Podcasts about easy prey

Cyber warfare is no longer something that happens behind closed doors or in some far-off digital corner. It's happening now—and reshaping the rules of conflict in real time. Drone strikes controlled by apps, ransomware attacks on hospitals—today's battleground is just as likely to be online as on the ground. That science fiction scenario is now a critical, constant threat-the kind that affects us all globally. I'm really excited to introduce you to Dr. Chase Cunningham. He's a retired Navy chief cryptologist with a wealth of experience in cyber operations for the NSA, CIA, FBI—and more. He's the one who pioneered zero-trust security strategies and advises top decision-makers in government and private industry. That gives him a front-row seat to how digital warfare is evolving—and what that means for all of us. He's also the author of Cyber Warfare and the gAbriel Series, where his real-world expertise comes to life in stories that are chillingly plausible. We talk about how cyber conflict is already playing out in Ukraine, how different threat actors operate—and why critical infrastructure is such a tempting target. Chase shares practical advice on what individuals and small businesses can do to better protect themselves. We also look at what governments are doing to defend against these growing threats. That conversation is eye-opening-and urgent. You won't want to miss it. Show Notes: [01:21] Chase is a retired Navy Chief and a cryptologist. He also worked at the NSA. He also put Zero Trust in the formal practice at Forrester research. [03:24] We learn how Chase got involved with computer work and cryptology. [05:29] We're seeing cyber war play out in real time with Russia and Ukraine. [07:13] We talk about the future of war and drones. [08:31] Cyber warfare is just the natural evolution of conflict in the digital space. It's the bridge between espionage and kinetic activity. [09:40] Chase talks about the different actors in the cyber warfare space and their primary targets. [12:05] Critical infrastructure includes oil and gas, piping, water systems, healthcare, and even schools. [14:12] Some of the unique issues with dealing with the attacks from cyber criminals. [19:20] How the CCP plays 3D chess. [22:26] Reducing risk and protecting ourselves includes following best practices.  [25:10] What the government is doing to try to mitigate cyber risk. [27:23] Chasing money and finding cyber crime. [32:04] A lot of valuable assets are being developed in the context of war. [35:06] Chase talks about some of the things he covers in his book.  Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Chase Cunningham - Dr. Zero Trust Dr. Chase Cunningham - LinkedIn Cyber Warfare – Truth, Tactics, and Strategies gAbrIel: A Novel in the gAbrIel Series Unrestricted Warfare: China's Master Plan to Destroy America

Scammers are getting smarter, understanding the psychology behind social engineering and the challenges companies face every day can help keep networks secure. This episode will show how to anticipate these threats and secure networks against ever-changing vulnerabilities. We'll focus on practical, real-world solutions to protect data and trust. Dr. Jared Smith joins us to share his insights from his role leading research and development at SecurityScorecard. He also co-founded UnCat, a B2B accounting technology company serving thousands of customers and teaches as an adjunct professor at the University of Tennessee, Knoxville and NYU. His experience shows why social engineering is so effective and how companies can adapt to a world where attackers are always refining their techniques. This episode shows how even small oversights or minor issues can lead to big breaches. Dr. Smith shares concrete steps to strengthen defenses, and why we need both technical solutions and employee awareness. By looking at the psychology behind the attacks, he'll show that staying one step ahead depends on using smart security tools and a culture that recognizes vigilance at every level. Show Notes: [01:19] Jared is a distinguished thought researcher at SecurityScorecard. He's built systems and helps vendors monitor and secure their networks. He also has a PHD in computer science. He focuses on Border Gateway Protocol or BGP.  [02:16] He was also a high clearance government national security researcher. [03:02] Jared shares a story about how sophisticated phishing scams are becoming. [08:43] How large language models are making more sophisticated social engineering possible. [10:26] The importance of thinking about cybersecurity needed in the next 10 years. [11:02] BGP is like the plumbing of the internet. BGP poisoning breaks the typical internet traffic route. It's very nuanced traffic engineering that uses the Border Gateway Protocol. [13:34] BGP is also useful when you have multiple internet connections and one goes down. [14:20] The most sophisticated DDoS works are called link flooding attacks, where they identify links that have a certain amount of bandwidth, and they flood that specific border gateway protocol link, effectively segmenting the internet in those places. [15:39] Managing DDOS attacks and where the traffic comes from. [16:02] Being aware of botnets, because they are what's rented out or being used for these attacks. [17:32] Lizard Squad launched DDoS as a service.  [21:00] Attackers try to get the actual IP addresses from behind a CDN. [23:41] How AWS has the ability to manage large amounts of traffic. [25:24] There are some DDoS that just require sending enough traffic to fill up the buffers on the other side of the application. [28:15] The size of a botnet for DDoS to take down a big network like X. We explore potential paths for these attacks. [32:21] We talk about the uptick on attacks during tax season. A large accounting firm with a lot of clients could be spoofed. [36:50] The predominant attacks are coming from organized cybercrime groups and ransomware groups. [45:40] The vast majority of large networks taken out are usually a result of user error. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Jared M. Smith Dr. Jared Smith - SecurityScorecard Dr. Jared Smith - LinkedIn Uncat Evasive AI Jared Smith - X

Red models associated with AI technologies highlight real-world vulnerabilities and the importance of proactive security measures. It is vital to educate users about how to explore the challenges and keep AI systems secure. Today's guest is Dr. Aditya Sood. Dr. Sood is the VP of Security Engineering and AI Strategy at Aryaka and is a security practitioner, researcher, and consultant with more than 16 years of experience. He obtained his PhD in computer science from Michigan State University and has authored several papers for various magazines and journals. In this conversation, he will shed light on AI-driven threats, supply chain risks, and practical ways organizations can stay protected in an ever-changing environment. Get ready to learn how the latest innovations and evolving attack surfaces affect everyone from large companies to everyday users, and why a proactive mindset is key to staying ahead. Show Notes: [01:02] Dr. Sood has been working in the security industry for the last 17 years. He has a PhD from Michigan State University. Prior to Aryaka, he was a Senior Director of Threat Research and Security Strategy for the Office of the CTO at F5. [02:57] We discuss how security issues with AI are on the rise because of the recent popularity and increased use of AI. [04:18] The large amounts of data are convoluting how things are understood, the complexity is rising, and the threat model is changing. [05:14] We talk about the different AI attacks that are being encountered and how AI can be used to defend against these attacks. [06:00] Pre-trained models can contain vulnerabilities. [07:01] AI drift or model or concept drift is when data in the training sets is not updated. The data can be used in a different way. AI hallucinations also can create false output. [08:46] Dr. Sood explains several types of attacks that malicious actors are using. [10:07] Prompt injections are also a risk. [12:13] We learn about the injection mapping strategy. [13:54] We discuss the possibilities of using AI as a tool to bypass its own guardrails. [15:18] It's an arms race using AI to attack Ai and using AI to secure AI. [16:01] We discuss AI workload analysis. This helps to understand the way AI processes. This helps see the authorization boundary and the security controls that need to be enforced. [17:48] Being aware of the shadow AI running in the background. [19:38] Challenges around corporations having the right security people in place to understand and fight vulnerabilities. [20:55] There is risk with the data going to the cloud through the LLM interface. [21:47] Dr. Sood breaks down the concept of shadow AI. [23:50] There are also risks for consumers using AI. [29:39] The concept of Black Box AI models and bias being built into the particular AI. [33:45] The issue of the ground set of truth and how the models are trained. [37:09] It's a balancing act when thinking about the ground set of truth for data. [39:08] Dr. Sood shares an example from when he was researching for his book. [39:51] Using the push and pretend technique to trick AI into bypassing guardrails. [42:51] We talk about the dangers of using APIs that aren't secure. [43:58] The importance of understanding the entire AI ecosystem. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Aditya K Sood Aditya K Sood - LinkedIn Aditya K Sood - X Aryaka COMBATING CYBERATTACKS TARGETING THE AI ECOSYSTEM: Assessing Threats, Risks, and Vulnerabilities Empirical Cloud Security: Practical Intelligence to Evaluate Risks and Attacks Empirical Cloud Security: Practical Intelligence to Evaluate Risks and Attacks

Steve and Amy travel to Grant Township, MI, where a desperate couple claims paranormal activity is trying to kill them. During the disturbing investigation, Amy encounters a malicious dead man and an entity capable of physically harming the living. Hosted on Acast. See acast.com/privacy for more information.

What makes someone betray their country? It's rarely just about money. In this episode, you'll hear from a retired CIA officer who spent 25 years recruiting foreign spies by tapping into something deeper than greed. Jim Lawler shares real stories from his career in human intelligence, where persuasion was built on empathy, trust, and understanding what truly drives people. From failed pitches to high-stakes successes, he explains the psychology behind espionage, how personal stress becomes a powerful leverage point, and why most people who commit treason believe they've been betrayed first. Whether you're curious about spycraft or just want a better grasp of human behavior, this conversation pulls back the curtain on how people can be influenced to cross the line. Show Notes: [00:50] Jim was a CIA operations officer. His job was to recruit foreign spies for the CIA. [01:21] Most of his career was about battling weapons of mass destruction. His specialty was human intelligence and recruiting foreign spies was the backbone of that. [02:32] He's now a speaker and a teacher. He's also written three spy novels. [03:02] MICE Framework: Money, Ideology, Coercion, and Ego. [05:11] Jim shares a story from one of his first recruitment pitches. He also found out that revenge is a driving force for espionage. [11:58] Polygraph tests are stress detectors. [15:16] Divorce is one of the most psychologically tumultuous times in a person's life. When recruiting, Jim would become their best friend because he never once recruited a happy person. [16:07] He would study the crack system like a rock climber. He was a keen listener and very curious.  [17:33] Empathy and patience were everything when recruiting spies. [20:21] Jim talks about the metaphysics, which is like a neural link where he would put out what he would envision as an invisible link to the brain of his recruits. [22:11] If something is too good to be true it is. [23:45] As a recruiter, he had to manipulate, exploit, and subvert people to get them to do what he wanted them to do. [27:58] Jim believes in treating people the way he would like to be treated. He was sincere with his actions. [28:35] He believes in using his powers of persuasion for good. [32:43] Over 90% of the people he pitched became assets. [33:48] Jim explains what a cold pitch is and the objective to get the second meeting.  [36:58] His novels are thinly based on operations he did. A lot of his stories are based on things that he has done or things that his colleagues have done. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Jim Lawler - SPYEX The Traitor's Tale (The Guild Series Book 3) In the Twinkling of an Eye: A Novel of Biological Terror and Espionage (The Guild Series Book 2) Living Lies: A Novel of the Iranian Nuclear Weapons Program (The Guild Series Book 1) Soulcatcher: James Lawler Discusses The Motivations For Espionage

When it comes to cybersecurity, most people think about firewalls, passwords, and antivirus software. But what about the attackers themselves? Understanding how they operate is just as important as having the right defenses in place. That's where Paul Reid comes in. As the Vice President of Adversary Research at AttackIQ, Paul and his team work to stay one step ahead of cybercriminals by thinking like them and identifying vulnerabilities before they can be exploited.   In this episode, we dive into the world of cyber threats, ransomware, and the business of hacking. Paul shares insights from his 25+ years in cybersecurity, including his experience tracking nation-state attackers, analyzing ransomware-as-a-service, and why cybercrime has become such a highly organized industry. We also talk about what businesses and individuals can do to protect themselves, from understanding threat intelligence to why testing your backups might save you from disaster. Whether you're in cybersecurity or just trying to keep your data safe, this conversation is packed with insights you won't want to miss. Show Notes: [00:58] Paul is the VP of Adversary Research at AttackIQ.  [01:30] His team wants to help their customers be more secure. [01:52] Paul has been in cybersecurity for 25 years. He began working in Novell Networks and then moved to directory services with Novell and Microsoft, Active Directory, LDAP, and more.  [02:32] He also helped design classification systems and then worked for a startup. He also ran a worldwide threat hunting team. Paul has an extensive background in networks and cybersecurity.  [03:49] Paul was drawn to AttackIQ because they do breach attack simulation. [04:22] His original goal was actually to be a banker. Then he went back to his original passion, computer science. [06:05] We learn Paul's story of being a victim of ransomware or a scam. A company he was working for almost fell for a money transfer scam. [09:12] If something seems off, definitely question it. [10:17] Ransomware is an economically driven cybercrime. Attackers try to get in through social engineering, brute force attack, password spraying, or whatever means possible. [11:13] Once they get in, they find whatever is of value and encrypt it or do something else to extort money from you. [12:14] Ransomware as a service (RaaS) has brought ransomware to the masses. [13:49] We discuss some ethics in these criminal organizations. Honest thieves? [16:24] Threats look a lot more real when you see that they have your information. [17:12] Paul shares a phishing scam story with just enough information to make the potential victim click on it.  [18:01] There was a takedown of LockBit in 2020, but they had a resurgence. It's a decentralized ransomware as a service model that allows affiliates to keep on earning, even if the main ones go down. [20:14] Many of the affiliates are smash and grab, the nation states are a little more patient.  [21:11] Attackers are branching out into other areas and increasing their attack service, targeting Linux and macOS. [22:17] The resiliency of the ransomware as a service setup and how they've distributed the risk across multiple affiliates. [23:42] There's an ever growing attack service and things are getting bigger. [25:06] AttackIQ is able to run emulations in a production environment. [26:20] Having the ability to continuously test and find new areas really makes networks more cyber resilient. [29:55] We talk about whether to pay ransoms and how to navigate these situations.  [31:05] The best solution is to do due diligence, updates, patches, and separate backups from the system.  [35:19] Dealing with ransomware is a no win situation. Everyone is different. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Paul Reid - Vice President, Adversary Research AttackIQ Paul Reid on LinkedIn AttackIQ Academy Understanding Ransomware Threat Actors: LockBit

Ever had that creepy feeling someone's watching you online? Now imagine if that feeling was actually your reality, not just your browsing history being tracked, but cameras following your every move on the street, your conversations being monitored, your payments scrutinized. For our guest Josh Summers, this wasn't some dystopian nightmare, it was his daily life. Josh isn't your typical privacy advocate. As the creator behind All Things Secured (both a website and YouTube channel), his passion for digital privacy was forged through nearly 20 years living abroad, much of it in China. There, he didn't just read about surveillance, he lived under its shadow, using VPNs to bypass censorship and experiencing the gut-wrenching moment of being detained and questioned by Chinese authorities. In our revealing conversation, Josh pulls back the curtain on what government surveillance actually feels like from the inside. He shares how these experiences transformed a personal survival strategy into a mission to help others protect themselves in our increasingly watched world. We dive into how surveillance actually works from those eerily accurate facial recognition systems to the GPS tracking that follows your every move, and the countless ways big companies turn your personal information into profit. Josh not only makes us aware of potential problems, he offers real-world solutions that balance security with the convenience we all crave. With Josh's guidance, we discover surprisingly simple ways to shield our digital lives from encrypted messaging apps that keep conversations private, virtual credit cards that protect your finances, and alternative mailing addresses that safeguard your physical location. He also reveals the hidden dangers lurking in those so-called smart devices scattered throughout your home, and explains why privacy matters even if you think you have nothing to hide. Show Notes: [00:34] Josh is the host of All Things Secured. He wants to help people become a hacker's worst nightmare. [01:30] Josh, his wife, and children lived in China. There was censorship and social platforms were blocked.  [02:05] He began using VPNs. Over the decade there, every type of surveillance was used. [03:34] He had a travel site and walked around with a camera. [04:03] In 2018 he was detained by the government. It was scary and he realized the rights he was giving up when traveling to other countries. [05:53] He was kicked out of China, and became more conscious of the pervasive mass surveillance. [08:40] He was severely outmatched with the psychological tricks of the interrogators. [12:57] Even if surveillance is legal, that doesn't make it ethical.  [13:18] Small consistent steps towards privacy will make us less of a target. [14:25] Josh talks about ways that we are being monitored from cameras to facial recognition. Digital currencies track what we purchase. [17:04] Facebook has so many files on us. Being tracked online adds up. [21:07] There are ways to build a privacy moat around your digital life and still stay in contact with friends and family. [22:27] Steps for practical privacy include being careful about how you share data, encrypted alternatives, and use masking services to reduce your digital footprint. You can also use virtual credit cards. [31:46] We talk about using peer-to-peer payment apps. [34:12] When your habits and your contacts are public, it makes it easier to social engineer. [35:29] Virtual mailboxes can add additional privacy.  [39:50] Issues with IoT devices include how it's being stored, transmitted, and shared. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Josh Summers All Things Secured All Things Secured YouTube Go West Ventures Josh Summers on LinkedIn The Unexpected Cost of Privacy with John McAfee Privacy.com IronVest PostScan Mail Traveling Mailbox

In a world where data is more important than ever, understanding how it is acquired, shared, and misused is critical. Data brokers work behind the scenes, amassing enormous amounts of personal information from online activity, loyalty programs, and even public records, often without the users' knowledge. This data powers targeted marketing, scams, and even identity theft. But what can be done to regain control of personal privacy? Today we're diving deep into this topic with cybersecurity expert Darius Belejevas, who has spent years assisting folks in removing their data from these digital marketplaces. He is the head of Incogni and Surfshark.  In this chat, Darius is going to share how these sneaky data brokers operate. He'll break down why it's such a big deal when our data gets out there for all to see, and he'll arm us with some solid strategies to keep our privacy intact. We'll also look at practical tactics that everyone can apply to limit their exposure to hackers. We'll discuss data sharing, using privacy-focused products, and understanding legislation like GDPR and CCPA. We also dive into the shifting landscape of digital security, the role of AI in data collection and fraud, and what the future of online privacy may look like.  Show Notes: [01:01] We learn about Darius's background. [02:16] We learn about the creation of Incogni.  [04:04] Data brokers are businesses who collect data and sell it to other businesses. One problem can be lack of transparency of what is happening to your data.  [07:19] There are probably a few thousand data brokers. [09:36] Does removing your data get you out of a breach? [10:48] Limiting what we share. Prevention, consequences, and clean up. [12:22] When giving identifiers like your phone number, stop and ask if you really need to do that. [14:10] Some brokers make it way more difficult to remove data. [20:13] We talk about privacy regulations and how they can help you or make things more difficult. [22:12] How AI will make malicious activities easier to scale. [23:41] Have people given up on privacy? At the end of the day, it's about personal comfort.  [25:00] Privacy laws are helping with data broker issues.  [26:59] Being mindful about what you post online. Many people don't want to share too much. [29:56] Physical junk mail has decreased.  [30:52] What to do today. Think about what you want to share. Do you really need to subscribe? [32:21] Use a service like Incogni to help you protect your data. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Incogni Surfshark Darius Belejevas on Facebook Darius Belejevas on LinkedIn

Getting defrauded is common. It happens everywhere but it's underreported because of embarrassment. If you're a victim of fraud the sooner you report the more likely you are to get a better outcome. To learn more about fraud I'm pleased to welcome Marc Evans, a seasoned financial crimes detective and co-founder of Fraud Hero, who has spent over a decade investigating fraud schemes that affect everyday people. With expertise in social engineering, money laundering and credit card scams he has spent his career uncovering the ways criminals use to exploit victims. His passion for fraud prevention comes not only from his investigative experience but also from his personal experience of identity theft which almost derailed his entry into law enforcement. Through his work Marc has recovered millions of dollars for victims and trained thousands of people on how to recognize and prevent fraud before it happens. In this episode Marc lifts the lid on the evolving world of financial fraud, revealing the most common scams and the sophisticated tactics criminals use to stay one step ahead of their victims. From bank imposters to phishing scams and CEO fraud he breaks down how these crimes work, why they are so effective and how law enforcement is trying to disrupt them. He also shares practical steps individuals and businesses can take to protect themselves including monitoring of financial accounts, reporting fraud quickly and using digital security tools. Beyond his law enforcement career Marc's passion for fraud prevention extends into his entrepreneurial venture Fraud Hero where he educates the public on how to protect themselves from financial deception. He believes knowledge is power and has developed resources to help individuals secure themselves personally and financially. As fraud continues to rise with criminals getting more resourceful and brazen, Marc's mission remains the same – to empower people to be their own first line of defence. Show Notes: [01:10] Marc is a fraud and financial crimes detective.  He's worked with law enforcement and is a certified fraud examiner and training coordinator. He also started Fraud Hero to help stop fraud and prevent people from becoming victims. [02:14] He's always been passionate about preventing fraud. [04:25] Marc was still learning when he began his fraud fighting career. [05:52] He sees all types of fraud. He's also seen a lot of social engineering tactics and imposter scams. [07:15] Marc has recently seen a lot of bank imposters. This includes a lot of email and message phishing attacks. [08:30] Scammers are being more specific now. When they call they even know the victims financial institution. [09:49] When it comes to getting your money back from the bank it depends on how long before you file your report. [11:44] Tricky scammers not using the sense of urgency tactic. [15:25] Marc talks about how quickly money can be withdrawn by scammers, [18:40] If a bank calls with a fraud situation, they can respond quickly. [21:12] Fraud has been increasing as criminals way risk versus reward.  [22:11] Prosecutors are beginning to understand better how fraud works and increasing charges. [24:03] How stealing mail is the tool of the fraudsters. [26:35] Benefits of informed delivery. [31:26] The number of victims reporting crime is really low. [33:34] Phone number and email spoofing are starting to look more legitimate with AI. [35:39] Educating people is the main goal. [41:13] Using digital wallets and keeping your cards safe. [43:43] Banks want you to show the police report when reporting fraud.  [45:18] Don't be afraid to learn, reach out, and share what's happened to you. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Marc Evans on Fraud Hero Marc Evans on LinkedIn Fraud Hero Academy

In cybersecurity, we need to understand the mindset of hacking, which is not ethics. We also need to realize that even if we have cybersecurity experts get hacked, there is no reason to feel embarrassed or ashamed when it happens to us. In today's show we're going deep into the world of cybersecurity with one of the industry's most seasoned experts, Sam Curry. With over 30 years of experience in information security, Sam has been defending against cyber threats, shaping security strategies and mentoring the next generation of cyber professionals.  Currently the Global VP and CISO-in-Residence at Zscaler, Sam has also held leadership roles at companies like RSA, McAfee and Arbor Networks where he helped pioneer innovations in VPN technology and personal firewalls. But cybersecurity isn't just about firewalls and encryption—it's about mindset. Sam joins us to talk about the hacker mentality, zero-trust security and why even the best security professionals get hacked.  From his early days in cryptography to mitigating major cyber breaches Sam shares his insights on how businesses and individuals can defend themselves in a digital world. If you've ever wondered how cybercriminals think, how AI is changing the security landscape or what you can do to stay one step ahead then this episode is for you.  Show Notes: [00:55] Sam is Global VP and CISO-in-Residence at Zscaler. For the last 32 years, he's been involved in every part of security at some point. [01:23] He teaches cyber and used to run RSA Labs at MIT. He currently teaches at Wentworth Institute of Technology, and he also sits on a few boards. [02:41] We learn how Sam ended up working in cyber security. He has patents in VPN technology, and was one of the co-inventors of the personal fire law which was sold to McAfee. [04:14] There were security principles before 1996. [07:38] Sam feels a need and a mission to protect people. It's very personal to him. [08:40] He was there for the breach that RSA had. He's also been spearfished. [12:47] The shepherd tone is an audio illusion that makes sound that can make people sick because it sounds like it's always increasing. [16:31] Scams are way under reported because people are too embarrassed to report them. [19:31] Challenges of keeping security up. In peacetime we have to remember to build resilience and be antifragile. [22:10] Zero trust is a strategy and architecture for minimizing functionality. [28:14] There are immediate benefits from a security perspective to start creating zero trust. [30:17] Problems need to be defined correctly. [33:03] Even people who've done incredible research on hacking techniques have gotten hacked. There's no shame in it. [34:02] We need the hacker mindset. It's an important part of the human community. [36:44] The importance of making things easier to understand. [38:18] Advice for people wanting to get into cybersecurity is being just this side of ready and tackling things that are a little too big and a little too scary. Also find allies and a network. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Sam Curry on Zscaler On The Hook: An InfoSec Podcast Sam Curry on LinkedIn Sam Curry on Twitter

Managing money isn't about numbers, it's about making informed decisions that shape your future. Whether you're a seasoned saver or just starting out on your financial journey understanding the basics of personal finance can make all the difference. Today's guest Joel Larsgaard has been helping people take control of their finances for over 15 years. As the co-host of How To Money and a weekly radio show Joel breaks down the often confusing world of personal finance. His passion for financial literacy comes from personal experience and he's been recognized for his work including being on the Forbes Advisory Board. In this episode we'll cover common financial mistakes, smart saving strategies and how to avoid financial pitfalls so you can make better money decisions. Show Notes: [00:53] Joel co-hosts the How To Money podcast with his best buddy Matt. It's about helping people learn how to handle their finances well. [01:29] So many people are missing the information they need about money, yet it's a tool that touches every aspect of our lives. [02:32] Joel's parents had money troubles. He always wanted to learn about money so he wouldn't have problems. He also worked for Clark Howard who was a consumer advocate and money guy. [05:30] Everyone has different dreams and financial goals. [06:29] We learn Joel's scam story. A kid sold him fake Blockbuster gift cards.  [08:32] Common financial traps include not saving enough and not tracking expenses and knowing where the money is going. [09:15] Knowing where your money is going is the first step to finding leaks. [10:38] Using credit cards and discriminately buying now and paying later is another big pitfall. A lot of people are using BNPL on top of credit cards. [12:04] You have to have a plan. Know your debts, know your interest rates. Where's the Gap where you can find extra savings? [13:30] Paying off your debt feels amazing. [14:58] Online budgeting software can make it easier. [16:00] Think of a budget as not being restricted but something that helps you accomplish what you want. [18:08] Once you write it down, you're dealing with reality. [20:11] The joy of spending your money proactively on what you want and cutting back on other things. [21:08] Finding savings by shopping for insurance yearly. [22:56] You can also save with a defensive driving course. [23:41] Look at subscriptions and bundling. Sign up with deals. Keep track of when you should cancel.  [28:11] Bank loyalty will cost you money. [29:29] There are some highly competitive online savings accounts like CIT, Discover, and Ally.  [31:29] Be sure the online bank you are doing business with is FDIC insured. Make sure you're dealing directly with the bank. [33:30] Tips for looking for legitimate investments. Simplicity trumps most things. [34:59] Building wealth slowly with average returns. [42:00] There are a lot of wealth building options open for people who aren't making a lot of money. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest How To Money Joel Larsgaard on How To Money Joel Larsgaard on LinkedIn How To Money on Instagram Clark Howard Undebt.It Trusted Choice Policy Genius CIT Discover Ally

Scams come in many forms but receiving a freebie from a scammer doesn't make sense. If something shows up at your door that you didn't order, should you be worried? Brushing scams are becoming more common and while they may seem harmless at first they can be a gateway to fraud, identity theft and financial loss. Today we're diving into how these scams work, why they exist and the real dangers behind them. Our guest is Dr. Venkat Margapuri, an assistant professor of computer science at Villanova University. His research focuses on AI applications in agriculture and healthcare but he's also spent time studying online fraud and digital security. He's here to help us understand what's really going on when scammers send you something for free and most importantly what you should do about it. Show Notes: [00:44] Venkat is an assistant professor in the department of computer science at Villanova University. A lot of his research is focused on artificial intelligence, image processing, and security. [01:53] Brushing scams are where you receive products that you haven't ordered. It's a fraudulent e-commerce scheme. They try to get reviews or add additional sales for their product. [04:48] Venkat explains why it's not a good idea to scan those QR codes in products. You don't want to put your credentials into the website. [05:41] This is where brushing leads to phishing scams by getting people to enter information into a fake website. [06:20] The major risk of receiving these packages is identity theft. [09:30] Scam charges on Amazon can be used to verify stolen credit card credentials and overconfidence often leads to being scammed. [10:52] We discuss where these scammers find people's addresses. [13:05] A lot of scammers are really smart people who got into the wrong business. Key qualities include narcissism and psychopathy. [17:05] When you receive these packages just dispose of them. Don't scan the QR codes. [21:25] A scam where they send emails with the link to free Apple Gift Cards. Be careful about what you post on social media. [22:43] Assume unsolicited contact is a scam. [23:50] Don't share personal information. Look out for things that are out of the norm. [27:04] Venkat talks about advance fee scams. [28:14] Being careful about geographic perceptions.  [31:18] Be cautious if you are being rushed.  [32:18] Whenever you suspect something isn't right, err on the side of caution and don't do it. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Venkat Margapuri on LinkedIn Venkat Margapuri - Villanova University

Cybersecurity isn't just a concern for large corporations. It's vital for businesses of all sizes. It's essential for companies to know how to protect sensitive data, restore from backups, and regularly test their systems with internal pen tests to keep their teams safe. Today's guest is Bryce Austin. Bryce is the CEO of TCE Strategy, a cybersecurity advisory firm. They provide vulnerability scans, penetration tests, fractional CISO services, and incident response services. He is also a professional speaker on ransomware. Bryce is the fractional CISO to many companies, including one on the S&P 500. We talk about the key aspects of cybersecurity for businesses, and how to be proactive with patching, training and strong password management. He shares his experiences with major cyber incidents including ransomware, phishing and the Target breach, and how defense in depth, backups and financial controls are key. Bryce also mentioned the use of password managers, regular vulnerability scanning and external monitoring to increase cyber resilience. We share practical tips for all businesses to protect against ever changing cyber threats. Show Notes: [00:59] Bryce started TCE Strategy in 2016. It's their goal to keep their clients one step ahead of cybercriminal risk. [01:32] He has a degree in chemistry. Technology was just for fun. He ended up working in the payroll space which was ripe for cyber security concerns. [03:00] He was really pushing cybersecurity and then their company was purchased by Wells Fargo. It ended up being amazing training for starting his own cybersecurity business. [05:24] Bryce shares how he was affected by the Target security breach. He ended up unemployed and was deeply affected by food stamp requirements for his family.  [07:34] He wanted to make sure he would never go through this again and started his company. [08:19] His public speaking began in 2011. [09:17] He was indirectly affected by the Target breach, and he also shares his indirect personal one. [12:59] Bryce was actually spearfished in 2018. [14:36] Incident response is when something happens from a cybersecurity standpoint and damage has occurred. Oftentimes data is encrypted. This is a ransomware attack. [17:18] Bryce tells the story about how a hotel was hacked and a large payment was able to be intercepted. [18:31] Phishing attacks are where someone clicks on a bad link. [20:38] His biggest Christmas gift was none of his clients getting hacked. [21:05] They also had a ransom demand where they had to pay a million dollars. [23:02] If they would have been looking harder this wouldn't have happened. [26:26] Issues with hooking up to the Internet and having default passwords. [28:07] Why it's impractical to make ransomware illegal. [31:12] Even criminals have a reputation to uphold and usually hand over the encryption key. [33:56] Bryce talks about some of the preventative things that people can do.  [34:47] Be proactive and have diligent patching. [35:37] Don't use the same passwords over and over. Use a password keeper.  [36:54] Have offline backups. [38:09] Follow all processes and procedures when moving money. Use unique passwords. [39:27] It's important to encrypt your backups. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Bryce Austin (612) 730-9897. Bryce Austin on LinkedIn

The CISO role is constantly changing. With all the shifts in cybersecurity, it's crucial to find ways to attract new talent to close the growing skills gap. CISOs now juggle complex systems managed at multiple levels and handle burnout amongst many other responsibilities. Today's guest is Jill Knesek. Jill is the Chief Information Security Officer for Blackline, a company that does financial SaaS solutions. It's based out of the Los Angeles area. She's been there almost three years now as the CISO, running the information security team. She previously served as Chief Security Officer for BT Global Services. She has more than 15 years' experience directing security programs, including service as a special agent for the FBI assigned to the Cyber Crime Squad in Los Angeles Field Office, where she was involved in several high-profile cases, including Kevin Mitnick.  In this episode, we cover the CISO role evolving from low visibility to a C-level position, managing multi-cloud infrastructures and aligning with other teams and the ongoing cybersecurity skills gap and burnout. Jill also talks about incident response and crisis management and collaboration within the cybersecurity community to fill the blind spots and strengthen the defenses. Show Notes: [01:23] She's now the Chief Information Security Officer for Blackline, a company that does financial SaaS solutions. [02:00] She was also an FBI special agent for 3 and 1/2 years working cybercrime. She was super excited, because this was her lifelong dream. [03:35] She loved the FBI, but she knew she could do more for the industry on the private side. [04:21] Jill talks about how the CISO role has evolved. It's now a C-level position. [06:26] Some of the boards were very interested in what was going on with security. There has to be a balance with funding and proving your success. [07:39] Now complexity is an issue.  [09:03] The cloud adds so many connecting services.  [11:45] CISOs are getting more responsibility and need more qualified people in their teams. There's a gap with not enough people coming into the cybersecurity industry. [12:30] How the idea of stress and working nights and weekends can deter some graduates from the cybersecurity industry. [15:15] Boards and executive committees expect the CISO to be right in the middle of things. They want real-time updates and to know what everyone is working on right now. [17:47] The importance of keeping a calm level-headed view when something goes wrong. [21:41] We learn about the flow of straightening out curves or incidents. Learn during the small incidents and practice the process. [23:57] The importance of not scolding the team for being too quick to react. It's better to have a false alarm than to ignore a serious problem. [25:10] Jill does a one-to-one with everyone on her team each quarter. She tries to Mentor them with some of the things that she's learned. [30:29] We hear about a couple of incidents where ransomware got into the environment.  [35:01] When someone else reported that something weird was going on in the network. [38:27] To help with the talent gap, we need to start introducing cybersecurity at the high school level. [42:15] It's important for CISOs to be connected with other groups and events. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Jill Knesek at Blackline Jill Knesek on LinkedIn

With the increase in targeted cyber attacks, it's more important than ever for organizations to quickly identify and respond to threats. AI is helping security teams by acting as virtual analysts, handling much of the investigation work. However, human oversight is still essential for the final steps and judgment. Today's guest is Michael Lyborg. Michael is the Chief Information Security Officer at Swimlane. Prior to taking his current role, Michael was Global Vice President of Advisory Services, a highly sought-after expert by the world's largest Fortune 500 companies and global government agencies to advise on the creation and operation of industry-leading security operations. In this episode Michael shares his experience and wisdom on today's cybersecurity challenges. We talk about the balance of automation and human oversight, the risks and rewards of putting AI into security operations, and defense in depth strategies. Michael also covers how military style threat assessments can help with cybersecurity, how AI is evolving for threat prioritization and analysis, and the need for continuous testing and monitoring to prevent automation failures. If you want to know how to stay ahead in a complex cyber world, this episode is full of practical advice. Show Notes: [01:06] Michael has been with Swimlane for about 7 years mainly focusing on larger enterprises, government clients, and partners. He's helping with the automation journey and experience. He also built security programs for other companies and was a Marine. [02:07] Prior to the Marines, he did IT and network security. Michael is originally from Sweden. [04:22] Operational risk management or conducting a limited threat assessment. He's always thinking like a hacker and looking for gaps in security. [06:29] Michael tells a story about his wife's recent experience with a cybersecurity scam. [12:11] How a company decides what level of friction is appropriate to implement proper security. [13:59] Michael talks about balancing what is and isn't automated. [16:16] Michael shares the story about his early days of automation. [17:23] Continuously review and monitor your automations. [18:41] Starting with documentation is a good first step. [21:45] Michael talks about how awesome it is being able to work in security and automation and help businesses grow and achieve outcomes. He believes in automating the mundane tasks. [22:26] We learn about AI being involved in the defensive side of cybersecurity.  [24:50] AI can also bridge the gap between the security team and non-technical people. [26:33] We discuss places where AI probably shouldn't be used. [27:58] Find where AI works for you and then think about incorporating it in your security services. [31:01] The importance of having controls in place when using AI whether it's for security or data analysis. [33:00] Risk can be reduced by training on specific tasks. [34:18] Michael shares the value of mixing human and artificial intelligence through Swimlane.  [39:08] The importance of bridging gaps and getting rid of silos. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Michael Lyborg on Swimlane Michael Lyborg on LinkedIn

The landscape of cybersecurity training and collaboration is changing, interactive education sessions and cross team communication is key. Building a security culture and staying ahead of the modern threats has never been more important. Today's guest is Howard Goodman, Senior Technical Director at Skybox Security. With over 20 years of experience Howard has become a well known figure in the cybersecurity world, he combines strategic planning with hands-on application across many industries. In this episode we talk about; security culture, the evolution of cybersecurity training and how Howard got phished during COVID. We also cover organisational challenges, best practices and the future of cybersecurity. Show Notes: [00:48] Howard has a doctorate in cyber operations from Dakota State University. Besides working for Skybox Security, he's also an adjunct professor teaching graduate courses about cyber security. [01:48] Howard shares a phishing experience when he and his wife were selling on eBay during COVID. [03:34] If the pros can fall for something, regular people can too. We need to be on our game 100% of the time. [04:53] We talk about opportunities for adversaries to get in when companies have large cybersecurity teams with a lot of moving parts. [05:29] A lot of people ignore phishing attempts instead of reporting them.  [06:04] It comes down to organizations training their people properly. Cyber security training is becoming more interesting, because the boring stuff just doesn't hold people's attention.  [10:13] When talking about threats, they focus on the exposure side and the exploitability side. With most businesses, functionality comes before security. [12:47] Formal testing is required before upgrading security patches to make sure that they don't break down the whole system. [13:47] The importance of being able to leverage other security controls while testing patches. Teams need to be able to communicate and act fast. [14:52] Knowing about potential risk is the only way to be proactive. [16:36] Looking at costs and gaps in technology. Failures are often due to a breakdown in communication. [19:33] The approach of starting out security first. [25:08] Best practices include cross-training. Working together and training together. Organizations need to run simulations and see how they react as an organization. [31:06] Skybox talks to organizations about gaps in security. [35:57] We discuss the loss that can happen from not having proper security measures in place. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Dr. Howard Goodman - Skybox Security Dr. Howard Goodman on LinkedIn

With phishing and password breaches on the rise, passkeys could offer a more secure, user-friendly solution that could reshape how we protect our online identities. Today's guest is Christiaan Brand. Christiaan is the co-founder of Entersekt, a financial services security firm and a key player at Google in their security and identity teams.  A respected voice in cybersecurity, Christian co-chairs the FIDO2 technical working group focusing on standardizing robust online security protocols in advancing the use of passkeys. He has been at the forefront of the shift toward more secure, password-free systems. We'll hear his insights on the challenges and opportunities of implementing passkeys to create safer online environments for users and organizations. Show Notes: [00:52] - Christiaan is part of the security team for Google accounts. He's been with Google for 9 years. Prior to that he had a startup. [01:30] - He joined the FIDO Alliance around the same time Google joined in 2013. When he joined Google, he was able to continue with the same type of work. [02:35] - Each of the big tech companies represents a portion of the market when it comes to how we interact with the web and apps. [04:06] - He became interested in security when he started thinking about what could go wrong with new technology solutions. He wanted users to be able to access their financial information in a safe and secure way. [05:06] - 2FA began gaining traction with Google in 2011. It coincided with the launch of Google Authenticator. 2FA was also used by a gaming company. [07:54] - Usability is important, that's why having an app that displays the codes was one of the first forays into making the technology more accessible. [08:34] - Passkeys allow us to move beyond passwords, leaving the extra hassle of traditional multi-factor authentication behind. [11:05] - Key fobs were one of the earlier ways to try and bring usability to security. Now the technology is being moved to smartphones. [12:33] - Passkeys are a replacement for a password manager. [13:35] - Passkeys are extremely long and asymmetric in nature. You and the site you're going to both have the passkey. [14:27] - The service will have the public part of the passkey, and you'll have the private part. Even if the public part leaks out, your passkey will still be secure. Passkeys can never be revealed to phishing sites. [15:47] - FIDO brings the second authentication step in. The service also has to identify themselves. [20:04] - Password managers try to balance security and convenience. Logging in or accessing a passkey is a unique challenge for providers. [22:20] - Phone numbers are a way to get users back into their accounts. [25:19] - Single device users have extra challenges. [26:08] - There are pros and cons to external sources of identity. [29:44] - The FIDO website has many certified solutions. [33:21] - To get passkeys into daily users' lives, we need to start using them on daily applications where we log in frequently. [35:49] - Hopefully this passkey solution will stand the test of time. [37:34] - Attacks are beginning to shift to session hijacking. [38:24] - DBSC or device-based session credentials is a new standard parallel to FIDO. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Entersekt Christiaan Brand on LinkedIn Christiaan Brand on Twitter Christiaan Brand on Facebook FIDO2 Technical Working Group Learn More About Passkeys Passkeys.Dev FIDO Alliance Passkeys

How do phishing scams, AI-powered attacks, and strategic governance intersect? Together, they're redefining the future of cybersecurity. Organizations are navigating a mix of challenges and implementing innovative solutions to proactively address today's threats.  Today's guest is Kelly Hood. She is the EVP and cybersecurity engineer at Optics Cyber Solutions. She is a CISSP who specializes in implementing cybersecurity and privacy best practices to manage risks and to achieve compliance. She supports the NIST cybersecurity framework and serves as a CMMC registered practitioner, helping organizations strengthen their cybersecurity posture and develop effective risk management strategies. Show Notes: [01:06] - Kelly is a cyber security engineer at Optic Cyber Solutions. It's her job to help companies protect themselves. [02:17] - Don't be embarrassed if you fall for a phishing scam. [03:01] - These attempts are getting more realistic. Kelly shares how she was briefly fooled by a phishing scam that looks like an email from her mother. [05:25] - The NIST Cybersecurity Framework is a voluntary framework for defining cybersecurity. An update was put out in February of 2024. They also added a new function. [06:01] - The five functions that organize a cybersecurity program have been to identify, protect, detect, respond, and recover. They recently added the govern function. [06:38] - The govern function is about defining your business objective and then putting protections in place that makes sense for those objectives. [09:01] - The identify function is focused on knowing what we have. [09:40] - Protect includes everything from identity management, authentication, training, data security, and platform security. [10:12] - Detect is looking at what's happening around us. It's continuous monitoring and knowing what happens if something goes wrong. [11:00] - Respond is knowing what the plan is when something does happen. [12:01] - Recover is about getting back to normal after something happens. [16:22] - Data centers want to make sure that they have redundant power supplies. [17:33] - We discuss some of the things that people might forget when identifying cybersecurity assets. Data and people need to be thought about as well as systems and hardware. [21:00] - We need to write things down and understand what systems and data connections we have. [23:10] - We talk about the importance of being aware of the physical space and who is actually supposed to be there. [24:46] - Data is one of the assets that often gets overlooked for protection. There are many new requirements that require data to be protected. [27:54] - Monitoring to understand what traffic you should expect and what is and isn't normal activity is also important. [31:10] - Transparency and communication are paramount for creating trust. [33:51] - Sometimes recovery doesn't mean 100%. Get up and running and prioritize the systems that matter most. [36:56] - With governance, you really want to look at what you're trying to do with the business and then translate cybersecurity to fit that objective. [37:27] - Have guidance documentation in place and have oversight. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Optic Cyber Solutions (MaPT) Maturity and Progress Tracker Optic Cyber Solutions on LinkedIn Optic Cyber YouTube NIST Cybersecurity Framework

When you search for customer service numbers online, you might come across a scammer's number instead. It's important to be cautious when sharing personal information, and to verify identities before responding to requests for sensitive data.  Today's guest is Mona Terry. As Chief Victims Officer at Identity Theft Resource Center, she navigates the complexities of identity protection and identity crime recovery and management of multi-million dollar federal grants. She analyzes victim experiences to create ITRC's Identity Report and to provide information about new and ongoing trends in identity crimes. Show Notes: [0:55] - Mona describes her role as Chief Victims Officer at Identity Theft Resource Center and how she found herself in this job. [3:18] - Identity crimes include theft, compromise, and misuse. What's the difference? [4:26] - The number one recorded compromise is through scams, where people give their information to someone else. [5:30] - It is also becoming more common for someone to search for a customer service number and come across a scammer's number instead. [7:01] - Some of the strategies in detecting fake websites are not helpful any longer with scammers using AI tools to make things look more legitimate. [10:10] - Misuse is when someone else takes over your account and is making charges or establishing new accounts in your name. [11:41] - Account takeovers don't only include credit cards. Social media account takeovers can be just as dangerous and more common. [13:28] - Identity theft is what it sounds like—stealing information with the intent to misuse it. [15:24] - If you suspect something is compromised, Mona recommends freezing your credit account. [16:45] - Freezing your account and checking credit reports is easier than it used to be. [19:32] - Mona describes how the Identity Theft Resource Center walks victims through the steps in resolving problems. [21:23] - Some situations are harder to resolve than others. [23:51] - Team members at Identity Theft Resource Center are not therapists, but they are trauma informed and listen to victims as they are guided through a process. [26:27] - When working with the Identity Theft Resource Center, clients get a recovery plan. [29:08] - If victims have tried something or don't feel comfortable with something, ITRC can step in and help. [31:50] - Don't be afraid to check for problems. Sometimes problems don't show themselves immediately. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Identity Theft Resource Center Website

We often put off changes and schedule them to start on January 1st. Many of these idealistic resolutions fail shortly after beginning, so it is important to be thoughtful when planning so that you can set yourself up for success. Today's guest is Dr. Leslie Becker-Phelps. Leslie is a noted psychologist who authored a number of books, including Insecure in Love, The Insecure in Love Workbook, and Bouncing Back from Rejection. She writes the Authentically You Blog and the Psychology Today Making Change Blog. Additionally, she is a national speaker and hosts a YouTube channel. Show Notes: [1:00] - Leslie describes what she does in her career as a psychologist and author. [2:32] - Throughout her work, Leslie continued to go back to the question, “What makes it so hard for some people to change?” [5:47] - There's nothing wrong with New Year's Resolutions. But waiting to start making a change till a specific day is not effective. [7:02] - You can feel good about yourself and recognize that change is good to move towards. [8:23] - When people are insecurely attached, they have a negative sense of self. What is driving them forward is negativity. [9:58] - It takes a lot of work to be able to be compassionate with yourself. [11:49] - Leslie discusses some small changes she made for herself that allowed her to be consistent. [15:04] - Leslie explains the Michelangelo Effect. [17:47] - Relationships you are in have an impact on your self-esteem. [19:02] - Just because it feels true, doesn't mean it is true. [20:17] - Adding in the word “yet” gives us an idea of a future that will be different. [21:24] - Setbacks will happen, but they are not failures. [24:18] - You have to be persistent in making changes you want to make. [26:47] - If you can't seem to make a change, you have to get into the micro parts of yourself and find out why. [28:32] - Leslie suggests making different levels of goals. [30:15] - Prepare yourself for good days and bad days. How can you support yourself on a down day? [33:10] - When you are having really good days, you can clearly remember the days you struggle. Write a letter to your future self on a down day. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Dr. Leslie Becker-Phelps Website Dr. Leslie Becker-Phelps on YouTube

Data is continuously being collected and this information can lead to misleading conclusions about an individual. Without proper context, behavior can be misinterpreted. This underscores the need for data privacy laws and stronger protections against data brokers. Today's guest is Jeff Jockisch. Jeff is a passionate data privacy researcher dedicated to exploring the evolution of technology, our search behaviors, trust dynamics, and safeguarding of our information. As Managing Partner at ObscureIQ, he specializes in advanced data removal and privacy risk mitigation for enterprises and government organizations. Show Notes: [0:58] - Jeff describes his career and what he does in the field at ObscureIQ. [3:35] - Instead of taking his career into the compliance field, he took his expertise to the intersection of data privacy and data science. [4:40] - Jeff explains what a data broker does and breaks down a recent data breach. [5:40] - The legal definition of what a data broker is is very narrow. [6:42] - The data that is collected by data brokers can literally be anything, like health care data, drivers licenses, and viewing habits online. [7:32] - One of the worst types of data that is collected is cell phone location data. [8:46] - Data tells a story, but pieces might be missing. Data can paint an inaccurate picture of someone. [10:18] - Data can be interpreted in different ways. [12:41] - Your digital footprint can be deleted. But in addition to deleting it, your behavior needs to change. [13:50] - Apps track data automatically for ads. [16:31] - All of these companies are collecting our data, but they're not securing it. [19:42] - What can someone do with collected data? The possibilities are endless. [21:38] - Data that is collected can also show other people who are connected to you. [23:10] - Some things can be deleted, including public records. [25:09] - The problem is that the data brokers are massively powerful. [27:15] - Check out the links below for resources that Jeff recommends on the steps to take in order to delete the data you are leaking. [29:57] - Jeff shares an experience of almost being a victim of a scam. [33:10] - Scammers sound totally reasonable in the moment, even when we reflect and feel stupid for making a decision. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest 7 Steps to Reduce Your Digital Dust by 90% Tactical Privacy Wire Jeff Jockisch on LinkedIn A Tactical Privacy Wire on the Creation of Secure Sock Puppets Empowering Digital Citizenship with Privacy Video Empowering Digital Citizenship with Privacy PDF

When a recruiter contacts you, it's essential to do your homework, verify their sources, and trust your instincts. If something seems too good to be true, it probably is. While it can be frustrating to be this skeptical, being cautious can protect you and your finances. Today's guest is John Sidoti. John is the Senior Director of Information Technology at Social Current. He has over 30 years of experience as an IT generalist with wide and varied experience across all aspects of the IT spectrum.  Show Notes: [0:50] - John shares his background and discusses his extensive and varied career in IT. [3:32] - Even as a director, John keeps hands-on projects going to keep working in the field. [4:45] - John describes an experience of himself falling victim to a scam on LinkedIn. [7:56] - At some point in the process, John realized that something seemed off. [9:40] - After speaking with this scam company, he continued to receive copied and pasted messages from other “recruiters”. [12:21] - Although the copy and website look and sound very legitimate, there are some things we can look for that raise red flags. [14:13] - Many scammers create fake profiles that look very professional and well done. But take the extra step and research the company and individual. [15:57] - In the grand scheme of things, the people who have been victimized by these types of scams are vulnerable and desperate for employment. [18:22] - Anyone can purchase a domain name and pull together a website using a free or cheap template that all look very legitimate. [20:05] - Once you know the markers, you can see them coming. [21:07] - Look at the domain names and how long they have been registered. [22:30] - Don't assume it is just an email world. If a company does not have a legitimate phone number, it is a red flag. [24:02] - Another red flag is when a recruiter has been working with just one single company in their career. [26:45] - Recruiters should not be asking for personal information. The company will do that, not a recruiter. [29:43] - It's okay to be a little cynical about this in order to protect yourself. [31:34] - There are other places that need to be looked at closer as well, specifically Facebook Marketplace. [34:16] - When you look closely at sponsored posts that seem too good to be true, you'll notice that they are all from bots. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest

Today's threat actors and social engineers leverage social media to observe individuals' patterns and habits. They encounter you at a coffee shop or another familiar spot. They begin to establish trust, which makes you more susceptible to their tactics.  Today's guest is Peter Warmka. Peter is a retired CIA officer with over two decades of breaching the security of organizations overseas in pursuit of intelligence. He is the founder of The Counterintelligence Institute, author of two books, conference speaker, consultant, and educator on the dangers of human hacking. Show Notes: [0:56] - Peter shares his background and what he has done in his interesting career. [3:27] - The Counterintelligence Institute helps organizations and individuals understand what types of information threat actors are trying to steal. [6:08] - Peter discusses the surprise his friends and family experienced when learning he had been working for the CIA. [9:13] - There are some skills that Peter had to learn when going into this career, but other skills came more naturally. [11:15] - Trust is different in various societies, and Americans are particularly vulnerable. [13:31] - Peter explains how he developed trust with others. [16:00] - There are ways to leverage trust in this type of work. [19:32] - Peter discusses international breaches and the types of intelligence breaches from other governments. [23:11] - The internet has made information so readily available to everyone, including information you may not want them to have. [25:19] - There are different types of information found on the different kinds of social media platforms that all come together to paint a whole picture. [28:09] - Human hacking, or social engineering, can be accomplished through five different communication channels. [31:21] - Peter describes a very powerful and common in-person scenario. [35:53] - We have to get away from the silo-approach, thinking that breaches are only coming from the IT network. [37:24] - Peter wrote a book in the early days of Covid-19 for organizations. He then wrote a book geared more towards individuals. [39:41] - Privacy and security settings are great, but platforms can still be hacked. [41:56] - It shouldn't be “trust, then verify.” It needs to be “verify, then trust.” [44:27] - AI tools have made things even more complicated for victims and easy for threat actors. [46:37] - LinkedIn specifically is overwhelmed with fake accounts. [48:50] - Workplace education on this topic is backwards in organizations since they are seen as compliance training. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Counterintelligence Institute Website Peter Warmka on LinkedIn

Creating habits of healthy skepticism when receiving texts or emails can prevent you from clicking on phishing links. Everybody is vulnerable online, especially when distracted or in a hurry. But cultivating critical thinking and self-awareness can enhance protection against manipulation. Today's guest is Perry Carpenter. Perry is an award-winning author, podcaster, and speaker with over two decades in cybersecurity, focusing on how cyber criminals exploit human behavior. As the Chief Human Risk Management Strategist at KnowBe4, Perry helps build robust, human-centric defenses against social engineering-based threats. His latest book FAIK: A Practical Guide to Living in a World of Deepfakes, Disinformation, and AI-Generated Deceptions, tackles AI's role in deception. Show Notes: [1:02] - Perry shares his background and what his career has entailed. [4:01] - Regardless of how much people say, spend, or do on security-related issues, the people side of things is hard to control. [5:25] - Perry has always been interested in deception and misdirection. [6:59] - Even as a security professional, Perry has experienced enough distraction to click a phishing email. [9:43] - It is easier to be distracted and not follow usual healthy security habits than being on a computer. [12:24] - We fall into habits easily, especially when the behavior is simple and easy. [16:00] - Technology based deception is more available to anybody than in any other time in history. [18:10] - Security professionals and often pushed in the roles of giving advice. [19:40] - Reflection questions like “Why is this in front of me?” might prevent someone from falling victim to a scam. [26:58] - Everybody is vulnerable. Even though cybersecurity professionals know more on the topic than some others, it is still possible for them as well. [30:40] - Pig butchering and crypto scammers sometimes actually do send money back as a tactic to earn trust and increase hope. [34:42] - We have to have a healthy skepticism of the information environment that we live in. [36:39] - There are very few situations in life where you won't benefit from slowing down and thinking things through. [38:41] - Perry suggests a family activity that will help boost understanding of pressure tactics. [40:17] - The narratives or tells that work for someone might raise a red flag to others. [43:25] - As a society, we've gotten to a point where we don't like to introspect. [45:59] - Perry discusses the content of his most recent book and how it is information without the “easy way out”. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest FAIK: A Practical Guide to Living in a World of Deepfakes, Disinformation, and AI-Generated Deceptions by Perry Carpenter Perry Carpenter on LinkedIn

In a world of cybersecurity and online privacy, anonymity seems to be the key. VPNs are often promoted as the cure-all to our internet needs. Let's talk about some of those misconceptions. Today's guest is Lance Cottrell. Lance founded Anonymizer in 1995 and is an internationally recognized expert in cryptography, online privacy, and internet security. He is the principal author on multiple internet privacy and security technology patents. Lance stayed on as Chief Scientist as Anonymizer was acquired by Intrepid, and now advises start-ups through his platform. Show Notes: [1:09] - Lance shares his background and how he spent the start of his career and into founding Anonymizer. [3:03] - To continue destigmatizing being a victim of a scam, Lance shares his own experience as a victim himself. [5:38] - In-person scammers are very believable. They learn through building a relationship the things that you want. [9:47] - There are two reasons why people commit treason - revenge and justice. [10:42] - Prior to founding Anonymizer, Lance had fantastic access to the internet in the early 90s and became involved in the open-source community. [13:58] - Lance describes how Anonymizer did business-wise and where it capped. [17:40] - There are different types of customers for Anonymizer, general consumers as well as government entities. [20:30] - There were certainly times where someone would come to Anonymizer and they had done something that was really pretty dire. [23:28] - Anonymizer was able to develop some new technologies that Lance describes. [25:35] - If you need to trust someone, research who that someone is and understand if you can. [27:11] - The biggest mistake is thinking your IP address is the important thing. [29:19] - Actually achieving anonymity or pseudonymity and maintaining overtime is incredibly challenging. [31:09] - Human behavior tends to give away anonymity. [33:47] - People don't think anywhere near enough on the threat model. [34:58] - When are VPNs actually beneficial? [37:32] - Be very specific about what you want to protect. [40:05] - Obsession and trying to run your life around trying to be anonymous is not helpful. [41:41] - Lance discusses some of the interesting aspects of the psychology of criminals. [43:10] - Lance shares some parting advice and the basic things to do to stay protected. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Lance Cottrell on LinkedIn Lance Cottrell Website Feel the Boot - The Science of Startups

Cybersecurity is more crucial than ever. It's essential that we proactively safeguard our data and recognize that no one is immune to attacks. We are all vulnerable. As malicious actors continually enhance their tactics, we must stay one step ahead by consistently improving our defenses. Today's guest is Vincent LaRocca. Vincent is the CEO of CyberSecOp with the commitment to protecting sensitive data and mitigating cyber threats. With over two decades of experience, Vincent has successfully steered CyberSecOp to become one of the world's fastest growing managed security providers, specializing in cybersecurity assessments, breach management, and risk management consulting. Show Notes: [1:15] - Vincent shares his background and how he found himself working in cybersecurity. [2:40] - Even the experts are vulnerable. Vincent shares an experience he had with fraud at his bank. [4:16] - Cyber threat trends are moving to AI. [6:19] - As consumers, we need to be aware of how AI is using our data and what we give it permission to have access to. [8:19] - AI isn't going anywhere. It will continue to grow and develop. [9:16] - Threat actors are unfortunately usually one step ahead of defenses. They are using AI to exploit vulnerabilities. [11:54] - AI gives threat actors even more reach. The number of incidents and scams are extremely high and will multiply. [13:59] - Small organizations and business owners are hit pretty hard by breaches since they often do not have a cybersecurity team. [16:09] - Vincent shares some of the traits and qualifications that are good to look for in cybersecurity professionals for small businesses. [19:07] - Defenses are built against things that we know about, not things we don't know about. [21:27] - There are things that can be done that are free or more cost-effective. [23:40] - There's no point in putting a fancy lock on the front door if there's nothing protecting the back door. [27:06] - Even if an organization has invested in cybersecurity and knows how to keep data safe, if their partners or vendors do not, it means very little. [28:31] - There are so many breaches that have happened that we don't even know about and our data is out there mixed in with so much more. [30:31] - We are a part of an AI revolution currently and the landscape of AI will be completely different in just a few years. [33:58] - The tools for cybersecurity, including machine learning, are improving every day as well. [37:09] - Don't turn a blind eye and assume you can't afford protection. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Vincent LaRocca on LinkedIn CyberSecOp Website

As consumers, we may realize the need to be vigilant by using two-factor authentication and password managers, but there are so many scams out there that can impersonate legitimate organizations, websites, and people. We really can't let our guard down. Today's guest is Soups Ranjan. Soups has over 18 years of experience in software engineering, data science, and risk management. He is the co-founder and CEO of Sardine. This behavior-infused platform offers fraud prevention, compliance, and payment solutions for various industries including banking, online marketplaces, FinTech, crypto, online gaming, and gift card exchanges. Previously, Soups led the Risk and Data Science teams at CoinBase, where he scaled the platform and enabled millions of users to buy, sell, and store cryptocurrency securely and efficiently. Show Notes: [1:15] - Soups shares his background and information about his company, Sardine. [4:30] - He has not been a victim of a scam online but did experience an in-person scam. [6:57] - Sardine works with a diverse set of clients. Trends differ based on the industry. One major trend is an increase in triangulation fraud. [9:07] - Once they have card details, they can pretty much do whatever they want with it. [11:40] - Even on a contactless card, using tap-to-pay, be careful. Don't hand over your device. [12:43] - It is becoming increasingly difficult to verify the identities of merchants. [15:21] - There is a big rise in scams as a result of the demand for real-time money transfers and exchanges. [17:45] - Some scammers are instructing victims to install screen viewers and recording tools. [19:50] - Machine learning is used to help protect clients. [21:41] - There are intrinsic behaviors that Sardine monitors to watch for unusual activity. [24:41] - Soups describes some of the other types of data that is observed in addition to behavior. [27:08] - Soups explains 3D Secure and what the benefits of this system are. [30:41] - Dollars lost to scams have far surpassed the dollars lost to fraud. [33:37] - The United States is behind in regulatory measures. [35:59] - It is best to work with banks that take fraud and scams very seriously. [37:15] - Soups lists some of the red flags and be on the lookout for. [39:44] - It is extremely important to protect your email address in the same way you protect your bank account. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Soups Ranjan on LinkedIn

There are a shocking amount of businesses that ultimately fail because of fraud. Many managers and business owners are unaware of their losses because they do not have the systems in place to look for fraud and it may not be their primary concern. Today's guest is James Ratley. Jim graduated from the University of Texas at Dallas with a bachelor's degree in Business Administration. In 1971, he joined the Dallas Police Department as a police officer. He was on numerous task forces with a concentration on major fraud cases. He joined a major forensic accounting practice and was in charge of fraud investigations. In 1988, he was named the Program Director of The Association of Certified Fraud Examiners and in 2006, became the President. In 2011, he became the CEO and he retired in 2018 after 30 years there. James has been an adjunct professor, published author, and named by Accounting Today as one of the top influencers multiple times. Show Notes: [1:14] - James shares his background and the way his career panned out over 30 years. [3:35] - When the ACFE was established, there was no information or education around it at all. [5:09] - The average organization loses 5% of their revenue to fraud. Out of every ten people hired, statistically, six of them will steal from you. [6:46] - Fraud can be prevented and strategies to reduce fraud are typically inexpensive. [8:40] - It's important for business owners not to be afraid to call it fraud. [10:25] - Fraud perpetrators believe they deserve what they've taken. [13:26] - It's important for businesses to have strong management and leadership. Training is crucial. [14:18] - James discusses the most common types of fraud and how even the seemingly minor things could be detrimental. [18:24] - Fraud perpetrators are really good at hiding what they are doing and making the business owners believe it could never be them. [20:15] - Another strategy is to separate tasks out and be strict about them. [21:37] - Surprise cash counts is another good strategy. [23:13] - There are no small frauds, only frauds that have not had time to reach maturity. [25:44] - You impact rationalization through education. [29:16] - James lists some of the red flags that could indicate something more going on. [31:31] - There should be policies and regulations that purchasing officers are held to. [36:30] - Auditors must be completely independent. [40:10] - Some business owners will deny the problem is happening because it is hard to deal with and accept that someone they trust could be stealing. [44:35] - Many small organizations go out of business due to operating at a loss. Most of the time this is because of fraud. [47:25] - Never judge someone by the standards you have for yourself. [51:12] - Something to remember is that most fraudsters will steal in even numbers. [53:11] - In most cases that James has worked, the manager had seen all the signs, but never thought anything about it. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest ACFE Website

Now that so much of our communications are digital, such as texts, emails, and chats, we miss out on the tone and facial expressions to help us understand the intent and content in communication. It's important to know ourselves well enough to know what areas we'll be more easily influenced and are susceptible to being deceived. The greater our desire for something to be true, the easier it is for us to be scammed. Today's guest is Mark Bowden. Mark is a world-renowned body language expert, keynote speaker, and best-selling author. He is the founder of the communication training company, TruthPlane. Mark is also a member of The Behavior Panel on YouTube. Show Notes: [1:08] - Mark shares his background and what motivated him to specialize in human behavior. [2:34] - There are parts of the brain that are activated when we first meet someone new. [3:56] - Think about how many people you see on a regular day. Some you will notice and some you will not. [7:03] - There are certain parts of the brain that can overwrite natural instinct. [10:02] - Mark demonstrates how body language changes when there is perceived risk. [14:50] - Body language signals can be perceived inaccurately. People can also change their body language to send different signals. [17:15] - So many signals that our brains rely on in communication disappear when we cannot see the person we're talking to. [19:16] - Mark gives an example of how the human brain perceives the bait of a scam. [22:48] - The first step in critical thinking is to suspend judgment. [25:58] - “You can only con a greedy man.” Think about what you want so much that if it were offered, you lose your sense of judgment. [28:33] - If anyone ever tells you that something seems like it isn't true, suspend judgment and look into it. [30:32] - It's a risky world. There are people who have dedicated their lives to deceiving others. [35:13] - Part of critical thinking is asking other people whom you trust about what they think. [39:56] - Sometimes we will set people up to see how they will respond. [43:11] - It is best to have an open mind and be willing to see things for what they are over what you want them to be. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest TruthPlane Website Mark Bowden on YouTube The Behavior Panel on YouTube

Many industries are reliant on software and if the software becomes corrupt or an update fails, it may require hands-on support. Do you have your infrastructure set for repair and recovery? Today's guest is Gabe Dimeglio. Gabe is a 20-year veteran of information technology and security for private and public sector organizations. He is a results-driven leader, specializing in security services and solutions for mission-critical, complex enterprise platforms. His expertise includes strategic consulting services, risk analysis/risk mitigation, and compliance. Mr. Dimeglio serves as Vice President & Executive Advisor, Security, Office of the CTO at Rimini Street. He is responsible for oversight of the GSS organization that provides tailored consulting and advisory security services to prospects and clients, in collaboration with Rimini Street sales, client engagement, and retention functions. Show Notes: [1:18] - Gabe shares his background and what he does in his roles at Rimini Street. [2:38] - Anyone can be a victim of a scam. That includes Gabe. [4:03] - Scams are very sophisticated and techniques have come a long way in the last decade. [5:23] - Gabe describes what happened with the update that shut down much of the United States' systems and infrastructure. [8:30] - To complicate things, the platform could not be restarted with this update in effect. [10:42] - Updates are sideloaded continuously and are processed by this kernel driver. The thought process is interesting because it has happened before. [12:37] - This was the biggest problem caused by Crowdstrike. [14:47] - One mistake out of 10,000 updates is a low error rate, but there is a lot of reputation damage done in this event. [16:50] - In the case of Crowdstrike, turning off auto-update was not an option. [18:43] - Any time software, programs, or data are introduced, you're also introducing risk. [21:04] - Part of the solution to fixing this massive problem was hands-on support on every box. [26:13] - One problem is that there are some industries where technology is very outdated. [27:23] - People are selling their solutions and the solutions are cloud-managed. This is scary due to frequent cloud breaches. [31:10] - There are still businesses that have no security professionals or teams managing client data and safety. [32:53] - The skills gap is crushing most businesses. [35:03] - Security has come a long way, even if there are still areas of lack. [37:01] - For the last couple of years, security has been something that there is a budget for in most businesses. [40:49] - Don't ever let anyone convince you to shortcut anything. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Rimini Street Website

It's not always easy to determine the value of digital assets. The potential of overestimating or undervaluing your data can make it difficult to establish how much protection you need for a cyber intrusion.  Today's guest is Jeremiah Grossman. Jeremiah has spent over 25 years as an InfoSec professional and hacker. He is the Managing Director of Grossman Ventures. He is an industry creator and founder of White Hat Security and Bit Discovery. He has his black belt in Brazilian Jiu-Jitsu and is an avid car collector. Show Notes: [0:53] - Jeremiah shares his background and what he does as the managing director of new venture capital, Grossman Venture. [1:55] - When he was 24, Jeremiah's business was victimized by a data breach. [5:30] - This experience taught him that if you treat your customers with integrity and have their best interests in mind, they will keep doing business with you. [7:43] - These things happen to countless businesses. It is important to keep customers and clients informed. [10:27] - Cybercrime is one of the only crimes where the victim doesn't always know they're a victim. [13:30] - When it comes to solving these problems, we have to narrow in on the problems that are worth solving and then work for a solution. [14:53] - Doing an asset evaluation is a good starting point. There is no algorithm to determine the value of digital assets. [19:18] - What role does AI play in this and what should people be wary of? [20:31] - How do we raise the cost on the adversary? [23:12] - There are ways to bait adversaries as well which is an inexpensive solution. [25:17] - These days, adversaries are nowhere physically near the data. They access it all through digital means. [27:28] - Jeremiah is optimistic about AI and in his perspective, AI is a tool that will help us determine solutions. [28:07] - Currently, cyber insurance has become compulsory. [30:48] - Jeremiah explains how things work in venture capital and the problems that are common. [34:11] - There are many things that we can do better in this space. [35:46] - Jeremiah shares advice for small and medium-sized businesses. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Jeremiah Grossman's Website Jeremiah on Twitter

Pig butchering is worse than just manipulating someone and taking their money. It leaves them with emotional anguish. Once their finances have been drained, they lose their financial security and they no longer trust people. Today's guest is Erin West. Erin has been with the County of Santa Clara for 26 years and is a Deputy District Attorney. She specializes in cryptocurrency investigations and prosecutions.  Show Notes: [0:46] - Erin shares her background and what her role is as a Deputy District Attorney in Santa Clara County. [3:20] - Five years ago, Erin found herself working on prosecutions regarding SIM swapping and cryptocurrency hacks. [4:35] - The emotional impact of “just a financial crime,” is staggering. [7:38] - You never know who around you is a victim of some of these crimes. [8:18] - Erin describes the experience of being convinced to click a link herself.  [10:32] - Scammers will think about different things that would trigger someone into clicking a link. [13:40] - Pig butchering involves building trust with a victim and showing them a false plush lifestyle. [16:08] - A red flag is a text or social media message you may receive that seems misdirected or to a wrong number. [19:21] - It feels like the right thing to do when we feel the need to respond to the scammer with a “you've got the wrong number,” but that's how they start a conversation. [22:29] - In many cases, scammers bulk text a massive amount of phone numbers. But some people are specifically targeted on social media. [24:23] - Covid really accelerated this type of scam due to loneliness. [25:40] - A misconception is that these scams target the elderly. But it is not based on age at all. [27:03] - Unfortunately, law enforcement is not set up to be able to handle this type of crime. [28:18] - Erin explains that law enforcement doesn't tend to always lead with empathy when this type of crime is reported. [30:12] - It is important to report the crime to local law enforcement, but there are other places that the crime can be reported to in addition. [32:50] - Victims should be able to speak to a detective. [34:33] - Victims should be very wary of third party recovery programs. [37:26] - On the other side of things, a scammer could also be a victim of human trafficking and being forced to scam others. [39:40] - Scams are being operated on a massive scale and have a front of a corporate business. [41:14] - Initially, most of the cases seemed to have money moved out of the country. However, recently scammers have been found to be operating in the US. [44:04] - There is some hope and opportunities in recent months where money laundering has been intercepted. [46:41] - Progress in education and advocating for less victim shaming is moving in the right direction. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Erin West on LinkedIn

Sometimes people only share their stories after they've gone through a challenging time. But it's also important to learn from those in the middle of a scam to learn how people are manipulated and how vulnerable our loved ones can really be. Today's guest is Terri Proctor. Terri's elderly mother has been scammed by romance scammers over the last three years. In trying to get help from different recommended services, she realized that no one was really interested in helping. She started the non-profit Stop Elderly Scams to educate and bring awareness to the community.  Show Notes: [0:53] - Terri shares her background and how she was thrown into her situation. Her experience led her to founding a non-profit. [2:28] - Over the course of a year, Terri's mother lost about $100,000 to a romance scammer. [3:30] - Terri's mother was not treated like a victim. She was treated as a willing participant. [6:01] - There were many reasons why Terri's mother was vulnerable to manipulation, including loneliness. [8:23] - It is sad to see the comments online about victims of scams. [10:23] - The shame and embarrassment a lot of victims feel causes them to not talk about the problem or seek help. [11:57] - In the beginning, Terri admits that she had a lot of anger and frustration that was also focused on her mother. It is better to listen and try to reason. [14:54] - Terri's mother was stopped by a store manager from buying more gift cards. The manager has expressed concern that she is not the only one. [16:51] - Part of the vulnerability of Terri's mother is loneliness. [18:47] - Other types of scams tend to target the elderly. It is hard to keep up. [24:08] - How can we help our loved ones without taking away their independence? [26:21] - People should feel free to talk about these issues. Terri shares how her non-profit is helping educate and make a difference. [28:46] - It is challenging to find the balance in helping loved ones and making sure they have their autonomy. [29:59] - When you think you've learned about one thing or one scam, another problem pops up. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Stop Elderly Scams Website

Regulators have to invest a considerable amount of time in keeping legislation and policy up to date regarding technology and AI, but it's not easy. We need floor debates, not for sound bytes or for political gain, but to move policy forward. Today's guest is Bruce Schneier. Bruce is an internationally renowned security technologist called The Security Guru by The Economist. He is the author of over a dozen books including his latest, A Hacker's Mind. He has testified before Congress, is a frequent guest on television and radio, has served on several government committees, and is regularly quoted in the press. He is a fellow at the Berkman-Klein Center for Internet and Society at Harvard University, a lecturer in Public Policy at Harvard Kennedy School, a board member of the Electronic Frontier Foundation and AccessNow, and an advisory board member of EPIC and VerifiedVoting.org. Show Notes: [1:40] - Bruce shares what he teaches at Harvard and the current interest in policy. [4:27] - The notion that tech can't be regulated has been very harmful. [6:00] - Typically, the United States doesn't regulate much in tech. Most regulation has come from Europe. [7:52] - AI is a power magnification tool. Will the uses empower the already powerful or democratize power? [9:16] - Bruce describes loopholes and how AI as a power magnification tool can mean something different in different situations. [12:06] - It will be interesting to watch AI begin to do human cognitive tasks because they will do them differently. [13:58] - Bruce explains how AI collaboration can be a real benefit. [16:17] - Like every text writer, AI is going to become a collaborative tool. What does this mean for writing legislation? [17:18] - AI can write more complex and detailed laws than humans can. [21:27] - AI regulation will be skewed towards corporations. Bruce explains how public AI could work. [23:46] - Will AI help the defender or the attacker more? [26:19] - AI can be good against legacy, but we need some sort of infrastructure. [29:27] - There's going to be a need for proof of humanity. [32:29] - It is hard to know what people can do to help move regulation along. Ultimately, it is a political issue. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Schneier on Security

Security risks are dynamic. Projects, employees, change, tools, and configurations are modified. Many companies utilize PEN testers on an annual basis, but as quickly as systems are revised, you may need to implement threat emulation for regular monitoring.  Today's guest is Andrew Costis. Andrew is the Chapter Lead of the Adversary Research Team at Attack IQ. He has over 22 years of professional industry experience and previously worked in the Threat Analysis Unit Team at Firmware, Carbon Black, and Logrhythm Labs, performing security research, reverse engineering malware, and tracking and discovering new campaigns and threats. Andrew has delivered various talks at DefCon, Adversary Village, Black Hat, B Side, Cyber Risk Alliance, Security Weekly, IT Pro, Bright Talk, SE Magazine, and others. Show Notes: [1:14] - Andrew shares his background and what he currently does in his career at Attack IQ. [3:49] - At the time of this recording, there has been a major global security panic. [6:06] - There are many programs that we use on a regular basis that we don't always consider the security of. [8:09] - Historically, companies would pay for an external pen test. Andrew describes the purpose of this and how they usually went. [9:33] - Pen tests and threat emulation do not need to be limited to just once a year. [10:45] - Andrew's team is in the business of testing post-breached systems. But they preach prevention. [11:55] - Attackers are lazy in the sense that they will reuse the same strategies over and over again. [14:13] - Many programs we use may be caught in the crosshairs of attacks and vulnerabilities in other companies. [16:41] - Andrew discusses the frequency of really critical CVEs. [19:01] - What do attackers go after when they've breached a system? [21:04] - The priority for attackers is to get in quickly and make the victim's data unavailable. [22:24] - A lot of people are under the impression of vulnerability testers. “Fire and forget it” is not a beneficial mindset. [24:56] - If we run every test, the amount of data will be overwhelming. [27:03] - In his experience, there has been client testing that has been overwhelmingly easy to breach. [29:07] - There are also organizations that have done a fantastic job. However, vulnerabilities will still be found. [30:18] - The red team is not going to be able to cover your entire organization. [32:15] - Threat emulation and pen testing are technically the same thing. Andrew explains how she sees the difference. [33:50] - How are vulnerabilities and tests prioritized? [36:19] - Andrew describes the things his team works on and their objectives for customers and clients. [38:34] - The outage at the time of this recording had a big impact. It gave a really good idea of what could happen if it were a real security breach. [41:37] - There are a ton of free resources out there. The primary resource at Attack IQ is the free Attack IQ Academy. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Andrew Costis at Attack IQ

Police in Columbus, Ohio are called to a grocery store for a reported assault. In Mississippi, local police are called to an apartment complex for a fight and find a woman dead. A Northern California woman convicted for the death of her two-year-old daughter was sentenced last week. And in Houston, a carjacking at the end of August left an elderly veteran dead. Police have finally captured the suspect.X: @SAS_DailyInstagram: @swordandscaledailyConsider joining PLUS+ at swordandscale.com/plus

Ransomware may not be on your machines due to your negligence or mistakes. It could be there because of third-party software you are utilizing. Do you know what to do if this happens to you?  Today's guest is Amitabh Sinha. Amitabh has a PhD in Computer Science and more than 20 years of experience in enterprise software, end-user computing, mobile, and database software. He co-founded Workspot in 2012. He was the General Manager of Enterprise Desktop and Applications at Citrix Systems. In his five years at Citrix, he was the VP of Product Management for XenDesktop and VP of Engineering for the Advanced Solutions Group. Show Notes: [1:03] - Amitabh shares his background and current role and contributions at Workspot. [4:35] - The first sign of ransomware in an organization is widespread blue screens and Microsoft machines shutting down. [5:40] - How does ransomware find its way to a device? [6:59] - Ransomware in your organization is not necessarily your fault. [10:37] - Amitabh describes how he has helped client organizations back up and running after having been infected with ransomware. [13:11] - Typically, it is not recommended to pay the ransomware, but it may be a viable option for some organizations. [15:59] - Most small companies are not prepared to prevent or handle ransomware. [17:34] - In most large companies, not all PCs are up to date on security patches. [20:41] - Cloud storage is much safer and can be accessed on other physical machines in the event that ransomware shuts down an organization. [24:41] - For those who work from home, sometimes multiple machines makes things even more complicated. [27:35] - What are you willing to pay to not have something happen? That's how ransomware takes advantage of people. [31:20] - For small companies, there is typically an architectural solution, but that isn't always viable for large organizations. [33:14] - Consider the critical functions of your organizations and what a plan could be if computers were not accessible. [34:37] - These types of attacks are more and more frequent. [36:44] - Amitabh is confident that AI will make preventing ransomware even more challenging. [40:38] - Most people have accepted that a lot, if not all, their information has already been leaked on the internet. But businesses are particularly vulnerable. [42:30] - A whole organization can be drastically impacted by just one machine being hit by ransomware. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Amitabh Sinha on LinkedIn Workspot.com

We all use technology. Things like internet browsers, search engines, instant messaging, and payment apps. But we aren't always aware of the data being collected. This information can not only impact your privacy, but those around you as well. Today's guest is Carey Parker. Carey is the author of Firewalls Don't Stop Dragons, a step-by-step guide to computer security and privacy for non-techies. He also hosts a podcast by the same name. He recently retired from a career in software engineering to focus on teaching others how to defend their digital devices and protect their personal data. Show Notes: [0:53] - Carey shares his background and what provoked the motivation for a career shift. [4:07] - If we all did the small things that protect privacy, we would all be stronger. [5:20] - Even if you have already shared a lot of your information online, it is not hopeless and it's not too late. [6:32] - Your security and privacy overlap with other people's. [8:35] - We need to be protecting privacy for all of us, not just ourselves as individuals. [10:17] - Carey explains why and how apps and companies collect data. [11:48] - Foreign governments would love to get their hands on the data that is collected by countless companies and apps. [13:53] - Data is valuable to software developers for honest reasons. Collecting data isn't inherently bad. [17:16] - When determining what connection to use, you are trading off who you trust - your ISP, the public wifi connection, or a VPN. [23:10] - Carey shares some easy things you can change right now to protect your privacy. [25:25] - Companies love to get your email address and your phone number. These become unique identifiers. [27:05] - Search engines collect data as well. This is important to remember. [28:05] - Payment apps are another obvious type of website that collects data. Which ones should you avoid? [30:32] - There is value in social media. Make sure the things you post are not public by default. [32:19] - Metadata and location tools are used on any social media image. [34:37] - Messaging apps collect data and share it. There is a gold standard app though that Carey suggests. [36:31] - Email is trickier because it is open standard. It wasn't designed with encryption in mind. [38:55] - Carey discusses automated AI systems like Alexa. [41:26] - When using AI tools, assume that the information is collected and could be public. [42:35] - Car privacy is horrible and there is almost nothing you can do about it. [46:18] - It is not true that you need to give up privacy for security. Carey discusses the differences. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Firewalls Don't Stop Dragons Website Firewalls Don't Stop Dragons Podcast Firewalls Don't Stop Dragons by Carey Parker

Finding a solution to stop spam calls to you, your family, or your business isn't easy. We may not win this war, but we don't want the government making this decision for us. We can make it more manageable in the meantime. Today's guest is Aaron Foss. After winning the FTC Robocall Challenge in 2013, Aaron started Nomorobo. Since then, Nomorobo has stopped billions and billions of unwanted robocalls and spam texts from reaching our phones, and it was acquired by Applause group in August 2023. Aaron has been featured in The New York Times, Wired, CNN, CNBC, Fox News, and countless other media outlets. He has testified in front of Congress, not once, not twice, but three times. Show Notes: [1:14] - Aaron shares his background as a serial entrepreneur in the intersection of technology and business. [3:57] - At the beginning, Aaron didn't even know what a robocall was. [6:47] - Robocalls have this negative connotation. They can actually be good. But there are many that are unwanted. [8:13] - There are different types of robocalls and there is a differentiation between spam and scam calls. [10:08] - Aaron explains why spam emails are easier to block than robocalls. [12:20] - There are some robocalls that are necessary and helpful for some people. That is one reason why not all robocalls can be blocked. [13:40] - Not answering the phone is not a plausible solution. [15:50] - Nomorobo is basically a series of bots talking to other bots. [16:50] - Aaron describes caller ID and how spoofing a number is possible. [19:42] - This is such a big problem because the barrier of entry is low. [21:08] - It is amazing that we can call anyone in the world. But that also means that scammers can, too. [22:53] - This is a complicated problem, and the future solution is a combination of government regulation, companies like Nomorobo, and AI. [26:29] - We are never going to win the war, but we can keep it manageable. [29:45] - What is the role of the carriers when it comes to robocalls? [31:47] - Keeping scammers on the phone does not make the problem go away. [33:52] - Some scams are seasonal and some are evergreen, like Medicare calls. [36:26] - Aaron explains the different ways these scams can be done and the range of damage they can do. [39:56] - At best, this is an annoyance. But there are people in our lives that are vulnerable and less protected. [44:42] - Sometimes, Nomorobo users have to turn it off for specific reasons and specific calls they're waiting for. [47:56] - This problem is an example of “death by a thousand papercuts.” [49:30] - There are some red flags and things you might notice if you answer robocalls that could indicate that they are scams. [50:46] - This seems like an easy problem to solve, but it is far more complicated than most people think. [52:00] - Aaron describes what it was like to testify in front of Congress. [56:43] - Listen and educate yourself. Talk to other people about these things. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Nomorobo Website

Most businesses rely on some type of software, either for scheduling, payment, banking, customer lists, or something else. It's important to know where this information is stored and what would happen if that software was hacked or you weren't able to access it. Today's guest is Kris Burkhardt. As Accenture's Chief Information Security Officer, Kris leads a team of over 800 security experts charged with protecting company client and customer data.  Show Notes: [0:49] - Kris describes his role at Accenture and what Accenture is known for in the security industry. [2:26] - Part of their program is sending phishing tests and Kris has failed one before as well. It happens, especially when we are in a rush. [5:39] - We are so highly connected that when something goes down, it impacts us in ways we never considered. [7:10] - Many small businesses rely on software service providers because there is a lot of good about them. But what happens when they go down? [9:56] - Defenders have to get it right all the time. [11:13] - The last ten years have seen an immense amount of growth in how we store data. We have to stay ahead of change when it comes to security. [13:59] - It is hard to understand how much we rely on technology. [17:34] - Kris describes a time when the CEO of Accenture was used in a deep fake and the threat actor was very clever. [21:17] - Kris believes that advances in technology will make it harder to pretend to be someone else. [23:20] - Children are growing up in a technological world and are naturally more skeptical and cautious as a result. [25:49] - Safety has always been an afterthought. [27:15] - Kris shares what he thinks scams and deep fakes will look like in the near future. [30:12] - Pay attention to things that don't seem consistent. [32:57] - People feel like there is a trade off when it comes to efficiency and security. [39:37] - Having a plan ahead of time is absolutely beneficial in staying ahead of security problems. [44:25] - As deep fakes become more and more of a problem, Kris suggests having code words with family members. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Accenture Website

Is it right for parents to be the ones to have to put limits on their children's screen time or to monitor the content they consume? Knowing the impact of social media and kids can influence the decisions that are made. Today's guest is Steve Lazarus. Steve is a retired FBI agent, crime fiction author, and Instagram influencer specializing in personal and child safety topics. Show Notes: [0:42] - Steve shares his background and his career history in the FBI and the military. [4:02] - For a long time, Steve was anti-social media. However, since the publication of his book, he has garnered a significant social media following. [5:50] - He started his Instagram with posts of things that he would never do as a retired FBI agent. [7:08] - Steve describes the post that went super viral on TikTok and Instagram. [9:00] - Parents need to know what their kids are looking at on the internet and control the amount of access they have online. [10:40] - Sextortion is a very real and serious problem, especially for young boys. [12:27] - Always report any case of sextortion or sexual content involving a minor. Law enforcement becomes involved immediately. [14:09] - Steve lists some of the things to look for when children and teens that could be red flags. [16:01] - The internet is on almost every device in your home. A child's access is not limited to just a computer. [17:59] - Covid did not help the increasing amount of time children spend online. [20:52] - We're asking kids to have good judgment without teaching them how. [22:13] - The first question that needs to be asked by anyone, but especially a child is, “Do I know this person?” [26:07] - To deal with the digital world now, common sense is crucial and we can't take everything at face value. [27:56] - A relatively new issue is AI generated images that are very convincing and look so real. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Steve Lazarus Author Website Steve Lazarus on Instagram Steve Lazarus on TikTok

Synthetic IDs can be used to open fake accounts, but without a person to file the fraud claim, how should companies deal with this type of deceit? There is no crime where someone doesn't need to pay for the loss. Either way, the loss is passed on to the consumers in some way or another.  Today's guest is Steve Lenderman. Steve is currently the Head of Fraud Solutions North America at Quantexa and has over 25 years of experience in financial crimes investigation. His previous roles include being the Senior Vice President of Fraud Prevention Investigations at Bank Mobile Technology, the Director of Strategic Fraud Prevention at ADP, and the Fraud Operations Lead for PayPal Business Loans. He is a certified fraud examiner and actively contributes to the anti-fraud community. Show Notes: [1:07] - Steve shares his background and what his current role is at Quantexa. [4:04] - For those who are interested in a career path in cybersecurity or fraud, Steve has some tips. [6:07] - What is synthetic identity? Steve describes what it is and why we should be concerned about them. [8:59] - Although still mostly built around financial data, synthetic IDs have also morphed into other nefarious uses. [10:56] - All fraud in general is underreported, but synthetic IDs are extremely underreported, so data is not accurate, although still very high. [12:37] - Synthetic IDs can be used to open a credit card and then after several purchases, fraudsters leave the card open and unpaid. [14:21] - Some think that synthetic IDs and fake accounts are victimless. [18:59] - To understand how fraud works, Steve had to create synthetic IDs. [22:15] - Over the years, it has gotten even easier to do, which is alarming. [25:13] - Credit repair using a CPN is illegal fraud using synthetic IDs. [26:40] - Synthetics are all built around data and the ease of collecting data in the last few years has increased the ease of creating them. [27:57] - Criminals have learned that they can use synthetic IDs in more ways and in more industries. [31:04] - Small businesses are particularly easy targets for synthetic ID use. [33:16] - It is possible for synthetic IDs to also be used to create a new business. [34:53] - Technology has also made it possible for a deep fake to be created to match a synthetic ID. [36:49] - A lot of synthetic IDs are created with unused credit. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Steve Lenderman's Website Quantexa Website

Criminals do their own recon to study how vendors craft their emails and how they can structure them to match. Scammers know employees are busy and that they want to act promptly on requests, but they also understand it takes time to verify the validity of the email. How do we train employees to know what is real and what isn't? Today's guest is Josh Bartolomie. After joining Cofense in 2018 as the Director of Research and Development, Josh currently serves as the Vice President of Global Threat Services. He has over 25 years of IT and cybersecurity experience. He designed, built, and managed security operations centers, incident response teams, security architecture, and compliance for global organizations.  Show Notes: [1:08] - Josh shares his background and what he does in his current role at Cofense. [4:06] - After all these years, email continues to be an easy way for scammers to target many people at one time and victimize a percentage of them. [5:52] - Wherever there are a lot of people, that is where attackers will go because that is a bigger pool of success for them. [7:08] - You used to be able to block emails with an unsubscribe button, but now we rely on those emails, too. [9:50] - The goal is not to stop them altogether, because at this point it isn't possible. The goal is to dissuade people from clicking links and trusting emails. [11:47] - With AI and LM, crafting emails has never been easier for scammers. [13:48] - Organizations get hit in different ways, but HR generally gets targeted a lot. [16:54] - Intellectual property theft is also a part of email crafting. [20:14] - Chris shares the story of an unfortunate experience. [25:10] - Acknowledge that these things do happen and they can happen to you. [27:33] - Always call the vendor. It's an extra layer and extra work, but never trust an email that says something has changed when it comes to finances. [28:54] - Organizations should have a strong reporting culture. [30:55] - Employees can report emails that seem suspicious. The majority of them are spam emails, rather than scams, but they should be reported. [34:02] - What constitutes a spam email? What is the difference? [36:13] - Organizations tend to cut IT and cybersecurity when there are budget cuts. [39:18] - This is changing every single day. [41:46] - Scammers collect data and create profiles. They are very sophisticated in their strategies to target organizations. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Cofense Website John Bartolomie on LinkedIn

Some scammers love the challenge of deceiving those they target while others are forced to scam. Those that thrive off of destroying others try to heighten your emotions very quickly. Both excited and angry responses can get you into making irrational decisions.  Today's guest is Doug Shadel. Doug is a former fraud investigator and special assistant to the Attorney General at the Washington State Attorney General's office. He served as state director for AARP Washington and Strategy Director for AARP's national anti-fraud efforts. Doug has collaborated on numerous educational videos and academic studies and co-authored five books about fraud. He also co-authored the AARP Fraud Frontier 2021 Report. He is currently Managing Director of Fraud Prevention Strategies LLC, a Seattle-based consulting firm. Show Notes: [1:08] - Doug shares his background and career in fighting fraud. [2:43] - Robo-calls have been a long lasting problem that Doug has been working on with AARP and Nomorobo. [7:11] - Over the years, Doug has interviewed numerous scammers. They all say their primary goal is to get a victim in a heightened emotional state. [9:07] - Doug describes the research that shows when people are in a heightened emotional state, they are more likely to fall victim to a scam. [10:57] - Block the incoming robocalls to begin with to help avoid a scammer manipulating you into a heightened emotional state. [13:17] - It still is very dangerous to answer these phone calls because a lot of them are really persuasive and really good at what they do. [14:34] - There isn't a specific demographic profile. Doug explains what people who fall victim to a scam have in common. [16:49] - The FCC has come down hard on robocallers, but this has just caused scammers to be more careful and even more skilled. [18:09] - Have you recently received calls asking for a donation? Doug describes how these work. [21:12] - The number one red flag of a robocall is the threat of loss. [25:22] - Caller ID is not reliable. It is very common and easy for scammers to spoof a call. [27:48] - There are some legitimate needs for people to be able to spoof a call. [29:42] - Assume it is a scam if you did not initiate the contact. [33:08] - By and large, scammers will not cause violence on a victim, even if they threaten them. They follow the path of least resistance. [36:02] - Doug describes some software he uses to edit videos that incorporates AI. These tools are great, but are also used by scammers. [39:26] - Grandparent scams are really common. Doug describes what people have said after falling victim. [40:40] - There is an illusion of invulnerability. If you are convinced that you are not vulnerable to something, you won't do anything to prevent it. [43:04] - There's a lot more money for scammers to make in scamming an employee of a large company than individuals. [46:10] - The pandemic also had a big impact on the scamming industry. [50:50] - The AARP Fraud Watch Network Helpline is 1-877-908-3360. [53:00] - Always report a scam when you know of one. It helps more than you know. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest

Please stop yourself from saying, “This could never happen to me or my family.” We can all have vulnerable blindspots when it comes to those we love being exploited or endangered. Even the best trained educators can be manipulated into making a mistake. Today's guest is Clayton Cranford. Clayton is the founder of Cyber Safety Cop. He is a retired sergeant from the Orange County Sheriff's Department who served as a school resource officer, juvenile investigator, and behavioral threat assessor. He is one of the nation's leading law enforcement educators on social media, child safety, teen drug abuse prevention, and behavioral threat assessments. He is the author of the definitive parent guide to online safety, Parenting in a Digital World. Show Notes: [1:10] - Clayton shares his background as a school resource officer in 2012, which was the year that saw the adoption of smartphones by teens. [2:48] - It all amounts to a simple and common narrative: a good kid made a bad choice and a parent who had no idea what was going on. [4:08] - The turning point in Clayton's career was his first day as a school resource officer. [6:14] - There are things that parents can do to absolutely make a difference. [8:20] - Technology has changed our kids, particularly their mental health. [10:06] - Schools and counselors are alarmed at the number of children who are struggling with anxiety and depression. [12:50] - Clayton shares some of the data that shows an increase in depression and suicidal ideation in teens. [15:40] - Parents could come together to make real change, but oftentimes, parents don't often make a change until it's too late. [17:51] - A lot of parents are using devices to help their kids regulate their emotions. [21:06] - Boys tend to lean more into video games, but girls tend to spend more time on social media. There are differences in the effect on their brains. [24:52] - When it comes to friends, teens have gone from quality to quantity. [27:02] - Every new generation that is now exposed to social media from the time they are born are experiencing severe mental health concerns. [30:03] - Parenting styles have changed through each generation. [32:03] - Why are parents giving their children phones so young? [36:41] - Clayton says not to give your child a smartphone until high school. [37:48] - There are apps that you can put on your child's phone that will help regulate screen time. [39:45] - Clayton discourages parents from putting technology, particularly mobile devices in your child's bedroom. [40:49] - Parenting in a digital world is more about how to talk to your children than telling them what they should and shouldn't do. [42:16] - Snapchat is an especially big problem. How can we have this conversation? [44:51] - The number 1 app that puts drugs in a child's hands is Snapchat. [45:50] - Your relationship with your child is important, but you need to be aware of what each app can do and what it can lead to. [47:10] - Parents are saying that they are glad they didn't have the internet when they were growing up. [49:02] - Interacting online takes away the sense of consequence that we feel when we interact in person. [52:10] - The way kids think is normal. But they don't understand the consequences of their online behavior. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Cyber Safety Cop Website Parenting in a Digital World by Clayton Cranford

Thieves used to rob banks and steal physical money, but in a digital world, it is much easier to sit behind a keyboard and deceive you into giving it to them. Fortunately, there are specific things you can do to protect your finances before scammers get into your accounts. Today's guest is John Buzzard. John is a nationally recognized financial industry fraud expert who has delivered significant influence in credit card fraud, risk, and security services for financial institutions throughout the United States.  Show Notes: [0:56] - John shares his background and what he does currently in the financial industry fraud space. [2:31] - Everything old is new again. Things come back in a cyclical fashion but have a new digital spin. [3:49] - There's a price to pay for convenience especially if we don't keep an eye on things and be aware of what can go wrong. [5:19] - Be conscious of where you bank and make purchases. [7:46] - Set up alerts so any activity in your bank accounts, including deposits, is made known. [11:34] - There are different viewpoints on freezing your credit. [17:15] - There are some capabilities in apps that can block certain types of activity. [20:35] - During and post-Covid, we have gotten into a “tap and go” contactless experience when making purchases. [22:20] - New payment techniques are safe. John discusses Apple Pay as something secure that he likes to use for safety and convenience. [25:40] - John explains card chips and what happens when they aren't working. [27:59] - If there is fraud, it is handled differently if it is a chip transaction or a mag swipe. [31:01] - John shares an experience in wanting to create a new PIN for an account. [33:39] - What shouldn't you share on social media to help prevent scams and fraud? [37:54] - When you have a complete stranger reaching out to you, no matter how they do it, they're job is to get you disturbed and upset so that you react. [40:24] - Speaking in passcodes and passphrases is totally acceptable. That is often the thing a criminal does not have, even if they have your password. [44:16] - From a resolution standpoint, when you go to your financial services provider, as a consumer you do have rights. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest John Buzzard on LinkedIn

After a data breach, many criminals are beginning to use deep learning AI to categorize the information they have stolen. They're using a steady amount of micro attacks on individuals and businesses and not just full-scale assaults. Today's guest is Robert Blumofe. Bobby joined Akamai in 1999 to lead the company's first performance team. While serving as one of Akamai's chief architects, he was instrumental in the design and development of their intelligent edge platform which now handles trillions of internet requests daily. Bobby's technical past lends itself to a passion in machine learning and AI and he holds a PhD in Computer Science from MIT. Show Notes: [1:02] - Bobby shares his background and current role at Akamai. [2:32] - When he joined the company in 1999, he didn't really know what Akamai did. [4:29] - Customers recognized that Akamai could have the capabilities to see all the traffic to their websites and potentially block attacks. [7:02] - Machine learning is really remarkable. Akamai has been using deep learning as a tool to solve problems for their security products. [9:25] - AI has become a big part of everything we do. [10:35] - The quantity and quality of the data used by AI is what differentiates the machine learning and models of an enterprise. [12:36] - Bobby discusses what the next five years could look like for cyber criminals. [15:24] - Criminals only need one success out of thousands or millions of targets. [17:32] - Social media platforms really do want to do the right thing but there's only so much they can do. [18:39] - As a consumer, you have to be on guard and not necessarily trust where information is coming from. [20:42] - Any new significant development in technology is hard to differentiate from magic, especially in the early days of development. [23:04] - Machine learning is remarkable and as a technologist, Bobby wants to love it. But there are so many examples of misuse. [25:29] - Use the technology, but check the output. [29:10] - When solving a simple problem, does the AI really need to know everything? They access so much data that isn't useful. [31:19] - Just because an entity can carry on a conversation, doesn't mean it has authoritative knowledge. [33:04] - What is zero trust? [34:51] - A misconception is that AI will take over and plan like sci-fi movies. [39:11] - You need to have all the checks and balances in critical areas. [42:07] - Leadership in organizations needs to prioritize efforts and be very involved. [44:52] - We need to assume that AI will continue to develop and criminals will continue misusing the technology in new ways. [47:23] - The changes and advances have been so fast recently, that we may need the opportunity to pause. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Akamai Website Robert Blumofe on LinkedIn

AI search tools are being used by criminals to sort through data breaches and data dumps they've stolen to target as many individuals as possible. After your phone has been swapped, they'll have the ability to access all your SMS messages and phone calls. But there are precautions you can take.  Today's guest is Mark Kreitzman. Mark is a seasoned cybersecurity expert with over 20 years of experience in building cybersecurity companies. Mark brings insights into evolving threats facing mobile security and data privacy. His expertise in our increasingly mobile world makes him a valuable resource in discussing how to mitigate your risks as it pertains to mobile communications. Show Notes: [1:02] - Mark shares his background in cybersecurity and what he does now in his career. [2:08] - In 2017, Mark experienced a SIM swap scam. [5:30] - He used his anger and paranoia to help develop Efani, a cybersecurity focused mobile service. [8:51] - When you get SIM swapped and the carrier recognizes that you've been attacked, they go into liability protection mode. [11:16] - Mark shares some of the details of what happened in his experience and explains that he still doesn't know if he was specifically targeted. [14:00] - Through fraud, scammers can actually become resellers. [17:27] - SIM swapping started as a way to target and harass celebrities. [20:52] - Once scammers have information, they can get into many different accounts because people tend to use the same passwords. [23:14] - Everybody's information is floating out there. Data breaches give scammers and fraudsters access to so much. [24:19] - Mark describes what you will see on your phone from your end when a SIM swap scam has occurred. [28:42] - Efani is a mobile service provider. Mark explains how they are different. [31:28] - With a $5 million insurance policy, Efani does everything possible to protect it. [34:54] - Efani is extremely busy because there are so many cases of this problem. [37:07] - When you give a carrier your social security number to open an account, you are essentially opening a credit account. [39:58] - Unfortunately, many people don't know about this type of scam. It is a silently growing trend. [42:08] - With Efani, mobile carriers are never given a customer's information. [45:45] - Mark tends to live on the paranoid side after being a victim of this type of scam. He shares what he does when he travels. [49:05] - Using a VPN while traveling is a great idea to help protect yourself. [51:44] - Right now, Efani has a promo code you can use for your plan just for Easy Prey listeners: Efani.com/EasyPrey  Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Efani Website Efani.com/EasyPrey