Full Report
On Hacking Humans, this week Dave Bittner is on vacation so our two hosts Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start off the show with some follow-up from a long-time listener who shared how switching to Publii and Cloudflare Pages saved his wife's psychiatric nurse practice over $120/year in hosting costs after discovering static site generators on Hacking Humans. Joe's story is on a warning from an Oregon woman who fell victim to an online scam while trying to buy hens for her backyard chicken coop amid egg shortages caused by the bird flu, urging others to be cautious and avoid transactions on social media. Maria has the story on the increasing threats targeting sellers on online marketplaces, including phishing campaigns, scams designed to bypass platform protections, and the risks associated with off-platform transactions, all of which emphasize the need for heightened vigilance and security measures. The catch of the day, from Scott, highlights an email invitation that appeared legitimate but redirected to a phishing site designed to steal email credentials, with Scott’s wife recognizing the suspicious nature and forwarding it for further investigation.
Analysis Summary
# Main Topic
This threat intelligence summary covers various recent social engineering scams, phishing schemes, and criminal exploits discussed on the *Hacking Humans* podcast, focusing specifically on risks associated with online transactions (buying/selling) and credential phishing attacks.
## Key Points
- **Online Transaction Scams:** A specific incident involved an Oregon woman falling victim to an online scam while attempting to purchase backyard hens amidst egg shortages caused by the bird flu. This highlights the exploitation of current events/scarcity for fraud.
- **Marketplace Seller Threats:** Online marketplaces are seeing an increase in threats targeting sellers, specifically mentioning phishing campaigns and scams designed to circumvent platform protective measures.
- **Credential Harvesting via Phishing:** A "Catch of the Day" example involved a seemingly legitimate email invitation that actually redirected the recipient to a phishing site designed for stealing email credentials.
- **Positive Follow-up:** A listener reported saving overhead costs by switching to static site generators (Publii and Cloudflare Pages) based on previous show advice, noting the value of cost-saving security/hosting alternatives.
## Threat Actors
- **General Scammers/Fraudsters:** Actors exploiting current supply chain issues (e.g., bird flu impacting egg supply) to target individuals seeking specific goods (hens).
- **Phishing Operators:** Actors deploying sophisticated phishing campaigns against online marketplace sellers and using deceptive email lures for credential harvesting.
- *Note: No specific named APT groups or sophisticated threat actors are attributed in the provided context.*
## TTPs
- **Social Engineering:** Exploiting current demand/scarcity (egg shortages) to lure victims into making transactions.
- **Bypassing Platform Controls:** Scammers targeting online marketplace sellers employ methods designed specifically to move transactions or communication off established, secure platforms.
- **Phishing (Email Lure):** Sending deceptive email invitations appearing legitimate but leading to credential harvesting landing pages.
- **Credential Theft:** Goal of the phishing attempt discussed in the "Catch of the Day" was the direct exfiltration of email credentials.
## Affected Systems
- **Victims of Transaction Scams:** Individuals conducting personal transactions for goods (e.g., buying livestock) via social media platforms.
- **Online Marketplace Sellers:** Sellers on various e-commerce platforms being targeted by specific phishing campaigns.
- **End Users (Email):** Users receiving deceptive emails designed for credential theft.
- **Beneficiaries of Cost Savings:** A user practice (psychiatric nurse) that benefited from adopting static site generators (Publii/Cloudflare Pages), demonstrating a non-security related positive outcome.
## Mitigations
- **Avoid Social Media Transactions:** Victims are urged to be cautious and avoid completing purchases or high-value transactions initiated solely through social media channels.
- **Heightened Vigilance on Marketplaces:** Sellers must exercise heightened vigilance regarding communications, especially those attempting to move transactions or verification off-platform.
- **URL Scrutiny:** Recipients of suspicious emails (like the "Catch of the Day") should scrutinize links, as seemingly legitimate invitations can redirect to phishing sites.
- **Use Secure Hosting:** Utilizing platforms like static site generators (SSGs) combined with services like Cloudflare Pages can offer cost-effective hosting solutions.
## Conclusion
The reported threats highlight a persistent landscape of opportunistic social engineering. Scammers are actively leveraging real-world scarcity (like avian influenza impacts) to facilitate direct-to-consumer scams, while professionalized phishing attacks continue to target both buyers and sellers on growing online marketplaces. Users must prioritize transaction security by avoiding off-platform dealings and maintaining strict scrutiny over unexpected communications leading to credential entry points.