Hacking Humans 8.10.23
Ep 254 | 8.10.23

AI: A battle between heroes and villains.


Dave Baggett: There's a general theme that we see with attackers, where they will use things that are big in the news to snare people. We saw it with COVID, we saw it with crypto, and now we're seeing it with chatGPT. As soon as that happened, the attackers realized, Oh, I can exploit this, and I'll send people mail that looks like it's from chatGPT to harvest their credentials.

Dave Bittner: Hello everyone and welcome to the CyberWire's "Hacking Humans" podcast, where each week we look behind the social engineering scams, the phishing schemes, and criminal exploits that are making headlines and taking a heavy toll on organizations around the world. I'm Dave Bittner and joining me is Joe Carrigan from the Johns Hopkins University Information Security Institute. Hello, Joe.

Joe Carrigan: Hi, Dave.

Dave Bittner: We've got some good stories to share this week. And later in the show, my conversation with Dave Baggett. He is CEO and founder at INKY. We're talking about some of the trends that he's tracking in phishing. ( Synthesizer music playing ) All right, Joe, we've got some good stories here. Why don't you kick things off for us?

Joe Carrigan: Dave, there is a Russian APT - that's advanced persistent threat.

Dave Bittner:: Yes.

Joe Carrigan: That Microsoft is calling Midnight Blizzard [laughter]. We need to stop giving these guys cool names.

Dave Bittner: Yeah, Microsoft recently revamped their naming -

Joe Carrigan: Yeah.

Dave Bittner: -- framework for these sorts of things. So -

Joe Carrigan: They called it something else, like - like, it sounded like an element or something.

Dave Bittner: Well, that was the thing. Microsoft used to name things after elements. That was their standard.

Joe Carrigan: Are there more threat groups now than there are elements?

Dave Bittner: I think they're running out of elements, yes, but also this framework has some logic behind it. Where, like, "midnight" refers to one thing and "blizzard" refers to the other. And -

Joe Carrigan: So it's not just two random words.

Dave Bittner: No, no, it's not. There's a method to their madness, but that doesn't make it any less mad.

Joe Carrigan: Right [laughter]. Because I'll bet it's - I'll bet it's all cool words that when put together sound pretty awesome.

Dave Bittner: I'm just, yeah. I hate to complain about something when I don't have a better answer, but I really do wish we had a better system for naming these threat actors. Because it's all over the map, and the big organizations give them different names. And so as someone who reports on these things, I end up listing off five different names when referring to something just so everybody knows what we're talking about.

Joe Carrigan: Yeah. It's just -

Dave Bittner: There has to be a better way, Joe.

Joe Carrigan: It's just APT 29, right?

Dave Bittner: Yeah.

Joe Carrigan: They're just affiliated with APT 29, so just call them that.

Dave Bittner: Yeah.

Joe Carrigan: Advanced persistent threat number 29.

Dave Bittner: Yeah, that's not cool when you're trying to sell someone defenses.

Joe Carrigan: Yeah, that's right.

Dave Bittner: And this kind of stuff.

Joe Carrigan: Maybe that's what it is. Maybe it's marketing, you know, for these -- all the cyber companies out there.

Dave Bittner: Yes.

Joe Carrigan: You've got to be ready for Midnight Blizzard. What's Midnight Blizzard? That sounds scary.

Dave Bittner: Count on it, yes, absolutely. All right, so what's going on -

Joe Carrigan: But we have digressed once again.

Dave Bittner: We didn't even - we didn't get two minutes into the show before we -

Joe Carrigan: No.

Dave Bittner: -- digressed. So tell me more about Midnight Blizzard.

Joe Carrigan: So these guys are conducting attacks on Teams users by using compromised Microsoft 365 accounts. And these compromised accounts are coming mostly from small businesses.

Dave Bittner: Okay.

Joe Carrigan: So these guys have gone into small business accounts, compromised the account. They're using that compromised account then to stage attacks on other Teams users.

Dave Bittner: Okay.

Joe Carrigan: They have targeted fewer than 40 organizations, which to me speaks of a very manual operation, a deliberate operation.

Dave Bittner: Right.

Joe Carrigan: And Microsoft notes that these guys are - are very deliberate. They're state sponsored.

Dave Bittner: Yeah.

Joe Carrigan: They're linked with Russia. And they are going after government, non-governmental organizations, NGOs, which are like non-profits and things like that that advise government bodies and things of that nature.

Dave Bittner: Yeah.

Joe Carrigan: They're going after IT services, technologies, manufacturing, and media.

Dave Bittner: Okay.

Joe Carrigan: So this - this lines up with an espionage program.

Dave Bittner: Sure.

Joe Carrigan: Right? Once they have compromised the small business account - oh, by the way, I want to talk about that a little bit.

Dave Bittner: Yeah?

Joe Carrigan: This is another reason for small business people to think -- well mostly small business people to think, Okay, maybe I am a target for these bad guys. All too often, one of the things I hear is nobody cares about me, I have a small business.

Dave Bittner: Right.

Joe Carrigan: And I frequently tell people, You have a lot of things these guys are interested in, and here is one of them. Just your Microsoft 365 account is of value to a nation-state actor. So yes, sometimes you may fall into the sights of a nation-state actor to run a campaign like this.

Dave Bittner: Right.

Joe Carrigan: And this is primarily a social engineering attack. They create domain - domains, rather, that look a lot like the Microsoft domain. They're not the Microsoft domain. And then they are targeting people that meet one of two criteria. Either these are people they already have the username and password for.

Dave Bittner: Okay.

Joe Carrigan: Or the person is using passwordless authentication from Microsoft. Couple months ago, maybe a year ago, couple years ago, I don't know, I said I was going to passwordless authentication with my Microsoft account.

Dave Bittner: Okay.

Joe Carrigan: And it's great.

Dave Bittner: Yeah.

Joe Carrigan: But it relies on you having Microsoft's authenticator on your phone.

Dave Bittner: Oh.

Joe Carrigan: I tried this today, actually. I logged into my Microsoft -- my personal Microsoft 365 account, and I hadn't logged in on this computer in a while, and the computer said -- well, the application said, Look at your authenticator. I didn't have to enter a password at all. I just told it who I was. And then when my phone said, Hey, are you trying to log in? I said, Yes. And I was in.

Dave Bittner: Right.

Joe Carrigan: And it was great. And it's pretty secure, but it is subject to a social engineering attack. So both of these require -- both these methods require that a user enter a code from the Microsoft Authenticator app or click on a number. First, the attacker tries to connect with the target on Teams, convincing them that they are from Microsoft support. So the target gets a message that says, "Microsoft Identity Protection wants to chat."

Dave Bittner: Oh.

Joe Carrigan: So that sounds pretty scary, I would say, right?

Dave Bittner: So help me understand here, because I'm not a Teams user.

Joe Carrigan: Right:

Dave Bittner: Does Teams out of the box have, like, cross-organization communication open? So -

Joe Carrigan: I don't know because I'm not a Teams administrator.

Dave Bittner: Okay.

Joe Carrigan: But I've heard that, yes, you can - you can do that.

Dave Bittner: Okay.

Joe Carrigan: And I know that - I know that you can do that, but I don't know if it comes out of the box like that. That's really the question I don't know the answer to.

Dave Bittner: Okay.

Joe Carrigan: It may come out of the box with that disabled and you have to enable it.

Dave Bittner: Yeah.

Joe Carrigan: But again, I don't know.

Dave Bittner: Yeah, okay.

Js: But if you accept that message, if the target accepts the message and says, Oh, Microsoft Identity, what do you need me to do? They get a message that reads, Help us keep your account secure. We detected a recent change applied to your preferred multi-factor authentication methods for your security. And to ensure that only you have access to your account, we ask that you verify your identity. Open your Microsoft Authenticator app and enter the number 81. That's the message that gets sent to them. Now, what they're doing is logging into the user's account. It's showing them the number that they have to enter. And then they're saying to the user, these are all the bad guys doing this. They're saying to the user, Go ahead and open your Authenticator app and enter the number 81 so I can get into your account.

Dave Bittner: Oh.

Joe Carrigan: But the user doesn't know that. They leave that last part off, right, so I can get into your account.

Dave Bittner: Right.

Joe Carrigan: So if the user obliges them and does this stuff, they get access - they -- what they get is an authentication token and they are in.

Dave Bittner: The bad guys.

Joe Carrigan: the bad guys are in, yeah, right. So that's it. It's just a social engineering attack using a compromised Teams account. They then change the Team's account to impersonate Microsoft Tech Support or Identity Protection. They send you a message saying that they're from Microsoft identity protection. Enter this code into your authenticator app. You look at your phone. Lo and behold, there it is.

Dave Bittner: Right.

Joe Carrigan: The prompt to enter a number. You enter the number, and you have just let them into your account.

Dave Bittner: And -- and they've managed to do an end around on your -

Joe Carrigan: Multi-factor authentication. So how do you protect yourself from this?

Dave Bittner: Yes.

Joe Carrigan: Right? Well, if you're a person, you know, this is just for the individual user out there --

Dave Bittner: Say, good luck, good news, Joe, I am indeed a person.

Joe Carrigan: Right, as opposed to the rest of the advice which I'm going to have for organizations.

Dave Bittner: Got you.

Joe Carrigan: But if you're an individual user -

Dave Bittner: Yeah.

Joe Carrigan: If you're not logging in, don't enter any codes and don't click on anything. Remember that this multi-factor authentication through the Authenticator app, the Microsoft Authenticator app, is only for when you're logging in. Not to verify your identity to some Microsoft user. There are other ways to make that happen. But in order for you to log into your account, that's really the only use case for you entering a number or clicking on a number in Microsoft Authenticator, okay? The problem with that, Dave, is that that will never scale to an organizational size, right? Because if you have a thousand people and you tell them, Don't do this, 10% of them might very well do it.

Dave Bittner: Right.

Joe Carrigan: They're going to forget.

Dave Bittner: There's always Bob in accounting.

Joe Carrigan: Right. That's right. It's always Bob in accounting.

Dave Bittner: He clicks everything.

Joe Carrigan: So Microsoft recommends that you -- that you have an organization, as an organization, you use quote "phishing-resistant authentication methods". They also -- interestingly enough, there's another article that is linked to from this first blog post. By the way, this all comes from a blog post on Microsoft. I never said that.

Dave Bittner: Oh, okay.

j: But they link to another blog post that says phishing-resistant authentication methods, and they have the continuum there. But up at the top of the most secure ones is the passwordless authentication from Microsoft Authenticator, which I think can still be socially engineered. Maybe I'm wrong.

Dave Bittner: Right.

Joe Carrigan: But if all I have to do is click on a button or enter a code, if someone calls into the target and says, Click on this button and enter the code, don't do it So I recommend don't do that. Just go with, like a FIDO2 key.

Dave Bittner: Yeah.

Joe Carrigan: Something like a YubiKey or Google Titan or anything that is FIDO2 compliant.

Dave Bittner: Right.

Joe Carrigan: Go with that. There's other things that are, like, certificate based that are -- are good But then you have to get into key management. FIDO2 has key management all wrapped up in it. It's very nice. There's also Squirrel. We get angry letters from people that are big fans of Squirrel every time I talk about this.

Dave Bittner: Okay.

Joe Carrigan: That's available. It's open source and all that stuff. And it uses zero knowledge proofs -

Dave Bittner: Yeah.

Joe Carrigan: -- to authenticate you, which is good. But I think that the FIDO key, the hardware key is much easier for the average user to understand. You want to authenticate yourself, you put this thing into your USB port, and when you're prompted, you touch it.

Dave Bittner: Right.

Joe Carrigan: That's it.

Dave Bittner: Yeah.

Joe Carrigan: That's the workflow. They also said, Educate your users about social engineering, and only allow specifically trusted Microsoft 365 organizations to talk to your people. So this is an attack surface reduction technique. If you don't have a business reason to talk to someone on Teams, then no talking to them. Period.

Dave Bittner: Yeah.

Joe Carrigan: They should -- somebody should have to request access or, you know, they -- you have a business relationship with the company XYZ. Company XYZ should request access to be able to send your people messages. And then somebody -- there should be a process in place that evaluates that. How do we know company XYZ?

Dave Bittner: Yeah.

Joe Carrigan: Do they give us money? Do we give them money? Okay, then maybe we should - we should let them talk to our people. But if we don't, no.

Dave Bittner: Yeah, right. So if you get something like this at work -

Joe Carrigan: Right, well, actually, you ==

Dave Bittner: You should contact your IT people, your tech support people, your security people.

Joe Carrigan: Absolutely. If you - if you limit the number of people -- limit the organizations that can send your people messages, you may not -- they may not even see the message.

Dave Bittner: Right.

J; I'm not exactly sure how this works in Teams. Like I said, I'm not a Teams administrator.

Dave Bittner: Yeah.

Joe Carrigan: But I would -- I would be shocked if some rando from some organization you don't allow to talk to you could send you a message and you would even see anything.

Dave Bittner: Right. Yes. I don't know the answer to that either. I'm not a Teams user myself, but it seems like at the very least, that would be a pretty easy option for a Team's administrator to disable.

Joe Carrigan: Yes. It should probably do so.

Dave Bittner: Yes. Yeah. Huh, interesting. The difference with the FIDO key is that that has to be applied locally, right? You're on the machine that's requesting the authorization, and the FIDO key has to plug into that machine.

Joe Carrigan: Right.

Dave Bittner: Whereas the code that comes from the authenticator, there's the opportunity to pass that along verbally.

Joe Carrigan: Correct.

Dave Bittner: To someone who's in a different location --

Joe Carrigan: Yes.

Dave Bittner: -- than you.

Joe Carrigan: And there is no way to man-in-the-middle the FIDO key.

Dave Bittner: Right.

Joe Carrigan: Because the requesting organization, the requesting domain, is part of the key generation process. So it won't work if there's a man in the middle. The key won't be right, or the challenge and response won't be right.

Dave Bittner: Right, right.

Joe Carrigan: Because it will be a different key, because it'll evaluate what the requesting URL is.

Dave Bittner: Yeah. I'm surprised something doesn't get in the way, and just forgive me, this is probably my own ignorance when it comes to how a lot of this stuff works, and I know you're -- you have a deeper knowledge than I do when it comes to this stuff, but I'm surprised that the Microsoft Authentication app -

Joe Carrigan: Right.

Dave Bittner: -- the app that you're using to authenticate things, doesn't have its own under-the-hood key that was spun up when you initially activated that app on your device. In other words, if someone tries to spin up Microsoft Authenticator on a different device than yours -

Joe Carrigan: Right.

Dave Bittner: -- you would end up with a non-matching key and you have to jump through additional hoops in order to get it working.

Joe Carrigan: That may be the case, that that exists. I don't know.

Dave Bittner: Yeah.

Joe Carrigan: But if I can just go to the user and say, Enter this code -

Dave Bittner: Right.

Joe Carrigan: -- and the way it's designed -- and it's pretty well designed from a usability standpoint. I will say that it's - it's easy to use, and if you can use it, if that's part of your multi-factor regimen, that's fine.

Dave Bittner: Yeah.

Joe Carrigan: But the key difference here is that it is two channels of communication.

Dave Bittner: Right.

Joe Carrigan: I'm going into the web server asking to authenticate, and I'm getting the authentication channel on a different device, presumably on a completely different network.

Dave Bittner: Right.

Joe Carrigan: In fact, today when I did that, that's exactly what it was. It came over my mobile network as opposed to coming over the Johns Hopkins network.

Dave Bittner: Okay.

Joe Carrigan: So the authentication request came through one network while my -- my agreement to the authentication request came in a different network. It has already been established that I am the identity. Oh, and I have to use a biometric to - to authenticate as well. So I have to use the Google phone biometrics to say, Yep, that's me, go ahead and let me in.

Dave Bittner: Yeah, it's interesting how the bad guys continue to nip around the edges at -

Joe Carrigan: Yeah.

Dave Bittner: -- this kind of stuff and yet, seems like the FIDO2 devices stand tall.

Joe Carrigan: Yeah. They're - you know, the -

Dave Bittner: They're the gold standard.

Joe Carrigan: We had that story a couple -- maybe about a year ago now, where Google introduced their FIDO solution. They call it Titan.

Dave Bittner: Right.

Joe Carrigan: They just gave everybody in Google Titans.

Dave Bittner: Right.

Joe Carrigan: And nobody has had their account taken over.

Dave Bittner: Right.

Joe Carrigan: Since that happened.

Dave Bittner: Right. The success rate was, like, 100% [laughter].

Joe Carrigan: Which, I mean, if that's your success rate, I mean, why isn't everybody going, I'll take that, give it to me.

Dave Bittner: Yeah.

Joe Carrigan: I mean, they're 50 bucks a piece, I get that.

Dave Bittner: There's your answer.

Joe Carrigan: Well, yeah, but still.

Dave Bittner: Right, there's your answer. They're 50 bucks a piece, and the Authenticator app is free. There's your answer. You know, so unfortunately, that's the sad reality.

Joe Carrigan: Yeah, I would - I think that's - that's not a good business decision. I mean, because these things are so effective at stopping account takeover.

Dave Bittner: Yeah.

Joe Carrigan: It's just -- there's going to have to be a ton of security research into well-established cryptographic primitives that we've been using for years to break this methodology, this FIDO2 system.

Dave Bittner: Yeah.

Joe Carrigan: There is no reason to not pay the $50, it is so good. Just do it. Just buy the ticket. Do what Twitter did. Twitter bought two YubiKeys for every person on the payroll, and said, Hey, here's a gift for you. By the way, you're going to need to use one of these to authenticate from now on.

Dave Bittner: Yeah. Yeah, it's - it's part of our onboarding process.

Joe Carrigan: Yeah.

Dave Bittner: Everybody gets -

Joe Carrigan: You guys use Google Titans, right?

Dave Bittner: -- it's standard. I can neither confirm nor deny that.

Joe Carrigan: Oh. Well, I will say -

Dave Bittner: We do. We use Google Titans.

Joe Carrigan: I use a YubiKey. That's my device.

Dave Bittner: Yeah. Yeah.

Joe Carrigan: Any FIDO2 compliant device will work.

Dave Bittner: I mean, they work great. Yeah. And look, granted, every now and then with any of these things you find yourself in a situation where you're pounding your head against the desk because you just want to get into the thing that you need to get into and whatever your authentication system is, it's throwing up roadblocks.

Joe Carrigan: Right.

Dave Bittner: And you just need to take a breath and remind yourself it's worth it.

Joe Carrigan: Right.

Dave Bittner: You know, as frustrating as it is in the moment -

Joe Carrigan: Yes.

Dave Bittner: -- ultimately, it's worth it. So, all right. Well, we will have a link to that story in the show notes. Very interesting indeed. My story comes from our old pal, Mallory, over at --

Joe Carrigan: Mallory Sofoste.

Dave Bittner: Yeah, over at WMAR2. That's the ABC affiliate here in our hometown of Baltimore. And this is a scam that she covered on their news program there. This is about someone who dodged a Facebook marketplace scam but found themselves nearly victimized, or, actually, well, victimized but all's well that ends well with a different scam. I'm getting ahead of myself. So -

Joe Carrigan: Yes.

Dave Bittner: This is a gentleman named Jake Larkin who bought a house. And when he settled on the house and went to move into the house, the previous owner had left some furniture in the house. And this, you know -

Joe Carrigan: That happens.

Dave Bittner: Yeah, not a crazy thing that happens. So he didn't need this furniture, so he listed the furniture on Facebook Marketplace. And right away somebody reached out and said, I'd like to buy that furniture for $100. He immediately got an email through Zelle, which is one of the online payment companies, or -- let me say purporting to be Zelle -

Joe Carrigan: Right.

Dave Bittner: -- saying that in order for him to get $100, he had to ask the buyer for $200 more and then refund the buyer the $200 back later.

Joe Carrigan: Okay, let me - let me do the math here. So Jake is told the guy is going to have to send you $300 and you're going to have to give him $200 back.

Dave Bittner: That's right. That's right.

Joe Carrigan: Okay.

Dave Bittner: So -

Joe Carrigan: The guy still has to send $300 bucks, right?

Dave Bittner: Well, uh -

Joe Carrigan: Wait, I think I know what this is.

Dave Bittner: Yeah.

Joe Carrigan: It's like a check floating scam.

Dave Bittner: I think you're right.

Joe Carrigan: Where they say, we're going to send you $300 and you send us $200 back, and then you keep the $100.

Dave Bittner: Right, that's exactly what they're doing.

Joe Carrigan: But actually what happens is the $300 payment gets clawed back somehow and Jake is out $200.

Dave Bittner: Right.

Joe Carrigan: Got it.

Dave Bittner: So, here's where it gets interesting. So, this raises Jake's suspicions.

Joe Carrigan: Right, as it should.

Dave Bittner: Yes, this is very odd.

Joe Carrigan: Because Zelle doesn't work that way.

Dave Bittner: Right. So Jake Googles Zelle customer service. And he calls up Zelle customer service. And the person on the line says this is a common problem, it happens all the time, and gives him instructions for how to resolve it. But it's a lot, and Mr. Larkin, who's the victim here, says he was just confused.

Joe Carrigan: So no money has changed hands yet?

Dave Bittner: I -- the initial $100 may have come in, I don't know.

Joe Carrigan: Okay.

Dave Bittner: But he gets off the phone with the person claiming to be customer support. Remember, the person he called because he got the customer support phone number from Google.

Joe Carrigan: Right. So what -- that -- that's probably another one of those ads it sounds like.

Dave Bittner: So after he gets off the phone with the customer service person, the person claiming to be customer service, customer support, he logs into his account and he notices that his bank account is practically empty. His bank account that's linked to Bank of America is practically empty. So he calls Bank of America.

Joe Carrigan: Right.

Dave Bittner: Fortunately, the folks at Bank of America were able to make him whole.

Joe Carrigan: Okay.

Dave Bittner: There's several thousand dollars that were taken out of his account.

Joe Carrigan: Huh.

Dave Bittner: And that all happened because the person who he had talked to, who was pretending to be customer support it turns out -

Joe Carrigan: Right.

Dave Bittner: -- was basically able to sort of weave this spell and fast talk him and confuse him, baffle him, to the point where he had access to his Zelle account and was able to drain it.

Joe Carrigan: I see.

Dave Bittner: Okay? So, fortunately -

Joe Carrigan: It sounds like there's two scams going on here.

Dave Bittner: Well, yes. So, the first scam was the, as you say, the variation on the check floating scam.

Joe Carrigan: Right.

Dave Bittner: Right. And that is where you post something on Facebook Marketplace, somebody immediately replies and says, Good news, I want to buy that, and then they start that process, okay? Well, Jake was on to that, and he wasn't going to fall for that.

Joe Carrigan: Right.

Dave Bittner: So he calls what he thinks is Zelle Customer Service, and he falls for a second scam. The scam from, as you predict, I think we can say with confidence that your prediction is accurate, that it was one of these Google ads.

Joe Carrigan: Right.

Dave Bittner: That are scam ads.

Joe Carrigan: Yeah.

Dave Bittner: Where the bad guys pay to be the top listing on Google when you search for something like Zelle customer service. And let's think about the math here. Suppose I'm a bad guy and I pay $100 to put that ad in front of somebody.

Joe Carrigan: Right. Whenever they -

Dave Bittner: If I can drain their bank account -

Joe Carrigan: Yeah, whenever they - whenever they say, Zelle customer support, they see my ad --

Dave Bittner: Yeah.

Joe Carrigan: -- as the first search result.

Dave Bittner: Right, right. Totally worth it.

Joe Carrigan: Yeah. So all's well that ends well here. But Dave, I guarantee it's not $100 to put that ad in front of somebody.

Dave Bittner: No?

Joe Carrigan: It's probably $2 or $3.

Dave Bittner: You know, I don't -- it could be, but I don't know because it's been a long time since I've been in this world or even, you know, played with any of it. And there are some targeted categories that get very expensive very quickly. If you want to be a top result, you can pay a lot.

Joe Carrigan: Huh.

Dave Bittner: But I don't know where - I don't know what that environment is like these days. You may be right, but I think it is more than -- I think it's more than you would think it would be.

Joe Carrigan: Really?

Dave Bittner: I think so, and I'll count on our listeners to let us know. I imagine we have folks who function in this world and may know exactly how it works. So if you do, let us know and we'll do some follow-up about that. In the meantime, so, Bank of America makes him whole.

Joe Carrigan: Right.

D: He does get in touch with Bank of America. It's quick enough, they're able to claw it back, so he's not out the money, and that's good luck for him. But I would say, That's luck.

Joe Carrigan: Yeah.

Dave Bittner: Right?

Joe Carrigan: Yeah, a lot of times with Zelle, it's gone.

Dave Bittner: Yeah, yeah, so I think because he had the good sense to call Bank of America -- first of all, to notice that the money was gone so quickly -

Joe Carrigan: Right.

Dave Bittner: -- and then to call Bank of America, that's probably what saved him. And Mallory called the phone number that he had called to try to reach Zelle customer service.

Joe Carrigan: Really?

Dave Bittner: And was immediately directed to someone claiming to be Zelle customer service. She disclosed that she's a reporter and the person immediately hung up the phone.

Joe Carrigan: That's right. That's right. [Laughter] You know what Mallory needs to do?

Dave Bittner: What?

Joe Carrigan: She needs to drive to Virginia.

Dave Bittner: Yeah?

Joe Carrigan: Right? Which is just -- is a little bit of a drive because she's out of Baltimore, so she has to go down to Virginia.

Dave Bittner: Okay.

Joe Carrigan: Virginia is a one-party consent state.

Dave Bittner: Oh, I see.

Joe Carrigan: Right?

Dave Bittner: Right.

Joe Carrigan: Maryland, they need both parties to consent.

Dave Bittner: Yeah.

Joe Carrigan: So that's why she has to say, I'm a reporter and I'm doing this. But if she goes to Virginia and makes the phone call from Virginia, she should check with her legal department. I'm pretty sure that's nice and legal.

Dave Bittner: Right.

Joe Carrigan: And she can just talk to the guy and "I'm not sure you're Zelle customer service" and - and record the entire phone call as long as she knows it's being recorded. That's acceptable.

Dave Bittner: Yeah. So, you know, Mallory did reach out to Zelle's customer service, and they gave a pretty standard response. You know, we can -- we monitor things, we do lots of takedowns, we investigate these things, we're - we're doing our best. And, you know, I - I believe they are. To me, the party that needs to do a better job with this is Google.

Joe Carrigan: Yes.

Dave Bittner: I think it's bonkers and baffling that Google can't get a handle on this.

Joe Carrigan: You know, I'd like to have Ben on the phone every - every time we record an episode, Ben Yellen, because I'd like to know, Does - do companies like Zelle and Bank of America have standing? Can they call, or can they file a lawsuit against Google and say, Look, your practice of selling ads to scammers is costing us money.

Dave Bittner: Right.

Joe Carrigan: We're going to sue you for it.

Dave Bittner: Yeah.

Joe Carrigan: Because our customers are calling the first thing that comes up that you've engineered to be the thing they click on, so you get the money and we're out six grand.

Dave Bittner: Yeah. I would imagine -

Joe Carrigan: And that happens a hundred times a day.

Dave Bittner: Yeah, that's interesting. Maybe I'll ask Ben about that, because I suspect that they -- that Google is using their section 230 privilege and claiming to be just a platform, but they're selling ads. They're making money off of these ads.

Joe Carrigan: I don't think that applies when you're selling ads.

Dave Bittner: Right. I mean, how can you not be liable for a fraudulent ad that you've sold and have featured, put in front of someone. Google has great lawyers and I'm sure, you know, there's -- there are reasons.

Joe Carrigan: Right. But I don't understand them.

Dave Bittner: Yeah, I don't get it either.

Joe Carrigan: Yeah. Google doesn't have a bunch of knucklehead lawyers, right? You know, like you said, they have great lawyers.

Dave Bittner: Yeah.

Joe Carrigan: But so do the banks.

Dave Bittner: Right.

Joe Carrigan: Let them hash this out. Because people - people like Jake here, they're never going to go up against Google's lawyers and win.

Dave Bittner: True.

Joe Carrigan: You know, Google, first off, they'll just play the long game and wait them out.

Dave Bittner: Yeah. I would also say that perhaps there's a regulatory component here as well.

Joe Carrigan: Oh, I think there's a big regulatory component. There's an opportunity right there.

Dave Bittner: Yeah.

Joe Carrigan: Somebody from the FTC, the Federal Trade Commission, should be looking at this. I'm sure they are. I hope they are.

Dave Bittner: Yeah.

Joe Carrigan: But yeah, this is - this is exactly the kind of thing that we can all agree the government needs to protect the people from these - these tech companies who just show people ads just because somebody paid them.

Dave Bittner: Right.

Joe Carrigan: As you suggest, a couple hundred dollars.

Dave Bittner: Yeah, or whatever. Yeah, just -- they've got to get a handle on this. It's clear to me that this is growing, and, you know, I believe that the platforms are doing their best to fight it, but they're not succeeding.

Joe Carrigan: No.

Dave Bittner: So, they've got to figure it out. And, you know, perhaps the simple answer is until that day comes, turn off the ads.

Joe Carrigan: Right.

Dave Bittner: Right?

Joe Carrigan: Turn off the targeted ads.

Dave Bittner: Yeah, turn off these, you know, any -- yeah, I don't know. Can't do it at scale, Joe. Can't do it at scale.

Joe Carrigan: If you can't do it at scale, what should they not do?

Dave Bittner: They should not do the thing.

Joe Carrigan: Right.

Dave Bittner: Yeah. All right. Well, that is my story. I'll have a link to that in the show notes. And of course, we would love to hear from you. If there's something you'd like us to consider, you can email us. It's hackinghumans@n2k.com. Joe, it's time to move on to our "Catch of the Day".

[ Soundbite of reeling in fish line ]

Joe Carrigan: Dave, our "Catch of the Day" comes from Mauricio, who writes, "Hi, Dave and Joe. Not sure if you will be able to listen to this voicemail," which we will be able to play it. We are a podcast. We do audio stuff. "I found this scam hilarious, about a potential W2 refund. Being the son of an accountant, there is no such thing as a W2 refund. That's -- those two words don't go together.

Dave Bittner: Okay.

Joe Carrigan: Also being the father of an accountant, I'm sure my son would be pulling his hair out [laughter]. Not sure who would fall for this, but I hope not too many people out there. Here's the thing, though.

Dave Bittner: Yeah.

Joe Carrigan: I say W-2, everybody out there thinks IRS and taxes. And everybody with a job who that's their only source of income, they start thinking about, Well, what do I need to file my -- what do I do with my W-2 while I file my taxes?

Dave Bittner: Yeah.

Joe Carrigan: You know, maybe 1040 refund would be more effective, but W-2 is the form everybody's more familiar with.

Dave Bittner: Okay.

Joe Carrigan: I would say.

Dave Bittner: Yeah.

Joe Carrigan: All right, well, here's the voicemail.

[Computer-generated voice 1]: Hi, this is Ken Davis doing a follow-up regarding your refund. Today is Thursday, the 20th. Could you give us a call at the refund department? Phone number is 855-376-9188. Again, phone number 855-376-9188. I still see here that your business should be entitled to retroactively claim the W-2 employees. This is -- on payroll during 2020 and 2021. If you have a few minutes, we'll need to update you with a total refund amount going back to your business as well - sorry. As well as the time frame you would be receiving your refund check. So, look forward to speaking to you. Bye bye.

Dave Bittner: Good news, Joe. We're gonna be rich.

Joe Carrigan: Yeah, that's right. This company is - okay, so now it's targeted for a company.

Dave Bittner: Yes.

Joe Carrigan: So I hadn't heard this before now. So again, companies don't file W-2s. They send W-2s out to employees.

Dave Bittner: Right.

Joe Carrigan: And companies don't get refunds of any taxes that were overpaid. Employees do.

Dave Bittner: Right.

Joe Carrigan: This doesn't make sense to me at all.

Dave Bittner: Right.

Joe Carrigan: But only because I grew up steeped in this - in this culture.

Dave Bittner: You are an accountant sandwich, Joe.

Joe Carrigan: Yes, I am. That's right.

Dave Bittner: Both above you and below you.

Joe Carrigan: Right, with engineer meat.

Dave Bittner: All over. Yes, engineer meat in the middle, right. Yeah, I mean one of the things that strikes me about this voicemail itself is how sort of calm, nonchalant, and matter-of-fact -

Joe Carrigan: Yeah.

Dave Bittner: -- the person on the line is.

Joe Carrigan: Did -- did they pay somebody to do this or do you think that's artificially generated?

Dave Bittner: I think it's a person. The fact that they were interrupted, you know, who knows. They're interrupted by, you know, maybe their kid asking for a peanut butter and jelly sandwich.

Joe Carrigan: Right.

Dave Bittner: Or someone else in the call center, which is probably more likely. So -- but I think that's what's interesting about this is how, on the surface, how benign it is, right?

Joe Carrigan: Right.

Dave Bittner: We often hear these things have a sense of urgency. There's no sense of urgency in this person's voice.

Joe Carrigan: Right.

Dave Bittner: But there is urgency in that, Hey, you know, you got money waiting for you, so -

Joe Carrigan: Right. They're not really - they're not trying to scare you here. They're trying to appeal to your greed.

Dave Bittner: Exactly.

Joe Carrigan: So, you know, which, when I say greed, I don't mean the pejorative term of greed.

Dave Bittner: Yeah.

Joe Carrigan: Greed is a survival mechanism. It's what helps us get to where we are in the world, right? But it's, hey, there's resources out there that, in this case, I'm entitled to, I should go get them.

Dave Bittner: Right.

Joe Carrigan: Yeah, this is - this is interesting. Part of me wants to get a burner phone and call the number. See what happens [laughter].

Dave Bittner: There you go.

Joe Carrigan: But I'm certainly not calling them from my phone number.

Dave Bittner: There you -- that's right. Good advice. All right, well, thanks, Mauricio. We appreciate you sending that in. And again, we would love to hear from you. If you have something you'd like us to consider for our "Catch of the Day," you can email us. It's hackinghumansatn2k.com.

Dave Bittner: Joe, I recently had the pleasure of speaking with Dave Baggett. He is CEO and founder at INKY, and we're talking about some of the trends that he and his colleagues are tracking when it comes to phishing. Here's my conversation with Dave Baggett.

Dave Baggett: One of the things that we do I think that may be a little different from - from a lot of the email protection companies is we really try to study the attacker's tactics. And not only understand them, but create countermeasures against them that generalize to new examples. So rather than just identifying some narrow tactic and putting in a fix for that, we try to take a step back and understand, Well, what is the general concept behind what they're doing, and can we - can we make a system that will recognize that tactic and not just handle that one specific example, but future examples which we might imagine? So, we'll talk about a few of those today. An example is just a general brand impersonation, right? We know that a lot of phishers will impersonate brands like Microsoft and others. And so we've developed techniques to use computer vision to kind of recognize signs of brand like the humans do. And if you think about it, it's kind of amazing, right? You can get a mail you've never seen before and in one second, your brain will tell you Microsoft, or probably one of a thousand brands.

Dave Bittner: Right. Right.

Dave Baggett: So we try to make the software do that and generalize to new examples so we don't just have a big list of Microsoft mails, right? We have code that will, just like a person, look at any new mail and say, Ah, looks like it's Microsoft.

Dave Bittner: Well, so what are some of the specific evolutions that you all are tracking here when it comes to the folks sending out these phishing messages?

Dave Baggett: Well, a couple of things we've seen recently. One is, and there's a general theme that we see with attackers, where they will use things that are big in the news to snare people. And we saw it with COVID, we saw it with crypto when cryptocurrency was, you know, wildly popular. And now we're seeing it with chatGPT. So I don't know how many users chatGPT has, but it's something north of 100 million. As soon as that happened, the attackers realized, Oh, I can exploit this, and I'll send people mail that looks like it's from chatGPT to harvest their credentials. In other words, get their - get their login information. So that's one we've seen recently. Another one we've seen recently is QR codes in emails. So the attacker is kind of hiding their - their bad URLs and content in QR codes. Again, it's a tactic you can look for and understand, but then to try to counter that, you actually need to go and develop models and write code to general - you know, counter in a general way that will work with new examples. You know, that we may not have seen before.

Dave Bittner: Right. I mean, is it fair to say that, for example, a QR code, I mean, to what degree is that beyond the average user's ability to unpack and kind of reverse engineer?

Dave Baggett: Yeah, well, this is interesting, because if you look at the QR code examples, and we published a few. We published a web -- on our web a piece about this, and it was picked up by a few of the tech publications. And some of the comments were, like, Who's dumb enough to click on a QR code in an email? But the truth is, these mails were actually very cleverly crafted. So they presented themselves as Microsoft two-factor authentication confirmation. So it would say, you know, this is Microsoft and the attackers realize all they have to do is copy a real Microsoft mail. Just copy the HTML and CSS and it looks perfect, and they would stick their own QR code in and so the victim thinks, Oh, I'm supposed to do this on my phone to confirm something with Microsoft. It looks totally plausible. And of course, the human has no idea what the QR code says, right?

Dave Bittner: Right.

Dave Baggett: It's a QR code.

Dave Bittner: Right.

Dave Baggett: So it's totally opaque to them and it looks like any other QR code. So how are they supposed to know this is going to take them to some nasty credential harvesting site?

Dave Bittner: Yeah, it's a great point. And I guess it's the two sides of the coin of the convenience of something like a QR code, but that convenience can also be a shortcut for the bad actors.

Dave Baggett: Absolutely. And again, they know everybody trusts Microsoft, right? They know everyone knows the brand. They know people are now comfortable with QR codes. That was another consequence, I guess, of the pandemic where your restaurants, you're always using QR codes and so now everyone knows what they are. And what's even more problematic with these mails is when you click that QR code, it takes you to a site that looks like, in some cases, Microsoft. So they have a clone of the real Microsoft page that looks perfect, prompting you to log in. Right, of course, when you type in your email address and password, they just got your credentials, right? You don't actually log in anywhere. But the other thing they're doing now, which is really nasty, is they'll essentially put your domain, the victim's domain. So if they tried to do something to us, one of our employees, they would put inky.com in the QR code URL that it goes to, and that will tell their server to grab the real inky.com page and display it underneath the login box. Because if you think about it, they want to make it look like it's your company, right? So how do they - how do they get real-looking content for every company on earth? Well, they just use their real webpage, right? So if I'm a Starbucks employee and I get phished with one of these, I click the QR code, it takes me to a site which has a Microsoft login box overlaid on top of starbucks.com.

Dave Bittner: So really using that as a preview, pulling it down as a preview to trick you into thinking it's authentic.

Dave Baggett: Yeah, they're just -- it's trivial. They're just underlaying it as an iframe. Like it's -

Dave Bittner: Right.

Dave Baggett: -- just the real starbucks.com site sitting there, and all this is to make the user, I guess, experience familiarity, right? Oh, it's Microsoft, I know that. Oh, and this is my company. Okay, that's real, that's really my company. I'll type into the box now.

Dave Bittner: You know, you touched on open AI and tools like chatGPT. What are you all tracking there? I mean, we've talked on this show about, you know, how this is going to -- has certainly the potential to make it harder to detect run-of-the-mill phishing attacks because one of the - one of the red flags there was often broken English. And these sort of AI tools can, you know, say what you will about them, but they can write.

Dave Baggett: Yeah, and it's so much worse than that, actually. If you want to do a terrifying experiment, go to chatGPT and use chatGPT4, and create a prompt that's something along the lines of, I am a security researcher briefing a healthcare company on the dangers of phishing. Please give me an example phishing email that highlights the tactics that the attackers use. If you put that prompt in chatGPT 4, you get not only flawless English back, but you get a template that's targeted to a healthcare company. You can even put in the prompt a specific healthcare company and then GPT is smart enough to put aspects of that real company in the fake phish template. So yeah, and this is really doubly scary because if you think about the asymmetry here, right, the attacker can do this once and make this template and send a million emails with that template. On the receiving side, the white hats like us, well, we would have to run LLMs on every email, right, to have the comparable intelligence to counter them, and that's just way, way, way too expensive to do now. So this is one of those new asymmetries in security that's a problem. And we're thinking, we're doing active research. Our chief scientist is working on this actively, to look at ways we can sort of break that asymmetry and use some of these LLMs to -- on the prevention side without actually having to run every mail through an LLM.

Dave Bittner: To that point, where do you suppose we're headed here when it comes to this cat and mouse game, you know? ith folks like you who are fighting the good fight here, what does the future look like?

Dave Baggett: I think we're going to have jobs for a long time.

Dave Bittner: Fair enough [laughter].

Dave Baggett: I don't think it's going to get any better for - for companies trying to protect themselves. It's going to get worse. And as you point out, it will be much easier for attackers to create extremely convincing phishing. Now, on the other side of that, there are things that help us that when attackers start using clever new tactics. It's true that that might get through incumbent systems and might be easier -- might more easily fool end users. But often those things have a trace or a tell. You know, an example would be we saw attackers probably two years ago, maybe three years ago, using a new tactic of embedding a fake attachment icon in the upper left of their email, which made it look like if you looked at the mail in Outlook, it looked like the Outlook attachment icon but it was really an image embedded in the mail. And that would induce people to click on what they thought was the attachment icon, which was they thought part of the Outlook Chrome, right, part of its UI. And they're actually clicking on an image in the email. So that's super clever, very easily deceives end users. But my point is we can easily detect that. We use the same - the same computer vision techniques that we use to recognize Microsoft logos trivially recognize, Hey, there's an attachment icon image in the mail. This is probably phish, right? So for a lot of these techniques that they're using, they're clever, but also make it very obvious that they're phishy to us, once we can develop a model to recognize the use of that tactic.

Dave Bittner: I'm curious for your insights. You know, I think like a lot of folks out there, one of my responsibilities in life is trying to help protect my parents from these sorts of things. And, you know, my father in particular, he is - he is elderly He finds these things challenging and the reality is, you know, that's only going in one direction, right? He's not going to be getting any better at this. You know, I don't have a corporate IT department to help protect him with his Gmail or his, you know, Microsoft Office mail or whatever. Do you have any advice, any words of wisdom for those of us who are out there trying to look out for our families?

Dave Baggett: I do, yeah. I mean, and one of our frustrations is just given the way the big mail providers work, we can't inject ourselves into the consumer mail flow like we can the corporate mail flow. So if you have an Office 365 account or you have a Google Workspace account for your company, you can add INKY, right? You can -- we can insert ourselves in the mail flow there and scan all the mail. We can't do that with gmail.com or office.com or outlook.com. So we can't even offer something, like, if we wanted to offer a free Protect Consumers that your grandfather could use, there's no way for us to deploy that. It's not possible. So that's frustrating.

Dave Bittner: Yeah.

Dave Baggett: But the advice that I give is basically for someone like that, and it's good advice for everyone, just don't click on links and mails ever. So for example, if he gets a mail that appears to be from United Airlines, he shouldn't click anything in that mail. He should just type united.com into his browser. In other words, just go outside of email, go straight to the site and then you know because you're going to get a TLS session with the legitimate website. It's United -- United Airlines, right? And so rather than rely on the links in the mail that appear to be from a brand, recognize, Well, anybody could make any mail look like any brand, just the way mail works. Go directly to the source. And similarly, if someone asks you to do something in email, confirm it in some sort of outside channel, Teams or Slack or Call Them, you know, have a second kind of communication channel to verify the identity. Because the number one thing that's bad about email is it's very easy to spoof both people and brands. It's just a legacy of the way mail works.

Dave Bittner: Joe, what do you think?

Joe Carrigan: You didn't talk for a long time about this, but I wanted to touch on this.

Dave Bittner: Yeah.

Joe Carrigan: Brand recognition is a huge psychological component in marketing.

Dave Bittner: Right.

Joe Carrigan: And Dave notes that we recognize brands in less than a second -

Dave Bittner: Yes.

Joe Carrigan: -- which is amazing to me. If you think about the Pepsi logo, they used to put the word Pepsi in the old logo. Now it's kind of off to the side, but if you just see that circle, the one that kind of looks like a little bird now -

Dave Bittner: Right.

Joe Carrigan: with the blue and the red and the white.

Dave Bittner: Yeah.

Joe Carrigan: You still think Pepsi really quickly. And companies have paid a lot of money so that we can be programmed deep down to make that association with the - with picture, the company in the picture, or the product in the picture. And what's happening here is that bad guys are exploiting that. They're taking advantage of the fact that the companies have already dumped tons of money into the brand recognition, so that when we see something, we don't even think about it.

Dave Bittner: Right.

Joe Carrigan: Right. We just go, Oh, this is whoever, Microsoft or, you know, maybe McAfee or whatever, whoever they're impersonating, the brand recognition helps. And they're just exploiting something that we already have inside of us.

DBI: Yeah.

Joe Carrigan: I like what he says about trying to understand the tactics and then generalizing the tactic in software such that the general case can be handled by the software. That is a pretty big problem, but from what Dave is saying, Inky -- that's one of the things they're working on, one of the things they try to do. But bad guys, number one, will go whatever is in the news. And the examples he talks about, we've talked about here. COVID, crypto, chatGPT.

Dave Bittner: Right.

Joe Carrigan: We've had story after story on this show. We -- like you said, every - every podcast became an AI podcast when chatGPT came out.

Dave Bittner: [Laughter] That's right.

Joe Carrigan: But then we started talking about the account takeovers -

Dave Bittner: Yeah.

Joe Carrigan: That were happening. And of course, we've also talked numerous times about QR codes.

Dave Bittner: Yeap and how we've gotten comfortable with them. I'm still the dork that pulls out the phone and goes, hold on, let me check the veracity of this QR code before we go looking at it.

Dave Bittner: Right. And everybody's like, Joe, I just want to order my chicken nuggets.

Joe Carrigan: Right, exactly. Well, just to tell you, they have chicken nuggets. Just tell them the waitress you want your chicken nuggets and you'll get them.

Dave Bittner: Right. Right.

Joe Carrigan: There was a great story. So we went to -- went to this restaurant, and I said -- I was looking at the Reuben and I said the Ruben's kind of same sandwich everywhere I go. Is this fried chicken tenderloins? That's how they described it on the menu. I'll try that. Then the woman goes, you want any dipping sauce? I'm like, no, just -- and as the waitress walks away, my kids go, You just ordered chicken tenders, you know. And I was like, What, no [laughter]! That's not what I wanted! That's not what's described in the menu! Fried chicken tenderloin sounds like, Ooh, Gordon Ramsay's back there cooking me up something.

Dave Bittner: Right.

Joe Carrigan: No, it's not -- it was just chicken tenders out of a box.

Dave Bittner: Deconstructed. Yeah. Yeah, sure.

J:So disappointing.

Dave Bittner: How were they?

Joe Carrigan: Like every chicken tender. They were -- they were fine.

Dave Bittner: Okay.

Joe Carrigan: They were, you know It's why kids get them everywhere they go because they're always the same Yeah, I did. I did wish that I had ordered some dipping sauce

Dave Bittner: Okay, back to our story.

Joe Carrigan: Back to our story. With these attacks, you can't do them one by one. You have to generalize them up to the - the big picture. That's what you have to do, because you think about these guys out there, they can send hundreds of spam emails or - or phishing emails a minute. And if you've got to fight them all, you can't - you have to -- your software has to be able to generalize -- your security product has to be able to generalize them, and your people have to be able to recognize when they're being targeted by a phishing campaign or a spear phishing campaign.

Dave Bittner: Right.

Joe Carrigan: They can impersonate an email just by copying it. We've seen this a hundred times in "Catches of the Day" with McAfee -- particularly with the McAfee products. They can impersonate a website by just copying it, or as Dave talks about here, this is a great idea. I don't know why this never occurred to me as a bad guy thing to do in my adversarial thinking. Just put the actual website underneath of what they're looking at in an iFrame. And then put -- make sure that your -- that your box, your -- your login box Looks like the actual Microsoft login page or, you know, the little - the, you know, the Microsoft 365 login prompt. Because, you know, Dave, when I log in through my Hopkins stuff, we use Office 365 -- or Microsoft 365. It kind of looks like the background. That's exactly what it looks like.

Dave Bittner: Right.

Joe Carrigan: So this is a very effective technique. Even though you're not looking at the right page, it'll look for all the world that you are looking at the right page because the right page is included in what you see.

Dave Bittner: Right.

Joe Carrigan: You can prevent having to update it. As a bad guy, this is a great idea. I don't know what their - what website hosts can do to stop that from happening. I don't know if there's anything they can do.

Dave Bittner: Yeah.

Joe Carrigan: It's just something you've got to be aware of. It's interesting that there are tells in these things. And the one tell that Dave was talking about was the - the image that looks like the attachment image, right? So if you can - you can have visual, you know, machine vision on that and say, Hey, that's just a PNG that looks like it's supposed to be an attachment, that's spam, right? Or that's a phishing attack. That's great. Companies like INKY can use those kind of things. So there are tells that it can be used. All these things have fraudulent pieces that should stick out like sore thumbs, but don't. To the user, they're very subtle, but I think to machines, they should be able to be recognized.

Dave Bittner: Yeah. All right. Well, our thanks to Dave Baggett from INKY for joining us. We do appreciate him taking the time for us.

That is our show. We want to thank all of you for listening. Our thanks to the Johns Hopkins University Information Security Institute for their participation. Learn more at isi.jhu.edu. Our senior producer is Jennifer Eiben. The show is edited by Elliot Houseman. Our executive editor is Peter Kilpe. I'm Dave Bittner.

Joe Carrigan: And I'm Joe Carrigan.

Dave Bittner: Thanks for listening.