Join cybersecurity expert Finn Hack as he breaks down three sophisticated phishing operations targeting everyday users. Learn how PayPal impersonators use IP spoofing to gain account access, discover the DocuSign deception involving fake Apple Pay charges, and explore the Baltimore BEC attack that cost the city over $1.5 million. This eye-opening episode provides essential digital self-defense strategies against social engineering tactics that bypass even advanced security systems. Perfect for tech enthusiasts, privacy advocates, and anyone who values their online security in an increasingly deceptive digital landscape.
Some great Deals https://amzn.to/49SJ3Qs
For more check out http://www.quietplease.ai
Episode Transcript
Tin hacks in the stack. Let's unpack the attack. Hey listeners,
thin here your binary blessed? Confident with me on hyphen
greenlocks brighter than a fishing alert and a trench coat
glitchier than an outdated firewall. Welcome to hack Diaries, One
victim story Tonight. I'm guiding you through a wild labyrinth
where human error and trickster code collide, serving up three
(00:20):
tails straight from the digital trenches, primed for your devices,
and write off the trending wire. First up PayPal, phantoms
and the krack and con imagine waking up to an
email from service at PayPal dot com saying you owe
nine hundred ten dollars and forty five cents to a
crypto exchange called Kraken. Panic taps your veins. Did I
(00:41):
get hacked? You click their official looking link, thinking you'll
dispute the charge, but plot twist. Instead of reporting fraud,
you're unwittingly adding a scammer as a secondary user on
your account. This trick uses IP spoofing. Think of it
like someone dressing up as your favorite but serving you
a password latte with extra malware. Once in, these shadowy
(01:06):
fishers can drain your wallet, and you won't notice until
your coffee budgets and shambles. Security experts in social media
saluths track this evolving scheme across X warning legit PayPal
will never skip your name in a message or drop
random greetings. Hook line and scammer ready for round two.
(01:26):
The docu signed deception starring Apple pay imposters, Fox News
and analytics on X have flagged a surge in emails
masquerading his docu sign notifications about sketchy Apple charges. Victims
get what looks like a real e hyphen signature receipt,
complete with logo and a fake bill at a familiar store,
(01:46):
inside a number to call on the line fraudster's suite
hyphen signature receipt. Here's the wild metaphor. Docu Sign's API
is the digital equivalent of a paint by numbers kit.
Scammers exploit the template coloring within the lines to full
spam filters and more dangerously you industry insiders and Apple
(02:07):
itself worn don't call the number, don't click links. If
you do, scammers might hop into your bank or crypto
wallet faster than botmed on Black Friday. The twist these
attacks are so convincing. Even techsav folks have been caught
emphasizing just how fine the line is between trust and betrayal.
In the age of seamless apps, codes cracked, cons are racked.
(02:33):
For our final story, log into Baltimore's bankbuster. Fresh from
Breech News. In early twenty twenty five, an extortion crew
called Shiny Hunters pulled a classic business email compromise b
ec if you speak geek, tricking city employees with a
fraudulent supplier form by impersonating a known contractor and sidestepping
(02:54):
weak identity checks. They updated payment info and re routed
over a million and a half dollar intended for public projects.
Baltimore managed to recover some cash, but the embarrassment and
lessons cut deeper. This isn't just a tech tale, but
a trust fable. Without regular training, even the sharpest civic
team can fall for a digital doppelganger. The difference maker
(03:17):
verification habits like always confirming changes with a phone call,
not email alone. All three stories share a single thread.
Your vigilance is the last defense against clever code and
social engineering, So ask yourself, would you call that number?
Would you click that link? Phishing isn't just a bad
actor in your inbox. It's a social puzzle waiting for
(03:38):
you to misplace your piece. Bite me, scammers, This one's
for the good guys. That's the stack for this episode
of hack Diaries, one victim's story. Thanks for tuning in,
keeping your minds open and your firewalls tighter. Come back
next week for more digital thrillers, strange trends, and untold
tales where zeros and ones decide fates. Subscribe wherever you
(04:00):
get your podcasts. Finn hack out. This has been a
quiet Please production. For more check out Quiet Please dot
ai
Popular Podcasts
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
NFL Daily with Gregg Rosenthal
Gregg Rosenthal and a rotating crew of elite NFL Media co-hosts, including Patrick Claybon, Colleen Wolfe, Steve Wyche, Nick Shook and Jourdan Rodrigue of The Athletic get you caught up daily on all the NFL news and analysis you need to be smarter and funnier than your friends.
The Joe Rogan Experience
The official podcast of comedian Joe Rogan.