Would You Sell Your Password for $920?

This week on The Awareness Angle, Anthony Davis and Luke Pettigrew dive into a week full of sharp turns—from a teen hacker forcing Microsoft to rethink its bounty program, to hackers hijacking a decades-old video game to take control of PCs. Also in the mix: 64 million job seekers exposed by a single password, suspicious Google Ads requests, Instagram flannel cons, and a football kit nod to Bletchley Park. 👾 Youth & Cybercrime – A UK teenager linked to major Microsoft and Nvidia breaches shows why digital ethics education can’t be optional for young, technically skilled individuals.🎮 Old Games, New RCEs – Hackers exploited multiplayer game engines to gain remote access to PCs. Legacy software can create modern attack surfaces, on and off the clock.📬 Phishing & Domain Abuse – The .es top-level domain is increasingly used in phishing scams. Help users decode domains and trust signals beyond just the brand name.🔐 MFA Saves the Day – A spoofed Google Ads request almost succeeded—until MFA stepped in. A real-life reminder that layering defences works.📄 AI Prompt Injection – Academic PDFs are being weaponised with hidden prompts to influence AI-generated outputs. It’s time to add LLM manipulation to your awareness radar.📢 Emergency Alerts & Privacy – With government alert tests rolling out, employees with hidden phones (e.g., in domestic abuse cases) face real safety risks. Consider the human layer in crisis comms.👚 Instagram Scams & Flannel Fraud – Niche cons on social media show how easy it is to mimic small businesses. Don’t forget brand impersonation when training around phishing.🧑‍💼 Insider Threat Economics – A CNM insider sold credentials for just $300. Reinforce messaging around ethics, behaviour monitoring, and low-cost high-risk breaches.🍟 Hiring Platform Data Leak – McDonald's and Paradox AI leaked data on 64M+ applicants—another reminder: third-party vendors aren’t automatically secure.📊 Security Culture Benchmarks – Tools like KnowBe4’s Human Risk Maturity assessment help awareness pros evaluate where their culture stands and what needs improvement.⚽ Bonus: Bletchley Park-Inspired Football Kit – What does a football shirt have to do with WWII codebreaking? A surprisingly wholesome win for security storytelling.If you care about where behaviour, tech, and trust intersect, this one’s got it all.🕒 Timestamps00:00 Intro: A new intro and newsletter plug02:53 Cyber Crime Developments: M&S and Co-op Attacks05:56 Gaming Vulnerabilities: Call of Duty Incident10:07 Young Innovators: Dylan's Microsoft Teams Hack12:59 AI Manipulation in Academic Research16:57 UK Emergency Alert System Testing20:04 Phishing Trends: The Rise of .es Domains24:59 Bribery in Cyber Crime: The Brazilian Bank Heist27:58 Monzo's Fake Address Scandal31:57 MK Dons Tribute to Bletchley Park34:02 McDonald's AI Hiring Blunder36:19 Paradox AI and Data Breach Concerns37:35 Human Risk Management Insights42:17 The Importance of Authentic Internal Communication44:41 Deepfake Technology and Its Implications49:34 Scams Targeting Consumers: Apple Pay Warning53:26 Identifying Scams: The Dixon Shirt Fraud01:00:14 Victor's Near Miss with a Scam01:11:23 Weekly Wrap-up and Final Thoughts📩 For links, videos, and the newsletter – head to ⁠⁠⁠riskycreative.com⁠⁠⁠💬 ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Check Out This Episode's Discussion Points⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠📧 ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠[email protected]⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠🔗⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ riskycreative.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠🎵 Our Intro & Outro Song (© ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠16! by ⁠falling forever⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠)License: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://creativecommons.org/licenses/by/4.0