Trust me, I’m legit.
This week, while Maria Varmazis (also host of the T-Minus Space Daily show) is out at a conference, hosts Dave Bittner and Joe Carrigan are joined by friend of the show Michele Kellerman, as they are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Our hosts start with some follow-up on Joe’s egg story, including his latest update and a brief detour into unexpected “big chicken news.” Joe’s story is on a massive USDA loan fraud scheme where Nikesh Patel fabricated fake government-backed farm loans, duped investment firms out of hundreds of millions of dollars, and continued running similar scams under aliases and even from prison, ultimately earning decades more in sentencing. Michele’s story is on a breaking report about the ShinyHunters group using targeted voice phishing and custom phishing kits to abuse Okta SSO, steal MFA credentials, and gain privileged access for data theft and extortion. Dave’s story is on LastPass warning users about an active phishing campaign impersonating the company, designed to steal master passwords and potentially expose all credentials stored in affected vaults. Our catch of the day comes from the Reddit, where two people we're approached by scammers through text messaging and both dealt with their scammers in different ways.
Resources and links to stories:
- Sticky Fingers: USDA Fraudster Steals $200M in Stunning Scam
- Formerly Married Couple Sentenced For Multi-Million Dollar Fraud Schemes
- A new wave of ‘vishing’ attacks is breaking into SSO accounts in real time
- LastPass Warns of Phishing Campaign Attempting to Steal Master Passwords
Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
