How Hacks Happen

When musician Michael Smith couldn't find an audience for his music, he manufactured it. By unleashing thousands of bots to listen to thousands of fake AI-generated songs on Spotify and other platforms, Smith earned millions in royalties before getting caught.Resources:North Carolina Musician Charged with Music Streaming Fraud Aided by Artificial Intelligence — U.S. Department of JusticeNorth Carolina Man Pleads Guilty to Music Streaming Fraud Aided by Artificial Intelligence — U.S. Department of JusticeIndictment: United States v. Michael Smith — U.S. Department of Justice PDFSpotify says it now has more than 100 million songsSpotify Q4 2025 Earnings ReportAlthough the songs and listeners were fake, the millions of dollars Smith stole was real — MusicRadarSpotify’s fake artists problem gets weirder with AI-generated albums — The VergeArtificial Streaming — Spotify for ArtistsHow Royalties Work on Spotify — Spotify Loud & ClearDeezer launches artist-centric payment systemBillie Eilish Was Discovered on Spotify and SoundCloud Before Global Fame — Rolling StoneSofi Tukker on Streaming Success and Spotify DiscoverySend us Fan MailSupport the show

Voiceprint ID is the latest virtual gadget for banks and financial institutions. But how secure is it, really? Let's look at the pros and cons of voice recognition, facial ID, and the AI systems they work with, and look back at the 1992 film Sneakers to see how this 34-year-old movie predicted some of the problems with voiceprint security.Resources:BBC: Cloned customer voice beats bank security checksCNN: Police used AI facial recognition to arrest a Tennessee woman for crimes committed in a state she says she’s never visitedThird Innocent Black Man to Be Misidentified by Facial Recognition Software Sues Police Department and Prosecutor for False Arrest and ImprisonmentSend us Fan MailSupport the show

Glitch or fraud? Let's explore "money glitches" popularized on social media, and the consequences faced by people who used them. Resources:The Chase Money 'Glitch': How a Viral Fraud Scheme BackfiredWhat you need to know about "Klarna method" posts on social mediaRingleader sentenced in multimillion-dollar fraud operation which saddled victims with crushing debt Send us Fan MailSupport the show

AI is undoubtedly the technology of the year for hacks and scams. While scammers are busy using AI to make scams more convincing, scam baiters are fighting back with ingenious grandma-style AIs that keep scammers busy for hours on end. There have also been some spectacular busts of scam centers. What’s next, AI scammers chatting with AI scam baiters? Now, that would be entertaining.ResourcesMeet Daisy, the AI 'granny' chatbot that wastes the time of phone scammersSpaceX disables thousands of Starlink devices being used by Myanmar scam centersChina sentences 5 to death for building, running criminal gang fraud centers in Myanmar's lawless borderlandsMyanmar has declared a 'zero tolerance' policy for cyberscams, but the fraud goes onContent creators, banks use AI to waste scammers' timeKitboga on YouTube: I Built a Bot Army that Scams ScammersSend us Fan MailSupport the show

Ever get your hair cut and wonder, "Is my barber part of an international scammer ring?" In November 2025, the FBI arrested Victor Marion, the owner of Mecca Barber Shop in San Diego, and eighteen of his buddies for scamming elderly victims out of $40 million with the classic tech support and refund scams, and for laundering the funds through the shop. Come along and find out how the scams worked, and learn what's next for Marion and his friends.Resources:22 charged in elder scam targeting over 500 seniors: FBI San DiegoFeds: Barbershop owner led California-based laundering cell in $40 million elder fraud schemeCase Number 25CR4061-TWR-01, reviewed via PacerSend us Fan MailSupport the show

If Facebook has seemed scammy for the past few years, it's not your imagination. A leaked internal document shows that Facebook, and its parent company Meta, are well aware that many of their ads and posts are scams, but they make too much money off of them to do anything about it. Get all the details on this scathing report from Reuters that has rocked the scambuster world.ResourcesReuters report: Meta is earning a fortune on a deluge of fraudulent ads, documents showMaggie McGaugh on YouTubePleasant Green on YouTubeSend us Fan MailSupport the show

Do you tap "Accept" without reading subscriber agreements? Those long-winded documents can strip away your legal rights, and even hijack your face, your voice, and your life. Let's peek inside the dystopian world of Subscriber Agreements for streaming services and see what little goodies they hold for us.Netflix in Your Neighborhood Privacy PolicyNetflix Privacy PolicyDisney+ Subscriber AgreementDisney agrees to have Florida wrongful death lawsuit decided in courtWhat Do Consumers Understand About Predispute Arbitration Agreements? An Empirical InvestigationDisney wants to dismiss a wrongful death lawsuit because of a Disney Plus agreementSend us Fan MailSupport the show

October is Cybersecurity Awareness Month, and it's time to clean house! Let's get rid of all those dust bunnies (weak passwords) and vacuum under the sofa cushions (no multi-factor authentication) and even do a check under the bed for that half-eaten Pop Tart (vulnerable emails). Hear about a few instances where poor cybersecurity led to unfortunate consequences, so you can avoid the same fate.Resources$61K, gone just like that for Oro Valley couple.Dream Kitchen Renovation Ruined by a ScamPassGAN: A Deep Learning Approach for Password GuessingHistoric UK KNP transport firm collapses after ransomware attackHacker leaks account data of 12 million Zacks Investment usersResearchers Instantly Crack Simple Passwords With AILost $45k to Wire Fraud Scam on E*TRADE – Even with MFA Enabled.Send us Fan MailSupport the show

AI is great for researching topics and digging up information. But what happens when people start to humanize their chatbots, and think they're talking to God? Or that they are God? Let's look at what makes AI come up with delusional theories, and why it tells people they're right even then they're wrong. ResourcesPeople Are Losing Loved Ones to AI-Fueled Spiritual FantasiesTowards Understanding Sycophancy in Language ModelsI, Robot by Isaac AsimovSend us Fan MailSupport the show

There's a new scam going around, where a thief gets you to unlock your phone under the guise of needing to make a call, then runs off with the phone and sends themselves all your money through your apps. Learn how to protect yourself and your money with a simple smartphone trick for iPhone and Android.Send us Fan MailSupport the show

The finale of HBO's Silicon Valley series pointed up a subtle parallel to the real-world challenges in vulnerability reporting—rather than risk going to jail, Pied Piper chose to burn the company to the ground. For decades, white hat and gray hat hackers had no place to report cybersecurity flaws without fear of legal hassles. Nowadays we have Bug Bounty programs, where hackers get paid to find and disclose security flaws, and even get some cash for their work.ResourcesInternet Scanner Finds Security HolesCERIAS - Center for Education and Research in Information Assurance and SecurityA history of bug bounty programs & incentivised vulnerability disclosureWearing Many Hats: The Rise of the Professional Security HackerHacking the PentagonSend us Fan MailSupport the show

What is Red Teaming, and what does it have to do with cybersecurity? In this episode, we look at how Red Teamers are hired to attack company security using all manner of tactics, from tossing malware-infested USB sticks into parking lots to posing as an HVAC technician. We also take a look at one of the most notorious Red Team exercises in history, when two Coalfire employees were arrested and fought a long legal battle, just for doing their jobs. ResourcesInside the Courthouse Break-In Spree That Landed Two White-Hat Hackers in JailDarknet Diaries Episode 59: The CourthouseCoalfire Systems websiteDEF CON 22 - Eric Smith and Josh Perrymon - Advanced Red Teaming: All Your Badges Are Belong To UsHow RFID Technology Works: Revolutionizing the Supply ChainNolaCon 2019 D 07 Breaking Into Your Building A Hackers Guide to Unauthorized Physical AccessSend us Fan MailSupport the show

What goes on under the hood of random number generators (RNGs)? Here we look at one of the best sources of randomness—static from electronic chips—and discuss terminology like entropy and bias, the role of the Birthday Paradox in RNGs, and the fake bias of the Excel RAND function. We'll even do a simple exercise you can try with your friends to see who picks the most "random" number of all. Resources:How Slot Machines WorkRAND FunctionBritons most likely to pick 7 as "random" numberSend us Fan MailSupport the show

Ever heard of the Internet of Things, or IoT? This episode explores the use of random numbers in our everyday devices, and how they’re often not as secure as our PCs. We also look at how Apple gets it right, and what we can do to keep our devices secure in this connected world.ResourcesSecuring the IoT Ecosystem: Challenges & SolutionsData security of IoT devices with limited resources: challenges and potential solutionsWhat Is IoT Security? Challenges and RequirementsApple Platform Security GuideHardware Accelerated CryptoSend us Fan MailSupport the show

This episode explores the mysterious world of random number generators (RNGs) in video games. Looking at popular games like Minecraft, Stardew Valley, and Diablo II, we describe how players hack these random numbers in the same ways hackers hack encryption keys. This episode lays the groundwork for Part 2, a discussion of RNGs in encryption.Resources:How Many People Play Minecraft 2025 (Active Players)Pre-determined RNG? (Reddit post)Diablo II Seeded Category - Rule / General Discussion10 Perfect Minecraft Seeds You'll Want To Play FOREVER (YouTube video)Send us Fan MailSupport the show

New season, new theme music—and even more hacks and scams to explore. Thanks for coming on these adventures with me. Let's do some more!  Send us Fan MailSupport the show

Need cash quick? Why not try a payday loan? While it might look like a better option than a credit card on its surface, the truth is that payday loans can be rather ugly and expensive, and can trap you in a cycle of debt if you don't know how it works. Find out how some states and countries keep a lid on exploding fees for short-term loans, and why a credit card is a far better option. Resources:The Victims of Payday LendingPayday Loan Information for Consumers: Legal Status of Payday Loans by StateFCA confirms price cap rules for payday lenders (UK)High cost loans (NZ)Can taking out a payday loan help rebuild my credit or improve my credit score?Send us Fan MailSupport the show

Scammers are still at it, happy to ruin our lives in search of a quick buck. Let's look at job scams that attempt to steal personal information, sextortion scams preying on teenage boys, and a really nasty threatening email I personally received. Know your scams, so you can keep yourself safe.Resources:These teenage boys were blackmailed online – and it cost them their lives'You might as well end it now': Terrorized by sextortion plot, a 17-year-old takes his lifeHow To Identify Fake Job Postings: 10 Warning SignsSend us Fan MailSupport the show

Hacks used to be impressive, utilizing bits and pieces of technology that made us sit up and pay attention. Nowadays, every scam, breach, or sketchy text message gets labelled a "hack" when it's really just basic use of existing technology, or an outright scam. Let's take a closer look at how the meaning of “hack” has changed, from the complex brilliance of NotPetya in 2017, to today's flood of scams powered by stolen data and AI fakery. It’s the end of the Age of the Great Hack, and the rise of the Age of Many Scams.Resources:Healthcare Data Breach StatisticsBeing Infected by NotPetya: What Maersk learnedNotPetya: A Columbia University Case StudySend us Fan MailSupport the show

In this episode of How Hacks Happen, we delve into the complexities surrounding trash possession and legalities. Besides the legal distinctions between lost, mislaid, and abandoned property, there are the risks posed by scammers who rifle through trash for personal information so they can steal your identity or call you up and pretend to be your bank. No trash is safe in this world we live in, so shred, burn, and sanitize your trash before throwing it out.Resources:Dumpster Diving for Documents: The Low-Tech Threat Fueling High-Stakes Identity TheftCalifornia v. GreenwoodState v. HempeleSend us Fan MailSupport the show

Can you tell if someone is guilty just by looking at them? Let's delve into the infamous case of Amanda Knox, the American exchange student who was wrongfully accused of murdering her roommate in 2007. We'll talk bad cell phone forensics, media sensationalism, and cultural biases, and how they can lead to dire consequences for those who are judged not by evidence, but by how they act differently than society expects them to.ResourcesAmanda Knox websiteSentence of the Court of Assizes of Perugia in the Murder of Meredith KercherTalking to Strangers: What We Should Know about the People We Don't KnowTeacher Recorded Laughing During Apalachee School Shooting May Have Been the Bravest Person in the RoomVideo of teacher laughing during school shootingCentral Park jogger case.Send us Fan MailSupport the show

Send me a text! No matter who you are or where you are in the world, I'd love to hear from you. This is a call for feedback on what you like about How Hacks Happen, what you don't like, or if you just want to say Hi.Click the "Send us a text" link below, and you'll be sending a text message directly to me, Michele Bousquet. I can't wait to read what you have to say. If I get enough messages, I'll even do an episode just with your feedback.ResourcesJust my bad self for this oneThe "Send us a text" link is just below!.Send us Fan MailSupport the show

In May 2025, Coinbase, one of the largest cryptocurrency exchanges in the world, got hacked. Or did they? It was more like a near-miss. But while we might wipe our brows in relief over this latest mishap, it doesn't bode well for the future of cryptocurrency, which is currently unregulated, uninsured, and just waiting for the next big catastrophe to leave investors crying in their collective beers over their lost millions.Join us for a tour of some of most disastrous crypto hacks of yesteryear like Mt Gox and Bybit, and what we see coming for the future of crypto. Hint: It's not pretty.ResourcesCoinbase: Protecting Our Customers - Standing Up to ExtortionistsThe Story of Mt. Gox: ExplainedBank Secrecy Act (BSA)What Is Crypto KYC and Why Do Exchanges Need It in 2025?The ByBit Heist and the Future of U.S. Crypto RegulationTop 10 Cryptos to Invest In May 2025.Send us Fan MailSupport the show

In this episode we continue the story of Daniel Rigmaiden, a man arrested for tax fraud in 2008 who reveals the Stingray surveillance device used by the Feds to track his location. Despite being in jail, Rigmaiden tirelessly researches and files numerous motions, arguing that the use of Stingrays violated citizens' Fourth Amendment rights. His determination attracts the attention of the ACLU and the EFF, ultimately influencing government policy on surveillance practices, policies that protect privacy for all of us. ResourcesRigmaiden court documentsDOJ: Justice Department Announces Enhanced Policy for Use of Cell-Site SimulatorsThe News Tribune: Stingray snared him, now he helps write rules for surveillance ACLU: Fighting for TransparencyWall Street Journal: Judge Questions Tools That Grab Cellphone Data on Innocent People ACLU websiteEFF website.Send us Fan MailSupport the show

In 2014, the US government chose not to take a massive, rock-solid tax fraud case to trial. But why? This episode kicks off the tale of Daniel Rigmaiden, a hacker who exploited a legal loophole to regain his freedom. Find out how Rigmaiden's method for online connection, his Air Card, was both his downfall and his salvation. Take a deep dive into the data cell providers collect, how they share it with law enforcement, and the Fourth Amendment's role in protecting privacy. And tune in for Part II, where the real drama unfolds.ResourcesFourth Amendment PrimerUnited States of America v. Daniel David Rigmaiden, Government’s Response to Defendant’s Motion to SuppressVideo: Daniel Rigmaiden at Aaron Swartz Day 2017.Send us Fan MailSupport the show

Is your identity at risk? And what would you do if someone was using it to take out credit cards, steal your tax refund, or even raid your bank account? Enjoy this replay of interviews with Tiffany, Pete, and Astrid, three victims of identity theft. Even though this episode originally aired in 2022, the same lessons remain. Listen to hear about how each of the three discovered the fraud, what they did to reverse the damage, and what they do now to prevent it from happening again..Send us Fan MailSupport the show

When over 100,000 Bitcoin went missing in 2016, no one suspected the culprits: a quiet, mild-mannered developer and his ostentatious entrepreneur/rapper wife with a wacky social media presence. Meet Razzlekhan and Dutch, the most unlikely thieves in the history of crime.Resources:Razzlekhan and husband guilty of $4.5bn Bitcoin launderBitcoin Plunges After Hacking of Exchange in Hong KongBitfinex Hacker Sentenced in Money Laundering Conspiracy Involving Billions in Stolen Cryptocurrency.Send us Fan MailSupport the show

Why is Andrew Tate so popular with young men? With his sports cars and his obvious wealth, Tate has built a significant following out of his admittedly silly 'alpha male' rants. But behind the flashy lifestyle lies a web of controversy, including serious criminal charges. From promising young men financial independence and all the women they can handle, to the humiliations of a pro-trans hack and getting slapped down by a teenage girl on Twitter, the wild world of Andrew Tate is about as crazy as it gets. ResourcesThe Guardian: Inside the violent, misogynistic world of TikTok’s new star, Andrew TateDaily Dot: Hackers breach Andrew Tate’s online university—obtain chat logs and leak data on 800,000 usersPro-trans rights hackers target Andrew Tate’s The Real World websiteAndrew Tate’s University Hacked: Chat Logs and Leaked Data of 800,000 UsersForbes: Andrew Tate’s Online University Hacked—800,000 Users ExposedRolling Stone Magazine: Greta Thunberg Doesn’t Care About Andrew Tate’s Cars — But Has an Idea of What They’re Overcompensating ForAndrew Tate / Greta Thunberg Tweet War Part 1Andrew Tate / Greta Thunberg Tweet War Part 2BBC News: 'Boys formed Andrew Tate club in school' - teacherNew York Times: ‘Brainwashing a Generation’: British Schools Combat Andrew Tate’s Views.Send us Fan MailSupport the show

Instagram star Hushpuppi had over 2 million followers. With his amazing lifestyle filled with Ferraris and Rolls Royces and private jets, dressed head-to-toe in Gucci and Versace and Fendi, Hushpuppi seemed to have it all. But Hushpuppi's lifestyle was built on a massive pile of fraud, $2 billion dollar's worth, that eventually landed him in prison.ResourcesVideo: Dubai Police take down "Hushpuppi" , "Woodberry", ten international cyber criminalsSend us Fan MailSupport the show

A Blackberry phone as a hacking tool?! For our April Fool's Day episode, we bring you an exclusive interview with hacking genius Dave the Barber, who leveraged a freak accident with a Blackberry into a hack that can compromise any device until the end of time.Send us Fan MailSupport the show

Want to hang out with supermodels on the beach? That's the dream that Billy McFarland sold in 2017 when he advertised Fyre Festival, an outdoor music concert in the Bahamas. Attendees were promised beautiful beaches, live music, comfy villas, gourmet meals, and supermodels around every corner. Instead, they got a gravel parking lot, soggy tents, cheese sandwiches, and no music. And no supermodels, either.What went wrong with Fyre Festival? In this episode, we look at Billy McFarland's delusion through the lens of social media, and how it played a leading role in the misleading people into the fraud that was Fyre Festival.Send us Fan MailSupport the show

When a scam caller knows everything about you--your address, social security number, bank account--how do they know? There isn't some super powerful hacker ring with its own call center. Your data is actually stolen at one end of the internet, goes on a trip through hacker forums and dark web stashes, and reappears in a neat spreadsheet for a call center. The more you know about how your data is breached, sold, and aggregated, the better you'll be prepared for your next well-informed call from a scammer. Send us Fan MailSupport the show

Let's explore the technology behind audio and music AI, and how it makes use of some cool math concepts to bring us convincing and realistic voices and music. Hear some actual AI-generated tunes, and find out how "latent space" changed the way AI generates sounds and music.ResourcesGhostwriter, the Mastermind Behind the Viral Drake AI Song, Speaks For the First TimeSpotify will not ban AI-made music, says bossJellybean Benitez Remembers NYC Clubs of YesteryearSend us Fan MailSupport the show

Trump pardoned Ross Ulbricht after he served 12 years of his life sentence. In light of this news, we decided to replay our 2023 episode on the Silk Road website, which sold recreational drugs and other illegal items from 2011 to 2013. Was Trump's pardon the right move? We'll let you form your own opinion. Send us Fan MailSupport the show

AI makes our lives more convenient in so many ways, but it also gives scammers the same conveniences. Host Michele Bousquet explains how scammers use AI audio, video, and text to better fool their victims.Send us Fan MailSupport the show

The AI model Deepseek was all over the news in January 2025. Deepseek's developers claimed its costs to develop and run were a fraction of the costs for large popular AI models, which caused a big disruption in the stock market. But how true are these claims? In the first of a three-part series on AI, host Michele Bousquet dives in and give Deepseek a spin, and debunks some of the hype around this new export from China.Resources:DeepSeek-V3 Technical ReportThe Extreme Cost Of Training AI ModelsHow Much Did It Cost to Train GPT-4? Let’s Break It DownOpenAI says it has proof DeepSeek used its technology to develop its AI modelNASDAQ:NVDA Stock Falls on DeepSeek Fears – Is Wall Street Missing a 71% Upside?Send us Fan MailSupport the show

With so many social security breaches, we return to the original scene of the crime: the Equifax Breach of 2017. Enjoy this replay of one of our most popular episodes, where you'll learn about common hacking techniques, how routers work and why they're so important, and the most basic of cybersecurity measures like patch plans. Resources for this episode:Website where you can check if your identity was compromised in the Equifax breachBusiness Insider: Literally everyone should be thinking about suing Equifax. September 2017.U.S. House of Representatives Committee on Oversight and Government Reform: The Equifax Data Breach. December 2018.CHINESE PLA MEMBERS, 54th RESEARCH INSTITUTE - The fellas charged with the Equifax breach, now on the FBI's wanted list.United States Government Accountability Office Report to Congressional RequestersSend us Fan MailSupport the show

They're the kinds of cousins you wish you didn't have, but you don't really have a choice. What's the difference between hacks and scams, and how do they work together to part you from your valuables like personal information and money? In this episode, we look at the similarities and differences between these shady cousins, and how you can keep them from doing their dirty work.Resources: 91% of all cyber attacks begin with a phishing email to an unexpected victimSony Hackers Used Phishing Emails to Breach Company NetworksSocial Engineering AttackSend us Fan MailSupport the show

In the wake of the devastating California wildfires, conspiracy theories abound, some of them with no basis in fact. Just after her Pasadena home was threatened by the fires, author Su Falcon ran into a wall of disinformation in social media. Find out what she did about it, and how you can help keep the internet free of this kind of destructive garbage.ResourcesWebsite: California Fire FactsWebsite: Watch DutyWebsite: AirNowBook: How I Survived My First Year with ChickensVideo: ‘They're Eating the Dogs:' Trump Makes False Claim About Migrants | WSJ NewsSend us Fan MailSupport the show

2025 promises to be an exciting year for scammers. From ridiculous job offers to the colorful family of Apple ID scams, join us on a whirlwind tour of schemes designed to part you and your money.Send us Fan MailSupport the show

The Honey tool has been exposed as a scam, after dozens of YouTube influencers heavily promoted it. Honey was supposed to save online shoppers money by finding discount codes, but how could it make money doing that? By stealing from its own advertisers, of course! Find out how Honey did it, how they got exposed, and what the future holds for Honey's funny money and the stain upon its parent company PayPal.ResourcesExposing the Honey Influencer Scam'Biggest Influencer Scam of All Time'?: PayPal Accused of Poaching Commissions Via Its 'Honey' Browser ExtensionSend us Fan MailSupport the show

Romance scams aren't the only goals of a catfish. The catfish needs some way to get all that money delivered into their hands without leaving a trail. To accomplish this, they recruit unwitting victims into laundering their money. Meet Alice, who unknowingly becomes a money mule for Parker the Catfish.ResourcesWhat is a money mule?Catfished YouTube ChannelSend us Fan MailSupport the show

How do catfish convince victims to send money? In this second of a three-part series on catfishing, we look at the many tricks romance scammers use to separate victims from their hearts, and their cash, including love bombing and claims of riches to come. ResourcesCatfished YouTube ChannelScam Haters United websiteSend us Fan MailSupport the show

Catfishing scams have reached new heights, particularly romance scams. But how do they get away with it? This first of a three-part series on catfishing explores the techniques these scammers use to fool their victims, which involved social engineering at a high level.  ResourcesThe man who "sold" The Brooklyn Bridge, Statue of Liberty, and Ulysses Grant's tombAll About Ethel Kennedy's 34 GrandchildrenCatfished YouTube ChannelSend us Fan MailSupport the show

Hackers have been releasing password leaks for years. But what exactly is a password leak, and should you be concerned? In this episode of How Hacks Happen, we look at how password security has changed over the years, and how you can keep yourself safe in the ever-changing world of online security.ResourcesRockyou2024 analysis: Mega password list or just noise?Have I Been Pwned? Check your passwordNIST Special Publication: Digital Identity GuidelinesSend us Fan MailSupport the show

With Netflix shining attention on the victims of the 2015 Ashley Madison breach, we're running a replay of our own coverage from 2021 that gets into the dark underbelly that Netflix skipped: lies Ashley Madison told about their services (and their CEO's fidelity), and blackmail attempts from enterprising hacker types. We also put forth evidence that the hacker, who was never caught, is most likely Canadian and a woman.ResourcesImpact Team Pastebin notice, July 20, 2015: https://pastebin.com/ZGXmk8R9Krebs on Security report on breach: https://krebsonsecurity.com/2015/07/online-cheating-site-ashleymadison-hacked/Suicides attributed to Ashley Madison breach:https://money.cnn.com/2015/09/08/technology/ashley-madison-suicide/https://www.bbc.com/news/technology-34044506https://toronto.citynews.ca/2013/11/10/woman-hurt-typing-fake-profiles-for-dating-site-20m-suit-alleges/https://krebsonsecurity.com/2015/08/ashleymadison-500k-bounty-for-hackers/https://krebsonsecurity.com/2015/08/who-hacked-ashley-madison/https://krebsonsecurity.com/2015/08/was-the-ashley-madison-database-leaked/https://grahamcluley.com/ashley-madisons-leaked-database-available-download-read-this/https://grahamcluley.com/ashley-madison-fake/https://www.businessinsider.in/tech/the-strange-rise-and-sudden-fall-of-noel-biderman-the-former-ceo-of-ashley-madison/slidelist/48716152.cmshttps://www.priv.gc.ca/en/privacy-topics/business-privacy/safeguards-and-breaches/privacy-breaches/respond-to-a-privacy-breach-at-your-business/gd_pb_201810/https://www.wired.com/2015/08/happened-hackers-posted-stolen-ashley-madison-data/https://grahamcluley.com/ashley-madison-wives-receiving-blackmail-letSend us Fan MailSupport the show

The medical records of 1/3 of Americans were stolen from Change Healthcare in February 2024, and leaked to the dark web. So who is Change Healthcare, and why did they have your data in the first place? Get the skinny on this week's episode.ResourcesChange Healthcare Cyberattack Affected 100 Million IndividualsThe Change Healthcare attack: Explaining how it happenedWyden Hearing Statement on Change Healthcare Cyberattack and UnitedHealth Group’s ResponseTestimony of Andrew Witty, Chief Executive Officer, UnitedHealth Group Before the House Energy and Commerce Committee Subcommittee on Oversight and Investigations “Examining the Change Healthcare Cyberattack”The impact of the Change Healthcare cyberattack: What to knowChange Healthcare Cyberattack: What Consumers Should KnowReceived a letter from Change Healthcare? What you should do nextChange Healthcare Attack Cost Estimate Reaches Nearly $2.9BChange Healthcare Finally Admits It Paid Ransomware Hackers $22 Million—and Still Faces a Patient Data LeakSend us Fan MailSupport the show

Credit card fraud is on the rise, but not in the usual way: hackers are cobbling together synthetic accounts from real and fake names, addresses, social security numbers, and credit histories. Children's social security numbers are particularly at risk. Find out how it all works, and what you can do to help prevent synthetic account fraud, and help with inflation in the process.ResourcesFBI: Combating Threats in the CyberworldLawPay: Guide to Securely Storing Credit Card InformationHow Can Someone Use My Credit Card Without Having It? A Complete Guide to Theft PreventionMotley Fool: Identity Theft and Credit Card Fraud Statistics for 2024Mastercard: What is Synthetic Identity Fraud? Send us Fan MailSupport the show

QR codes are a super convenient way to access a website or app from your phone without having to type anything in. And while some scammers use QR codes to try and steal your personal information and money, most QR codes are just fine. Learn how to spot a scammy QR code so you can use them safely, and confidently enjoy all the conveniences they offer.Resources:Thieves are using fake QR codes on parking meters to scam drivers. Here's how to protect yourself FBI issues new warning about QR code scamsAlerts issued over a rise in QR code scams, known as ‘quishing’'I fell victim to clever scam when trying to park'Redondo Beach warns drivers of parking meter scam involving fake QR codesHow to spot a fake QR code scamA brief history of QR codesWhat Is a Drive-by Download Malware Attack?Send us Fan MailSupport the show

How can you keep hackers from getting your Social Security Number? You can't. Between breaches of Equifax, the healthcare industry, and the recent National Public Data leak, your SSN is probably already making the rounds on the dark web. But you can fight back with some simple security measures.In this episode, we call back to our very first episode on the Equifax breach of 2017, and revisit the lessons learned and how they pertain to cybersecurity today, and in the future.ResourcesKrebs on Security: NationalPublicData.com Hack Exposes a Nation’s DataSBA: COVID-19 Pandemic EIDL and PPP Loan Fraud LandscapeA Third of Americans Have had Their Social Security Numbers Leaked in Healthcare BreachesUsa.gov: How to place or lift a security freeze on your credit reportTroy Hunt: Inside the "3 Billion People" National Public Data BreachWatchdogs: SBA handed out over $80 billion in potentially fraudulent loansNBC News: 'Biggest fraud in a generation': The looting of the Covid relief plan known as PPPWIRED: LifeLock CEO's Identity Stolen 13 TimesYouTube: Lifelock CommercialSend us Fan MailSupport the show