DeepFake it till you make it.

You're listening to the Cyber Wire Network, powered by N2K. Hello, everyone, and welcome to the Hacking Humans podcast, where each week we look behind the social engineering scams, phishing schemes, and criminal exploits that are making headlines and taking a heavy toll on organizations around the world. I'm Dave Bittner, and joining me is Joe Kerrigan. Hey, Joe. Hi, Dave. And our N2K colleague, Maria Vermazis. Maria. Hi, Dave. And hi, Joe. Welcome back, Maria. Welcome back. Thank you. Yes. Yes. Good to have you back. Well, we've got some good stories to share this week. But first, we have a little bit of follow up here. What do we got, Joe? Yeah, I got two links for about the same story. One is from USA Today and the other one's from Semaphore. And this is about the United States and China cooperating for a bust of about 276 people around the world. The U.S. and China were cooperating? Yes. Yes. Wow. This was—they were busting some people who are participating in pig butchering scams. Huh. Wow. And that includes like eight people here in the U.S. in Southern California who are probably lucky that they got arrested in Southern California and not China because earlier this year, China executed 11 people for doing this. Well, the U.S. is taking notes. Right. Right. All right. Well, it's good to hear there's some crackdowns happening. Maybe international pressure will be enough. Yep. Hope so. I'd love to see this fall into some sort of international norms where we just don't accept these things. Right, yeah. It feels like we're a ways off from that. It doesn't matter how different you are. Like, I don't want to say politically because that implies like different sides of the same kind of system. But like how far away you are governmentally from somebody else. We all agree that these guys are just terrible, terrible people. The worst. Yeah. Yeah. Yeah. And I think, you know, hey, we got something in common here. Why don't we leverage that and work to put a stop to this and try to make the world a better place? Because these guys really mess up people's lives. Yeah, for sure. Yes, they do. Every attacker counts on one thing, environments that trust too much. ThreatLocker closes that gap with default deny at execution. Unknown software? Blocked. Trusted apps? Contained with ring fencing. Configurations? Verified with ThreatLocker DAC so you stay secure and compliant. ThreatLocker delivers the visibility and control CISOs need without adding operational pain, making zero trust real for teams of any size. Stop ransomware at its earliest point. Book a demo at ThreatLocker.com slash N2K. Let's get to this week's stories. Maria, welcome back. You have the honors this week. What do you got for us? Right into it. Well, not to brag, but I was in Paris for a week. It was really lovely. Oh! Yeah. And, yeah, obligatory. And it was wonderful. Why is that? It's universal, too. You know what? I have my kid. When we told her where we were going and she was eight, she did the whole thing, too. I was like, where do you even pick that up from? I don't even understand, but even she knew that one. I have a great ha-ha story. Okay. You can't leave me hanging. Okay, so we were, I was talking to somebody who was from Canada. Canada. From Canada? Right. I tease this woman mercilessly calling her country Canada all the time. Okay. And she said, yeah, so she did not. We don't speak anymore. um so but not because i teased her about canada um anyway the um uh she made a big point of saying well in in canada you have to have both english and french on on the front of every package and on the back of every package has to be bilingual yep and i pick up this uh it was a simpsons themed bag and they had crusty the crown clown on the front of it and he's going hey hey right and I say why doesn't it say huh huh on here right and she looks at me and goes you idiot they're spelled exactly the same oh okay uh there's my there we go off the rails already sorry maria i'm glad you're back in paris uh no i mean i i wouldn't normally have mentioned that but the the the reason i'm bringing it up is i wanted to brag no that was okay a little bit of Fair enough. Yeah, yeah. I'm from the Boston area. So it's an area that a lot of people in France know of its existence. So when it came up in conversation like where I'm from and all that kind of thing, the first words out of a lot of people's mouths, especially now, is, oh, you guys are going to be hosting some of the World Cup matches because it's coming up in June and July. Hold on, hold on, hold on. Let's clarify which World Cup. FIFA's the football world, the World Cup. No, that is not the World Cup. The World Cup happens next year. Oh, Maria. All right. Well, there's like 3 billion people on my side. You had to go there. You had to go there. 3 billion people can very well be wrong. All right. Never mind. Okay. Well, the thing that everyone else knows is the World Cup 2026, the one that FIFA puts on. FIFA, okay. Yes, the FIFA one. The matches are happening across Mexico, Canada, and the United States. And seven of them, I believe, are happening here in the Boston area, where I'm recording from. And it's extremely expensive. I don't think the World Cup, the World Cup, has ever been cheap. But what we call in the U.S. soccer is usually considered a sport that is a little more working class. So usually match prices are on the lower side. However, this World Cup seems to be defying all expectations for how expensive things are. And I know around where I live, there have been people sort of desperate to find deals and ways to make it not so painfully expensive. And this is apparently a rather universal experience for a lot of people trying to make it to World Cup matches this year. to the point that there are now scam watch notices being put out by various organizations, including the FTC, saying this is becoming a serious problem. Now, I don't think any World Cup has ever been immune from this sort of thing. But I think, again, this specific one, given that we are in a perfect storm of flight prices are extraordinarily expensive due to the war in Iran and the Strait of Hormuz dramas, and we also, like the United States especially, is a very expensive place nowadays. So places to stay, tickets, transit is extremely expensive. So we've got a lot of people who are looking for the cheapest way possible to get to places that just aren't cheap and they're getting ripped off. So I wanted to just put out a little notice, a little bit of a conglomeration of a couple different posts that I found about this. The first one is actually from Proofpoint And this is not about price scams, but this is actually about email impersonations related to the World Cup that are leading to people getting scammed. And they put out a study, Proofpoint did, that apparently 36% of World Cup-related domains, like the sponsors and partners, people who are officially affiliated, they're not fully protected against email impersonation because they don't have the strongest DMARC settings allocated. So, Joe, can you walk us through the DMARC setting thing? Oh, off the top of my head, no. But I have to look this up every single time. But DMARC is a DNS-based security system that provides some kind of attestation that you're actually talking to the right server. Right. And I don't remember exactly how the inner workings are, but it's like one of the things we like to say, table stakes now. If you don't have your DMARC records defined, you are really behind the curve on this. Yeah. So, yeah, I think the gist of that is probably good enough for what we're talking about here. Getting into the stats from what Proofpoint studied, I think a lot of them have DMARC defined in some way, but only 64% of them are using the strongest setting, which is reject. So the other 36% still may allow spoofed emails to reach inboxes. So that means that people or bad guys who are impersonating a legitimate brand like an airline or a hotel or some other FIFA sponsor can appear completely real when it lands in someone's inbox so they can impersonate a legitimate brand. So not helping in this situation. Right. Calling it table stakes feels like a good way of doing that. It's like this feels like something that they should be able to easily tamp down. But 36% is a lot higher than I would have liked to see. So that's not great. So the warning is for people who are interested in trying to attend a World Cup match if somehow don't have tickets already or are looking for a deal is to be especially cautious. Even from people who are official partners, there is potential for things to be spoofed effectively and you could get really burned. And again, these tickets are not going to be cheap. So you could be out a lot of money. So please be careful there. Um, there, there's another story that just came from Reuters about, uh, World Cup 2026 scams. Um, and they cited this nonprofit called The Noble. I've never heard of these guys. Um, but this is, uh, I guess they, they researched this sort of thing. And they said they have already tracked nearly 30,000 suspicious transactions tied to the World Cup and it hasn't even happened yet. Right. So, um, yeah, and, and they're, they're seeing a lot of these scams actually organized by global or state-linked networks. So there is human trafficking involved in this, as you might imagine. The kind of pig butchering scam call centers are probably also getting involved in this sort of thing. They're able to exploit people who speak different native languages to increase the efficacy of these scams. So as always, please be careful. Don't fall for anything that seems too good to be true or has a level of urgency to it. And I think that be really careful about deals that seem too good to be true is especially important given, again, people are looking for deals with this expensive event. I really don't think deals are to be found, unfortunately. So it's, I'm just thinking of things even here in the Boston area where the train ticket to the stadium from downtown Boston one way I think is $80. And it's just like, that's the official. Holy smokes And it like it a really short train ride but it 80 bucks And I think to park there directly is 120 It just nuts There no way It highway robbery It's totally highway robbery. And it's just, it's just insane. Who's charging 80 bucks for a train ticket? Our Massachusetts Bay Transit Authority, the official. So they're getting in on these scams. They are 100% extorting people because they can. Yes. Europeans like trains. Let's check up the price of our trains. And then no European who does this will ever ask an American again, why don't you guys have a train system? To be fair, driving to the stadium is a million times worse than taking the train in this specific area. It's the worst experience possible. But there's no cheap way to get there, and it just stinks. So, yeah, at the same time, I think if you're going to the World Cup, you sort of expect it to be extraordinarily expensive. But just please be careful. If I can be serious about the World Cup first. I can't. You have to do that short. I'm sorry, Joe. Which World Cup? The FIFA World Cup. The one this year. I saw a marketplace ad for someone selling two tickets to a game, one of the games this summer. $2,100 for both tickets. That's a deal. No, it's not a deal. Well, these are Category 1 club section tickets. I don't know what that means for this stadium. I'm not, I don't know where these tickets are, or where this game is taking place, what the stadium's like. You know, is that Gillette Stadium in, is Gillette Stadium in Boston? No, Gillette Stadium is an hour south of Boston proper. It is in a town that, sorry, I could go on a tear about this. I'll just stop myself. Foxborough, isn't it? It's in Foxborough. It's a tiny little town with like a one lane road in and out that just cannot handle the sheer amount of cars that go through. If you try to get out of a game at Gillette, you're going to be stuck in like two hours of traffic. I've been in it. I hate it. It sucks. So, yeah. I have been to two American football games, professional American football games, and both times I left with the same experience or the same impression. This is just better on TV. Yeah. It's football. Now, soccer, you know, what the rest of the world calls football, I don't know. That might be good. and because I've never been to a soccer game either, but I, and unfortunately, I've also never been to a rugby game, but maybe when the World Cup for rugby comes to the United States in 2031. Oh, I see. Oh, I see. Yes, the real World Cup, the Rugby World Cup is next year in Australia though. So I'm going to be watching my matches like at two o'clock in the morning. I don't even know what to add to that. Yeah, yeah. I mean, a lot of football stadiums, it's what we call soccer again. Like, they're usually in downtowns of cities, so you can just walk. That is just not the case for the United States, at least. Yeah, like, in Dublin, the Aviva is, like, right in the middle of things, and you can just get there. Yeah, no, it's not like that here. My wife is a big European football fan, and I blame, not blame, I credit Ted Lasso for it. Yep. But, so we watch a lot of games, and I enjoy it and it's one of those things with everything. The more you watch it, the more you understand it and so you start to see the nuance of the game which is at first foreign to you but then you, you know, now I can see plays unfolding and things which I never was able to do originally. Mm-hmm. But, to your point about the stadiums are, I believe they call them the pitches. Yeah, yeah, yeah. The pitch is actually the field they play on. Oh my God. Anyway, the, the, the, the, Alana was saying that if we had soccer teams aligned with the populations in our country the way that they do in England, that our hometown of Columbia, Maryland, or in Howard County, Maryland, which has 300,000 people, would likely have two professional soccer teams. Wow. Really? Yeah. Yeah, I could see that. yeah I'm a fan of our regional team the New England Revolutions but I can go to only one match a year because I just hate going to Gillette that much that's all I will do to myself I really enjoy going it's a really fun time I take my kid we go with friends it's a nice day but just Gillette stinks I hate it so what's the DC team Old Glory? no that's the rugby team DC United? DC United yeah that's the soccer team yeah alright well any suggestions here, Maria, for people to best protect themselves here? Yeah, well, definitely only buy tickets from official sources. So, I mean, tickets went out a couple months ago and of course now the resale market is huge. So remember that the tickets are only valid through like the FIFA app. So be really careful about that. But things that have a sense of urgency to them that are trying to pressure you into buying something, you know, be very careful. And even if that email appears legitimate, just keep in mind that stuff can get spoofed. So just be very careful what you click. Man, it's so hard. It's a shame. It really is. It really is. You just want to go see a soccer game. Yeah, this is why we can't have anything nice. I know. I know. It's a bummer. It's expensive and hard to trust. So, yeah. 2026. Woo-hoo! Yay! All right. Well, we will have a link to those stories in our show notes. My story this week is information coming from the FTC, the good old Federal Trade Commission. This is a story from the folks at TechCrunch. And the FTC just put out a report saying that in 2025, consumers in the USA lost $2.1 billion to social media scams. Yeah. That's a lot of money. They said social media scams have increased eightfold and exceeded losses from any other scam contact method. Nearly 30% of scam victims say the fraud started on social media. And then moved to another platform. Guess which social media platform was number one for scams. No, it couldn't be. Facebook? You came back with an accent. The book of the face. Yes. His Facebook had the highest reported losses followed by WhatsApp and Instagram. All owned by Meta. All three of them are owned by Meta. Oh, amazing. Crazy, crazy. Totally didn't see that coming. How are they making so much money? What a crazy random happenstance. So strange. Mm-hmm. They said that shopping scams were the most common type, often involving ads for discounted goods that led to fake or unfamiliar websites. Uh, I, I'll just chime in here and say that, uh, one of the patterns that I've sensed on Facebook with things that are for sale is that when someone has an ad on Facebook for whatever it is, their sneakers, their pop-up tent, their, you know, whatever. Right. The first comment is always glowing. Always. The first comment on the ad? Yeah, the first comment on the ad. So I don't know. It seems universal. I don't know how they game it to make it so. But no matter what it is, and maybe I'm just reinforcing my own biases here, but it's always great product. Love it. So glad I bought it. It's never this product is not what it says it is. I've been very good at ignoring ads and just like scrolling past them. And I'm wondering if this is just part of the ad. Like when you buy the ad, the comment is just part of the ad. Oh, it's gotta be. Because my favorite thing is when you see the post and it says it's got like 90 comments and then only two will show up and the rest are hidden. Right, right. It's like, okay, yeah, gotcha. Right, well, and if you're Facebook, it's in your best interest to let your advertisers edit the comments. Yeah, or control which ones are on top. Yeah, exactly. Exactly. And scam advertisers, I 100% guarantee you have bot farms out there that just come in and comment, this is the greatest products in sliced bread. Yeah. Yeah. Getting back to the report from the FTC, they say that investment scams caused $1.1 billion in losses. So more than half. Yeah, more than half. That's impressive. They say frequently using fake advisors, group chats, or testimonials to build trust. We've covered those countless times here. Testimonials, I mean, I don't know how I feel about this because I don't want to put my money anywhere that I've never heard of before. Right. Right. And I don't care how many people tell me that, you know, come to Bob's bank, he's got really good interest rates. I'm like, I don't know who that is. I don't know who you are. How did you get in my house? Yeah. I mean, why don't you wear it? They're all on the take as far as I know. I have a series of important questions. Yeah. Right. You know, but I mean, so testimonials for a financial institution from some stranger don't do me any good. I, you know, I will use testimonials from people I know. Where do you keep the majority of your money and what do you do with it? You know, if I want to have a financial discussion about this. Right. And, you know, that's how I wound up, you know, where I keep a lot of my retirement savings now. Because all the jobs I've had over my career, most of them have had 401Ks. I've rolled those into an IRA. So, you know, it's important for me to trust that place. Sure. Yeah. So I'm not just taking some guy's word off the internet. Oh, this is a great place to put your retirement stuff. Well, I was reading something just the other day that said I think Gen Z and Gen Alpha are the most likely to believe influencer marketing. So I, because it's sort of just part of their, I mean, Gen Alpha is still quite young, but, you know, Gen Z are all fully adults now and it's been part of their, you know, ecosystem from the get-go. Yeah. So, but at the same time, Gen Z is also super smart and they understand that literally every influencer is being paid. So I do wonder how that all shakes out, but yeah. Huh. That is interesting. They're so different from us. Almost another species. Yeah. These crazy kids. Come on, Dave, join me in my old man rant. It's like the weight of the world has not yet crushed their spirits. Give it time. Their time will come. I think Gen Z is probably one of the most weight of the world crushed generations we've seen in a long time. I was just thinking that. I was going to say, they've been through it. Yeah. Very nice to Gen Z. That's true. Well, they don't have homes. That's why. They don't have homes to protect them from having their spirits crushed. We have homes. Yeah My spirit still crushed All right back to the FTC Enough of me being an elitist jerk I'm crying in millennial over here. None of my friends at home. Anyway. Yeah, yeah, yeah. Back to the FTC. Of course, they touch on romance scams, which often begin on social platforms. And then, as Joe said, move to another platform. Move to another platform, right. Yeah. And so the scammers are exploiting people's personal profiles. and then requesting money or even moving on to fake investments. So the FTC, they have some recommendations. They say limit your profile visibility. I don't know about you guys. I've done that with my Facebook profile. Oh, yeah. Nobody can find me. Yeah. Mine's only visible to friends. I don't get very many friend requests anymore. And that's just fine with me. Yeah. I'm going to take that as a challenge and find you right now on Facebook. Hang on a second. You might be able to find me. I don't know. See if you can find me. Let me see if I can find you. The FTC says avoid investment advice from online contacts. Yep. And be sure to research sellers before purchasing. I would go a step further than that and say if you find some— Joe, that was not hard. Did you find me? There's a picture of you with a chicken on your shoulder. Not only did she find you, you should be ashamed of yourself. I actually think friends of friends can find me. So maybe that's the setting I have. So is Dave a friend? I'm not friends with Dave on Facebook yet. Yet. Huh. And we don't have any mutual friends? Nope. Really? Lock that down, Joe. Just saying. Okay. I'm very angry at Mark right now. That or I found your impersonator. So either way, we've made a good discovery today. It could be an impersonator. Send me a friend request, and I don't have any way to get Facebook here. It might be a while. Send that Joe Carrigan, a Facebook request, a friend request, and if I respond, I'll send you a direct message on Facebook tonight. You got it. But it won't be until like 10 o'clock. Sorry, Dave. Anyway, the FTC, I would take the FTC's advice one step further and say, if there's something that strikes your fancy that you see coming by when you're scrolling through Facebook or wherever, don't buy it directly on that platform. Right. Go, go visit the company directly. Even going to Amazon's better than buying it directly on Facebook. You're less likely to be scammed. and, you know. You got to pick your tech oligarchs carefully. That's right. That's right. 2026? Which one hurts the least, right? Oh, my God. Bezos or Zuckerberg? Bezos or Zuckerberg. They're all the resignation, just pure resignation. And then you can throw Musk in there, you know, it's just... Great, great times, great times. Throw him all the way to Mars. All right, I tell you what, let's take a quick break here to hear from our show sponsor. We will be right back after this message. Thank you. is free of misconfigurations and clear visibility into whether you meet compliance standards. ThreatLocker is the simplest way to enforce zero-trust principles without the operational pain. It's powerful protection that gives CISOs real visibility, real control, and real peace of mind. ThreatLocker makes zero-trust attainable even for small security teams. See why thousands of organizations choose ThreatLocker to minimize alert fatigue, stop ransomware at the source, and regain control over their environments. Schedule your demo at threatlocker.com slash n2k today. And we are back. Joe, you're up. What do you got for us? Dave, I have two stories, but they're around the same topic, and they both come from gadgetreview.com. Okay. Which is a website. Actually, initially found the second story on a different site, but found that the source was gadgetreview. But the first one is from, the headline is, Taylor Swift deep fakes are fooling TikTok users into phishing scams. Now, here's one that wouldn't work on me. Me neither. Right. However. Maria? No, it wouldn't work on me. No. How about your daughter? Is she a Swifty? Not anymore. Oh. Really? Yeah, not anymore. How old is she? Oh, interesting. Seven? Funny you ask. She turned nine years old today. Nine years old, and she's out of the Taylor Swift market. Wow. I know. Interesting. Yeah. Okay. Huh. Interesting. It's actually her birthday. What are you whispering? Is she not aware of this? No. Oh, she's very aware of it, Dave. Okay. Very aware. You just don't want her to know that you're aware of it. I don't know why I whispered it. Yeah. I don't know. like she's gonna come bursting in the room with a bunch of balloons and confetti. She's supposed to be in school, however. Yeah. Exactly. So Ferris Bueller's day off. Now I have to roll this back, which is really weird for me to have to do. All right, go ahead, Joe. Happy birthdays to your daughter Marie. Thank you very much. The Scadget Review article says that scrolling through TikTok just became more dangerous than you think, which I don't know. I already think it's pretty dangerous. I know that there's tons of scams out there, and our listeners probably know this too, but AI generated deep fakes of Taylor Swift and maybe one that would work on me, Rihanna, are flooding the platform. I love Rihanna. I don't know what it is about, her music has always just been like, every time I hear a song from her, I'm like, this good song. I like it. Well, Joe, you are full of surprises. I never would have clocked you for a Rihanna fan. That's amazing. Right, yeah. Slayer and Rihanna, both. You contain multiple. You have range. There you go. I have range, right. I also love Bach, by the way, one of my favorites. So, you know, this thing is talking about celebrity cons, and it looks like these scams are really just to get access to your accounts, you know, stealing passwords or maybe stealing your personal information. There's a quote in here that says, YouTube recently removed 1,000 AI scam ads, 1,000 that were using fake celebrity endorsements, you know, like those Keanu Reeves endorsements. But not before they'd accumulated 200 million views. So, hey, there goes the horse. You better close the park door. So, you know, they're saying in this article that AI detection systems are struggling to maintain, keep up with the sophistication of the generation algorithms. And speaking of generation, this story also came from Gadget Review. And this, I think, was originally started in Wired, if I'm not mistaken. But the access I have to it is from Gadget Review. And it says, MAGA influencer Emerly Hart exposed as Indian man. Hmm. And this is a, um, Emily Hart is a, uh, a beautiful young woman, but she is completely synthetic. She does not exist. And this is coming from an Indian medical student named Sam with, uh, air quotes around it. Okay. And according to this article, he, uh, he used Gemini, Google's Gemini to come up with this whole idea of scamming people. And he started some kind of social media influencer account somewhere. So Sam asked Gemini how to maximize this influencer's reach. And the chatbot reportedly said to him, we should target conservative audiences because they have higher disposable income and show more loyalty than generic user grammar. So the AI was happy to help with this scam. Yes. I'm helping. That's so nice. Thanks, AI. Now, Google disputes that Gemini would have said such a thing. Of course. Right. I buy it. Yeah. But shortly after starting to post these things, going after MAGA conservatives as a cheat code is what the article says, Emily Hart gained over 10,000 followers in one month. And Sam spent just like 30 to 50 minutes daily creating content. And this thing says that Emily Hart resembles Jennifer Lawrence. I looked up a picture of Jennifer Lawrence. I think the AI character doesn't look anything else like Jennifer Lawrence. But they're using all kinds of catchphrases, conservative catchphrases to rope in people. And then Sam monetized this AI personality through a platform called FanView. Are either of you familiar with FanView? Nope. I am not, no. I did not go to FanView because I'm afraid it's something like OnlyFans. It sounds like it's something, and I'm... That would have been my guess as well. Right. And he sold AI-generated content, partly working with X's Grok AI. guy uh he also served mega themed t-shirts uh and provided that also provided some income uh and it made him a few thousand dollars a month so by scamming standards he's not killing it right yeah he's not walking away and he's not actually you know he's not well i mean i guess he is lying to people but i mean it's it's it's i guess the only thing that he's not producing this reel is it's just ai generated content that he's selling to people that people think that they're getting some kind of interaction. But I don't know how different that is from following Kim Kardashian. Right. So he's providing entertainment. Right. Yeah. Yeah. Because people, that's been the whole argument with the influencer culture, right? Is that this is, this feels like a two-way communication street, but it isn't. It's just one way, right? Kim Kardashian doesn't know what you said. And if you message her and somebody replied to you, that's just some contractor in some other part of the world that works dirt cheap that sends back a text to you. Right. Not anybody you know. It's not the person you think you're talking to. So this all came out when Wired posted an investigation Instagram removed Emily Hart account in February for fraudulent activity with Facebook following only after the investigation went public So that interesting that Instagram, a meta property, removes it in February. But when the ball drops, Facebook goes, oh, we better get on this. I mean, it seems like they still have some kind of some kind of some kind of back end differences, I guess. Yeah, I mean, like medical scams abound and those just keep going. But this was priority? Okay. Yeah, right. That's a good point, you know. Well, I mean, I wonder too, like, what's the difference between someone adopting a persona, let's just say an influencer persona. Right. That is very different from who they are in their day-to-day life. Right. versus spinning up an AI-generated persona that's completely different? Is one inherently less ethical than the other? Hmm. Discuss. I don't know. I don't particularly find either one of these things ethical. Yeah. But, I mean, if you're going for a social media persona, I don't know that people are capable yet of understanding that that's an act like seeing someone on TV is an act. Yeah. Right. Like I play the bad guy on TV, but I'm really not mean. Right. Or, you know, you know, whereas I play the the hot, attractive young woman who is attracted to you, but I'm really not attractive to you. And in this case, I'm really not a hot, attractive young woman. Right? Yeah. I mean, I don't know. That's the soundbite for this episode. I just... I'm really not hot. Joe Kerrigan says, quote, I'm not a hot, attractive young woman. There has never been a more true statement. That is as true as a kid. Oh my God. None of those three things, hot, attractive, or young, apply to me. Or woman, presumably. Or woman, yeah. Fair to leave. Yeah, sorry. Or woman. Is there something you want to Fork in? This is that kind of episode It's a very special episode That's right Okay Yeah I'm feeling kind of loving So I think Put the Put the MAGA part of this aside Right Yeah I mean that's not the important part No The important part Well I mean there is a There is a portion of this And it's not unique to MAGA I don't think I had this discussion with Michelle She was like There's research that says People on the right Are more susceptible to this I think that might be because generally people on the right are older. I don't know. I haven't delved into that report and I just don't have time, that article. I just haven't had time to go through it. But this is not something that's unique to any single political party, any single religion, any single belief system or status or whatever. There's something out there that will exploit you. It's there. don't let whatever tribe you identify with lead you so far into the weeds of that tribe that you're willing to, or that you're capable of falling for this kind of a scam. You know, it's... Yeah, this person was exploiting trust. Right. That, yeah, he was using, you know, in-group language and iconography and all those kinds of things. Absolutely. With this particular group to gain trust and was successful, basically had a part-time job doing it. Yeah. And was able to fund him going to medical school with it. I mean, that's the kind of money he's making. Yeah. So, yeah. I mean, I just, it just. The question is, should this be illegal? Yeah, that's a good question. I don't know. It's certainly against the terms of services because the platform took it down. Right. Right. But only after. If he'd said at the outset that this was AI generated for entertainment only. Right. Then what happens? I don't know. Yeah, I don't know. That's a good question. Is it then AI, or is it then against terms of services? Yeah. Who knows? Interesting. Hmm. All right. Well, we will have a link to those stories in the show notes. Joe, Maria, it is time for our catch of the day. Dave, our catch of the day comes from my daughter. All right, terrific. This is a text message that she received. You will notice that she has cropped out all the information on top. She's a good girl. Yes. She is her father's daughter. She is. How charged was the battery, though? We don't know. We can't even know. We can't tell. Can't tell if she's on Wi-Fi. Can't tell if she's... She's just protecting her dad from undue anxiety. Yes. And I didn't even have to crop this image. This is the image she sent me. Okay. So it's a text message. You want to read it, Dave? Sure. It says, Hi, Kayla. I'm Priscilla, a PR consultant at Pathos Communications. RSAC 2026 coverage is putting a spotlight on self-propagating software supply chain attacks and risky auto-updating pipelines. As an embedded CNO engineer at Acme Engineering, working close to vuln research and reverse engineering, You're a credible operator voice on what defenders should actually do at the firmware and build system layer. We are pay on results, and I think we could land you in Business Insider. Open to a quick chat? Hmm. Hmm. She did not respond to this text. Yeah. Good for her. Yeah, but I have received like in the past couple of months, two LinkedIn things that were kind of similar to this, including one this morning where somebody's like, hey, I'm looking for super connectors. And I'm like, yeah, what do you mean by super connector? What are you doing? Why are you doing this? And I think this is probably just part of some opening scam to just. Wait, wait, wait, wait. Is a super connector a social thing or an electronics thing? I don't know. Okay. I think in context, it sounded like a social thing. Kind of a diode situation. Right, exactly. I was thinking, you know, room temperature super connectors. Yeah. Yeah, right. No, you know, it's interesting. I was just Googling pathos communications, and apparently the first word that comes up afterwards is scam. Ah, there you go. Yeah. Well, Joe, you know that. I mean, I edited out the name in my read, but they did have the name of her employer accurately in the thing here. They sure did. So can they just have scraped that from LinkedIn? Yeah. You know, I'm going to tell another story about this. It happened to me this week. I got an email from a recruiter who had a bunch of information about me. And I, you know, like I do when I want to torment a recruiter, I wrote this guy back and said, because this job was not a good fit. I said, no, I'm not in the market right now, but tell me, where did you get my information? And to my surprise, the guy wrote me back and said, hey, this came from X job board from 2024. I'm like, I immediately replied to him. I said, hey, thanks for the transparency. This guy is not a scammer. He's actually real. And then he said, you would not believe the number of scam resumes we get and the number of horror stories I've heard from people I'm trying to recruit about scam recruiters. And I'm like, well, we talk about this all the time on my podcast. But so, yes, I would believe this. I actually said podcast I co-host. So both of you don't get mad that I claim ownership of the podcast. That's all right. So, you know, so I'm going to, you know, this guy I think is a real person. I'm going to have a phone call with him, I think, sometime in the next week or so. Because there are a number of young engineers that I know that are looking for work. And it's kind of hard to find right now. Yeah. Yeah, and so much AI slop in the, just clogging up the pipelines in all directions. Getting through it. I mean, AI has done nothing but make the job search thing terrible. Yeah. Absolutely terrible. It is kind of the tip of the spear, I think, for the spy versus spy, AI versus AI, where people are using AI to try to get past the AI that's filtering you out. Right. Yeah. I mean, and here's the thing. You can't, as a HR company or an HR, anybody that has to receive resumes, you can't not do that or else you just get tons of AI resumes. Right. Right. And these days you got to worry about, in tech, you got to worry about North Korean workers and all kinds of things that you never had to worry about before. Yeah, absolutely. Yeah. There is an alumni group for former coworkers of a former employer of ours that we all post in. and there's a jobs board where people post, you know, hey, I'm hiring at my new company or whatever. And there was something that was posted there recently saying the moment that they posted a job rec, they got over a thousand applications that were all AI swap, which is just like how you just can't, how do you deal with that? So, right. It's bad out there. What is the societal tax for having that be the current reality? Massive unemployment. Yeah. Yeah. Right? That's the societal tax. Right. I mean, it's just an anchor. It's a drag on people's ability to hire. Right. And that has real-world effects. Yep. Yep. Sure does. All right. Well, we would love to hear from you. If there's something you'd like us to consider for our Catch of the Day, and you're not one of Joe's offspring, please email us. It's hackinghumans at n2k.com. I wonder if my son's going to send one in now. Thank you. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to hackinghumans at n2k.com. This episode is produced by Liz Stokes. Our executive producer is Jennifer Iben. We're mixed by Elliot Peltzman and Trey Hester. Peter Kilpie is our publisher. I'm Dave Bittner. I'm Joe Kerrigan. I'm Maria Varmazas. Thanks for listening.