Hacking Humans
Recent Episodes
This week, our hosts Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up, listener Jay shared how Robinhood tackled a $25.4 billion phone scam problem with a simple fix—a bright yellow in-call banner that warns users, “We’re not calling you. If the caller says they’re from Robinhood, they’re not—hang up.” Meanwhile, Myanmar’s military blew up a major online scam center at KK Park, forcing over 1,500 people to flee into Thailand. Listener JJ reminds us it’s “CAC cards,” not just “CAC,” and Shannon reports from Scooter’s Coffee, where customers are now bringing chickens for pup cups—proving some pets really do rule the roost. Maria’s story is on Bitdefender and NETGEAR’s 2025 IoT Security Report, which found smart homes now face triple the attacks of last year—about 29 a day. Dave’s story is on a cloud architect who exposed his AWS keys online, letting attackers hijack his account for crypto-mining and phishing. His takeaway: secure keys, limit privileges, and assume it can happen to you. Joe’s got the story of scammers posing as banks or the FTC, using fake security alerts to trick older adults into draining their savings. The FTC says losses are skyrocketing—so don’t move money or trust surprise calls or pop-ups. Our catch of the day comes from the Scams SubReddit, where a scammer got way more than what they signed up for in a text chain.
This week, our hosts Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. In our follow up, our hosts respond to a listener who wrote in with an insightful question about the role of wealth in scam susceptibility. Joe's story covers how a fake AI recruiter lures developers with a GitHub “technical assessment” that, when run, unleashes a five-stage malware chain to steal credentials, wallets, and install persistent backdoors. Maria has the story on a Halloween-themed phishing scam that lured victims with a fake Home Depot giveaway, using obfuscated code, stolen email threads, and tracking pixels to trick users into handing over personal and payment information. Dave’s story is on a convincing phishing email claiming Dashlane was hacked, showing how fear and urgency—even in obvious scams—can make anyone second-guess before thinking twice. Our catch of the day is from the scams sub-Reddit thread, and is how one user received a message from their "aunt" who wanted to be nice and grab the user a present.
This week, while Dave Bittner is on vacation, hosts Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Users are reporting a potential new Signal scam involving fake in-app messages posing as official support, though Signal confirms it never contacts users first and only communicates via Signal email addresses. Joe’s story is on South Korea targeting Cambodia’s scam industry after reports of kidnappings, torture, and a death, as officials crack down on criminal groups luring citizens into forced online fraud operations across Southeast Asia. Maria has the story on how AI-driven scams like deepfakes and virtual kidnappings are increasingly targeting Gen Z, using fake voices and videos to power extortion schemes that exploit their mobile-first, always-online lives. Listener DarkProphet6 shares a clever phishing attempt disguised as a fake Cloudflare “I’m not a robot” check, which tried to trick users into pasting malicious code into their terminal — a move that could have created a remote shell for attackers.
Scams that steal more than money.
This week, our hosts Dave Bittner , Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Dave's story is on how older aspiring models like Judy were scammed into paying hundreds for fake photoshoots, and how to avoid falling for similar tricks. Joe’s got the story of how Bitcoin ATMs are being exploited by scammers, costing Americans millions and targeting mostly older victims. Maria's got the story of a rapidly spreading WhatsApp “Vote for My Child” scam across Europe that hijacks accounts and extorts money through emotional trickery. Our catch of the day comes from Reddit, where a user is messaged by the one and only Barack Obama.
This week, our hosts Dave Bittner , Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Listener Chad wrote in after hearing an episode to share that he received a suspicious call that sounded like a prison-related scam. Maria’s story is on a new Consumer Reports study revealing a surge in texting and messaging scams, with young adults hit hardest and major disparities in who loses money. Joe covers the story on YouTuber Tai Lopez — famous for his “here in my garage” videos — being charged by the SEC for running a $112 million Ponzi-like investment scheme. Dave’s got the story on a new Android trojan called Datzbro that targets seniors with AI-generated Facebook travel events, leading to device takeovers and financial fraud. Our catch of the day comes from listener Cameron, who shares an "urgent message from Union Bank."
