Is That Voice Note from Your Child, or an AI Voice Clone?
This week’s episode is packed. We’re kicking off with the ongoing mess in UK retail. Co-op is still battling a cyber incident that’s disrupted deliveries, while M&S and Harrods stay eerily quiet. It’s a sobering reminder that even the biggest names can be caught off guard, and it’s a golden opportunity for awareness teams to highlight why secure password resets and helpdesk verification really matter. If you ever needed a case study to get leadership attention, this is it.
We also explore a new twist on an old scam. The “Hi Mum” WhatsApp con is back, but this time it comes with cloned AI voice notes. Imagine hearing your child’s voice asking for help, only it’s not really them. We talk about how these scams are evolving, how to spot them, and what conversations we should be having with our families and teams to stay safe.
From there, we dive into Microsoft’s new OneDrive feature that could quietly lead to serious data leaks if not configured properly. We also break down the LockBit ransomware gang breach, which exposed affiliate credentials, victim chats, and some embarrassing passwords. It’s a strange comfort to know that even cybercriminals struggle with good security practices.
Finally, it’s all about passkeys. Microsoft, the UK Government, and the FIDO Alliance are leading the charge toward a passwordless future. But are people actually ready for this shift? We look at what awareness teams need to do now, and how to explain this to non-technical users in a way that sticks. All that, plus some odd AI moments and a proud moment for us with three nominations at the European Cybersecurity Blogger Awards.
Sign up for The Awareness Angle Newsletter today and get notified every time a new episode is released. Each newsletter contains details of the topics discussed and more from the world of Security Awareness.
You're almost there!
To confirm your subscription, please check your inbox for a confirmation email. Click the link in the email to complete your signup and start receiving our newsletter!
If you don’t see the email within a few minutes, check your spam or junk folder, just in case.
Thank you for subscribing!
💬 Episode 25 Discussion Points
Co-op cyber incident update
https://www.telegraph.co.uk/business/2025/05/08/co-op-halts-delivery-non-essential-goods-cyber-attack/
WhatsApp “Hi Mum” scam with AI voice cloning
https://www.theguardian.com/money/2025/may/04/hi-mum-whatsapp-text-scam-parents-friends-bank
OneDrive’s risky new sync feature
https://hansbrender.com/2025/05/02/onedrive-microsofts-new-rollout-may-be-a-gift-wrapped-data-leak/
LockBit ransomware gang breached
https://www.bleepingcomputer.com/news/security/lockbit-ransomware-gang-hacked-victim-negotiations-exposed/
Microsoft pushes passkeys for World Passkey Day
https://www.microsoft.com/en-us/security/blog/2025/05/01/pushing-passkeys-forward-microsofts-latest-updates-for-simpler-safer-sign-ins/
UK Government joins passkey movement
https://www.ncsc.gov.uk/news/government-adopt-passkey-technology-digital-services
Cyber chief warns firms not to pay hackers
https://www.itv.com/news/2025-05-07/dont-pay-hackers-cyber-security-chiefs-warning-after-major-retail-attacks
Angry NHS staff call leaked to YouTube
https://www.bbc.co.uk/news/articles/c2dedp9nkwro.amp
CoGUI phishing platform sends 580 million scam emails
https://www.bleepingcomputer.com/news/security/cogui-phishing-platform-sent-580-million-emails-to-steal-credentials/
AI-generated testimony accepted in court
https://www.404media.co/email/0cb70eb4-c805-4e4e-9428-7ae90657205c/
Clipboard warning for Samsung phone users
https://www.linkedin.com/posts/craigpickles_implement-auto-delete-clipboard-history-to-activity-7324758602190102528-Nuxs
Discussion about Royal Mail ryml.me link
https://www.reddit.com/r/mildlyinfuriating/s/Zv5ZhvLeds
Clipboard warning from Craig Pickles
https://www.linkedin.com/posts/craigpickles_implement-auto-delete-clipboard-history-to-activity-7324758602190102528-Nuxs
Missed the episode? Watch it below!