Welcome back to CyberDudes! This week, we’re talking about the rise in scams during the holiday season and how we can all avoid falling victim. From fake e-commerce deals to phishing emails, social media traps, and dubious charity appeals, we break down the tactics scammers use to exploit the festive rush. Together, we’re sharing practical tips to protect our money and our peace of mind.

We also highlight a standout story: O2’s clever use of AI to create “Grandma Daisy,” an AI bot designed to waste phone scammers’ time with endless rambling conversations. It’s a brilliant example of how we can use tech to disrupt cybercrime in creative ways.

With Cyber Week, Black Friday, and holiday shopping in full swing, we discuss fake gift card schemes, payment fraud, and the risks of social media promotions. We’re diving into the value of using credit cards for online shopping and exploring why debit cards might not be the safest choice.

Join us as we gear up for the most scam-prone time of the year and work together to stay safe on CyberDudes!

Stories from this episode:

https://www.wired.com/story/trump-administration-cybersecurity-policy-reversals/

https://therecord.media/malware-delivered-by-mail-swiss-cyber-agency

https://www.jpost.com/business-and-innovation/all-news/article-828372

https://www.techspot.com/news/105571-phone-network-employs-ai-grandmother-waste-scammers-time.html

https://www.dhs.gov/news/2024/11/14/groundbreaking-framework-safe-and-secure-deployment-ai-critical-infrastructure

Offers:

Get up to 175k Amex Points with a Platinum Card - https://americanexpress.com/en-us/referral/platinum-card?ref=ROBINTN6e3&XL=MIMNS

Get a $250 bonus when you spend $3k with an Amex Blue Cash Preferred Card - https://americanexpress.com/en-us/referral/blue-cash-preferred-credit-card?ref=ROBINT3nvs&XL=MIMNS

Get a $100 bonus with Discover - https://refer.discover.com/s/robin.t925?advocate.partner_share_id=4724472810

Get a $200 cash bonus with a CapitalOne Quicksilver Card - https://i.capitalone.com/Gg3TIobsQ

Get $10 free Bitcoin when you sign up to Coinbase - https://coinbase.com/join/Z5UAY8C?src=ios-link

Welcome back CyberDudes! This week, Omar breaks down a new DocuSign scam that’s raising eyebrows in the cybersecurity community. Attackers are finding ways to exploit legitimate signatures, making fraudulent invoices look official and bypassing the usual defenses—a reminder of how social engineering tactics keep evolving.

In our feature, we chat with Kenneth Ellington, founder of a cybersecurity academy that’s all about hands-on training in security operations and incident management. Kenneth shares his journey from a Big Four accounting firm to launching his own business, opening up about the balancing act required to build something new while working full-time. His academy’s practical approach has struck a chord with those looking to break into cyber or enhance their skills.

We also explore Kenneth’s experiences with representation in the industry, discussing why diverse leadership matters in cybersecurity. His story reflects a commitment to breaking down barriers and supporting growth, making the cyber field a little more accessible for everyone.

Visit the Ellington Cyber Academy here: https://kenneth-ellington.mykajabi.com/

Alternatively, book a discovery call with Kenneth & his team: https://calendly.com/ellington-cyber-academy/

Links for our stories from this week:

• ​https://www.infosecurity-magazine.com/news/nigerian-sentence-real-estate/
• ​https://therecord.media/moldova-election-winner-pro-west-president-maia-sandu
• ​https://www.bleepingcomputer.com/news/security/germany-drafts-law-to-protect-researchers-who-find-security-flaws/
• ​https://cybersecuritynews.com/hackers-abuse-docusign-api/
• ​https://therecord.media/cisa-2024-presidential-election-threats

Offers:

• ​Get up to 175k Amex Points with a Platinum Card - https://americanexpress.com/en-us/referral/platinum-card?ref=ROBINTN6e3&XL=MIMNS
• ​Get a $250 bonus when you spend $3k with an Amex Blue Cash Preferred Card - https://americanexpress.com/en-us/referral/blue-cash-preferred-credit-card?ref=ROBINT3nvs&XL=MIMNS
• ​Get a $100 bonus with Discover - https://refer.discover.com/s/robin.t925?advocate.partner_share_id=4724472810
• ​Get a $200 cash bonus with a CapitalOne Quicksilver Card - https://i.capitalone.com/Gg3TIobsQ
• ​Get $10 free Bitcoin when you sign up to Coinbase - https://coinbase.com/join/Z5UAY8C?src=ios-link

This week, we bring you quick headlines on a phishing scam targeting online shoppers, Delta’s security update dispute, and a new job scam hitting social media platforms. Then, in our Spotlight stories, we dig into two cases with big cybersecurity takeaways:

Employee Sabotage at Disney: A fired Disney employee retained access and tampered with allergy warnings in food venues, a reminder of the risks poor offboarding can pose.

Halloween Parade Hoax in Dublin: Thousands gathered for a parade that didn’t exist, illustrating how fast misinformation can spread and its potential for real-world impact.

“Cybersecurity teams can only protect what they know exists.” – Robin Thornton

“When being first to publish is prized above all else, it leads to situations where misinformation spreads unchecked.” – Omar Sangurima

Enjoyed this episode? Please give us a follow and leave the show a lovely, juicy 5* rating

In the REAL Episode 13, we tackle pressing topics in cybersecurity, from election integrity to the recent United Health data breach impacting over 100 million people. We explore how these issues underscore broader challenges in data protection and our collective responsibility in cybersecurity. Diving into the influence of misinformation, the role of regulation, and the stakes for securing personal data, we examine why now, more than ever, organizations need to step up.

In this episode:

United Health’s Data Breach Fallout: With over 100 million records exposed, this breach underscores the risks tied to healthcare data, where immutable information like medical history and Social Security numbers are at stake. We discuss the implications for patients, how attackers leverage triple-threat ransomware, and why large organizations still struggle with basic security practices.

Election Integrity and Misinformation’s Growing Threat: Misinformation campaigns are becoming increasingly difficult to combat, especially during politically charged times. We explore how data-driven disinformation impacts U.S. and global elections and why, even with secure voting systems, public mistrust can quickly erode confidence in outcomes.

Executive Accountability in Cybersecurity: We share why executives need to take a proactive stance on cybersecurity, including setting a stronger example across their organizations. We examine how tying executive compensation to cybersecurity standards could shift security culture, incentivizing leaders to adopt a stronger security posture.

Industry Culture & Training the Next Generation: Reflecting on the barriers aspiring cybersecurity professionals face, we chat on the need to foster a more supportive and inclusive environment. Developing diverse talent pipelines is key, and we emphasize the importance of mentorship and skill-building to meet the industry’s growing demands.

“The risk isn’t just about the immediate fallout. When it comes to healthcare data, these breaches leave a lasting mark on people’s lives.” – Robin Thornton

”MFA is just table stakes. If you’re a major player and you’re not doing it, you’re behind.” – Omar Sangurima

If you enjoyed this episode, please give Cyber Dudes a five-star rating on Spotify and subscribe to stay informed on cybersecurity, data integrity, and digital resilience.

Bringing you the news from the last 7 days, this week we have new regulations for New York State hospitals and a $10m bounty on the heads of Russian persons who’ve been running social media pages pushing nationalistic and secessionist sentiment to stoke division in the heart of the USA

This and more in the next 20 minutes…

News Stories in this roundup:

• ​https://therecord.media/russia-revil-hackers-case-sentencing
• ​https://www.bleepingcomputer.com/news/security/amazon-says-175-million-customers-now-use-passkeys-to-log-in/
• ​https://www.cnbc.com/2024/10/15/chinas-new-focus-election-interference-local-state-races.html
• ​https://www.ropesgray.com/en/insights/alerts/2024/10/new-york-state-adopts-cybersecurity-program-and-incident-reporting-requirements-for-hospitals
• ​https://www.theregister.com/2024/10/18/us_rybar_bounty/

If you enjoyed this episode, please do us a solid and like & subscribe. It means a great deal to us 👍🏼

Conspiracies are rife, everyone’s at each others’ throats and nobody trusts the news anymore. But who’s to blame for this state of affairs. Well social media’s certainly enabled it, but there’s a select few parties in the world who are probably responsible for the majority of it. And through our laziness, we, as a society are letting them get away with it.

So in this episode we’re talking misinformation on the internet and the capacity it has to damage the fabric of our democracy

In the news, we talk briefly on the bankruptcy filing by National Public Data, and we examine a new scam spotting tool as well as China’s approach to international espionage and national security

News stories:

• https://therecord.media/national-public-data-bankruptcy-cyberattack​
• https://www.theregister.com/2024/10/10/fidelity_investment_data_breach/
• https://www.infosecurity-magazine.com/news/new-ransomware-groups-emerge-2024/
• ​https://www.infosecurity-magazine.com/news/get-safe-online-launches-new-scam/

If you enjoyed this episode, please do us a solid and like & subscribe. It means a great deal to us 👍🏼

This week on the news there’s ChatGPT powered RayBans that know everything about you, delicious sounding fake update malware and Omar tells us of a YUGE hack against the Dutch police

If you enjoyed the show, please don't forget to like, comment & subscribe

The CyberDudes Podcast on YouTube: @thecyberdudespod

On Spotify: https://open.spotify.com/show/6CXAN0DfurxScPa5UIWDF7

Follow our partner Instagram: https://www.instagram.com/cyber.supersimplecyber?igsh=ejYwYTJ6MHNhZnNv&utm_source=qr

#podcast #cybersecurity #cyber #cyberthreats

The Russian Federation found itself in an odd place following the fall of the Soviet Union. State assets were quickly grabbed up by unscrupulous men in positions of opportunity, creating a new class within the Russian citizenry. With much of the wealth stolen, and lagging its main rival - the USA - technologically, the man who would lead the country for at least a quarter of a century saw an opportunity. Vladimir Putin took lessons from a long career in the KGB and made intelligence and digital espionage the forefront of his military strategy

Elsewhere in the news we have a significant change in recommended password standards from the National Institute of Standards & Technology and alerts from CISA concerning scams related Hurricane Helene.

You can also find us on YouTube for the video version: TheCyberDudesPod - YouTube

If you enjoyed the episode, please don’t forget to subscribe to the podcast