Is That Voice Note from Your Child, or an AI Voice Clone?


Is That Voice Note from Your Child, or an AI Voice Clone?

This week’s episode is packed. We’re kicking off with the ongoing mess in UK retail. Co-op is still battling a cyber incident that’s disrupted deliveries, while M&S and Harrods stay eerily quiet. It’s a sobering reminder that even the biggest names can be caught off guard, and it’s a golden opportunity for awareness teams to highlight why secure password resets and helpdesk verification really matter. If you ever needed a case study to get leadership attention, this is it.

We also explore a new twist on an old scam. The “Hi Mum” WhatsApp con is back, but this time it comes with cloned AI voice notes. Imagine hearing your child’s voice asking for help, only it’s not really them. We talk about how these scams are evolving, how to spot them, and what conversations we should be having with our families and teams to stay safe.

From there, we dive into Microsoft’s new OneDrive feature that could quietly lead to serious data leaks if not configured properly. We also break down the LockBit ransomware gang breach, which exposed affiliate credentials, victim chats, and some embarrassing passwords. It’s a strange comfort to know that even cybercriminals struggle with good security practices.

Finally, it’s all about passkeys. Microsoft, the UK Government, and the FIDO Alliance are leading the charge toward a passwordless future. But are people actually ready for this shift? We look at what awareness teams need to do now, and how to explain this to non-technical users in a way that sticks. All that, plus some odd AI moments and a proud moment for us with three nominations at the European Cybersecurity Blogger Awards.

💬 Episode 25 Discussion Points


Co-op cyber incident update
https://www.telegraph.co.uk/business/2025/05/08/co-op-halts-delivery-non-essential-goods-cyber-attack/

WhatsApp “Hi Mum” scam with AI voice cloning
https://www.theguardian.com/money/2025/may/04/hi-mum-whatsapp-text-scam-parents-friends-bank

OneDrive’s risky new sync feature
https://hansbrender.com/2025/05/02/onedrive-microsofts-new-rollout-may-be-a-gift-wrapped-data-leak/

LockBit ransomware gang breached
https://www.bleepingcomputer.com/news/security/lockbit-ransomware-gang-hacked-victim-negotiations-exposed/

Microsoft pushes passkeys for World Passkey Day
https://www.microsoft.com/en-us/security/blog/2025/05/01/pushing-passkeys-forward-microsofts-latest-updates-for-simpler-safer-sign-ins/

UK Government joins passkey movement
https://www.ncsc.gov.uk/news/government-adopt-passkey-technology-digital-services

Cyber chief warns firms not to pay hackers
https://www.itv.com/news/2025-05-07/dont-pay-hackers-cyber-security-chiefs-warning-after-major-retail-attacks

Angry NHS staff call leaked to YouTube
https://www.bbc.co.uk/news/articles/c2dedp9nkwro.amp

CoGUI phishing platform sends 580 million scam emails
https://www.bleepingcomputer.com/news/security/cogui-phishing-platform-sent-580-million-emails-to-steal-credentials/

AI-generated testimony accepted in court
https://www.404media.co/email/0cb70eb4-c805-4e4e-9428-7ae90657205c/

Clipboard warning for Samsung phone users
https://www.linkedin.com/posts/craigpickles_implement-auto-delete-clipboard-history-to-activity-7324758602190102528-Nuxs

Discussion about Royal Mail ryml.me link
https://www.reddit.com/r/mildlyinfuriating/s/Zv5ZhvLeds

Clipboard warning from Craig Pickles
https://www.linkedin.com/posts/craigpickles_implement-auto-delete-clipboard-history-to-activity-7324758602190102528-Nuxs


Missed the episode? Watch it below!