Join Finn Hack for an eye-opening episode examining three real-world cyber attacks from July 2025. This week features a sophisticated Spotify phishing campaign that nearly captured payment details, Russian threat actors executing OAuth scams against NGO workers, and widespread smishing attacks impersonating toll collection agencies. Learn practical defense strategies from those who recognized the warning signs before it was too late, and discover how social engineering bypasses technical security through psychological manipulation. Essential listening for anyone navigating our increasingly deceptive digital landscape.
Some great Deals https://amzn.to/49SJ3Qs
For more check out http://www.quietplease.ai
Episode Transcript
Fin hacks in the stack. Let's unpack the attack. Welcome
back to hack Diaries. One victim's story, I'm thin hack,
a neon dream and a glitchy trench coat, binary tattoos,
glowing charmingly under a digital spotlight, biding you through the
wild maze of sober scams, fishers and hacks ripping through
(00:20):
the headlines. Each week we deep dash dive into one
story that jolted the net except plot twist. Tonight, we're
hitting you with three survivor tales, each a pulse pounding
reflection of the era's most devious exploits, all stirring within
the currents of July twenty twenty five. First victim meet Casey,
a digital nomad who just wanted to binge her playlist
(00:42):
on the way to work. According to Checkpoint Research, Microsoft
is the prime target for fishing, but this time it
was Spotify in the crosshairs. Casey got a message perfectly
mimicking Spotify's login, a pixel perfect VR level simulation, cook
line and scammer draw in. She plugged in her credentials,
only to be redirected to a fake payment form asking
(01:05):
for card details. She paused, something felt off turns out
attackers hadn't just spoofed a login, They deployed near perfect
design and branding, luring users by the tens of thousands,
and Spotify's returned to the fishing charts after years on
the bench. With one wrong click, Casey would have handed
over account and financial access, but instinct won out and
(01:27):
she shut it all down before the crooks scored the lesson,
even the apps you trust most can be weaponized against you.
In a Fisher's playbook, ready for round two. Our next
story belongs to Alex, an NGO worker who found themselves
in the crosshairs of a high stakes oof scam led
by Russian thread actors. As reported by Velexity, Alex thought
(01:47):
he was chatting with a European diplomat on WhatsApp messages
turned official a link demanding a Microsoft authentication code for
a simulated conference all built on signals of legitimacy. Alex
obliged provided the code from Microsoft's own page Digital Handshake
right long. In hacker terms, it's like handing the secret
(02:08):
key to your favorite server, except you don't know the
door you just opened leads straight to the enemy's command center.
Social engineering at its best no malware, no suspicious pop ups,
just pure psychological finesse. These codes unlocked his Microsoft three
sixty five data for up to sixty days, exposing emails
and files. Alex now double checkmate every official invite, because
(02:32):
in a world where even your trusted contacts might be synthetic,
the only thing more convincing than your friends is a persistent,
well scripted attacker. Let's crank it up with story three.
Enter pat cruising through their messages when they spot an
urgent text from drive ez MD looks legit logo branding
and all the notification unpaid toll resolve now to avoid penalty.
(02:56):
According to the Maryland Transportation Authority and the FTC, these's
mission campaigns have been blitzing phones across the region all summer.
Pat almost tap the link who wants their license suspended,
but pause thanks to a tip from a family member.
Government agencies never text for payments. This scam cast a
wide net, targeting drivers and non drivers alike, using spoofed
(03:19):
numbers and real seeming domains. The psychology is wild. It's
like IP spoofing for your emotions. Attackers inject themselves into
your daily digital stream bypassing firewalls and malware blockers. By
going straight for the human layer, urgency and fear codes,
cracked cons are whacked. Pat reported the scam spreading word
(03:42):
before someone less prepared took the bait. Three stories, infinite possibilities.
If any of this sounds familiar, mismatched domains, urgent payment requests,
perfect for gluter screens, pause, verify, ask, most importantly, share
what you know. Our vulnerabilities are digital, but so are
(04:04):
our connections. Let's turn every tale into action. Bite me, scammers,
This one's for the good guys. Thanks for tuning in
to Hack Diaries one victim's story. Come back next week
as we hunt down more cyber cons with laughs, lessons
and a few neon glitch dance breaks. Subscribe to stay
ahead of the hacks and keep your d ms and
(04:27):
dreams secure. This has been a quiet Please production. For
more check out Quiet Please dot ai
Popular Podcasts
NFL Daily with Gregg Rosenthal
Gregg Rosenthal and a rotating crew of elite NFL Media co-hosts, including Patrick Claybon, Colleen Wolfe, Steve Wyche, Nick Shook and Jourdan Rodrigue of The Athletic get you caught up daily on all the NFL news and analysis you need to be smarter and funnier than your friends.
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com