Podcast Summary: How Much Can I Make? – Real Jobs. Real People. Real Money.

Episode: Cybersecurity Jobs: Understanding Account Takeovers, SIM Swaps, and Email Hacks
Host: Mirav Ozeri
Guest: Rivka Tajer, CEO & Co-founder of ZeroHack
Date: December 22, 2025

Episode Overview

In this episode, Mirav Ozeri dives into the high-stakes world of cybersecurity with expert Rivka Tajer, CEO and co-founder of ZeroHack. Rivka sheds light on account takeovers, SIM swaps, and email hacks, demystifying the tools and methods cybercriminals use—and, crucially, how individuals and organizations can proactively protect themselves. The conversation also explores career paths, earning potential, and what skills are truly vital in cybersecurity, blending practical advice with real-world stories from the front lines of digital defense.

Key Discussion Points & Insights

1. Rivka Tajer's Career Path & Expertise

• Started as a journalist in the early digital era, involved in launching the Wall Street Journal online in 1994.
• Transitioned to covering data privacy, security, identity theft, financial technology, and AI.
• Served on the White House National Infrastructure Advisory Council for critical banking infrastructure.
• Founded ZeroHack, specializing in financial protection and secure communication for individuals and organizations.
  • "What we do is we protect people specializing in financial protection and secure communication." (02:00)

2. Core Cybersecurity Threats and Their Prevention

• Account Takeovers & SIM Swaps
  • Account takeover: When hackers gain control over your email to impersonate you—often the starting point for larger-scale theft.
  • SIM swap: Attackers hijack your phone line to intercept authentication codes and drain accounts.
  • "If they hack into your email and can impersonate you, that's called an account takeover." (02:36)
  • "SIM swapping is where they help themselves to that account. Probably took your sim, forward that number to somewhere else." (22:13)
• Human Error
  • Over 90% of breaches originate from human error, especially weak email credentials.
  • "Over 90%–no exaggeration–happens by human error with their email credentials." (05:03)
• Vulnerable Platforms and Networks
  • Email providers like Yahoo, Gmail, and Hotmail are common weaknesses if not properly secured.
  • Ancestry sites, gaming, porn, and dating platforms are high-risk; 23andMe breach discussed as an example.
• Importance of Threat Intel
  • Professionals use anonymous threat intelligence tools to monitor for client exposures on the dark web.
  • "We use cyber threat intel systems that are closed systems... to see what of yours has been exposed." (02:48)

3. Practical Cybersecurity Tips & Tools

• Email Security
  • Use an encrypted provider (e.g., ProtonMail).
    • "You can go to Proton.me in Switzerland and get a ProtonMail... for $3.99 a month." (05:03)
  • Do not use personal, long-standing email addresses for sensitive accounts; separate financial communications from daily use emails.
• Password Hygiene
  • Never rely on browser or auto-generated password managers.
    • "Never ever use an automated auto-generated password... whoever is offering to auto generate your password is keeping a database." (10:52)
  • Store PINs and passwords offline or in a truly secure, non-cloud digital or physical system.
• Device & Network Security
  • Routinely change router passwords and network names; default ones are especially insecure.
    • "Change that router password to something Spectrum doesn't know... So you got to reduce your attack surfaces." (21:04)
  • Regularly delete browsing history and cookies to limit information available to attackers.
    • "Deleting your browsing history... absolutely. On a daily basis." (12:48)
  • Use VPNs (NordVPN recommended for its security and minimal speed loss).
• Protect Mobile Devices
  • Set a unique SIM PIN—not the default—to prevent SIM swaps.
    • "If you have an iPhone 15 or later, you can put a PIN even on an esim." (23:17)
  • Turn off Bluetooth, Airdrop, and geolocation when in public spaces (airports, coffee shops, hotels).
  • Use Faraday pouches to block all electronic communications when needing maximum security.
    • "Get yourself a Faraday pouch... it blocks out all electrical impulses." (28:07)
• Financial Safety
  • Use a credit card not linked to primary checking/brokerage accounts for all online payments, Apple Pay, travel, and app purchases.
    • "The credit card... should be a credit card where you do not have a checking account or brokerage." (32:12)
  • Avoid using bank or brokerage-connected cards for travel or regular online activity.

4. Platforms: What's Safe, What's Not

• WhatsApp is not recommended post-Facebook acquisition; Signal is the current standard for secure messaging.
  • "WhatsApp is encrypted? No, it's not... That's why the whole world moved to Signal." (06:43)
• Zelle, PayPal, Venmo
  • Zelle has improved security, but is only as safe as the underlying security of linked bank/email/phone.
    • "Zelle is very secure now. But again, it is secure as how you have protected your bank account." (31:06)
  • For all, use separate, encrypted emails and secure passwords.

5. On Being a Cybercrime Target

• Seniors are Top Targets
  • Because they hold more assets, have fewer bank restrictions, and criminals can easily divert Social Security or steal property.
    • "People who are over 60 have more money than people who are 20." (42:59)
• Why Email Remains the Main Attack Vector
  • "91% starts with an email account takeover. And then I go look for all your accounts with that email." (36:35)
• Social Security Numbers
  • With major telecom breaches, criminals already possess millions of SSNs; the focus must be on access control.
    • "There's 200 million of them out there, thanks to AT&T and Verizon." (38:59)

Notable Quotes & Memorable Moments

• On Criminal Psychology:
  "If you understand criminal behavior, you will understand how not to be a victim. And you actually know more than you think you know." (00:03, 41:41)

• On Prevention vs. Cure:
  "Incident response and mitigation of identity theft and breaches of your bank account will take forever. It's expensive and it's very painful and it's horrible to see. And so much of it is preventable." (00:10, 38:48)

• Email Security is Everything:
  "Gmail you've had for 100 years? You got to get rid of it now... you need encrypted secure email for your bank and brokerage that never sees the light of day." (04:35)

• Direct Practical Guidance on SIM Protection:
  "Take out your phone and go to Settings... If you have an iPhone 15 or later, you can put a PIN even on an esim." (22:51)

• On Career Entry:
  "If you come into a threat intel company and you just want to get your foot in the door... probably between 30 and 50 [thousand]. If you have a law degree... you're in six figures. Wow. It's a six figure industry..." (39:11)

Timestamps for Major Segments

| Time | Segment / Highlight | |------------|------------------------------------------------------------------------------------------------------| | 01:15 | Rivka discusses her journalism start & transition to cybersecurity | | 02:00 | What ZeroHack does, focus on financial protection | | 04:35 | Need for encrypted email for sensitive/financial activities | | 05:03 | 90% of breaches due to human error; importance of secure emails | | 06:43 | WhatsApp vs. Signal explained; critical of Meta integration | | 08:03 | High-risk sites (Ancestry, gaming, dating) discussed; 23andMe breach | | 09:52 | What is the dark web? And how threat intelligence systems monitor crime networks | | 10:52 | Password advice: avoid password managers and automated generators | | 12:48 | Importance of deleting browsing history and developing good security habits | | 14:17 | Browser security: it's all about settings, not choice of browser | | 16:10 | Security of Apple Wallet and cloud accounts hinges on underlying protections | | 18:48 | NordVPN recommended; criteria for evaluating a good VPN | | 20:18 | Change router passwords—critical first defense for home/office | | 22:13 | SIM swapping explained; how to secure your SIM | | 23:17 | Step-by-step: setting a SIM PIN (iPhone detailed walk-through) | | 24:46 | Don’t reuse PINs, manage them securely offline | | 27:56 | Why periodically turning off your phone and using a Faraday pouch matters | | 29:05 | Security risks in airports, public Wi-Fi, and coffee shops | | 31:06 | Zelle, PayPal, Venmo: what’s secure (and only if account fundamentals are secure) | | 32:12 | Advice: use a credit card with no link to main bank/brokerage for online/Apple Pay/travel | | 33:38 | Why travel increases vulnerability: public Wi-Fi, hotel networks, real-time posting dangers | | 35:12 | Real-world breach stories (nonprofits, donor data, ransomware & the dark web “junkyards”) | | 36:31 | Most common hacks for individuals: email account takeovers, spoofing, SIM swaps | | 39:11 | Cybersecurity salaries: Entry-level to six-figure roles | | 40:14 | Skills needed: data analytics, criminal psychology, financial systems knowledge | | 42:18 | Seniors’ vulnerabilities and special risks | | 43:33 | Prevention vs. incident response: proactive cyber hygiene is crucial | | 44:04 | COVID as a cybercrime catalyst: increased vulnerabilities and attack sophistication |

Career Advice & Earning Potential in Cybersecurity

• Wide range of entry points: from data analysis to law, accounting, and investigative backgrounds.
• Entry-level threat intelligence roles: $30K–$50K/year.
• Six-figure salaries for experienced professionals, those with law or accounting backgrounds, or advanced certifications.
• "It's a six figure industry because there's a shortage of people who know how to do these things." (39:39)
• Valuable skills: data analytics, criminal psychology, financial systems, investigative mindset.
• Tech and coding knowledge are helpful but not always required; analytical and behavioral insight are key.

Takeaways: Action Steps for Listeners

• Use encrypted, unique emails for financial accounts.
• Set strong, unique passwords—never use auto-generated or browser-stored ones.
• Change your router and Wi-Fi passwords.
• Set a SIM PIN on your phone today—never use the default.
• Employ a reliable VPN, especially on public networks.
• Regularly delete your browsing history and review data-sharing settings on all apps/devices.
• Travel with financial caution: minimize expose, avoid real-time posting, and guard credit cards.
• If you're considering a cybersecurity career, focus just as much on behavioral and data analysis as on technical skills.

Final Word

As Mirav observes, the information can feel overwhelming, but as Rivka reassures:
"It's an exciting field and there's a lot of opportunity in it." (45:10)

The clear message: most cybercrimes are preventable with vigilance, modern tools, and by “thinking like a criminal”—and there is both need and room for people to join the ranks of those keeping others safe.