might be, and so on. When in doubt, though, we'll be at your front door and leave a business card if we don't establish contact right then and there. Also, we're happy to try and verify ourselves over the phone or email by answering a number of questions and sharing our badge numbers. However, we are prohibited from sending photos of our credentials or badge. So that is a common hangup between us and people we reach out that think they're being scammed because the IRS never calls. He put that in air quotes. Right. So he says if someone needs to verify whether or not an IRS special agent is real, they should meet them in person at a public place, such as the local U.S. attorney's office, the local IRS office, or a library, and ask to see their credentials and badge. That seems reasonable to me.

A

It does.

B

Tim goes on and says in IRS civil, you were correct about the forms of communication and all the telltale signs for scams. If it's not a letter or a call or email from someone you've already spoken to, forget about it. And definitely do not buy gift cards to pay off your fake overdue tax liability. Last, do not pay in Bitcoin.

C

All right.

A

And he said that with a smiley face, which I really appreciate.

B

Smiley emoji at the end there.

C

Yes.

B

And Tim says, and in general, thank you for putting together such informative and entertaining episodes. Tim's buttering as it's a compliment. Sandwich.

C

Sandwich. Thanks, Tim.

A

He's such a professional.

C

Tim said.

A

And I fall for it completely. Thank you, Tim.

B

Right. You can tell Tim's used to interacting with people who he is much smarter than, like us.

C

Yes.

B

Tim says, I'd love to hear about all the scams that are out there and trying to figure out how they might apply to my tax and non tax casework that dabbles in pig butchering, investment fraud, sim swapping and account takeovers, cryptocurrency theft and everything else in the cyber adjacent world. Keep up the great work. And that's Tim, who again is a special agent with the irs. So Tim, thank you so much for taking the time to write this.

A

Yes, thank you, Tim.

B

Absolutely amazing. I guess we have to update our information here. The IRS does come to us.

C

They do. Especially criminal investigations.

A

If you're. If, yeah. Criminal investigation. Yes, for sure.

B

Yeah. So I guess you have to be. You have to have been. See, and now I'm speculating again. So I'm expecting, you know, part two from Tim.

C

Right.

B

What I infer from this, and correct me, if either of you feel as though my inference is incorrect, you're probably pretty far down the path with them.

C

Yes.

B

And by that I mean ignoring them.

C

Which you should never do.

B

Right. So I'm guessing, you know, letters come first and then probably phone calls and emails or whatever. Like also would imagine these agents are not thrilled to have to come out and knock on your door. Like that's probably not a great day for them.

A

I'm sure it's scary for them too, you know.

B

Yeah, that's true.

C

It's not a zero risk job.

B

Yeah, absolutely. No. But I guess that is part of the job. So.

A

Yeah. His tip about meeting in a public place like let's meet at the local IRS office. That's a great one.

C

Right? Yeah, yeah, I'll meet you at the local IRS office. That would be a good place to meet at the. At the. What do you say? The. Not the state U.S. attorney's office.

B

Yeah. I'd probably be less inclined to meet at a library just because anybody can.

C

Go to a library.

B

Anybody can go to a library and, you know. Yeah. Yeah. The local IRS office seems optimal to me because nobody's gonna walk into the local IRS office and pretend to be an IRS person. Right.

A

I mean, somebody might, but that's ballsy as hec. So I'm not sure.

B

Yeah, yeah, exactly.

C

Yeah. Now, here's the comeback to that. Well, not really a comeback, but an observation, because I think that Tim is probably well aware of this. If you're somebody who is under criminal investigation with the irs, you're not going to the IRS office to meet an agent because you're afraid there's going to be somebody there to put you in handcuffs or something.

B

Yeah.

C

If you're in the criminal part of the. Of their investigative services. So, I mean, the IRS has a job to do, and I get it. Yeah. I'm not happy with, you know. You know me, Dave. I'm not happy paying taxes.

B

Right.

C

Not me.

A

I love paying my taxes.

B

Well, Joe, as you know, taxes are the price we pay for civil society.

C

Yes, I understand.

B

So, Maria, this is one of the areas Joe and I agree not to talk about.

C

Right. Tax policy.

A

Oh, boy. That's a thrilling conversation.

B

Yeah.

A

All right.

C

You know, tax policy happens above the level of the irs, Right, Sure. The IRS is the service that is responsible for enforcing tax policy.

B

Right. They execute the policy.

C

Correct.

B

That has been given to them by Congress by.

A

Yeah, they're the money police. Yeah.

C

By a bunch of knuckleheads who fooled another bunch of knuckleheads into voting for them and.

B

All right.

A

And tell us how you're feeling.

B

Thank you, Tim. Thank you, Tim, for sending this in. Truly.

C

Yeah, Tim, I appreciate it.

B

This is really good stuff. Like I said, one of the best bits of feedback that we've ever had. So we are thrilled that you took the time to do this. And also, please just punch that you're listening to our show and finding value in it.

C

Yeah. That's awesome.

B

Thank you very much. All right, let's move on. Maria, you are up next. What do you got for us here today?

A

Well, I have an evolution of a phishing campaign. A phishing campaign that's been around at least since 2020. So what I'm gonna do is talk about what it used to look like and then get into what it looks like now. All right, so this phishing campaign was being used and being sent primarily through mass email clients called SendGrid. So SendGrid is the primary one that's been used for this. I know that mailchimp also has been used for these fishes, but I'm going to concentrate on SendGrid because they've been really highlighted as the problematic one.

C

I love the name mailchimp. That's one of my favorite online service names ever. Mailchimp.

A

Yeah, filing that away in useless information that I, you know.

C

Right.

B

So SendGrid is similar to Mailchimp in that it's a mail email service provider, correct?

A

Yeah. So you are a business or a small business presumably, and you've got a list of thousands of emails of clients presumably that you want to email and you, you need to use usually a service like sendgrid to mass email people without getting flagged as spam through.

C

Right.

A

Any kind of email provider. So you use something like SendGrid, you, Your Email account sort of is flagged as, hey, this is trustworthy, you have a reputation, the SendGrid has a reputation. And the email, the emails go okay, these emails can come through the email services, allow your emails to go through. So Brian Krebs actually covered a problem with SendGrid fish phishy emails back in 2020, where essentially at that time SendGrid did not have two FA enabled on their service. So many, many SendGrid accounts were getting compromised either through stolen credentials, brute force access, or even just basic old password reuse. And essentially bad actors were compromising legitimate sendgrid accounts and then spamming the people on the legitimate email lists with fishy emails. So ideally what would happen for the attacker would be that somebody would click the fishy link and they would then be taken to a fake SendGrid login page. And then the, the cycle would continue anew where now another SendGrid account has been compromised and more fishy emails could go out. So it just keep going over and over. And actually Netcraft in 2024 called this specific situation fish ception. Over and over, just keeps going, his fish is all the way down. And these, the specific SendGrid phishes back in 2020, the emails themselves were always sort of SendGrid account related. So the emails would say something like, hey, your account's been compromised, your payment's been declined, your account's been marked for deletion, your account's under review due to bad practices. So that would be that urgency that's often talked about, about, you know, that that hooks the person into the fish and they would go, oh no, I need to fix something with my SendGrid account. And of course that means I need to log into my account to fix it and that's how their account would get compromised. So that's. That's sort of the old paradigm for the SendGrid Phish. Now there's a new SendGrid Phishing tactic being used. And this is covered by a gentleman named Fred Benenson in his personal blog. Cause he's been noticing this and he has dubbed it the rage bait fish. And this is super fascinating. Yeah.

E

Oh, booty.

C

That might work on me.

A

Yeah, I think it might work on a lot of us. I think. Do I even need to explain what rage bait is nowadays? It's sort of in the air we breathe. Yeah. It's the media landscape. And so that's 100% correct.

C

It's pretty much all the Internet has become.

A

It's just pure rage bait. So what Fred was noticing is he got an email that was a very clear sendgrid fish. And this is how it goes. I'm just going to read it. The subject line says this ICE Support initiative. And this is the text. Hello. We're writing to inform you of an important update to our email platform in response to recent events. As part of our commitment to supporting U.S. immigration and Customs Enforcement, we will be adding a Support ICE donation button to the footer of every email sent through our platform. This button will appear automatically in all outgoing emails starting next week. What this means for you? All emails sent from your account will include the Support ICE footer element. Recipients can click to donate directly to ICE support programs. This change helps us demonstrate our platform's civic commitment. And then the next line is there's an opt out available. If you prefer to not include this footer in your emails, you can disable it in your account settings. And there's a handy little button there that says go to account settings. We appreciate it. Run, do not walk to that button.

B

Oh, no.

A

Dave, you've been fishing.

C

Wow.

A

I can just see Kermit flailing his arms right now. Yeah. So Fred also had noticed previous fishes in this rage bait vein. One of them was an LGBT pride footer that again would automatically be added to all of the emails that you sent. And another one.

C

Yeah, I was gonna say. I'll bet they do this to the other side of the political spectrum.

A

100%.

C

Here it is.

A

There was another one that was an automatic Black Lives Matter matter footer automatically added to any email that you sent. So they're casting the widest possible net. How many people can they possibly Hook through rage bait and they're trying all of the tactics. So it's. I just thought this was remarkable because I was looking for other examples of people noticing this since I read Fred's blog post and I haven't seen a lot of instances of this, but that feels like a yet is coming, I imagine. This seems rather dastardly to me, a fish using rage bait as its hook. And I've got to imagine this tactic's gonna become very popular very soon if it hasn't already.

C

This is remarkably successful.

A

Oh yeah, I bet.

B

Yeah. I mean, this is what we always talk about, using your emotions to short circuit your critical thinking.

C

Right.

B

You know, you get somebody wound up, you're gonna do what to my business email?

A

To my business email, yes.

C

Right.

B

And so they're just gonna smash that go to Settings button.

C

I can even see someone who. Yeah, I can see someone. A centrist. Right. A political centrist going, I don't want that on my email because I don't want to alienate a huge chunk of my customer base.

A

I don't want to field those angry emails from either direction. Yeah, I completely understand. Nobody wants that. I'm just the marketing intern and I'm seeing this in my inbox and I'm going, I don't want to have to explain that to my boss. Right, yeah, yeah. And then I'm not even thinking about it. I'm literally, you know, in the bathroom seeing that email, panicking before the CMO calls me up going, what the heck is this? And I'm hitting that go to settings button and not even thinking about the fact that I probably just got phished.

B

Right. Yeah.

A

This would 100% have worked on me. 100%, because I've been in that situation. I would have panicked so quickly. So I guarantee you we're going to be seeing a lot more of this kind of tactic. And again, as far as we know, the goal here is to compromise send grid accounts to send more of this to continue the fishception. I wonder if there's a longer long term play here in the background that we don't know about yet. But there's gotta be one.

C

I think I know what that is actually. And I don't know, I've never used SendGrid, but is it possible when you're in SendGrid, when you're in the interface to say, I just need the list of email addresses I have.

A

Oh, I'm sure there is. Like just a quick export. Yeah.

C

If you can just export all the email addresses that all these small businesses have, you know, they're valid email addresses and now you have essentially a huge cache of new refreshed email addresses.

B

Yeah.

A

Oh, yeah, that's true. Because the email services like SendGrid also will tell you if those emails are actually healthy, you know, if they're not bouncing back so that, you know that they'll actually work. So, yeah, that's a pretty good point. They're just able to get the clean emails that are actually working.

C

That's my guess.

A

That's a good guess.

C

And the only reason I think that is because they're only sending out phishing to other SendGrid accounts or they're sending this phishing. These phishing emails out. They're phishing SendGrid account holders.

A

Yes.

C

And then they're not using the SendGrid account to send out actual phishing emails.

A

Right. As far as we know, that's true. Yes.

C

That, to me, looks like they're just building new email lists.

B

Yeah.

A

Yeah. So far that seems to be the case. But again, I really wouldn't be surprised if there's a really long game at play. But. But we'll see, I guess. So the News on the SendGrid side of things is that there is actually two FA now available for SendGrid account holders.

C

It's not mandatory, though.

A

No. So actually, no, I shouldn't say. I don't know that it's mandatory. If it isn't mandatory, please enable it. Yep, please do, please. And sendgrid was getting reamed by Infosec press for a while for not having two fa. So they do have it now. So you should definitely enable that. Strong, unique passwords. Because again, a lot of these SendGrid accounts are being compromised from simple password reuse. And please be aware of this new tactic. So if you see this and it makes you freak out, take a moment, right? Don't click the Go to settings. Maybe try another way to get to your settings without clicking the link in an email so you can give that a shot.

B

Just be aware of your emotions and if you find yourself getting wound up over something, stop and check yourself. I know, it's easier said than done, right?

C

Especially when you're over there making all those noises like Dave was.

A

The appropriate noises. Rebel. Rebel.

C

Rebel.

A

Rebel. Rebel.

B

All right, very good. We will have a link to this story in our show notes. I tell you what, let's take a quick, quick break here. We will be right back after this message from our sponsor. Most environments trust far more than they should, and attackers know it ThreatLocker solves that by enforcing default deny at the point of execution. With Threat Locker allow listing, you stop unknown executables cold. With ring Fencing, you control how trusted applications behave. And with Threat Locker DAC defense against configurations, you get real assurance that your environment is free of misconfigurations and clear visibility into whether you meet compliance standards. ThreatLocker is the simplest way to enforce zero trust principles without the operational pain. It's powerful protection that gives CISOs real visibility, real control, and real peace of mind. ThreatLocker makes zero trust attainable even for small security teams. See why thousands of organizations choose ThreatLocker to minimize alert fatigue, stop ransomware at the source, and regain control over their environments. Schedule your demo@threatlocker.com N2K today. And we are back. Joe, you're up. What do you got for us?

C

I have two stories today because the first one is again going back to Southeast Asia, and it's from Reuters, and the headline is Cambodia to Keep Up. Crackdown on Scam Centers after Arrest of Alleged Mastermind. I love when someone gets called a mastermind.

A

Alleged, right.

B

Yeah.

C

I'm just going to go over this one really quickly because I don't want. We spent a lot of time on this, but the US Is indebted to this guy Chen Ji, and he has since been extradited to China. And despite that, Cambodia is saying, we're going to continue to curb these scams. And the article talks about how these scam centers in Myanmar and Cambodia have generated billions of dollars in losses with A B. And Cambodia is in close cooperation with other nations, according to the foreign minister of Cambodia. So good on them. They're going to keep this up. They know just capturing one bad guy is not the end of this. There's a virtually endless chain of people who are willing to. They hear the word billions and they go, all right, I'm in.

A

How do I get in on that action? Yeah.

C

Yeah. My other story comes from wsmv, and this one is about an Uber driver who got scammed out of $300. And here's how this scam worked. He was driving along, doing what Dave.

B

Does, minding his own business, minding his.

C

Own business, driving an Uber ride.

A

Nothing.

B

Yep.

C

Right. Paying. I hope he's paying his taxes like every fine, upstanding American.

B

That's right.

C

Including us. And he gets a phone call on his phone. Naturally. I see.

B

That's weird.

C

Here comes the pigeon with the phone call.

A

His shoe just started ringing.

E

I don't know.

B

Yeah, I'm getting a phone call through my glove compartment. Nice, Todd.

C

Maria says shoe, but she probably doesn't remember Get Smart. Yeah, Maria, do you remember Get Smart?

A

I know of Get Smart. I've seen the remake and a few of the originals.

C

But, yeah, Maxwell Smart had the phone. The shoe phone.

B

Yeah.

A

Yeah, I think that's probably what I was unintentionally recommended.

C

Dial in the heel. It was hilarious. That was Mel Brooks, by the way. One of my favorites. So this guy is. They're calling him Zach. That's not his name. So he has said that he originally was able to make enough money to live on Uber, but now he's just doing as a side hustle because it doesn't support him anymore. He's making less and less money with it. But when he answered the phone, he got an automated message saying that it was Uber support. And they told him that he had been reported as being a drunk driver. And they said he needed to pull over immediately and go through a verification process, otherwise he would be banned from the Uber app. Wow. So he gets this call. He does what the phone call says in the middle of a ride. They told him to cancel the ride and head to a Walgreens screens for a sobriety test. Then he has to pay $300 for a sobriety test, which he says if you pass. The guy on the phone says if you pass, you'll be instantly refunded the money, but if you fail, you'll be fined another $750 and be permanently banned from the app. So they send him a barcode, he transfers money. I'm not sure which app this is through, but it's probably through like Venmo or something similar to it, because those work with barcodes. And he sent $300, and he got back to his car and went to the Walgreens to wait for the person to meet him in the parking lot, but no one ever shows up. And that's essentially the scam is they. They have scammed him out of $300, and he's now not making money with. With Uber right now because he's, you know, hey, somebody told us that you're drunk right now. Pull over Uber. He reached out to Uber and they said, we will never call you directly from our customer support line.

B

Now, we've heard that before, right?

C

Next week we're gonna get an email from somebody at Uber.

A

We'll read that one out.

B

Wouldn't it be. Wouldn't it be just the greatest thing in the world if Tim was moonlighting as An Uber driver.

C

That would be hilarious.

B

And he called us with their real skinny. Right. I don't know why that tickles me so much.

A

Because he's got expertise in both arenas.

B

Yeah, Right.

C

So anyway, Zach has lost $300 to this, and he's working with Uber to try to get his money back. Uber, I don't think, is probably gonna give him the money back. He did have someone break into his Uber account at one time and essentially steal $700 in credit, but he got that back because that was from Uber's system.

B

How hard do you suppose it is to get an Uber driver's phone number?

C

I don't know. That is one of the nagging questions that underpins this for me is how do they know this guy was an Uber driver?

B

Okay.

C

How do they know that he was in the middle of driving something in.

A

An automated way or a manual way? Because, I mean, I've had Uber drivers message me from their cell phones, but does it go through an intermediary? I would think it would, but I'm thinking when someone's picking you up, they're like, hey, I'm here.

C

Right.

A

Usually you get a text message, but I have presumed all this time that's coming directly from the Uber driver's actual phone number and not a third party.

C

But I've always. When I use Uber, I do everything through the app. Like, I'll get a message of where he is and he's five minutes away, or she's five minutes away, and it's, you know, it's all done through the app. I never get text messages.

B

Oh, yeah.

A

I've gotten text messages before, and I've always thought that was a little odd, that I'm getting an actual text message.

B

Yeah, I've gotten text messages.

A

Yeah. But I don't know how you automate that. I'm sure there's a way you just don't know how you do that.

B

I mean, I suppose, given where we are in the world today, that it's not that hard to put the word out that you want to buy a list of phone numbers of Uber drivers in your town, and that's probably pretty easy to buy. So it could be that simple. Yeah.

C

The other thing that occurred to me is it could be the ride that he was actually picking up that that guy was in on the scam.

B

Could be.

C

That could be.

B

Yeah.

C

That he. I don't know how that would work. I'd have to know more. And this article doesn't have a lot of details on it, so I'M just doing what I do best and speculating wildly.

B

Well, if you get 300 bucks a pop, you know, it's worth it. It's lucrative. Yeah, yeah, absolutely. All right, well, we will have a link to those stories in the show notes, and of course we would love to hear from you. If there's something you'd like us to consider for the show, you can email us. It's hackinghumansn2k.com Joe, Maria, it is time to move on to our catch of the.

C

Dave. Our catch of the day comes from the scambait subreddit. And honestly, this. Did you do this, Dave? Because it's called Dave Part one.

B

Yeah. Oh, yeah, yeah, right.

C

And is this really your submission?

B

No. Oh, just a coincidence. It's a coinky dink.

C

I guess a lot of people are named Dave.

B

Yes, fewer and fewer. I mean, and you know, kids today aren't giving their kids normal names anymore, Right? So if someone did name their child Dave these days, there'd be a Y somewhere in there. It'd be like D, A Y, V, E, but whatever. You know, our generation of parents named us to fit in and today's generation of parents names their kids to stand out. That's the main difference.

C

Yes.

B

All right, so we're gonna do this here. Tell you what, Maria, how about you partner up with me on this one? I will be the. I will lead off.

A

Okay.

B

And we'll go from here. So I'll be the text in white, you be the text in blue.

A

You got it.

B

Very good. All right, here we go.

E

Hello there miss Maggie. Good day. I kind of want to say Merry Christmas, Maggie, and thanks for getting back to me here. Well, good game. So good luck, Maggie.

A

Hello. Where are you from?

E

Hello there beautiful Maggie. Well, thanks for your responding to me here, Maggie. And it's nice to meet your acquaintance virtually. And I kind of want to wish you a happy bowsing day to you, Maggie. And I'm Dave Sylvester from Pearland, Texas.

A

And you Bozing day. I am from the United Kingdom.

E

Yes, it's bozing day today. Nice to know that you're from the United Kingdom, Maggie. Well, where in the United Kingdom are you currently from and how's your day been today? Hope you're enjoying the weather out there today, Maggie.

A

I have never heard of Bosing day ever. I'll have to look that one up. I'm from England.

E

That's fine, Maggie. Then we shouldn't be argue with it if you haven't heard of Bosing Day, Maggie. Okay. And I'm so glad you're from England pretty so nice to meet you here Maggie can you please tell me some few things about yourself Maggie the way you look and your smile tells me how gorgeous and beautiful you are Maggie please can I know something about yourself.

A

Please Maggie nobody was arguing what would you like to know?

E

It's okay Maggie so sorry Maggie I didn't mean to say we both argue though it was a joke and I'd like to say something that funny too.

A

Morning how are you?

E

Hello there beautiful Maggie so nice to hear from you here again Maggie and thanks you for getting back to me here Maggie so nice it's morning there getting bright too well it's morning here but still dark however nice to see you here Maggie and I'd like how gorgeous you look in your profile picture Maggie your smile are so cute and nice Maggie well I'm doing good hearing from you here now Maggie well how was your night and hope you're feeling.

B

This beautiful day there in England Maggie.

A

That name just doesn't sound real anymore right?

C

It's not I've got a follow up.

A

For this Dave is Maggie Maggie my night was wonderful but cold how was yours?

E

Oh I see Maggie so I'm glad your night was wonderful sounds like you enjoy sleeping the whole night Maggie well I'm so sorry if it's cold out there Maggie.

A

Sorry I'm confused it's winter so the cold is expected been a.

E

Good weather these days here Maggie but sometimes it might also get cold too well my night was good and just got up a while ago to be on the game and I got your message and decided to reply you Maggie and I'm so sorry if I do bother you with my message while we play the game Maggie hope you're okay while we're playing in chat Maggie I.

A

Think there's a bit missing here but it's fine I have I'll just continue.

E

If it's winter season the cold must be expected but sometimes we deserve it too well so nice we're chatting this beautiful day however how's your day been today and have you had your breakfast.

A

Yet yet Maggie I had breakfast hours ago what have you eaten?

E

That's really cool and I hope you enjoy your breakfast Maggie and are you the one who made it yourself Maggie if I may ask Maggie Because I guess you must be good by cooking too and did you have your coffee before having your breakfast Maggie?

A

I asked what you had to eat.

C

I haven't eate yet but I have.

E

Made my coffee I'm about to start having my first cup of coffee while I'm chatting with you, Maggie.

B

And it ends there.

A

It's like he's got Tourette's and Maggie is his tick.

C

So, Maria, you were out last week, but last week I was talking about a sales guy I used to work with who used these Jedi mind tricks to influence people. And it was the one we talked about last week was when you call and leave a voicemail, tell them you got good news and they'll always call you back.

B

Right.

C

And then you have to make up some good news. Right. And that one works really well.

A

That's a dastardly one. Oh, my God.

C

I'm gonna use that. I shared the story about me calling my sister to test it out, and it did work. And when my sister called me back, she was very disappointed in me.

B

You're out of the will, right?

A

Good news. I'm talking to you.

C

So anyway, she's much younger than I am, so I don't need to be in her will. She needs to be in mine. The other Jedi mind trick this guy would always put forth is say people's name a lot. And when I came in in the morning, Joe, how are you today, Joe? And I'd be like, oh, yeah? And I'm like, why do you do that? I point blank asked him, because you know me, Dave, when I see something like that, I will just go, why are you like that?

B

Right, right.

C

And he goes, people like hearing their name, Joe.

A

It also helps you remember their name, Joe.

C

Yeah. I have other tricks for remembering people's names, Maria.

B

Is that right, Joe?

C

Y. Dave.

B

Oh, interesting.

A

Dave. Maggie.

B

Yeah. Wow. Okay, Maria. Great. Maggie. Maggie, you also reminded me of Pepe the Prawn. Okay, we're going to do this. Okay, we're going to do this. Maggie.

C

One of my favorite Muppets.

B

Yeah.

A

Maggie is an excellent liquid you add to your food. It makes it tasty. Anyway. It's like MSG in a bottle. It's great. It's called Magic Maggie.

B

So obviously this person is, as Joe said, trying to repeat someone's name to build rapport.

A

Correct, Maggie.

B

And it's just a gobbly goop of poorly translated, probably AI generated responses.

C

Well, I don't know, because there's a lot of bad grammar in this.

B

That's true.

C

So it's probably just copy and pasted from a script. I will tell you, this is like the single worst Jedi mind trick that I've ever heard anybody try to say. Like, in sales, just keep repeating someone's Name in every sentence.

B

Yeah, you know, it's funny. I run into folks who have clearly been taught that lesson and taken it to heart. Every now and then, I'll be interviewing someone for the Cyber Wire, you know, and I'll say, so, cybersecurity expert, what color is the sky? And they'll say, well, Dave, I'm really glad that you asked me about that. Dave. Here's what I think, Dave, about the color of the sky. God, Dave, I'm like, I'm buying time.

A

While I think of an answer for you. Yeah, right, right.

B

I have no problem with people referring to me by my name, but when you can tell that they're doing it just to try to build a false sense of rapport, it's employing.

C

It is. It's so irritating.

B

Yeah. Yeah, sure is, Joe.

C

And by the way, it is not one I ever did. Not a trick I ever used. I found it insulting to try to use it.

B

Is that right?

C

You guys are now just trying to irritate me and that's okay, Maggie, because I get the joke. I get the joke.

B

But yeah, yeah, all right, well, that's great, Joe. All right, so, you know, I think.

C

I may have even had an episode of my old podcast about this trick. This may have been.

B

Oh, this was a. Oh, yeah, that.

A

Would tell us more, Joe.

B

Yeah, for sure, sure.

C

All right.

B

People should definitely check that out. Joe.

C

Yes.

B

All right, well, again, we would love to hear from you. If there's something you'd like us to consider for our catch of the day, please do email us. It's hackinghumans2k.com. Most environments trust too much and attackers know it. Threatlocker enforces default deny at execution, blocks unknown apps and limits what trusted apps can do. Stop ransomware at the source. Get your demo@threatlocker.com N2K and that is hacking humans, Joe. Brought to you by N2K CyberWire. We'd love to know what you think of this podcast, Maggie. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share, rating and review and you your favorite podcast app. Please also fill out the survey in the show notes or send an email to hankinghumans2k.com Joe this episode is produced by Liz Stokes. Our executive producers, Jennifer Ibin were mixed by Elliot Peltzman and Trey Hester. Peter Kilby is our publisher. I'm Dave Bittner.

C

And I'm Joe Kerrigan. Dave.

A

And I'm Maria Vermaz's. Maggie.

E

Thanks for listening, Maggie.

A

Sam.