October 21, 2025 • 5 mins
Tune in as cyber detective Finn Hack exposes 2025's most dangerous digital scams. This episode reveals how hackers are impersonating password managers, weaponizing innocent SVG files, and bypassing two-factor authentication with the new Whisper 2FA technique. Discover how real victims like Tony the pizza shop owner and Mark the freelance designer lost control of their digital lives, and learn practical defense strategies to protect yourself from these sophisticated cons. Essential listening for anyone who values their online security in an increasingly deceptive digital landscape.
Some great Deals https://amzn.to/49SJ3Qs
For more check out http://www.quietplease.ai
This content was created in partnership and with the help of Artificial Intelligence AI
Some great Deals https://amzn.to/49SJ3Qs
For more check out http://www.quietplease.ai
This content was created in partnership and with the help of Artificial Intelligence AI
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:00):
Thin hacks in the stack. Let's unpack the attack. Welcome back,
listeners to another electrifying episode of swipe Stories Caught in
the Cohn. I'm your hot Wired host, Thin hack neon
green hair sparking, glitch coat flickering, and tattoos streaming down
my synthetic arm. You know the look. Tonight, I'm downloading
(00:20):
three sinister swipe stories straight from the binary underbelly of
twenty twenty five's Internet. You ready for some wild revelations,
chillworthy twists, and a few laughs. So hard you glitch tangents.
Let's ride the wavelength. First off, let's jack into the
pulse of fishing, hook line and scammer. Have you noticed
(00:40):
your inbox is suddenly overflowing with ultra legit security alerts
from your favorite password manager. Urgent security breach detected. Download
this update now, the panic is real? Right, According to
Craig Peterson, that's exactly what happened to Tony, a pizza
joint owner in Jersey. He gets a christ emails saying
(01:01):
his bitword and account's been hacked. Looks perfect logos, layout,
even the footer all spot on. Tony thinking fast, but
not quite hacker fast. Clicks the link downloads what he
thinks is a protective patch. Turns out it's actually remote
access malware. The scammers waltz through his business like it's
(01:22):
an open buffet, banking customer data, even the pizza recipes.
But here's the twist. None of the password managers from
last pass to one password wherever actually hacked, not a slice.
These goons just cracked his human firewall. These fishing storms
are flooding inboxes nationwide using AI to mimic every phrasing
(01:44):
and panic button companies have ever used passwords, pinched accounts, hijacked.
Tony's now schooling every customer. Trust the website, not the
wild email. Remember, never download anything from an email, even
if it's dressed up prettier than a deep dish. Next,
fry up your neurons for story number two, because SVG
(02:07):
is no longer just designer jargon. It's the file type
con of the season. Hawk's Hunts got the scoop. There's
a new fish in the digital pond, and it's catching
prey with a shimmering net. Imagine you get an official
looking DOCU sign email about a bonus list, or maybe
an HR memo promising a salary boost. The catch. The
attachment is a CVG file, a seemingly innocent image, but
(02:30):
open it up and bam, Suddenly you're prompted to type
in your password for verification. The file, camouflaged under styles
in Base sixty four code instantly vaporizes your credentials straight
to a Microsoft lookalike form. These SVG phishing attacks spiked
from a blip to nearly fifteen percent of all attachment
(02:50):
based fishing in March twenty twenty five alone. Why is
this working because email gateways see SVG as a harmless picture,
missing the code coiled inside. It's like hiding a snake
in a light show. SVG files simple, shiny, and strategic,
a coder's perfect digital smoke screen. Codes cracked, cons are whacked,
(03:13):
And for our third twist, slip on your two factor
shields because even multi factor authentication isn't unhackable anymore. Barracuda's
Hot off the Wire research reveals the rise of whisper
to f, a phishing as a service beast with an
appetite for credentials. Since July twenty twenty five, it's been
behind nearly a million phishing attempts. Here's how an actual
(03:37):
campaign rolled out. Mark, a freelance designer, gets an urgent
Microsoft three sixty five message about an unpaid invoice. He
clicks and a log informs snacks as username and password,
but then it asks for his two factor code. Whisper
to f aj wizardry to capture and relays both credentials
and codes in real time, like a live wire between
(03:59):
Mark browser and the cybercrooks command center. This kit validates
stolen one time codes on the fly, blasting through multi
factor armor like it's made of digital cheese. These fishing
kits now drop the gimmicks, no more obvious spelling errors
or wonky URLs. Instead, it's endless loops, anti debugging, booby traps,
(04:20):
and instant relay to the perpetrators. Mark loses access, work, money,
even digital sketches all snatched because the scam made his
two factor protection obleased. The can out codes the code,
but hang tight because layered security and phishing resistant MFA
are still leveling up listeners. Tonight's tales might have you
(04:41):
triple checking every email, every log in, every click here,
Quickly urge, that's exactly the right energy. Bite me, scammers.
This one's for the good guys, up your skepticism game,
pump those digital brakes, and don't let the hustlers hustle you.
Thank you for tuning in to Slipe stories Cotton Lican
(05:02):
hit that. Subscribe if you crave more high voltage digital drama,
and come back next week as I dig up more
tales from the dark side of your favorite swipe. This
has been a quiet please production. For more check out
Quiet please dot Ai, stay sharp, stay skeptical, and stay electrified.
Fin hack logging out
Thin hacks in the stack. Let's unpack the attack. Welcome back,
listeners to another electrifying episode of swipe Stories Caught in
the Cohn. I'm your hot Wired host, Thin hack neon
green hair sparking, glitch coat flickering, and tattoos streaming down
my synthetic arm. You know the look. Tonight, I'm downloading
(00:20):
three sinister swipe stories straight from the binary underbelly of
twenty twenty five's Internet. You ready for some wild revelations,
chillworthy twists, and a few laughs. So hard you glitch tangents.
Let's ride the wavelength. First off, let's jack into the
pulse of fishing, hook line and scammer. Have you noticed
(00:40):
your inbox is suddenly overflowing with ultra legit security alerts
from your favorite password manager. Urgent security breach detected. Download
this update now, the panic is real? Right, According to
Craig Peterson, that's exactly what happened to Tony, a pizza
joint owner in Jersey. He gets a christ emails saying
(01:01):
his bitword and account's been hacked. Looks perfect logos, layout,
even the footer all spot on. Tony thinking fast, but
not quite hacker fast. Clicks the link downloads what he
thinks is a protective patch. Turns out it's actually remote
access malware. The scammers waltz through his business like it's
(01:22):
an open buffet, banking customer data, even the pizza recipes.
But here's the twist. None of the password managers from
last pass to one password wherever actually hacked, not a slice.
These goons just cracked his human firewall. These fishing storms
are flooding inboxes nationwide using AI to mimic every phrasing
(01:44):
and panic button companies have ever used passwords, pinched accounts, hijacked.
Tony's now schooling every customer. Trust the website, not the
wild email. Remember, never download anything from an email, even
if it's dressed up prettier than a deep dish. Next,
fry up your neurons for story number two, because SVG
(02:07):
is no longer just designer jargon. It's the file type
con of the season. Hawk's Hunts got the scoop. There's
a new fish in the digital pond, and it's catching
prey with a shimmering net. Imagine you get an official
looking DOCU sign email about a bonus list, or maybe
an HR memo promising a salary boost. The catch. The
attachment is a CVG file, a seemingly innocent image, but
(02:30):
open it up and bam, Suddenly you're prompted to type
in your password for verification. The file, camouflaged under styles
in Base sixty four code instantly vaporizes your credentials straight
to a Microsoft lookalike form. These SVG phishing attacks spiked
from a blip to nearly fifteen percent of all attachment
(02:50):
based fishing in March twenty twenty five alone. Why is
this working because email gateways see SVG as a harmless picture,
missing the code coiled inside. It's like hiding a snake
in a light show. SVG files simple, shiny, and strategic,
a coder's perfect digital smoke screen. Codes cracked, cons are whacked,
(03:13):
And for our third twist, slip on your two factor
shields because even multi factor authentication isn't unhackable anymore. Barracuda's
Hot off the Wire research reveals the rise of whisper
to f, a phishing as a service beast with an
appetite for credentials. Since July twenty twenty five, it's been
behind nearly a million phishing attempts. Here's how an actual
(03:37):
campaign rolled out. Mark, a freelance designer, gets an urgent
Microsoft three sixty five message about an unpaid invoice. He
clicks and a log informs snacks as username and password,
but then it asks for his two factor code. Whisper
to f aj wizardry to capture and relays both credentials
and codes in real time, like a live wire between
(03:59):
Mark browser and the cybercrooks command center. This kit validates
stolen one time codes on the fly, blasting through multi
factor armor like it's made of digital cheese. These fishing
kits now drop the gimmicks, no more obvious spelling errors
or wonky URLs. Instead, it's endless loops, anti debugging, booby traps,
(04:20):
and instant relay to the perpetrators. Mark loses access, work, money,
even digital sketches all snatched because the scam made his
two factor protection obleased. The can out codes the code,
but hang tight because layered security and phishing resistant MFA
are still leveling up listeners. Tonight's tales might have you
(04:41):
triple checking every email, every log in, every click here,
Quickly urge, that's exactly the right energy. Bite me, scammers.
This one's for the good guys, up your skepticism game,
pump those digital brakes, and don't let the hustlers hustle you.
Thank you for tuning in to Slipe stories Cotton Lican
(05:02):
hit that. Subscribe if you crave more high voltage digital drama,
and come back next week as I dig up more
tales from the dark side of your favorite swipe. This
has been a quiet please production. For more check out
Quiet please dot Ai, stay sharp, stay skeptical, and stay electrified.
Fin hack logging out
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies!
The Breakfast Club
The World's Most Dangerous Morning Show, The Breakfast Club, With DJ Envy, Jess Hilarious, And Charlamagne Tha God!