Easy Prey

Chris Parker, the founder of WhatIsMyIPAddress.com, interviews guests and tells real-life stories about topics to open your eyes to the danger and traps lurking in the real world, ranging from online scams and frauds to everyday situations where people are trying to take advantage of you—for their gain and your loss. Our goal is to educate and equip you, so you learn how to spot the warning signs of trouble, take quick action, and lower the risk of becoming a victim.

Hidden Dangers of AI in Cybersecurity 07/30/2025

Hidden Dangers of AI in Cybersecurity Everyone’s talking about AI these days, especially in cybersecurity. Sure, artificial intelligence can boost your defenses, but cybercriminals have noticed too. Now they're crafting phishing emails so believable it’s scary and finding clever paths around spam filters while zeroing in on vulnerabilities you didn’t even realize were there. Today, Aviad Hasnis joins the show. He's the CTO of Cynet Security and spent years running cybersecurity missions for the Israeli Defense Forces. Aviad’s here to help us figure out what the changing threat landscape really means, whether you're leading a corporate giant or just trying to keep your small business safe. From passwords getting scooped up to VPN setups from a decade ago that no one updated, Aviad’s seen just about everything go wrong. He also explains why copy-pasting AI-generated code might open you up to attacks you never saw coming. He’s big on education, common sense, and making sure you’re using multiple security layers. These days even one slip-up can give attackers exactly what they're looking for. Aviad also walks us through supply chain vulnerabilities and why they should keep you up at night. Whether you're the CISO of a Fortune 500 company or you’re running a small team with Bob, the go-to tech person juggling 18 other tasks, this episode is packed with practical insights to help you avoid the next big cybersecurity headache. While AI might be reshaping the cybersecurity landscape, staying secure still comes down to thoughtful planning, human judgment, and making sure someone you trust has your back. Show Notes: [01:08] Aviad has been Cynet's Chief Technology Officer for the past five years. Prior to that, he worked in cyber security for the Israeli Army. [02:18] He was always fascinated with computers and technology. When Iran had a technology problem, he realized that cybersecurity was what he wanted to do for the rest of his life. [03:19] Aviad shares a story about his friend's mother being exposed to a scam. She received a phone call from someone pretending to be a police officer. She even installed different executables on her laptop. She didn't realize she was being victimized until she transferred over five grand. [06:07] Social engineering is one of the most dominant ways to gain access. [08:39] The security implications of using AI. [09:30] It's important to have guardrails with how you use AI. [10:28] If you're just copying and pasting code you may copy something that could be vulnerable to exploits. [11:16] People need to be aware of the types of risk and educate themselves. [12:49] Conversations at the C-suite level for implementing AI. [13:43] The challenge is to harness AI the right way without replacing people. [15:18] It's important to use critical thinking when creating with AI. [16:04] AI is helping security by allowing people to consult and get information. You can also introduce vulnerabilities into your application if you just copy and paste from chat GPT without knowing the context. [17:05] The bad guys can also use AI. [17:56] AI has improved the quality of phishing scams. [21:36] Where organizations are missing out when it comes to sniffing out threats. This includes VPNs and SaaS or cloud. [22:52] Employees could be using their home computers to connect to the company VPN and then their kids might download some malware or trojan. Companies need to use two-factor authentication when it comes to VPNs. [24:11] Email phishing can be another way to steal credentials. [27:54] The most effective approach is security layers. [30:40] Another security measure is creating profiles where we know where you're logging in from. [33:35] Is this doom and gloom for small businesses? [34:48] The best solution for small businesses would be to find a company with an all-in-one solution. [37:11] The importance of being proactive, so you can act quickly if you see something suspicious. [38:24] How the move to the cloud affects security. [39:08] Shifting to the cloud is safer. [44:20] New threats on the horizon include threat actors utilizing AI. They love to get control of remote applications. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/37455900

Author Scams Exposed 07/23/2025

Author Scams Exposed Writers pour their hearts into their work, but unfortunately, that passion can make them prime targets for scams. From fake agents and vanity publishers to slick marketing schemes and social media impersonators, the tactics have only gotten more sophisticated over time. In this episode, we dig into the murky world of publishing scams and how they work and who they target. Along with why even experienced authors can get caught off guard. Today’s guest is Victoria Strauss. Victoria is the author of nine fantasy and historical novels for adults and teens, and she’s also the co-founder of Writer Beware, a watchdog group sponsored by the Science Fiction and Fantasy Writers Association. Drawing from decades of experience, Victoria shares red flags to watch out for, practical steps authors can take to protect themselves, and eye-opening stories of deception that highlight just how easy it is to get pulled in. This conversation is about awareness and empowerment. Whether you’re just getting started or you’re a seasoned author, you’ll learn how to do your due diligence, where to turn for trustworthy resources, and how to avoid becoming an easy target in a complex industry. With tools like Writer Beware, Victoria equips authors to stay vigilant, protect their creative work, and steer clear of costly traps. Show Notes: [01:00] Victoria shares her background including publishing nine novels. She's a member of the Science Fiction and Fantasy Writers Association, which is the sponsor of Writer Beware. [01:49] Writer Beware was formed with Victoria and a colleague when they became interested in writer scams. [03:36] When it first began, the most common scams for fee-charging literary agents and scam editing referrals. [04:25] Most current scams are digital and focus on self-publishers. [05:11] We learn what a vanity publisher is. [06:22] How self-publishers do everything a writer does and everything a publisher does. [10:34] One marker for a scam can be solicitation and out-of-the-blue emails. [12:42] A lot of people offer services like cover design when they don't really have the experience or expertise. Research anyone you're going to hire and their experience. [15:50] Look for what to cover in a contract, such as keeping your copyright. Watch out for scam registration services. [17:36] A DM scam where the scammer impersonates a writer and offers a marketing service recommendation. [22:21] Be aware and understand what the risks are and what to look for. [23:52] Evaluating opportunities. [26:16] Use a credit card and report any problems. [27:51] The newest scams are usually on social media. [28:40] A crazy story about a literary agent who is charging upfront fees and even accepted fees for a conference and then faked her own death. [30:39] A cautionary tale of how a publishing marketing company from the Philippines scammed authors out of millions of dollars. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/37413415

Tricked by Followers and Badges 07/16/2025

Tricked by Followers and Badges What if your social media success was built on deception, and it was working? In today’s episode, we hear from someone who knows exactly how that happens. Tim O’Hearn is a former software engineer and the author of Framed: A Villain’s Perspective on Social Media, a book that pulls back the curtain on how follower factories, automation, and persuasive technologies have shaped the online world we now take for granted. Tim doesn’t just theorize, he built these systems himself. Tim walks us through how his small side gig growing Instagram accounts evolved into a lucrative business, one that constantly navigated the blurry line between innovation and breaking platform rules. He opens up about the clever strategies he used to avoid detection and psychological hooks that made these methods so effective, as we explore the deeper consequences of social media’s addictive nature. We’ll also explore the hidden risks businesses and individuals face when they obsess over metrics and follower counts instead of genuine connections, and why most people don’t even realize they're caught up in this trap. Whether you're running a business, casually browsing, or just trying to figure out the complicated world of online attention, this conversation will give you a rare peek behind the curtain. And as you’ll find out, stepping away from it all might not be as straightforward as you'd think. Show Notes: [01:12] Tim recently published Framed: A Villain's Perspective on Social Media, a book that shares his journey from breaking the rules on social media to getting millions of followers for his clients. [02:15] We learn a little bit more about the beginnings of spamming the Internet and increasing online presence, including MySpace and Instagram, which evolved into getting more followers. [04:14] This created social proof and the possibility of higher conversion rates. [05:09] Increasing followers using botnets or fake followers. Organic growth and interacting with accounts that might follow or like. [08:35] Tim's business was Shark Social, where he bent the rules to get followers for clients. [09:53] The technical side of his operation. Proxies were used to mask their tracks. [12:30] Social media services have taken efforts to stop things like follower growth services. [14:54] Risks for businesses using social media growth platform services. It's against TOS, and your account can get banned. [18:36] Systems Tim built to target consumers using social media. The goal was to get users to spend more time on the app. [20:50] Thresholds for annoying users. It was shocking how many people allowed push notifications and other annoying things. [22:54] How social media affects Tim. [26:11] We learn how he feels about the influencer culture and promoting his book on TikTok. [27:14] Advice for business owners, including these services, may not get you more business. Pause before doing too much. [28:48] Individuals should focus on conversions. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/37347785

Only 10 Seconds to Expose a Scam 07/09/2025

Only 10 Seconds to Expose a Scam What if you could stop a scam in real-time before the damage is done? In this episode, I’m joined by Nick Stapleton, an investigative journalist and the face behind Scam Interceptors, the BAFTA award-winning BBC series that exposes online fraud and steps in to protect victims as scams unfold. Nick brings a decade of undercover documentary experience to his current mission: fighting digital deception and empowering everyday people to stay safe. He shares jaw-dropping stories from the front lines, including the near miss that almost caught him off guard, and breaks down the complex operations behind everything from romance scams to global scam compounds. As the author of How to Beat Scammers, Nick also gives practical advice on how to recognize red flags and build your own defense against a rising tide of fraud. Show Notes: [01:06] Nick presents a show called scam interceptors for the BBC. He also does scam advice on a chat show called Morning Live. He also wrote a self-help book about . [01:59] We learn how Nick got into the space. He began in investigative journalism and hidden camera work and now 5 years later Scam Interceptors is his full-time job. [06:17] He came very close to becoming a victim of a scam, because a lot of scammers try to get him. [14:30] About 300,000 accounts a day get hacked on Meta. [15:10] There are things you can enable on Meta to help protect your account. [16:43] In the UK scammers rarely go to prison. [17:18] When he first started the series the scale of some of the scam operations out there really shocked him. [18:43] There can be 200 people working in a scam call center. [20:52] A lot of the people who run pig butchering scams are indentured slaves. [24:12] They would even hire models to have video conversations with potential scam victims. [25:22] Why local governments don't break up these scam centers. [26:38] It's difficult to motivate the authorities when the victims aren't from that country. [29:21] APP refunds in the UK. In most cases we need to be aware and protect ourselves. [30:52] Assume everything out of the blue is fake. Come from a position of skepticism. [35:04] When investigations go wrong filming the show and they lose people to scams. [39:10] When the show first began, sometimes the people they were trying to stop from being scammed thought they were the scammer. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/36821355

Gambling, Lies, and Millions Stolen from Celebrities 07/02/2025

Gambling, Lies, and Millions Stolen from Celebrities What happens when the drive to succeed masks deep emotional wounds and addiction? In this episode, Jonathan Schwartz shares a powerful and painfully honest account of how his life unraveled. Once one of Hollywood’s most trusted financial advisors, Jonathan worked with icons like Beyoncé, Mariah Carey, and Gwyneth Paltrow. On the surface, he had it all. But underneath the success was a secret struggle with gambling and drug addiction that led him to steal millions from the very clients who trusted him most. His fall from grace was dramatic and public, ending in a prison sentence and the loss of everything he had built. But that wasn’t the end of his story. Today, Jonathan is sober and rebuilding his life with purpose. As Program Director at Altus Rehab, he now helps others find their own way out of addiction and shame. His story is raw, real, and full of hard-earned wisdom for anyone who has ever felt like they couldn’t ask for help. Show Notes: [01:30] Jonathan is a different person from who he was. He grew up in Upstate New York and his father left when he was four. His mom had a lot of stress and took it out on him which created childhood trauma. [03:34] Accounting was the subject that he was good at. [05:02] Eventually, his cousin gave him a job working in Los Angeles for celebrities. [06:33] In 2004, he became a partner in GSO business management. He got a break when Linkin Park was looking for someone in business management. Their success opened up the floodgates. [08:37] He began getting more and more A-list clients. [09:04] In 2010, he became addicted to gambling. [10:01] This eventually led to embezzlement from his celebrity clients. He placed the bet with this bookie everyday for 6 years. [13:48] He ended up embezzling about 7 million dollars. [14:12] When he stopped gambling he had suicidal ideation. [17:05] He always intended to pay the money back. [19:37] Jonathan shares a time when the bank wanted to call Alanis. [21:03] There was a point when his partners started to notice something wasn't right. [22:04] In 2015 he was fired by Alanis, but he continued to give his attention to his A-list clients. [24:42] He didn't want to expose anyone to the fact that he was committing crime. He never told a soul. [25:07] The dark secret was eating him inside, and he also had to deal with his unresolved trauma. [27:12] How Jonathan had to come clean with his wife, because he was scheduled for a lie detector test. [28:48] After failing the test, he was facing 23 years in prison. He negotiated a four to six year plea agreement. [31:14] He ended up being released early because of COVID. [32:11] He struggled to get a job and ended up going back to school, and now he's a marriage and family therapist with an emphasis on addiction and trauma. [34:00] In prison he had the opportunity to reflect on his bad decisions and read a lot of books. [36:33] He's proud to be sober and a nerd. His trauma is resolved, and he gets to help people in treatment not make the same mistakes that he made. [41:34] Celebrities today need to understand not to trust their business manager so quickly and to make sure that they're proactive in their financial affairs and that they're asking for source documents. [42:11] Audit your business manager with some level of frequency. [48:43] Don't go out and spend all your money. Treat your first dollars as your last dollars. [50:56] Jonathan has a book coming out in about 12 months. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/36821215

Human Side of Fraud: Empathy, Education, & Evolution 06/25/2025

Human Side of Fraud: Empathy, Education, & Evolution People used to think fraud was something that happened in the shadows, rare, distant, and mostly affecting big companies. But after talking to PJ Rohall, it’s clear that fraud is evolving fast, and it’s showing up in places most of us don’t even think to look. In this episode, I sit down with PJ Rohall, Head of Fraud Strategy and Education at SEON and co-founder of About Fraud. PJ’s work is all about staying ahead of scammers and helping businesses and individuals understand how fraud actually works. From synthetic identities and AI-powered scams to account takeovers and refund fraud, he breaks it all down in a way that’s both eye-opening and surprisingly accessible. We talk about how fraudsters think, what makes people vulnerable, and why collaboration is one of the best defenses we have. PJ shares practical tips, real-world examples, and some of the patterns he’s seeing that everyone should be aware of. Whether you run a business or just want to better protect yourself online, this conversation might change the way you think about trust, technology, and the digital world we live in. Show Notes: [00:52] PJ Rohal is a co-founder of About Fraud and Fraud Fight Club, which is our in conference, in-person experience. He started that back in 2017, but his fraud prevention journey started back in 2011. [02:45] He began studying finance and business. He had some mental health issues and was open to trying something different when he saw a job for a fraud analyst. [06:22] His experience transferred really well into the entrepreneurial journey. [11:13] It's in the best interest of everyone to collaborate and share tips and tricks when trying to prevent fraud. [13:05] Everybody is open or vulnerable to being a victim of a scam. There shouldn't be a stigma around it. [14:51] It's powerful to see even tech savvy people being victims of scams. [17:20] How a contextually relevant scam could actually get you. [21:16] It's PJ's dream to get outside of his bubble and help educate the community the best he can. [23:43] Two-factor authentication codes have changed, because they give warnings and instructions for the consumer now. [28:45] People with platforms could get the word out about the risk of scams. [34:30] Getting fighting scams to the front and center is a challenge. [36:57] Handling calls from people who've lost large amounts of money in a scam. Having a psychologist or people who understand human behavior would really help with this journey. [40:39] Banks and financial institutions are starting to think differently about handling these issues. [41:05] There's also a lot of technology on the market that's designed for scams. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/36821045

Identity Is The New Security Perimeter 06/18/2025

Identity Is The New Security Perimeter Sometimes it feels like every new technology we adopt comes with a new risk we didn’t see coming. From AI and data breaches to phishing scams and ransomware, it's clear we live in a time when cybersecurity isn’t just a tech issue, it’s a human issue. In this episode, I talk with Jeff Reich, Executive Director of the Identity Defined Security Alliance. Jeff has been in the cybersecurity world since the early days, with decades of experience helping organizations protect what matters most. His passion for identity security and risk management runs deep, and he brings a thoughtful perspective on how the industry has changed and what we need to do to keep up. We explore why identity is the real perimeter in today’s digital world, how businesses and individuals can be proactive rather than reactive, and what it really takes to build a security-first mindset. Jeff also shares why communication is just as important as tech when it comes to staying secure. Whether you're a cybersecurity professional or just someone trying to stay safe online, this conversation will leave you thinking differently about the role identity plays in your digital life. Show Notes: [00:54] Jeff Reich is the Executive Director of the Identity-Defined Security Alliance, a nonprofit focused on raising the level of awareness of identity and identity security. [01:52] Jeff began studying physics and astrophysics in school. He even taught in a planetarium. He also went into law enforcement. [03:10] He went into security and was planning on working at EDS, but he ended up at ARCO. He then moved to Dell computers and a financial services company. He started the security program at Rackspace and was also a research director at the University of Texas, San Antonio. [03:49] He is now enjoying the nonprofit space. [04:43] Not becoming a victim of a scam comes down to situational awareness. If you're receiving something from someone you don't know, assume it's hostile. [06:33] Jeff tells the story about when he was working at a hosting company, and he noticed clusters of servers turning from green to red and then back to green. [07:42] It turned out scammers were taking over customers' websites. It ended up being ransomware. [16:03] Be very aware of fake invoices and spoofed emails and scam phone calls. [20:18] They recently had identity management day 2025. They had a lot of presentations on what existential identity might mean to a certain individual or corporation. [21:57] People can protect themselves by using different email accounts. [24:34] Tips on protecting yourself when someone is impersonating you. [27:21] The future of identity should have big advances going forward that will involve AI. [31:40] Improved authenticator apps and DNA-based identity are in our futures. [36:22] Hackers are stealing credentials and logging into companies not breaking in. [39:01] Our identity needs to be protected more than an account number. [40:01] Clean house and get separate accounts for important things like banking. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/36820910

Your Car Is Spying On You What It’s Collecting and Who It’s Telling 06/11/2025

Your Car Is Spying On You What It’s Collecting and Who It’s Telling I used to think of my car as just a tool to get from point A to point B. But after this conversation, I can’t help but see it as something else entirely, a powerful data collection device that knows far more about me than I realized. From where I go and who I text to how I drive and even what’s on my phone, today’s vehicles are gathering a staggering amount of personal information. In this episode, I talk with Andrea Amico, the founder of . Andrea is one of the leading voices in automotive data privacy and someone who’s spent years uncovering the hidden ways cars collect, store, and share our information. He breaks down how connected cars work, what’s actually being tracked, and why it matters not just for your privacy, but for your safety and finances too. We get into everything from rental car risks and data left behind when you sell a car, to how automakers and third parties might be profiting off your data without your knowledge. If you’ve ever paired your phone with a vehicle or assumed your texts disappear when you disconnect, this episode is going to change the way you think about driving and how to take back control. Show Notes: [01:28] Andrea started because cars collect a lot of data. There were zero protections for privacy and security. He's dedicated to turning your car into a more private space and giving you more choice, understanding, and control. [02:25] We talk about when cars started collecting data. OnStar started about 25 years ago. Things really began to evolve when Bluetooth and navigation became common. [03:12] Things really exploded with modern telematics which is like putting a cell phone inside your car that calls home all the time. The average car collects around 25 GB of data per day. [04:08] We talk about the type of data that is collected by cars from GPS to having your phone collected and the car even knowing your weight. [05:26] The sensors in your car know exactly how you drive. [06:46] Informed consumers are better off. These data collecting policies are usually hidden in the car manufacturers privacy policies. [08:46] You can find your car's privacy policy at . [10:21] The goal is to make the car manufacturer's behavior visible to consumers, because that's the way to drive better company behavior. [11:26] When you rent a car and when you sell a car, your car is like a giant unencrypted hard drive that contains your data. [12:06] We should wipe the data in our cars the same way we wipe the data in our phones when we replace them. [13:05] You can find a tool to help remove data from your car at . [14:21] We talk about what rental cars get from your connected phone. [17:24] Found data can be used in targeted spear phishing attacks. [19:18] Most cars since 2017 have a SIM card. If a prior owner consented to data collection, that data is still being collected when you take over the car. [22:15] Ford estimated that they would make $2,000 per car per year from data services. [24:17] It's common for cars to even have a camera that looks at you. In a few years it might be common for vehicles to monitor for things like intoxication. [26:56] Organizations creating standards like the Future of Privacy Forum. [29:09] Cars have an EDR electronic data recorder. It's like a black box for when an accident happens. [34:05] Delete data when you buy, rent, or sell a car. Opt out if you can. [36:33] Think about your car just like your computers and your phone. [37:15] Andrea shares a story about how an ex-spouse was able to duplicate her key. The dealer wanted $1,000 to reset her car. [40:23] Parting advice includes looking up your car's VIN at Vehicle Privacy Report. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/36820780

Why Everyone’s A Target 06/04/2025

Why Everyone’s A Target Some scams are so convincing, they’re almost impossible to spot. With phishing emails that look like they’re from your bank, deep fake videos that mimic real people, and AI-generated messages that feel personal, it’s getting harder to know what’s real and what’s a trap. In this episode, I sit down with Gabrielle Hempel, a security operations specialist at Exabeam and a current law student at Purdue University. Gabrielle brings a sharp perspective shaped by years in cybersecurity, a master’s in cybersecurity and global affairs from NYU, and hands-on experience navigating everything from vulnerability management to executive risk consulting. She even wrote her graduate thesis on critical infrastructure security. We talk about the new era of digital deception, why younger people are actually falling for scams more often, and how criminals are using AI and current events to build trust and bypass defenses. Gabrielle shares practical advice, personal stories, and a fresh way to think about digital safety that could help you spot the next scam before it costs you. Show Notes: [01:09] Gabrielle has held quite a few jobs in cybersecurity. She's currently the Security Operations Strategist at Exabeam. [01:40] She's involved with anything to do with the internal security operation. [02:04] She majored in psychology and neuroscience. Working in Pharma and with medical devices led her to the path of cybersecurity. [04:34] We learn about an incident that she was involved in. Her parents were attempting to file their taxes with TurboTax, but they were flagged as already filing. This led to a lot of shenanigans with the IRS. [06:29] Most everyone has been a victim to some type of fraud or scam. [07:20] Our information is out there. It's more about staying vigilant and keeping an eye on things. [08:05] A lot of the current scams are blending with the cybercrime ecosystem. [09:17] AI has made it easier for people to craft more convincing phishing emails. [12:51] Are modern phishing emails getting through the spam filters more often? [15:48] How it's not retirees being the people most frequently caught in scams. [16:42] Why 20 to 29 year-olds frequently fall for scams. It could be because of their comfort with technology. [21:12] Better education surrounding threats might be a good idea for young people. [22:47] As scammers get more information about us, targeting will be easier. [24:32] Big trends are voice cloning and deep fakes. [27:51] Scams around shipping fees and tariffs are skyrocketing. [29:15] Advice includes adopting zero trust with communication. [33:10] If you're not expecting it. It's potentially suspect. [34:45] Best practices include doing your due diligence, and if you feel like something may not be legitimate go around and check. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/36820545

Child Exploitation Cyber Investigations 05/28/2025

Child Exploitation Cyber Investigations Technology is a double-edged sword. It can empower us, connect us, and solve problems, but it can also be used to exploit, manipulate, and harm. When it comes to protecting children online, that line gets especially thin. Digital forensics, AI-powered image classification, and global law enforcement collaboration are now essential tools for keeping families safe in a world that moves faster than most of us can keep up. Debbie Garner knows this world intimately. She’s a retired Special Agent in charge with the Georgia Bureau of Investigation and former commander of the state’s Internet Crimes Against Children Task Force. For years she led efforts to track down online predators and bring justice to survivors. These days she’s working in the private sector, serving on the boards of Raven and Revere Technologies, pushing for smarter tech solutions and stronger training to support those still on the front lines. In this episode we talk about the growing problem of online child exploitation, the reality of underfunded cybercrime units and the ways technology is being used to fight back. Whether you’re a parent, an educator or just someone who cares about kids online, you need to hear this. Show Notes: [00:58] Debbie shares her law enforcement background over 30 years. She even worked undercover buying crack! [02:19] She spent the last 8 years of her career as the Supervisor Special Agent in charge of GBI's Child Exploitation and Computer Crimes Unit. [02:45] Now that she's retired from law enforcement, she works in the private sector with technology companies. [05:36] It's become her passion, even in retirement, to help those who are victims of exploitation. [07:09] Most children are victimized by someone they know. There's also plenty of predators online. [08:55] There are multiple organizations that work on child exploitation investigations. [10:53] People in law enforcement do tend to prioritize these types of crimes. [12:12] We talk about how the investigations begin. [13:53] Cases have increased from 2400 tips a year to over 30,000. [15:17] There's never enough technology to keep up with the increase. [16:41] RAVEN is a lobbying group to request additional funding from Congress. [18:33] With over 30,000 tips last year Georgia made over 450 arrests. [22:13] There's now technology that will help find CSAM on phones. There are also some amazing investigations on the dark web. [25:15] OSINT is helping investigate and it's a collaborative community. [27:55] Channels to report exploitation. Start with the platform, then National Center for Missing and Exploited Children, and law enforcement. [31:34] Don't put images on the internet. Websites like Take It Down can help with images of underage people and Take It Down can help adults. [33:43] Always mention if the person is underage when you make a report. [34:10] Talk to your kids and start early with age appropriate conversations about CSAM. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/36296685

Reclaiming the Internet 05/21/2025

Reclaiming the Internet We may not always understand the evolution of the internet and how tech monopolies exist, but having digital freedom fighters is vital to making conscious change. Today's guest is Cory Doctorow. Cory is a science fiction author, activist, and journalist. He is the author of many books and most recently, Picks and Shovels, The Bezel, and The Lost Cause, a solar punk science fiction novel of hope amidst the climate change emergency. His most recent nonfiction book is the internet con How to Seize the Means of Corruption, a big tech disassembly manual. Other recent books include Red Team Blues, a science fiction crime thriller. In 2020, he was inducted into the Canadian Science Fiction and Fantasy Hall of Fame Cory talks about the slow decline of online platforms and has spent decades fighting for digital rights, fair tech policy and a better, freer internet. His work spans peer to peer networks to antitrust reform and his books—fiction and nonfiction—have become battle cries for tech reformers and digital freedom fighters around the world. In this episode we talk about how we got here, what Cory sees as the most urgent threats to digital freedom and the small cracks in the system that might finally let the light back in. From jailbreaking laws and app store monopolies to what comes after big tech’s dominance, Cory shares a roadmap for reclaiming the internet—not just as consumers but as citizens. Show Notes: [00:59] Cory shares his background. He's a science fiction novelist, activist, and journalist. He worked with the Electronic Frontier Foundation for over 23 years. [01:20] Cory has written more than 30 books. Most of them are science fiction novels. He's also co-owner and was co-editor for 19 years for the blog Boing Boing. [02:43] Being born in 1971 with a computer scientist father meant they had teletype terminals in the house. [04:01] Cory shares his interesting and pioneering internet and tech history. [05:17] We learn about the origins of Cory's love for science fiction. [07:21] Cory shares a story about how he was mentored by Judy Merril. [09:08] Cory talks about the internet and the changes we've seen from modems and memory cards to FidoNet to now. [15:09] Currently, he's as worried about the internet as he is excited about its potential. [16:13] He's concerned about the internet becoming a powerful tool of surveillance and control. [18:46] Possible paths forward or hill climbing and reevaluating. [22:00] We discuss why printer ink is $10,000 a gallon. It's about laws protecting big tech. [29:45] The hopeful optimistic view of the internet. We're close to making positive changes. [32:31] Advice for consumers is to be a citizen. [34:16] Cory talks about the Electronic Frontier Alliance or EFA. [45:30] Talking about Cory's books and art. [46:31] He says he writes when he's anxious. He talks about his book Red Team Blues. He wrote the last book first and realized that you can write in any order. [49:01] Bizarre early computers and the storyline of the new. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/36296045

Security Gaps Hackers Exploit 05/14/2025

Security Gaps Hackers Exploit Scammers aren’t just phishing your inbox anymore—they’re impersonating your voice, your face, and even your coworkers. Deep fakes and social engineering have moved beyond clever tricks and become powerful tools that bad actors are using to infiltrate businesses, breach accounts, and dismantle trust at scale. What used to take a hacker hours and expensive tools can now be done in minutes by anyone with a Wi-Fi connection and a little malicious intent. Our guest today is Aaron Painter, CEO of Nametag, a company leading the charge in next-generation identity verification. Aaron’s background includes 14 years at Microsoft and executive roles in cloud tech across Europe and Asia. After witnessing firsthand how easily identity theft could unravel lives—especially during the shift to remote everything—he founded Nametag to answer a critical question: how can we know who’s really behind the screen? With Nametag, Aaron is building real-time, high-security ID checks that are already reshaping how help desks and businesses protect users. In this conversation, we unpack the difference between authentication and identity, why traditional methods like security questions are dangerously outdated, and how mobile tech and biometrics are changing the game. Aaron also shares practical tips on protecting your most valuable digital asset—your email—and what consumers and companies alike can do to stay ahead of evolving threats. This one’s packed with insight, and more relevant than ever. Show Notes: [00:54] Aaron is the CEO of Nametag. A company he started 5 years ago that focuses on identity verification at high-risk moments. [01:37] He spent 14 years at Microsoft working on product including at Microsoft China. He also ran a cloud computing company that was AWS's largest partner in Europe. [02:12] When everything went remote in 2020, he discovered that there were identity verification issues over phone lines. [03:03] He began building technology that will help accurately identify people when they call in to support or help desks. [04:22] Most of what we think of as identity is really just authentication. [07:41] A common new challenge is the rise of remote work and people having to connect remotely. The rise of technologies that make it easier to impersonate someone is also a problem. [10:38] Knowing who you hire and who you're working with matters. [11:03] Deep fakes and voice cloning has become so much easier. [15:47] How platforms have a responsibility to know their users. [18:11] How deep fakes are being exploited in the corporate world. [19:30] The vulnerability is often the human processes. Back doors and side doors are deleting ways that companies are breached. [23:53] High value accounts and companies that know they have something to protect our early adopters of Aaron's technology. [24:50] Identity verification methods including using mobile phones. The device has cryptography. [27:07] Behavioral biometrics include the way we walk or the way we type. [29:56] If you're working with a company that offers additional security tools, take them up on it. [34:04] Dating sites are starting to do verification profiles. [43:07] We all need to push for more secure ways to protect our accounts. [43:48] The importance of protecting your email. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/36279105

Cyber Warfare 05/07/2025

Cyber Warfare Cyber warfare is no longer something that happens behind closed doors or in some far-off digital corner. It's happening now—and reshaping the rules of conflict in real time. Drone strikes controlled by apps, ransomware attacks on hospitals—today's battleground is just as likely to be online as on the ground. That science fiction scenario is now a critical, constant threat-the kind that affects us all globally. I'm really excited to introduce you to Dr. Chase Cunningham. He's a retired Navy chief cryptologist with a wealth of experience in cyber operations for the NSA, CIA, FBI—and more. He's the one who pioneered zero-trust security strategies and advises top decision-makers in government and private industry. That gives him a front-row seat to how digital warfare is evolving—and what that means for all of us. He's also the author of Cyber Warfare and the gAbriel Series, where his real-world expertise comes to life in stories that are chillingly plausible. We talk about how cyber conflict is already playing out in Ukraine, how different threat actors operate—and why critical infrastructure is such a tempting target. Chase shares practical advice on what individuals and small businesses can do to better protect themselves. We also look at what governments are doing to defend against these growing threats. That conversation is eye-opening-and urgent. You won't want to miss it. Show Notes: [01:21] Chase is a retired Navy Chief and a cryptologist. He also worked at the NSA. He also put Zero Trust in the formal practice at Forrester research. [03:24] We learn how Chase got involved with computer work and cryptology. [05:29] We're seeing cyber war play out in real time with Russia and Ukraine. [07:13] We talk about the future of war and drones. [08:31] Cyber warfare is just the natural evolution of conflict in the digital space. It's the bridge between espionage and kinetic activity. [09:40] Chase talks about the different actors in the cyber warfare space and their primary targets. [12:05] Critical infrastructure includes oil and gas, piping, water systems, healthcare, and even schools. [14:12] Some of the unique issues with dealing with the attacks from cyber criminals. [19:20] How the CCP plays 3D chess. [22:26] Reducing risk and protecting ourselves includes following best practices. [25:10] What the government is doing to try to mitigate cyber risk. [27:23] Chasing money and finding cyber crime. [32:04] A lot of valuable assets are being developed in the context of war. [35:06] Chase talks about some of the things he covers in his book. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/35944005

DDoS Attacks 04/30/2025

DDoS Attacks Scammers are getting smarter, understanding the psychology behind social engineering and the challenges companies face every day can help keep networks secure. This episode will show how to anticipate these threats and secure networks against ever-changing vulnerabilities. We’ll focus on practical, real-world solutions to protect data and trust. Dr. Jared Smith joins us to share his insights from his role leading research and development at SecurityScorecard. He also co-founded UnCat, a B2B accounting technology company serving thousands of customers and teaches as an adjunct professor at the University of Tennessee, Knoxville and NYU. His experience shows why social engineering is so effective and how companies can adapt to a world where attackers are always refining their techniques. This episode shows how even small oversights or minor issues can lead to big breaches. Dr. Smith shares concrete steps to strengthen defenses, and why we need both technical solutions and employee awareness. By looking at the psychology behind the attacks, he’ll show that staying one step ahead depends on using smart security tools and a culture that recognizes vigilance at every level. Show Notes: [01:19] Jared is a distinguished thought researcher at SecurityScorecard. He's built systems and helps vendors monitor and secure their networks. He also has a PHD in computer science. He focuses on Border Gateway Protocol or BGP. [02:16] He was also a high clearance government national security researcher. [03:02] Jared shares a story about how sophisticated phishing scams are becoming. [08:43] How large language models are making more sophisticated social engineering possible. [10:26] The importance of thinking about cybersecurity needed in the next 10 years. [11:02] BGP is like the plumbing of the internet. BGP poisoning breaks the typical internet traffic route. It's very nuanced traffic engineering that uses the Border Gateway Protocol. [13:34] BGP is also useful when you have multiple internet connections and one goes down. [14:20] The most sophisticated DDoS works are called link flooding attacks, where they identify links that have a certain amount of bandwidth, and they flood that specific border gateway protocol link, effectively segmenting the internet in those places. [15:39] Managing DDOS attacks and where the traffic comes from. [16:02] Being aware of botnets, because they are what's rented out or being used for these attacks. [17:32] Lizard Squad launched DDoS as a service. [21:00] Attackers try to get the actual IP addresses from behind a CDN. [23:41] How AWS has the ability to manage large amounts of traffic. [25:24] There are some DDoS that just require sending enough traffic to fill up the buffers on the other side of the application. [28:15] The size of a botnet for DDoS to take down a big network like X. We explore potential paths for these attacks. [32:21] We talk about the uptick on attacks during tax season. A large accounting firm with a lot of clients could be spoofed. [36:50] The predominant attacks are coming from organized cybercrime groups and ransomware groups. [45:40] The vast majority of large networks taken out are usually a result of user error. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/35943965

Safe AI Implementation 04/23/2025

Safe AI Implementation Red models associated with AI technologies highlight real-world vulnerabilities and the importance of proactive security measures. It is vital to educate users about how to explore the challenges and keep AI systems secure. Today’s guest is Dr. Aditya Sood. Dr. Sood is the VP of Security Engineering and AI Strategy at Aryaka and is a security practitioner, researcher, and consultant with more than 16 years of experience. He obtained his PhD in computer science from Michigan State University and has authored several papers for various magazines and journals. In this conversation, he will shed light on AI-driven threats, supply chain risks, and practical ways organizations can stay protected in an ever-changing environment. Get ready to learn how the latest innovations and evolving attack surfaces affect everyone from large companies to everyday users, and why a proactive mindset is key to staying ahead. Show Notes: [01:02] Dr. Sood has been working in the security industry for the last 17 years. He has a PhD from Michigan State University. Prior to Aryaka, he was a Senior Director of Threat Research and Security Strategy for the Office of the CTO at F5. [02:57] We discuss how security issues with AI are on the rise because of the recent popularity and increased use of AI. [04:18] The large amounts of data are convoluting how things are understood, the complexity is rising, and the threat model is changing. [05:14] We talk about the different AI attacks that are being encountered and how AI can be used to defend against these attacks. [06:00] Pre-trained models can contain vulnerabilities. [07:01] AI drift or model or concept drift is when data in the training sets is not updated. The data can be used in a different way. AI hallucinations also can create false output. [08:46] Dr. Sood explains several types of attacks that malicious actors are using. [10:07] Prompt injections are also a risk. [12:13] We learn about the injection mapping strategy. [13:54] We discuss the possibilities of using AI as a tool to bypass its own guardrails. [15:18] It's an arms race using AI to attack Ai and using AI to secure AI. [16:01] We discuss AI workload analysis. This helps to understand the way AI processes. This helps see the authorization boundary and the security controls that need to be enforced. [17:48] Being aware of the shadow AI running in the background. [19:38] Challenges around corporations having the right security people in place to understand and fight vulnerabilities. [20:55] There is risk with the data going to the cloud through the LLM interface. [21:47] Dr. Sood breaks down the concept of shadow AI. [23:50] There are also risks for consumers using AI. [29:39] The concept of Black Box AI models and bias being built into the particular AI. [33:45] The issue of the ground set of truth and how the models are trained. [37:09] It's a balancing act when thinking about the ground set of truth for data. [39:08] Dr. Sood shares an example from when he was researching for his book. [39:51] Using the push and pretend technique to trick AI into bypassing guardrails. [42:51] We talk about the dangers of using APIs that aren't secure. [43:58] The importance of understanding the entire AI ecosystem. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/35943905

The Art of Espionage 04/16/2025

The Art of Espionage What makes someone betray their country? It’s rarely just about money. In this episode, you’ll hear from a retired CIA officer who spent 25 years recruiting foreign spies by tapping into something deeper than greed. Jim Lawler shares real stories from his career in human intelligence, where persuasion was built on empathy, trust, and understanding what truly drives people. From failed pitches to high-stakes successes, he explains the psychology behind espionage, how personal stress becomes a powerful leverage point, and why most people who commit treason believe they’ve been betrayed first. Whether you’re curious about spycraft or just want a better grasp of human behavior, this conversation pulls back the curtain on how people can be influenced to cross the line. Show Notes: [00:50] Jim was a CIA operations officer. His job was to recruit foreign spies for the CIA. [01:21] Most of his career was about battling weapons of mass destruction. His specialty was human intelligence and recruiting foreign spies was the backbone of that. [02:32] He's now a speaker and a teacher. He's also written three spy novels. [03:02] MICE Framework: Money, Ideology, Coercion, and Ego. [05:11] Jim shares a story from one of his first recruitment pitches. He also found out that revenge is a driving force for espionage. [11:58] Polygraph tests are stress detectors. [15:16] Divorce is one of the most psychologically tumultuous times in a person's life. When recruiting, Jim would become their best friend because he never once recruited a happy person. [16:07] He would study the crack system like a rock climber. He was a keen listener and very curious. [17:33] Empathy and patience were everything when recruiting spies. [20:21] Jim talks about the metaphysics, which is like a neural link where he would put out what he would envision as an invisible link to the brain of his recruits. [22:11] If something is too good to be true it is. [23:45] As a recruiter, he had to manipulate, exploit, and subvert people to get them to do what he wanted them to do. [27:58] Jim believes in treating people the way he would like to be treated. He was sincere with his actions. [28:35] He believes in using his powers of persuasion for good. [32:43] Over 90% of the people he pitched became assets. [33:48] Jim explains what a cold pitch is and the objective to get the second meeting. [36:58] His novels are thinly based on operations he did. A lot of his stories are based on things that he has done or things that his colleagues have done. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/35943870

Understanding Ransomware and Defense Strategies 04/09/2025

Understanding Ransomware and Defense Strategies When it comes to cybersecurity, most people think about firewalls, passwords, and antivirus software. But what about the attackers themselves? Understanding how they operate is just as important as having the right defenses in place. That’s where Paul Reid comes in. As the Vice President of Adversary Research at AttackIQ, Paul and his team work to stay one step ahead of cybercriminals by thinking like them and identifying vulnerabilities before they can be exploited. In this episode, we dive into the world of cyber threats, ransomware, and the business of hacking. Paul shares insights from his 25+ years in cybersecurity, including his experience tracking nation-state attackers, analyzing ransomware-as-a-service, and why cybercrime has become such a highly organized industry. We also talk about what businesses and individuals can do to protect themselves, from understanding threat intelligence to why testing your backups might save you from disaster. Whether you're in cybersecurity or just trying to keep your data safe, this conversation is packed with insights you won’t want to miss. Show Notes: [00:58] Paul is the VP of Adversary Research at AttackIQ. [01:30] His team wants to help their customers be more secure. [01:52] Paul has been in cybersecurity for 25 years. He began working in Novell Networks and then moved to directory services with Novell and Microsoft, Active Directory, LDAP, and more. [02:32] He also helped design classification systems and then worked for a startup. He also ran a worldwide threat hunting team. Paul has an extensive background in networks and cybersecurity. [03:49] Paul was drawn to AttackIQ because they do breach attack simulation. [04:22] His original goal was actually to be a banker. Then he went back to his original passion, computer science. [06:05] We learn Paul's story of being a victim of ransomware or a scam. A company he was working for almost fell for a money transfer scam. [09:12] If something seems off, definitely question it. [10:17] Ransomware is an economically driven cybercrime. Attackers try to get in through social engineering, brute force attack, password spraying, or whatever means possible. [11:13] Once they get in, they find whatever is of value and encrypt it or do something else to extort money from you. [12:14] Ransomware as a service (RaaS) has brought ransomware to the masses. [13:49] We discuss some ethics in these criminal organizations. Honest thieves? [16:24] Threats look a lot more real when you see that they have your information. [17:12] Paul shares a phishing scam story with just enough information to make the potential victim click on it. [18:01] There was a takedown of LockBit in 2020, but they had a resurgence. It's a decentralized ransomware as a service model that allows affiliates to keep on earning, even if the main ones go down. [20:14] Many of the affiliates are smash and grab, the nation states are a little more patient. [21:11] Attackers are branching out into other areas and increasing their attack service, targeting Linux and macOS. [22:17] The resiliency of the ransomware as a service setup and how they've distributed the risk across multiple affiliates. [23:42] There's an ever growing attack service and things are getting bigger. [25:06] AttackIQ is able to run emulations in a production environment. [26:20] Having the ability to continuously test and find new areas really makes networks more cyber resilient. [29:55] We talk about whether to pay ransoms and how to navigate these situations. [31:05] The best solution is to do due diligence, updates, patches, and separate backups from the system. [35:19] Dealing with ransomware is a no win situation. Everyone is different. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/35790510

Privacy and Surveillance 04/02/2025

Privacy and Surveillance Ever had that creepy feeling someone's watching you online? Now imagine if that feeling was actually your reality, not just your browsing history being tracked, but cameras following your every move on the street, your conversations being monitored, your payments scrutinized. For our guest Josh Summers, this wasn't some dystopian nightmare, it was his daily life. Josh isn't your typical privacy advocate. As the creator behind All Things Secured (both a website and YouTube channel), his passion for digital privacy was forged through nearly 20 years living abroad, much of it in China. There, he didn't just read about surveillance, he lived under its shadow, using VPNs to bypass censorship and experiencing the gut-wrenching moment of being detained and questioned by Chinese authorities. In our revealing conversation, Josh pulls back the curtain on what government surveillance actually feels like from the inside. He shares how these experiences transformed a personal survival strategy into a mission to help others protect themselves in our increasingly watched world. We dive into how surveillance actually works from those eerily accurate facial recognition systems to the GPS tracking that follows your every move, and the countless ways big companies turn your personal information into profit. Josh not only makes us aware of potential problems, he offers real-world solutions that balance security with the convenience we all crave. With Josh's guidance, we discover surprisingly simple ways to shield our digital lives from encrypted messaging apps that keep conversations private, virtual credit cards that protect your finances, and alternative mailing addresses that safeguard your physical location. He also reveals the hidden dangers lurking in those so-called smart devices scattered throughout your home, and explains why privacy matters even if you think you have nothing to hide. Show Notes: [00:34] Josh is the host of All Things Secured. He wants to help people become a hacker's worst nightmare. [01:30] Josh, his wife, and children lived in China. There was censorship and social platforms were blocked. [02:05] He began using VPNs. Over the decade there, every type of surveillance was used. [03:34] He had a travel site and walked around with a camera. [04:03] In 2018 he was detained by the government. It was scary and he realized the rights he was giving up when traveling to other countries. [05:53] He was kicked out of China, and became more conscious of the pervasive mass surveillance. [08:40] He was severely outmatched with the psychological tricks of the interrogators. [12:57] Even if surveillance is legal, that doesn't make it ethical. [13:18] Small consistent steps towards privacy will make us less of a target. [14:25] Josh talks about ways that we are being monitored from cameras to facial recognition. Digital currencies track what we purchase. [17:04] Facebook has so many files on us. Being tracked online adds up. [21:07] There are ways to build a privacy moat around your digital life and still stay in contact with friends and family. [22:27] Steps for practical privacy include being careful about how you share data, encrypted alternatives, and use masking services to reduce your digital footprint. You can also use virtual credit cards. [31:46] We talk about using peer-to-peer payment apps. [34:12] When your habits and your contacts are public, it makes it easier to social engineer. [35:29] Virtual mailboxes can add additional privacy. [39:50] Issues with IoT devices include how it's being stored, transmitted, and shared. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/35612075

Navigating Data Brokering and Privacy 03/26/2025

Navigating Data Brokering and Privacy In a world where data is more important than ever, understanding how it is acquired, shared, and misused is critical. Data brokers work behind the scenes, amassing enormous amounts of personal information from online activity, loyalty programs, and even public records, often without the users' knowledge. This data powers targeted marketing, scams, and even identity theft. But what can be done to regain control of personal privacy? Today we're diving deep into this topic with cybersecurity expert Darius Belejevas, who has spent years assisting folks in removing their data from these digital marketplaces. He is the head of Incogni and Surfshark. In this chat, Darius is going to share how these sneaky data brokers operate. He'll break down why it's such a big deal when our data gets out there for all to see, and he'll arm us with some solid strategies to keep our privacy intact. We’ll also look at practical tactics that everyone can apply to limit their exposure to hackers. We’ll discuss data sharing, using privacy-focused products, and understanding legislation like GDPR and CCPA. We also dive into the shifting landscape of digital security, the role of AI in data collection and fraud, and what the future of online privacy may look like. Show Notes: [01:01] We learn about Darius's background. [02:16] We learn about the creation of Incogni. [04:04] Data brokers are businesses who collect data and sell it to other businesses. One problem can be lack of transparency of what is happening to your data. [07:19] There are probably a few thousand data brokers. [09:36] Does removing your data get you out of a breach? [10:48] Limiting what we share. Prevention, consequences, and clean up. [12:22] When giving identifiers like your phone number, stop and ask if you really need to do that. [14:10] Some brokers make it way more difficult to remove data. [20:13] We talk about privacy regulations and how they can help you or make things more difficult. [22:12] How AI will make malicious activities easier to scale. [23:41] Have people given up on privacy? At the end of the day, it's about personal comfort. [25:00] Privacy laws are helping with data broker issues. [26:59] Being mindful about what you post online. Many people don't want to share too much. [29:56] Physical junk mail has decreased. [30:52] What to do today. Think about what you want to share. Do you really need to subscribe? [32:21] Use a service like Incogni to help you protect your data. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/35513315

Be Your Own Fraud Prevention Hero 03/19/2025

Be Your Own Fraud Prevention Hero Getting defrauded is common. It happens everywhere but it’s underreported because of embarrassment. If you’re a victim of fraud the sooner you report the more likely you are to get a better outcome. To learn more about fraud I’m pleased to welcome Marc Evans, a seasoned financial crimes detective and co-founder of Fraud Hero, who has spent over a decade investigating fraud schemes that affect everyday people. With expertise in social engineering, money laundering and credit card scams he has spent his career uncovering the ways criminals use to exploit victims. His passion for fraud prevention comes not only from his investigative experience but also from his personal experience of identity theft which almost derailed his entry into law enforcement. Through his work Marc has recovered millions of dollars for victims and trained thousands of people on how to recognize and prevent fraud before it happens. In this episode Marc lifts the lid on the evolving world of financial fraud, revealing the most common scams and the sophisticated tactics criminals use to stay one step ahead of their victims. From bank imposters to phishing scams and CEO fraud he breaks down how these crimes work, why they are so effective and how law enforcement is trying to disrupt them. He also shares practical steps individuals and businesses can take to protect themselves including monitoring of financial accounts, reporting fraud quickly and using digital security tools. Beyond his law enforcement career Marc’s passion for fraud prevention extends into his entrepreneurial venture Fraud Hero where he educates the public on how to protect themselves from financial deception. He believes knowledge is power and has developed resources to help individuals secure themselves personally and financially. As fraud continues to rise with criminals getting more resourceful and brazen, Marc's mission remains the same – to empower people to be their own first line of defence. Show Notes: [01:10] Marc is a fraud and financial crimes detective. He's worked with law enforcement and is a certified fraud examiner and training coordinator. He also started Fraud Hero to help stop fraud and prevent people from becoming victims. [02:14] He's always been passionate about preventing fraud. [04:25] Marc was still learning when he began his fraud fighting career. [05:52] He sees all types of fraud. He's also seen a lot of social engineering tactics and imposter scams. [07:15] Marc has recently seen a lot of bank imposters. This includes a lot of email and message phishing attacks. [08:30] Scammers are being more specific now. When they call they even know the victims financial institution. [09:49] When it comes to getting your money back from the bank it depends on how long before you file your report. [11:44] Tricky scammers not using the sense of urgency tactic. [15:25] Marc talks about how quickly money can be withdrawn by scammers, [18:40] If a bank calls with a fraud situation, they can respond quickly. [21:12] Fraud has been increasing as criminals way risk versus reward. [22:11] Prosecutors are beginning to understand better how fraud works and increasing charges. [24:03] How stealing mail is the tool of the fraudsters. [26:35] Benefits of informed delivery. [31:26] The number of victims reporting crime is really low. [33:34] Phone number and email spoofing are starting to look more legitimate with AI. [35:39] Educating people is the main goal. [41:13] Using digital wallets and keeping your cards safe. [43:43] Banks want you to show the police report when reporting fraud. [45:18] Don't be afraid to learn, reach out, and share what's happened to you. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/35512660

Empowering the Vulnerable 03/12/2025

Empowering the Vulnerable In cybersecurity, we need to understand the mindset of hacking, which is not ethics. We also need to realize that even if we have cybersecurity experts get hacked, there is no reason to feel embarrassed or ashamed when it happens to us. In today’s show we’re going deep into the world of cybersecurity with one of the industry’s most seasoned experts, Sam Curry. With over 30 years of experience in information security, Sam has been defending against cyber threats, shaping security strategies and mentoring the next generation of cyber professionals. Currently the Global VP and CISO-in-Residence at Zscaler, Sam has also held leadership roles at companies like RSA, McAfee and Arbor Networks where he helped pioneer innovations in VPN technology and personal firewalls. But cybersecurity isn’t just about firewalls and encryption—it’s about mindset. Sam joins us to talk about the hacker mentality, zero-trust security and why even the best security professionals get hacked. From his early days in cryptography to mitigating major cyber breaches Sam shares his insights on how businesses and individuals can defend themselves in a digital world. If you’ve ever wondered how cybercriminals think, how AI is changing the security landscape or what you can do to stay one step ahead then this episode is for you. Show Notes: [00:55] Sam is Global VP and CISO-in-Residence at Zscaler. For the last 32 years, he's been involved in every part of security at some point. [01:23] He teaches cyber and used to run RSA Labs at MIT. He currently teaches at Wentworth Institute of Technology, and he also sits on a few boards. [02:41] We learn how Sam ended up working in cyber security. He has patents in VPN technology, and was one of the co-inventors of the personal fire law which was sold to McAfee. [04:14] There were security principles before 1996. [07:38] Sam feels a need and a mission to protect people. It's very personal to him. [08:40] He was there for the breach that RSA had. He's also been spearfished. [12:47] The shepherd tone is an audio illusion that makes sound that can make people sick because it sounds like it's always increasing. [16:31] Scams are way under reported because people are too embarrassed to report them. [19:31] Challenges of keeping security up. In peacetime we have to remember to build resilience and be antifragile. [22:10] Zero trust is a strategy and architecture for minimizing functionality. [28:14] There are immediate benefits from a security perspective to start creating zero trust. [30:17] Problems need to be defined correctly. [33:03] Even people who've done incredible research on hacking techniques have gotten hacked. There's no shame in it. [34:02] We need the hacker mindset. It's an important part of the human community. [36:44] The importance of making things easier to understand. [38:18] Advice for people wanting to get into cybersecurity is being just this side of ready and tackling things that are a little too big and a little too scary. Also find allies and a network. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/35461960

How Not to Money with Joel Larsgaard 03/05/2025

How Not to Money with Joel Larsgaard Managing money isn’t about numbers, it's about making informed decisions that shape your future. Whether you’re a seasoned saver or just starting out on your financial journey understanding the basics of personal finance can make all the difference. Today’s guest Joel Larsgaard has been helping people take control of their finances for over 15 years. As the co-host of How To Money and a weekly radio show Joel breaks down the often confusing world of personal finance. His passion for financial literacy comes from personal experience and he’s been recognized for his work including being on the Forbes Advisory Board. In this episode we’ll cover common financial mistakes, smart saving strategies and how to avoid financial pitfalls so you can make better money decisions. Show Notes: [00:53] Joel co-hosts the How To Money podcast with his best buddy Matt. It's about helping people learn how to handle their finances well. [01:29] So many people are missing the information they need about money, yet it's a tool that touches every aspect of our lives. [02:32] Joel's parents had money troubles. He always wanted to learn about money so he wouldn't have problems. He also worked for Clark Howard who was a consumer advocate and money guy. [05:30] Everyone has different dreams and financial goals. [06:29] We learn Joel's scam story. A kid sold him fake Blockbuster gift cards. [08:32] Common financial traps include not saving enough and not tracking expenses and knowing where the money is going. [09:15] Knowing where your money is going is the first step to finding leaks. [10:38] Using credit cards and discriminately buying now and paying later is another big pitfall. A lot of people are using BNPL on top of credit cards. [12:04] You have to have a plan. Know your debts, know your interest rates. Where's the Gap where you can find extra savings? [13:30] Paying off your debt feels amazing. [14:58] Online budgeting software can make it easier. [16:00] Think of a budget as not being restricted but something that helps you accomplish what you want. [18:08] Once you write it down, you're dealing with reality. [20:11] The joy of spending your money proactively on what you want and cutting back on other things. [21:08] Finding savings by shopping for insurance yearly. [22:56] You can also save with a defensive driving course. [23:41] Look at subscriptions and bundling. Sign up with deals. Keep track of when you should cancel. [28:11] Bank loyalty will cost you money. [29:29] There are some highly competitive online savings accounts like CIT, Discover, and Ally. [31:29] Be sure the online bank you are doing business with is FDIC insured. Make sure you're dealing directly with the bank. [33:30] Tips for looking for legitimate investments. Simplicity trumps most things. [34:59] Building wealth slowly with average returns. [42:00] There are a lot of wealth building options open for people who aren't making a lot of money. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/35314525

Brushing Scams with Venkat Margapuri 02/26/2025

Brushing Scams with Venkat Margapuri Scams come in many forms but receiving a freebie from a scammer doesn’t make sense. If something shows up at your door that you didn’t order, should you be worried? Brushing scams are becoming more common and while they may seem harmless at first they can be a gateway to fraud, identity theft and financial loss. Today we’re diving into how these scams work, why they exist and the real dangers behind them. Our guest is Dr. Venkat Margapuri, an assistant professor of computer science at Villanova University. His research focuses on AI applications in agriculture and healthcare but he’s also spent time studying online fraud and digital security. He’s here to help us understand what’s really going on when scammers send you something for free and most importantly what you should do about it. Show Notes: [00:44] Venkat is an assistant professor in the department of computer science at Villanova University. A lot of his research is focused on artificial intelligence, image processing, and security. [01:53] Brushing scams are where you receive products that you haven't ordered. It's a fraudulent e-commerce scheme. They try to get reviews or add additional sales for their product. [04:48] Venkat explains why it's not a good idea to scan those QR codes in products. You don't want to put your credentials into the website. [05:41] This is where brushing leads to phishing scams by getting people to enter information into a fake website. [06:20] The major risk of receiving these packages is identity theft. [09:30] Scam charges on Amazon can be used to verify stolen credit card credentials and overconfidence often leads to being scammed. [10:52] We discuss where these scammers find people's addresses. [13:05] A lot of scammers are really smart people who got into the wrong business. Key qualities include narcissism and psychopathy. [17:05] When you receive these packages just dispose of them. Don't scan the QR codes. [21:25] A scam where they send emails with the link to free Apple Gift Cards. Be careful about what you post on social media. [22:43] Assume unsolicited contact is a scam. [23:50] Don't share personal information. Look out for things that are out of the norm. [27:04] Venkat talks about advance fee scams. [28:14] Being careful about geographic perceptions. [31:18] Be cautious if you are being rushed. [32:18] Whenever you suspect something isn't right, err on the side of caution and don't do it. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/35314315

Ransomware, Phishing and Fraud 02/19/2025

Ransomware, Phishing and Fraud Cybersecurity isn't just a concern for large corporations. It's vital for businesses of all sizes. It's essential for companies to know how to protect sensitive data, restore from backups, and regularly test their systems with internal pen tests to keep their teams safe. Today's guest is Bryce Austin. Bryce is the CEO of TCE Strategy, a cybersecurity advisory firm. They provide vulnerability scans, penetration tests, fractional CISO services, and incident response services. He is also a professional speaker on ransomware. Bryce is the fractional CISO to many companies, including one on the S&P 500. We talk about the key aspects of cybersecurity for businesses, and how to be proactive with patching, training and strong password management. He shares his experiences with major cyber incidents including ransomware, phishing and the Target breach, and how defense in depth, backups and financial controls are key. Bryce also mentioned the use of password managers, regular vulnerability scanning and external monitoring to increase cyber resilience. We share practical tips for all businesses to protect against ever changing cyber threats. Show Notes: [00:59] Bryce started TCE Strategy in 2016. It's their goal to keep their clients one step ahead of cybercriminal risk. [01:32] He has a degree in chemistry. Technology was just for fun. He ended up working in the payroll space which was ripe for cyber security concerns. [03:00] He was really pushing cybersecurity and then their company was purchased by Wells Fargo. It ended up being amazing training for starting his own cybersecurity business. [05:24] Bryce shares how he was affected by the Target security breach. He ended up unemployed and was deeply affected by food stamp requirements for his family. [07:34] He wanted to make sure he would never go through this again and started his company. [08:19] His public speaking began in 2011. [09:17] He was indirectly affected by the Target breach, and he also shares his indirect personal one. [12:59] Bryce was actually spearfished in 2018. [14:36] Incident response is when something happens from a cybersecurity standpoint and damage has occurred. Oftentimes data is encrypted. This is a ransomware attack. [17:18] Bryce tells the story about how a hotel was hacked and a large payment was able to be intercepted. [18:31] Phishing attacks are where someone clicks on a bad link. [20:38] His biggest Christmas gift was none of his clients getting hacked. [21:05] They also had a ransom demand where they had to pay a million dollars. [23:02] If they would have been looking harder this wouldn't have happened. [26:26] Issues with hooking up to the Internet and having default passwords. [28:07] Why it's impractical to make ransomware illegal. [31:12] Even criminals have a reputation to uphold and usually hand over the encryption key. [33:56] Bryce talks about some of the preventative things that people can do. [34:47] Be proactive and have diligent patching. [35:37] Don't use the same passwords over and over. Use a password keeper. [36:54] Have offline backups. [38:09] Follow all processes and procedures when moving money. Use unique passwords. [39:27] It's important to encrypt your backups. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: (612) 730-9897. /episode/index/show/easyprey/id/35083040

CISOs: The Ultimate Stress Test With Jill Knesek 02/12/2025

CISOs: The Ultimate Stress Test With Jill Knesek The CISO role is constantly changing. With all the shifts in cybersecurity, it's crucial to find ways to attract new talent to close the growing skills gap. CISOs now juggle complex systems managed at multiple levels and handle burnout amongst many other responsibilities. Today's guest is Jill Knesek. Jill is the Chief Information Security Officer for Blackline, a company that does financial SaaS solutions. It’s based out of the Los Angeles area. She’s been there almost three years now as the CISO, running the information security team. She previously served as Chief Security Officer for BT Global Services. She has more than 15 years' experience directing security programs, including service as a special agent for the FBI assigned to the Cyber Crime Squad in Los Angeles Field Office, where she was involved in several high-profile cases, including Kevin Mitnick. In this episode, we cover the CISO role evolving from low visibility to a C-level position, managing multi-cloud infrastructures and aligning with other teams and the ongoing cybersecurity skills gap and burnout. Jill also talks about incident response and crisis management and collaboration within the cybersecurity community to fill the blind spots and strengthen the defenses. Show Notes: [01:23] She's now the Chief Information Security Officer for Blackline, a company that does financial SaaS solutions. [02:00] She was also an FBI special agent for 3 and 1/2 years working cybercrime. She was super excited, because this was her lifelong dream. [03:35] She loved the FBI, but she knew she could do more for the industry on the private side. [04:21] Jill talks about how the CISO role has evolved. It's now a C-level position. [06:26] Some of the boards were very interested in what was going on with security. There has to be a balance with funding and proving your success. [07:39] Now complexity is an issue. [09:03] The cloud adds so many connecting services. [11:45] CISOs are getting more responsibility and need more qualified people in their teams. There's a gap with not enough people coming into the cybersecurity industry. [12:30] How the idea of stress and working nights and weekends can deter some graduates from the cybersecurity industry. [15:15] Boards and executive committees expect the CISO to be right in the middle of things. They want real-time updates and to know what everyone is working on right now. [17:47] The importance of keeping a calm level-headed view when something goes wrong. [21:41] We learn about the flow of straightening out curves or incidents. Learn during the small incidents and practice the process. [23:57] The importance of not scolding the team for being too quick to react. It's better to have a false alarm than to ignore a serious problem. [25:10] Jill does a one-to-one with everyone on her team each quarter. She tries to Mentor them with some of the things that she's learned. [30:29] We hear about a couple of incidents where ransomware got into the environment. [35:01] When someone else reported that something weird was going on in the network. [38:27] To help with the talent gap, we need to start introducing cybersecurity at the high school level. [42:15] It's important for CISOs to be connected with other groups and events. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/35048340

AI, Automation, and the Future of Cybersecurity With Mike Lyborg 02/05/2025

AI, Automation, and the Future of Cybersecurity With Mike Lyborg With the increase in targeted cyber attacks, it's more important than ever for organizations to quickly identify and respond to threats. AI is helping security teams by acting as virtual analysts, handling much of the investigation work. However, human oversight is still essential for the final steps and judgment. Today's guest is Michael Lyborg. Michael is the Chief Information Security Officer at Swimlane. Prior to taking his current role, Michael was Global Vice President of Advisory Services, a highly sought-after expert by the world's largest Fortune 500 companies and global government agencies to advise on the creation and operation of industry-leading security operations. In this episode Michael shares his experience and wisdom on today’s cybersecurity challenges. We talk about the balance of automation and human oversight, the risks and rewards of putting AI into security operations, and defense in depth strategies. Michael also covers how military style threat assessments can help with cybersecurity, how AI is evolving for threat prioritization and analysis, and the need for continuous testing and monitoring to prevent automation failures. If you want to know how to stay ahead in a complex cyber world, this episode is full of practical advice. Show Notes: [01:06] Michael has been with Swimlane for about 7 years mainly focusing on larger enterprises, government clients, and partners. He's helping with the automation journey and experience. He also built security programs for other companies and was a Marine. [02:07] Prior to the Marines, he did IT and network security. Michael is originally from Sweden. [04:22] Operational risk management or conducting a limited threat assessment. He's always thinking like a hacker and looking for gaps in security. [06:29] Michael tells a story about his wife's recent experience with a cybersecurity scam. [12:11] How a company decides what level of friction is appropriate to implement proper security. [13:59] Michael talks about balancing what is and isn’t automated. [16:16] Michael shares the story about his early days of automation. [17:23] Continuously review and monitor your automations. [18:41] Starting with documentation is a good first step. [21:45] Michael talks about how awesome it is being able to work in security and automation and help businesses grow and achieve outcomes. He believes in automating the mundane tasks. [22:26] We learn about AI being involved in the defensive side of cybersecurity. [24:50] AI can also bridge the gap between the security team and non-technical people. [26:33] We discuss places where AI probably shouldn't be used. [27:58] Find where AI works for you and then think about incorporating it in your security services. [31:01] The importance of having controls in place when using AI whether it's for security or data analysis. [33:00] Risk can be reduced by training on specific tasks. [34:18] Michael shares the value of mixing human and artificial intelligence through Swimlane. [39:08] The importance of bridging gaps and getting rid of silos. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/35048130

Cybersecurity Training from Boring to Engaging With Howard Goodman 01/29/2025

Cybersecurity Training from Boring to Engaging With Howard Goodman The landscape of cybersecurity training and collaboration is changing, interactive education sessions and cross team communication is key. Building a security culture and staying ahead of the modern threats has never been more important. Today’s guest is Howard Goodman, Senior Technical Director at Skybox Security. With over 20 years of experience Howard has become a well known figure in the cybersecurity world, he combines strategic planning with hands-on application across many industries. In this episode we talk about; security culture, the evolution of cybersecurity training and how Howard got phished during COVID. We also cover organisational challenges, best practices and the future of cybersecurity. Show Notes: [00:48] Howard has a doctorate in cyber operations from Dakota State University. Besides working for Skybox Security, he's also an adjunct professor teaching graduate courses about cyber security. [01:48] Howard shares a phishing experience when he and his wife were selling on eBay during COVID. [03:34] If the pros can fall for something, regular people can too. We need to be on our game 100% of the time. [04:53] We talk about opportunities for adversaries to get in when companies have large cybersecurity teams with a lot of moving parts. [05:29] A lot of people ignore phishing attempts instead of reporting them. [06:04] It comes down to organizations training their people properly. Cyber security training is becoming more interesting, because the boring stuff just doesn't hold people's attention. [10:13] When talking about threats, they focus on the exposure side and the exploitability side. With most businesses, functionality comes before security. [12:47] Formal testing is required before upgrading security patches to make sure that they don't break down the whole system. [13:47] The importance of being able to leverage other security controls while testing patches. Teams need to be able to communicate and act fast. [14:52] Knowing about potential risk is the only way to be proactive. [16:36] Looking at costs and gaps in technology. Failures are often due to a breakdown in communication. [19:33] The approach of starting out security first. [25:08] Best practices include cross-training. Working together and training together. Organizations need to run simulations and see how they react as an organization. [31:06] Skybox talks to organizations about gaps in security. [35:57] We discuss the loss that can happen from not having proper security measures in place. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/34658070

Next-Gen Account Security with Christiaan Brand 01/22/2025

Next-Gen Account Security with Christiaan Brand With phishing and password breaches on the rise, passkeys could offer a more secure, user-friendly solution that could reshape how we protect our online identities. Today's guest is Christiaan Brand. Christiaan is the co-founder of Entersekt, a financial services security firm and a key player at Google in their security and identity teams. A respected voice in cybersecurity, Christian co-chairs the FIDO2 technical working group focusing on standardizing robust online security protocols in advancing the use of passkeys. He has been at the forefront of the shift toward more secure, password-free systems. We’ll hear his insights on the challenges and opportunities of implementing passkeys to create safer online environments for users and organizations. Show Notes: [00:52] - Christiaan is part of the security team for Google accounts. He's been with Google for 9 years. Prior to that he had a startup. [01:30] - He joined the FIDO Alliance around the same time Google joined in 2013. When he joined Google, he was able to continue with the same type of work. [02:35] - Each of the big tech companies represents a portion of the market when it comes to how we interact with the web and apps. [04:06] - He became interested in security when he started thinking about what could go wrong with new technology solutions. He wanted users to be able to access their financial information in a safe and secure way. [05:06] - 2FA began gaining traction with Google in 2011. It coincided with the launch of Google Authenticator. 2FA was also used by a gaming company. [07:54] - Usability is important, that's why having an app that displays the codes was one of the first forays into making the technology more accessible. [08:34] - Passkeys allow us to move beyond passwords, leaving the extra hassle of traditional multi-factor authentication behind. [11:05] - Key fobs were one of the earlier ways to try and bring usability to security. Now the technology is being moved to smartphones. [12:33] - Passkeys are a replacement for a password manager. [13:35] - Passkeys are extremely long and asymmetric in nature. You and the site you're going to both have the passkey. [14:27] - The service will have the public part of the passkey, and you'll have the private part. Even if the public part leaks out, your passkey will still be secure. Passkeys can never be revealed to phishing sites. [15:47] - FIDO brings the second authentication step in. The service also has to identify themselves. [20:04] - Password managers try to balance security and convenience. Logging in or accessing a passkey is a unique challenge for providers. [22:20] - Phone numbers are a way to get users back into their accounts. [25:19] - Single device users have extra challenges. [26:08] - There are pros and cons to external sources of identity. [29:44] - The FIDO website has many certified solutions. [33:21] - To get passkeys into daily users' lives, we need to start using them on daily applications where we log in frequently. [35:49] - Hopefully this passkey solution will stand the test of time. [37:34] - Attacks are beginning to shift to session hijacking. [38:24] - DBSC or device-based session credentials is a new standard parallel to FIDO. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/34588710

5 Key Cybersecurity Elements with Kelly Hood 01/15/2025

5 Key Cybersecurity Elements with Kelly Hood How do phishing scams, AI-powered attacks, and strategic governance intersect? Together, they're redefining the future of cybersecurity. Organizations are navigating a mix of challenges and implementing innovative solutions to proactively address today's threats. Today's guest is Kelly Hood. She is the EVP and cybersecurity engineer at Optics Cyber Solutions. She is a CISSP who specializes in implementing cybersecurity and privacy best practices to manage risks and to achieve compliance. She supports the NIST cybersecurity framework and serves as a CMMC registered practitioner, helping organizations strengthen their cybersecurity posture and develop effective risk management strategies. Show Notes: [01:06] - Kelly is a cyber security engineer at Optic Cyber Solutions. It's her job to help companies protect themselves. [02:17] - Don't be embarrassed if you fall for a phishing scam. [03:01] - These attempts are getting more realistic. Kelly shares how she was briefly fooled by a phishing scam that looks like an email from her mother. [05:25] - The NIST Cybersecurity Framework is a voluntary framework for defining cybersecurity. An update was put out in February of 2024. They also added a new function. [06:01] - The five functions that organize a cybersecurity program have been to identify, protect, detect, respond, and recover. They recently added the govern function. [06:38] - The govern function is about defining your business objective and then putting protections in place that makes sense for those objectives. [09:01] - The identify function is focused on knowing what we have. [09:40] - Protect includes everything from identity management, authentication, training, data security, and platform security. [10:12] - Detect is looking at what's happening around us. It's continuous monitoring and knowing what happens if something goes wrong. [11:00] - Respond is knowing what the plan is when something does happen. [12:01] - Recover is about getting back to normal after something happens. [16:22] - Data centers want to make sure that they have redundant power supplies. [17:33] - We discuss some of the things that people might forget when identifying cybersecurity assets. Data and people need to be thought about as well as systems and hardware. [21:00] - We need to write things down and understand what systems and data connections we have. [23:10] - We talk about the importance of being aware of the physical space and who is actually supposed to be there. [24:46] - Data is one of the assets that often gets overlooked for protection. There are many new requirements that require data to be protected. [27:54] - Monitoring to understand what traffic you should expect and what is and isn't normal activity is also important. [31:10] - Transparency and communication are paramount for creating trust. [33:51] - Sometimes recovery doesn't mean 100%. Get up and running and prioritize the systems that matter most. [36:56] - With governance, you really want to look at what you're trying to do with the business and then translate cybersecurity to fit that objective. [37:27] - Have guidance documentation in place and have oversight. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/34588675

Identity Crimes (Theft, Compromise & Misuse) with Mona Terry 01/08/2025

Identity Crimes (Theft, Compromise & Misuse) with Mona Terry When you search for customer service numbers online, you might come across a scammer’s number instead. It’s important to be cautious when sharing personal information, and to verify identities before responding to requests for sensitive data. Today’s guest is Mona Terry. As Chief Victims Officer at Identity Theft Resource Center, she navigates the complexities of identity protection and identity crime recovery and management of multi-million dollar federal grants. She analyzes victim experiences to create ITRC’s Identity Report and to provide information about new and ongoing trends in identity crimes. Show Notes: [0:55] - Mona describes her role as Chief Victims Officer at Identity Theft Resource Center and how she found herself in this job. [3:18] - Identity crimes include theft, compromise, and misuse. What’s the difference? [4:26] - The number one recorded compromise is through scams, where people give their information to someone else. [5:30] - It is also becoming more common for someone to search for a customer service number and come across a scammer’s number instead. [7:01] - Some of the strategies in detecting fake websites are not helpful any longer with scammers using AI tools to make things look more legitimate. [10:10] - Misuse is when someone else takes over your account and is making charges or establishing new accounts in your name. [11:41] - Account takeovers don't only include credit cards. Social media account takeovers can be just as dangerous and more common. [13:28] - Identity theft is what it sounds like—stealing information with the intent to misuse it. [15:24] - If you suspect something is compromised, Mona recommends freezing your credit account. [16:45] - Freezing your account and checking credit reports is easier than it used to be. [19:32] - Mona describes how the Identity Theft Resource Center walks victims through the steps in resolving problems. [21:23] - Some situations are harder to resolve than others. [23:51] - Team members at Identity Theft Resource Center are not therapists, but they are trauma informed and listen to victims as they are guided through a process. [26:27] - When working with the Identity Theft Resource Center, clients get a recovery plan. [29:08] - If victims have tried something or don’t feel comfortable with something, ITRC can step in and help. [31:50] - Don’t be afraid to check for problems. Sometimes problems don’t show themselves immediately. Thanks for joining us on Easy Prey. Be sure to and leave a nice review. Links and Resources: /episode/index/show/easyprey/id/34108611

Easy Prey

TOPICS