Military Secrets On A Gaming Forum?
What Pizza, Payouts, and PowerShell Have in Common
This week’s episode of The Awareness Angle is packed with stories that sit right at the messy intersection of tech, trust, and human behaviour.
We kick off with a juicy one. M&S is facing a class action lawsuit over last year’s breach. But before you jump on the claims bandwagon, let’s look closer. This wasn’t some catastrophic leak of passwords or payment data. It was a third-party supplier incident. Now law firms are urging customers to sign up for “compensation.” Is it really about protecting people? Or just another case of ambulance-chasing dressed up as justice?
Speaking of trust, Nexus Mods, one of the most beloved sites in the gaming world, just changed hands. No big announcements. No transparency. Just a quiet handover. And that’s all it took for the internet to lose its mind. It’s a sharp reminder that when communities feel left out, trust disappears fast.
We also look at the biggest DDoS attack ever recorded. 37.4 million requests per second. That’s like trying to stream 10,000 HD movies at once. Cloudflare stopped it, but it raises serious questions about how smaller organisations cope when the big guns aren’t there to help.
Then there's the pizza intel story. Yes, really. Before military action between the US and Iran, people noticed spikes in Google Maps activity around gyms and pizza places near air bases. Turns out open-source intelligence is less about hacking and more about watching. A reminder that your location data, even from a pizza app, can reveal more than you think.
Elsewhere, someone leaked restricted US military flight manuals on a gaming forum to win an argument. Again. That’s nine times now on the War Thunder forums. Not a hack. Not malware. Just people making terrible judgement calls. Passion beats protocol every time.
We dive into NHS doctors using unapproved AI transcription tools during consultations without telling patients. It's a privacy minefield. There’s a clear need for better tools, but the rollout can’t skip consent and governance in the process.
And then there’s the new FileFix attack. A twist on old-school shortcut scams. This one uses File Explorer and hidden PowerShell commands to deliver malware without raising any alarms. It’s a classic case of attackers using the tools already on your machine to stay undetected.
We also cover SMS blasters. These dodgy little devices let scammers send fake texts to whole areas, pretending to be your bank or the Royal Mail. These are real. They’re cheap. And they’re hitting phones near you.
A year on from the Synnovis NHS ransomware attack, it’s now being linked to a patient’s death. A stark, sobering reminder that cyber attacks don’t just lock up data. They can cost lives.
And a heads-up for anyone still on Windows 10. Come October 2025, it’ll be out of support. If you're relying on Cyber Essentials certification, you’ll need to pay for Microsoft’s extended updates or move on. This is one of those quiet compliance risks that can catch you out if you’re not watching.
Finally, we talk about a new malware campaign using fake developer job interviews and malicious npm packages. It's slick social engineering targeting tech-savvy people, and it's working.
Oh, and a personal one. Ant’s mum nearly fell for a fake M&S hamper scam on Facebook. It's the same recycled playbook as the North Face scam we talked about a few weeks back. Fake comments, countdown timers, and dodgy URLs. Thankfully, she phoned a friend. Or in this case, her cybersecurity-aware son.
This episode covers a lot, but the thread running through it all is simple. Trust is fragile. Humans are unpredictable. And security isn’t just about systems. It’s about people.
New episodes of The Awareness Angle are released every Monday, with interviews dropping every other Thursday. Subscribe via your favourite podcast app or visit riskycreative.com to sign up for the newsletter.
Sign up for The Awareness Angle Newsletter today and get notified every time a new episode is released. Each newsletter contains details of the topics discussed and more from the world of Security Awareness.
You're almost there!
To confirm your subscription, please check your inbox for a confirmation email. Click the link in the email to complete your signup and start receiving our newsletter!
If you don’t see the email within a few minutes, check your spam or junk folder, just in case.
Thank you for subscribing!
M&S data breach compensation claim
Watch – https://youtu.be/EntRmhcDOBM?t=81
Read – https://vm.tiktok.com/ZNdUh6vxj/
Nexus Mods sold (but to who?)
Watch – https://youtu.be/EntRmhcDOBM?t=225
Read – https://www.reddit.com/r/gaming/s/tPzKAkElVs
The biggest DDoS attack ever
Watch – https://youtu.be/EntRmhcDOBM?t=351
Read – https://www.tomshardware.com/tech-industry/cyber-security/massive-ddos-attack-delivered-37-4tb-in-45-seconds-equivalent-to-10-000-hd-movies-to-one-victim-ip-address-cloudflare-blocks-largest-cyber-assault-ever-recorded
Pizza shops and military intelligence (Pizzint)
Watch – https://youtu.be/EntRmhcDOBM?t=549
Read – https://www.reddit.com/r/Damnthatsinteresting/s/rkBTFwbyEK
War Thunder forums leak military secrets… again
Watch – https://youtu.be/EntRmhcDOBM?t=844
Read – https://ukdefencejournal.org.uk/classified-data-once-again-leaked-on-war-thunder-forums/
Doctors using unapproved AI tools in NHS
Watch – https://youtu.be/EntRmhcDOBM?t=1061
Read – https://news.sky.com/story/doctors-are-using-unapproved-ai-software-to-record-patient-meetings-investigation-reveals-13387765
New FileFix attack via Windows shortcuts
Watch – https://youtu.be/EntRmhcDOBM?t=1285
Read – https://www.bleepingcomputer.com/news/security/filefix-attack-weaponizes-windows-file-explorer-for-stealthy-powershell-commands/
SMS blasters used in new smishing scams
Watch – https://youtu.be/EntRmhcDOBM?t=1545
Read – https://cybernews.com/news/police-alerts-about-new-sms-blaster-scams-used-for-smishing
NHS ransomware linked to patient death
Watch – https://youtu.be/EntRmhcDOBM?t=1789
Read – https://www.bbc.co.uk/news/articles/cd1gk9zqe4vo
Cyber Essentials warning: Windows 10 deadline
Watch – https://youtu.be/EntRmhcDOBM?t=1995
Read – https://www.techradar.com/computing/windows/windows-10-users-who-dont-want-to-upgrade-to-windows-11-get-new-lifeline-from-microsoft
Malware hidden in fake job interviews (NPM packages)
Watch – https://youtu.be/EntRmhcDOBM?t=2066
Comment section: NHS breaches, OneDrive sync, Jamf
Watch – https://youtu.be/EntRmhcDOBM?t=2336
Metomic demo: Human firewall nudging tool
Watch – https://youtu.be/EntRmhcDOBM?t=2762
Read – https://www.metomic.io/solution/human-firewall
TikTok Q&A: Are Groupon license keys legit?
Watch – https://youtu.be/EntRmhcDOBM?t=2895
Read – https://answers.microsoft.com/en-us/msoffice/forum/all/license-tom-on-groupon-microsoft-partner-or-scam/a0a06003-e798-424b-becf-6e390fff1f9e
Facebook M&S hamper scam fools Ant’s mum (nearly)
Watch – https://youtu.be/EntRmhcDOBM?t=3289
Scattered Spider retrospective timeline
Watch – https://youtu.be/EntRmhcDOBM?t=3568
Read – https://www.linkedin.com/posts/rosslazer_scattered-spider-timeline-ugcPost-7343292142729011201-S8N4
Windows 10 extended support pricing update
Watch – https://youtu.be/EntRmhcDOBM?t=3660
Experian “Dark Web” alert email
Watch – https://youtu.be/EntRmhcDOBM?t=3845
16 billion password leak briefly discussed
Watch – https://youtu.be/EntRmhcDOBM?t=4083
Weekly wrap-up and final thoughts
Watch – https://youtu.be/EntRmhcDOBM?t=4182
Missed the episode? Watch it below!
Transcript -
Anthony Davis (00:12.851)
Welcome to the Awareness Angle, the weekly podcast where we dig through the latest cyber security news, scams and slip-ups so you don't have to. We're here to make sense of what actually happened in the last seven days and what it means for real people. The opinions we share are all our own. Our employers would probably prefer we stuck to the script, but where's the fun in that? I am Ant Davis and with me as always...
is the guy that makes this whole thing look and sound far more polished than it really is. It's Luke Pedigrew! How you doing Luke?
Luke (00:57.422)
Yeah, hey everyone. I'm good.
Anthony Davis (01:01.087)
I'm good, good, back after a week off. You had a nice little break last week, which is good.
Luke (01:06.956)
Yeah, nice little time off. Not that the audience will be recognised with our special episode, Slotted In.
Anthony Davis (01:14.935)
Yeah, yeah Well, we've got so much to get through this week. We've got um Something different on mns. We've got gaming sites have been sold d-dos's us military we've got doctors using ai and lots lots more so um, let's get straight into it, shall we? Right, so the first one, um, I saw this week
Luke (01:37.922)
Yeah, let's get to the news.
Anthony Davis (01:44.501)
And this isn't really news, but it's something I saw that relating to &S, mean, anything at the moment with &S is really news. And I saw this on TikTok and I don't know how I feel about it, but let's, let me just share it with you for a second.
Anthony Davis (02:25.754)
I don't know how I feel about that. The same company have also got one for co-op.
Luke (02:28.056)
Yeah.
Anthony Davis (02:32.001)
when you look at their website they're also doing a claim for co-op and it's a company that specialise in claims. No win, no fee. I mean I'm sure they'll take a lovely cut but erm...
Luke (02:32.974)
Right.
Luke (02:44.408)
Most likely.
Anthony Davis (02:46.751)
And I'm not sure, like, they didn't tell anyone for two weeks. That's... we don't know that. I don't think they knew. It's...
Luke (02:55.946)
Yeah, it's a tricky one and I guess they're just really doing it for the money, I don't think they particularly care.
Anthony Davis (03:03.221)
I you do have to wonder who really benefits from this claim. Like, is it the individuals that go for it, that all might end up with £35 each or £10 each or something, or is it them that's gonna take the nice profit off the top? Because that's all they specialize in. It makes you wonder. And it's like, is &S really to blame? We don't know because it could have been a third party supplier or someone connected to their systems. I know...
Tata came out and doubled down and said it wasn't them because everyone kind of thought it was them.
Luke (03:38.082)
Yeah, I guess it's a little bit unclear, isn't it?
Anthony Davis (03:41.333)
Yeah. Yeah, so no, I thought I'd share it, I don't agree with it. Maybe because we're close to it and it could be us on the other end, but let's just support &S right now. Let's not get behind them like this. Feels a bit ambulance chasey, doesn't it? Almost.
Luke (03:55.668)
Yeah, seems that, yeah, it's probably not the right thing to be doing really.
Anthony Davis (04:01.821)
No. Right, that's the first one. Next one's yours.
Luke (04:08.046)
Cool, yeah, so this one is Nexus Mods.
which is probably one of the biggest modding platforms, like website where you can get mods for PC games, all kinds of games. yeah, after 24 years, the owner, or the founder, known as Dark One, announced they're stepping away and handing over to a small team that they they trust, but there's no information as to who they are. But they have said it's not a corporate takeover, so I'm games would be happy.
to hear that. Yeah, it seems to be like not a lot of changes, just the ownership at the moment. Obviously things could change.
Anthony Davis (04:52.439)
But there was bit of uncertainty though, wasn't there, around this one, amongst the community.
Luke (04:59.434)
Yeah, so it wasn't real. It was a bit vague. The new owners weren't named or anything. So we'll see what happens on that one. think people will be bit cautious maybe with using that platform. They might go to a different one instead now.
Anthony Davis (05:18.293)
There's always, it always makes you wonder when people don't reveal stuff. It's like, why aren't you being transparent? Is that because we won't like what you're not telling us? It's like, I remember years ago, and I mentioned this weeks ago, Ublock Origin, the ad blocker, when it was Ublock, I think, there was a period when it got sold, but it wasn't said who it was sold to, and obviously this sits in a very trusted place in your browser.
Luke (05:29.578)
Yeah.
Anthony Davis (05:46.517)
and then I think the developer ended up redeveloping it and going by the name of uBlock Origin for original. yeah, it does make you wonder why aren't you being transparent? Why aren't you announcing it? Like, hey, look who's taking over. This is a great thing.
Luke (05:54.082)
Yeah.
Luke (06:06.178)
Yeah, we'll see that maybe they'll come forward, clarify it.
Anthony Davis (06:10.058)
Maybe. Maybe.
Anthony Davis (06:14.289)
Largest DDoS ever, a record-breaking DDoS, which is a distributed denial of service attack, was blocked by Cloudflare after it delivered a staggering 37.4 million requests per second to a single IP address, which is the equivalent to 45 million total requests over just 45 seconds. So that, and this is like, here it is in
relatable terms, it's 10,000 HD movies being streamed at once. So like in your house, imagine your internet if you tried to stream 10,000 movies in HD all at once.
Luke (06:45.56)
you
Luke (06:50.168)
bell.
Luke (06:58.155)
Yeah, probably 10 minutes take down, maybe not even 10. With one or two, yeah.
Anthony Davis (07:00.642)
I have enough problem lighting in my house. Yeah. The attack was part of a broader campaign using HTTP slash to rapid reset, which is an exploit that takes advantage of how modern browsers handle HTTP connections. So this allowed the attackers to send vast amounts of traffic with really very little effort. And what's more worrying is that this wasn't a slow build up.
It almost just went BAM! Like really quickly. Sorry if anyone's driving and I've just made you jump, I do apologise. But it hit at full force almost immediately which means it was likely from a botnet. So a botnet is lots of different devices that probably compromised from here, there and everywhere. Cloudflare says the attack was mitigated automatically but it does raise concerns about the growing scale and speed of DDoS capabilities.
especially for those smaller organizations that perhaps haven't got any DDoS protection. know, CloudFlare, they're not cheap. The other concerning thing about this, and it hasn't been disclosed who the actual potential victim of this is, that's been kept hush hush. And they're perfectly within their right to. But quite often DDoS attacks can be used as a smoke screen.
Luke (08:01.005)
Yeah.
Anthony Davis (08:26.519)
for other activities. So they're used as a distraction technique, almost like everyone's panicking because everything's gone down when really someone's sneaking in the back door when no one's looking. So, yeah. So it's a brand new DDoS weapon, HTTP2. Probably a large and sophisticated botnet. It does make you wonder if this is the first big one of many. Is this now the new normal? We'll wait and see.
Luke (08:36.973)
Yeah.
Luke (08:55.234)
Yeah, I wonder if it was ChatGBT. I they went down a couple of weeks ago.
Anthony Davis (09:01.719)
They did, they were down for some time a couple of weeks ago.
Luke (09:06.206)
when this was supposed to be but yeah that's crazy numbers.
Anthony Davis (09:10.837)
Hmm 10,000 HD movies all at once. It's almost doesn't need to be that big Which makes you think maybe it was a test right? Maybe it was like I wonder how big we can go Yeah Right, I'll then I'll take the next story because I have an image for this so
Luke (09:15.598)
you
Luke (09:21.238)
Yeah.
Anthony Davis (09:32.395)
Basically, recently, I'm not gonna get into politics or anything like that, but have to, this touches a little bit on politics. Obviously we've had war in the Middle East recently between Iran and Israel. And there was a couple of things on this. So I'm talking about OSIN and sometimes, like finding out what's happening is as simple as watching how busy the local pizza place is.
and this is actually called Pete-sint. Pete-piss-int. So, open source intelligence is OSINT. We've talked about it previously on the show. But in Qatar, and I saw this on Reddit, I must have called it at the right point because it got removed from Reddit. And if you're listening to this episode, we've successfully not been removed from wherever it was. I don't think I've given away any secrets, right? Because I did still, this image is still available on the internet. So.
In the gym on an air base in Qatar, so in the US air base in Qatar, before it was bombed by Iran in retaliation for the attack on Iran by the US, OSINT analysis had noticed a spike in activity using Google location data. So just when you go to Google and you search up somewhere, Google tells you how busy it is. So basically,
we could find out really easily how busy this gym on the US Air Base was. And I'm assuming this is legit, right? There is a chance that it's not. But you can see here, this big red drop where it was really less busy than usual.
Luke (11:17.432)
Hmm, well yeah.
Anthony Davis (11:19.415)
Which kind of gives it away, right? If you're listening to us and you're not watching it, then check out the YouTube and you can get it on there. So the interesting thing was when tensions escalated between Israel and Iran in mid-June, so last month, there's an account on X, formerly known as Twitter, called Pentagon Pizza Report.
and that flagged an increase in activity at pizza shops near the Pentagon. So Google Maps showed like Papa John's, Domino's, District Pizza Palace were busier than usual shortly before the Israeli strikes on the Iranian targets and US military action was announced.
And this is widely reported, like all of the big papers picked up on this, Fast Company, Economic Times, Fox Business, is out there, even the Times in the UK here reported on this. So this is like big business, The interesting thing, and this is what I love, history lesson, so pizza intelligence originates from the Cold War Soviet intelligence practices. So essentially agents reportedly monitored
sharp increases in pizza deliveries and restaurant footfall near US government buildings like the Pentagon, CIA and White House as early stages of imminent military or diplomatic action. And it says here one of the most cited anecdotes, a dominoes in Northern Virginia delivered 21 pizzas in a single night just hours before Iraq invaded QA in August 1990. And that's like Osint legend apparently.
So I think the US government probably needs to have a word with Google and tell it to maybe delay the spike in these places. It just goes to show though, you've got to be really, really careful because you can work out from anywhere.
Luke (13:09.111)
Mmm.
Luke (13:13.922)
That's crazy.
Luke (13:22.114)
Especially how public the data is for that Google location. Anybody can view that.
Anthony Davis (13:25.174)
Yeah.
Anthony Davis (13:29.503)
And people really underestimate Osin and it doesn't like it's not sometimes it's so simple. Simeon from Vivida. We've spoken about the video here on the show before the Vivida Reels, the really good kind of Tik Tok style videos. Simeon posted, he's quite an influential character on LinkedIn and he posted a picture of himself in a coffee shop today and outside was a street sign.
and just searching for a unique name on the street sign and then going to Google Maps, you could work out exactly what coffee shop, work out what window he was sat in, you know, and it's, so you've got to be really careful about what you post and the tools, but this is all Android Google phone data that's picking up on this. So.
Luke (14:10.894)
Yeah, time to
Anthony Davis (14:14.261)
turn off your location, like US government officials turn off location services or something like that. That would probably be a good idea. Staying on a military theme, the next one is yours.
Luke (14:27.52)
Yes, I mean I heard about this one actually. US military secrets leaked on War Thunder forums. War Thunder is a gaming, PC game. Military style flying flight simulator I guess. But basically... Yeah, I think you could do tanks and boats, ships now and stuff.
Anthony Davis (14:43.351)
You can do everything Cornwall. You can do tanks and you can yeah, yeah
Luke (14:52.136)
player got banned for sharing a section of the restricted US flight manual for the AV-8B Harrier plane and yeah was a document that was marked distribution statement C which meant it wasn't for public release and it's the knife time that something has been shared that's been classified on that forum so that's just a crazy thing that someone's out there
who has access to this information is just carelessly sharing it guess. But yeah, it seems to be that it wasn't related to a hacker or a cyber attack, it was probably someone that wanted to show off and maybe boast about that they've got access to this document.
Anthony Davis (15:39.903)
or proving a point in an argument.
Luke (15:42.478)
Yeah, I was maybe getting that at technical level over the game, but...
Anthony Davis (15:47.829)
I know it's War Thunder's fame for its kind of realism and attention to detail. I'm sure one of them, I'm sure previous classified material shared on there has been to prove a point or, know, this plane is this fast. No, it's this fast. Look, I can prove it. Here's the document that says it is and it's got classified stamped all over it.
Luke (16:07.732)
Mm-hmm. Yeah, makes you wonder where they got the document from in the first place, but...
Anthony Davis (16:15.191)
They're probably they're probably military personnel. It's probably I know it's um, you know, it's I'm sure my dad was in the air force back. My dad did military service Okay, my dad's in his 80s back in the 50s. He did military service and he always wanted to fly a plane But he wasn't a pilot. He was ground staff Um, so maybe ground staff that want to fly a plane play war thunder now, they didn't have war war thunder in the 1950s, but
Luke (16:19.16)
potentially.
Luke (16:41.164)
Yeah.
I guess it shows you how easily sometimes you have access to documents and stuff and it can be exfiltrated, whether intentional or unintentional.
Anthony Davis (16:45.238)
Yeah.
Anthony Davis (17:01.441)
There's a couple of angles here. Number one, whoever shared it might have been caught up in the emotion of proving a point and heated in an argument and didn't really consider the consequences. I'm having a conversation with one or two people in a forum, no one's gonna see it. To the other extreme, on the other side of the coin, do war, thunder, have enough.
Luke (17:13.452)
Yeah.
Anthony Davis (17:26.965)
checks and balances in place to prevent this happening again. Do they have OCR? Do they have enough disclaimers? Yeah, it's tricky, isn't it?
Luke (17:37.538)
Yeah, it's actually been a lifetime it's happened quite impressive. Yeah.
Anthony Davis (17:43.647)
a recurring problem here. Yeah who will be number 10? Yes so maybe just you know remember don't go sharing data that might be confidential here there and everywhere.
Luke (17:48.916)
Yeah.
Luke (17:59.854)
Yeah.
Anthony Davis (18:01.943)
Next story tonight, doctors using unapproved AI tools and this is story from Sky Sky News here in the UK Doctors in the UK reportedly using unapproved AI tools to record patient consultations Which obviously raises serious questions about privacy, data protection and transparency Sky News investigation revealed that some NHS GPs
a trialing or adopting AI transcription software, which we've spoken about on here before, without formal approval or proper data governance. So these tools are being used to save time by automating notes from consultations. But in many cases, the patients aren't even aware that their conversations are being recorded, let alone processed by AI. So this, this is a privacy minefield for the NHS we're talking about like.
Luke (18:57.961)
you
Anthony Davis (19:01.399)
This could be audio is being transferred to AI platforms. We're talking about medical records to build profiles of users this is on the other side of the coin though, I can really see why a doctor AGP general practitioner would use that because You can have a conversation and you can get a summary of notes and just paste it in somewhere
Luke (19:08.846)
Mm.
Luke (19:12.301)
That's it.
Luke (19:27.916)
Yeah, it's a concerning. But you can have a... AI can get it wrong, I guess. Sometimes it could be quite a severe consequence from that. Let alone sharing that with an unapproved platform.
Anthony Davis (19:29.63)
It's
Anthony Davis (19:45.075)
Yeah, I mean this is crying out for an approved solution, which will probably come in at hundreds of millions of dollars to the UK government and it probably will take eight years to go through procurement and stuff like that. this is crying out that there's obviously a need here because otherwise they wouldn't be doing it. So this highlights the fact that maybe they need to hurry up and get an approved AI solution for transcription because, and we've seen this in loads of places like AI.
Luke (19:51.534)
You
Luke (20:10.456)
Yeah.
Anthony Davis (20:13.781)
transcription tools pop up here, there, and everywhere and they self-propagate really well. We talked about Fireflies ages ago on a conversation and Google has it built in, but if you just want to get some notes written up.
Luke (20:18.178)
Hmm.
Luke (20:22.082)
Yeah.
Luke (20:28.844)
Yeah, it reminds me, I saw on TikTok, I think it was an ad, it was disguised as a real person talking about this app. yeah, was someone saying, do want to save so much time in your meetings taking notes? Use this transcribe app. And it was like them promoting this app. And then in the comments, people were like, this is crazy. Like, you shouldn't be doing this. Data privacy and all that.
It's just crazy that these companies are out there promoting this on this behaviour on social media and people are gonna just go ahead and do it.
Anthony Davis (21:03.895)
Yeah, it's good that people in the comments were flagging the concerns, because when we've posted stuff about Windows 10 no longer receiving updates, people don't seem concerned. It's funny where the line's drawn, isn't it? Between, oh, not having my data, but then the illusion that a computer without any security updates is secure. It's funny. Yeah, so yes, if you're in the doctors and you have a feeling, if the phone's lit up,
Luke (21:15.711)
Yeah.
Luke (21:25.058)
Yeah.
Anthony Davis (21:33.995)
or you can see like stuff, feel free to challenge, know, whether or not your data is being sent to a third party.
Luke (21:40.27)
you
Luke (21:45.56)
Yeah.
Anthony Davis (21:50.732)
Yep.
Luke (21:51.374)
So this is a new file fix attack, weaponized as Windows File Explorer for stealthy commands. This links into a couple episodes ago where we talked about the Windows shortcut files and previously ClickFix type attacks.
Anthony Davis (22:08.46)
Yes.
Luke (22:10.86)
Yeah, seems to be that cyber security researcher known as Mr. Dox has developed this new variation of ClickFix called FileFix and has demonstrated how it can be used to do a similar thing, I guess, where basically it seems to be that they've got a PowerShell command embedded into a Windows shortcut file, which supposedly doesn't.
show a visible prompt or alert the user once they've done it. Which is quite a scary thing.
Anthony Davis (22:48.159)
Yeah, there's an I had a look at this so this was click fix which we showed previously wasn't it which is where a fake capture typically then it asks you to press Windows key R and then control and V and enter so it's pasting something in the run box, but this does something differently and this There's a video here. Let me just share this because it's quite good So you land on a page and again, this is just a simulation
Luke (22:54.187)
Yep.
Luke (23:04.749)
new.
Anthony Davis (23:16.993)
And it says to access this document, copy the file path below. And I'll play the video. it copies. You just have to click on it and it copies it. And then there's a button that says open file explorer, which you click and it opens up your file explorer, which is, you know, your windows where you go to look at your C drive and your files and your downloads. And then you click on the address bar and then just paste. And then it, boom, it's actually.
God scary isn't it it's actually running a command and has opened a command prompt, and it's putting something down from a IP address
Luke (23:55.468)
out here.
Yeah, it's just very similar to what we spoke of before where shortcuts aren't as maybe safe as you think. And they're to sort of see. mean, obviously in this example it's talking about pasting that in, but you could still be sent... that we spoke of before being sent a shortcut file which could be disguised as anything to the average user. Yeah.
Anthony Davis (24:22.027)
Yeah.
Anthony Davis (24:29.969)
It's really important that we reinforce what the normal behaviour is and you think because why is a webpage asking me to do this? know, there's no reason ever, ever in all my years of using a computer and doing IT support and 10 years in cyber that there's a genuine reason for doing that behaviour. That's chain of actions. It just doesn't exist.
Luke (24:57.314)
Yeah.
Anthony Davis (24:59.092)
So.
Luke (25:00.526)
Yeah, I've seen similar, um... Try to let you try and find a fix for something on your computer or whatever and then you get sent to a website that pretends to have the fix and obviously it tells you to just run this command to fix your computer and similar sort of thing. Runs a command at a malicious prompt. So yeah, I think it's just talking about and thinking about is this the right thing to actually be doing.
Anthony Davis (25:26.967)
When you venture into the dark side of the internet and you know on the verges of when you're looking for stuff that perhaps you shouldn't be It's a risky place and this stuff you see all the time Click here do this do that and knowing where to click on the page is sometimes challenging It's best unless you know what you're doing or you're prepared to lose everything It's best not to venture in those places, and I have a story
Luke (25:55.256)
Yeah.
Anthony Davis (25:56.349)
similar to that about my mum which we'll get to later.
Luke (26:00.652)
especially don't do it on a work computer.
Anthony Davis (26:03.431)
Absolutely not.
Anthony Davis (26:08.585)
Right, I saw this one on CyberNews. And if you haven't got a working ad blocker, I think CyberNews is one of those sites you're probably best not going to. But this is around SMS blasters. Have you heard of an SMS blaster?
Luke (26:28.462)
I don't think I have to be honest.
Anthony Davis (26:29.629)
I hadn't either, that's fine, there's no judgement here. So an SMS blaster allows criminals to send out texts without needing a person's number and it avoids spam messages as well. So UK police are warning the public about smishing attacks, SMS phishing. So these devices, these SMS blasters can send thousands of fake messages at once. They can mimic trusted brands like
Royal Mail, banks or delivery services. These messages can come from spoof sender names making them look like they're part of a genuine conversation thread on your phone. So you can apparently buy these SMS blasters for just a few hundred pounds and anyone with minimum technical knowledge can use them.
Anthony Davis (27:21.185)
Have you... have you... these aren't erm...
SMS blaster
Luke (27:28.898)
yeah just google it looks like a large box with antennas on
Anthony Davis (27:33.971)
right, okay. I was thinking for a second it was gonna be a flipper zero, but it's not, that's fine. So look, they can be bought easy for a few hundred pounds, used by anyone with minimum technical knowledge. Criminals are using them in car parks, apartment buildings, or even on the move, and they literally just go boom, out to a massive area with fake tests, with phishing links. So.
Luke (27:38.894)
Mm.
Anthony Davis (28:00.865)
There's not really anything like these are really hard to stop SMS is a bit like email. It's a very old technology. It's you know It's just there. It's not owned by anyone. I don't think I don't even know who regulates SMS as a tool So if you get a message and I actually got one this week from DVLA I was it was a SMS it was a
SMS so it came through as a message It was a group that had annoying people in it And it was a message that said DVLA final compliance reminder, and if it wasn't I mean the URL was rubbish But also it was a group with nine people DVLA aren't gonna send me a message in a group with nine people DVLA is the driver vehicle license authority here in the UK
Yeah, SMS messages, just another example. If you get messages, check the URL. You can't trust if it says it's from Royal Mail or it's from DHL or DPD or FedEx. You've gotta use your instincts. Am I expecting a delivery? Am I really due a refund? And then look at the link in the text message to whether or not it looks genuine. This one from DVLA.
DVLA use gov.uk domains and this came from parking fine-gov obt.live something so it was clearly rubbish but I know that many wouldn't
Luke (29:41.132)
Yeah, it can be hard to tell sometimes. fans, I mean, obviously this says it avoids them, but fans obviously sometimes come up with a spam detected, but not always.
Anthony Davis (29:52.631)
Android is very good at that. iOS, I've never seen it.
Luke (29:58.958)
I think it's coming for it as a new iOS 26 update. It's going to have some more features on that type of thing. Yeah.
Anthony Davis (30:05.259)
Hmm. About time.
Luke (30:12.206)
So yeah, next story we've got is on the Storm BBC around how the ransomware attack which took place June 2024 on the NHS. Yeah, the blood to do like blood tests, that system, yeah, by Sanovis. Yeah, the agency that manages the labs for them.
Anthony Davis (30:26.172)
Synovus. Synovus.
Anthony Davis (30:40.747)
So Novus are the pathology, they offer pathology services, blood testing and screening services for the number of NHS trusts. They had a cyber attack last year, didn't they? 2020, yeah.
Luke (30:50.198)
Yeah, a year on from there it's been reported that the death of one person has been linked to that ransomware attack. It's quite crazy to hear that has sort of happened from it really. It shows like it's not just systems that get affected by this thing. It can affect people in that way. But yeah, so it's...
spoke about how patient data was stolen during that incident and the delays and the disruption unfortunately led to this patient's death. quite a remarkable story really. There's a whole lot more information here but...
Anthony Davis (31:40.841)
It does make you wonder if these are like... I don't know who was behind the Sonovus ransomware attack but if it was like 16 year old kids in their bedroom they could now be up on a manslaughter charge. Which has a significantly longer term than theft or something. They've actually killed someone.
Luke (31:55.894)
Yes, this here was...
Luke (32:04.01)
Yeah, so it was said here that was a killing, Q-I-L-I-N, Russian based criminal group.
Anthony Davis (32:12.704)
Right.
Luke (32:16.152)
but they said that they're sorry but not... this is previous statement I think that they were sorry for the harm caused but wasn't to blame yeah so I... yeah obviously cybercrime does that do this in the UK and stuff like that probably more likely to get...
Anthony Davis (32:25.153)
course not.
Luke (32:36.174)
sort of caught and maybe something's going to be done for them but obviously when it's outside of the country who knows it's probably never going to get caught for that.
Anthony Davis (32:46.709)
No. No. I think it was one of the Taken films where his daughter was kidnapped and taken abroad or something like that and it's like there's very little the government can do so you have to turn into Liam Neeson and go abroad and get your own revenge.
Luke (33:04.29)
Yeah, it's a bit of a sad one, but a stark reminder of how severe ransomware can be.
Anthony Davis (33:09.526)
Yeah.
Yeah, and they don't care like companies hospitals schools remember an event. I was at a while ago Someone was from a university and was saying like they're not allowed to pay ransom like they can't because their education and it's like Why are they doing it if they can't pay around this just they don't care They'll just go and get anyone and everyone doesn't
Luke (33:31.413)
Yeah.
Anthony Davis (33:38.615)
Something I saw this week, Windows 10, I feel like we're gonna stop talking about Windows 10 soon, but Windows 10 goes out of support October 2025, you all know that. Now, for anyone who has Cyber Essentials or Cyber Essentials Plus, this is a big deal. Because I believe that once Windows 10 is out of support, it doesn't meet the basic requirements for
Cyber essentials, so unless you're paying for Microsoft's extended security updates, which aren't cheap and do only buy you three years So if your organization is still running Windows 10 after October without ESU Then you could fail cyber essentials If you're not thinking about this this is one of those quiet compliance risks that could quite easily creep up on you so
If you've got cyber essentials or cyber essentials plus, you need to get rid of Windows 10 or you need to buy extended support by October. That's it.
Anthony Davis (34:54.227)
Right, next one is you sir.
Luke (34:57.197)
Yes, the last one I think we've got for this week So this is a new wave of fake interviews which seems to be I think if you've seen it before it's a North Korea contagious interview campaign which targets job seekers particularly developers like software developers Where yeah, they've
The Slayers Attack is using 35 NPM packages to spread malware which they're distributing during fake interviews. So the NPM is like a registry database of software, I guess primarily for Linux.
I don't know too much about it, but it's like a package sort of manager in a way of being able to download various tools I believe. It's probably a better way of explaining it somewhere else. Basically yeah, they've mimicked well-known and trusted libraries and tools and made them dangerous really.
Anthony Davis (36:02.805)
Yep. Yep.
Luke (36:15.03)
So yeah, victims have been led to this by these people posing as recruiters where they've posted like fake job adverts and then it's like here's a test project or some sort of project file to download and this is all in a Google Doc and yeah, the link sends them somewhere to download.
Anthony Davis (36:34.486)
Yep.
Luke (36:42.638)
some packages really and it has info stealing malware it says here ex eval loader which has been hidden in there contacts a fractor server and fetches all this all the information on the device so like yeah browsing data, cookies crypto wallets credentials all sorts of stuff yeah
Anthony Davis (37:08.503)
They'll just grab whatever they can. Yeah.
Luke (37:12.334)
Yeah, maybe we just want to look out for really. I don't know how specific this is. It does seem to be around software developers, but it could really happen to anybody in a way. Deploying malware through fake interviews.
Anthony Davis (37:28.265)
It's that illusion of trust isn't it? I suppose they're having an interview, they've probably been through bit of a process. This third party has invested some time in me. You know, it's not... which probably helps it feel authentic. But then without realising during the interview, they're probably downloading an NPM package and then like... it's triggering malware. They might even get a thank you very much for your time, we'll be in touch.
They might even get back in touch and go, sorry your application was unsuccessful. But secretly they're pilfering all of their data. I think this is probably one, and I can't remember now, I'm sure there was a company where this was used as the weigh-in. But this could be used in very targeted attacks. Target developers who work with lovely job offers that work at a specific company. And then squeeze their way in that way.
Luke (38:23.245)
Yeah.
Yeah, I'll just clarify that npm is a package manager for node.js packages and yeah, it's a platform that hosts these packages.
Anthony Davis (38:34.678)
Right.
Anthony Davis (38:41.643)
GitHub and typically that I yeah
Luke (38:43.946)
Yeah, so Node.js is a open source, cross-platform JavaScript runtime environment that lets developers create servers, web apps and various other tools. So yeah, it's very specific, but yeah, it seems to be happening at the moment. So yeah, be careful, I guess, with potential interviews, especially when you're being reached out to by a recruiter. It's probably too good to be true in some.
Anthony Davis (38:55.063)
Hmm.
Anthony Davis (39:04.727)
Yeah.
Luke (39:12.534)
paces.
Anthony Davis (39:13.495)
Hmm.
Yeah. Right. Let's move on to the comments section. That's the news for this week. Now let's move on to the comments. So I didn't post anything from last week because last week was a special, you know, talking about awareness, behaviors, and stuff like that. But I have been posting some stuff from the week before. So, I...
shared on TikTok stuff about the NHS staffing breach that was hidden for 13 months. Do remember that? NHS professionals who were a recruitment company, a staffing company for the NHS. Deloitte went in and said you were breached, you've had data breached. NHS professionals disagreed, said no we hadn't. So this is
the topics on TikTok, someone says, I am their employee for nearly two years, what should I do to check if my data was leaked? Can I make a financial claim if my data was leaked? I mean, people think differently to us. Your data's probably out there anyway, but yeah, if it is actually leaked, you're probably entitled to a claim. Watch out for a TikTok video asking you to join.
Luke (40:18.83)
Thanks
Luke (40:32.317)
Yeah. I mean in the UK it's probably... it's been plastered all over the TV adverts, right? All these claim things, so it's no surprise.
Anthony Davis (40:39.711)
Yeah. Yeah. Yeah. Someone said 13 months is mad. Surely the ICO has to be slapping them with something. The ICO is the Information Commissioner's Office here in the UK that slap you for GDPR breaches. Someone else says, I can tell you horror stories of police, universities, et cetera, from pen testing. Might reach out to that person, find out.
Someone like quite a lot of clued up people. Oh, so they broke GDPR rules and committed an offense What the hackers gain from this hackers don't care it's disruption it's a game, you know, I think with that one
Luke (41:23.358)
they sell the data to someone that wants it potentially.
Anthony Davis (41:26.443)
Well I think on that one I'm pretty sure they said it had all the hallmarks of scattered spider. Obviously this was 13 months ago, scattered spider have been around for ages. But maybe they were just unsuccessful, maybe they didn't manage to get ransomware out. But that probably would have been the intention. Someone else flagged, aren't the NHS going to start DNA testing every newborn baby to test for potential future health issues? Where will they store this information?
This wasn't the NHS, this was NHS Professionals, which is a recruitment company. slightly different, but that's cool, that's cool. What else did we have?
Anthony Davis (42:11.575)
Someone said here lots of comments about OneDrive. We talked about the OneDrive permission change where it asked you if you wanted to sync your personal files. We still get lots of comments on that video. That video's had over quarter of million views now on TikTok. And one of them was, why would you use a personal account on a work device if you're signed into the browser or your personal email in the browser? I think that's enough.
Someone says, Jamf blows the doors off in June. Jamf is cool. You just need to, it's additional purchase and you need someone that knows what they're doing to get it going. It's a different skillset typically to someone that's been immersed in Windows for all their life. Someone said, did I actually share the fix or a website explaining the fix? It's in the comments on TikTok. So there is the fix there. The last one I shared.
Last comment for tonight. We spoke about the FAA the Aviation Authority in America that were phasing out floppy disks and Windows 95 Someone said obviously security is my first question. It's like yeah, that's true someone else said this is amazing. Mr. Mr. Hall said that's not surprising I've seen nuclear and military science using Windows NT for in the last decade
Luke (43:37.646)
Yeah
Anthony Davis (43:40.535)
There was one here, someone we spoke about. I asked when the last update for Windows 95 was. I can't find the comment now, but it was 2001. That's when the last update for Windows 95 was. yeah, 2001. Right, that's the comments section for tonight. Don't forget, you can follow, the links are all in our Linktree, which is Linktree slash Risky Creative.
We post clips from the show on Instagram and on TikTok. So you can find your poison there. That's good for clients.
Anthony Davis (44:21.371)
Have you listened to our interview series yet? It's out every Thursday. The last one we released was with Terry McCorkill who's the founder and CEO of Fishcloud. Fishcloud is a pretty cool tool. was a really good chat. Fishcloud is a browser add-on. So rather than stimulating phishing, it goes beyond that.
And any links that appear in your browser, be it in a Google search or a web page or in your email, it sends it off to threat intel and gives you a red amber green warning on that link. So before you even click, it can give you a kind of trust rating. really, really unusual. Terry's really cool though. Lots of history from red teaming and critical infrastructure. It's a really, really good chat. We do have a new episode out this Thursday.
Luke (44:57.272)
Right.
Anthony Davis (45:14.945)
pretty sure it's this Thursday. It wasn't last Thursday, so it is this Thursday. And that's with AJ, AJ King, who is a behavioral psychologist and also a UX expert. AJ is also a thespian. It's, yeah, it's a hefty one. It's one of the longer interviews that we've done, but I really enjoyed it. AJ is such a character, and we'll probably have AJ back on again at some point to talk about something else, but.
Luke (45:18.701)
Yep.
Anthony Davis (45:43.083)
we get down into behaviors in this one and yeah, it's a good chat. So that's available this Thursday in the same feed as this one on YouTube and on Apple podcasts and on Spotify and wherever you get your podcasts.
Luke (45:59.118)
Sounds like an interesting one for the human risk side of things. Even just human behaviour.
Anthony Davis (46:03.639)
Yeah, if you're interested in why humans do what they do and how you can change that, it's an interesting conversation. And me and AJ have known each other years, so there is a bit of a ramble there. It's just a raw conversation. You can be a fly on the wall.
Right, I had a couple of things I need to whizz through. But if you work in cyber security and you're trying to solve the problem that is human, I had a demo this week of a really cool tool that I thought I'd give a mention. And it's a tool, Metomic. So Metomic are traditionally a DLP tool. But I spoke to them because they've got this tool, this human firewall.
So essentially it's like a nudging tool that can help notify you when data is... and it was really really cool. got some notes here actually. So it's agentless, it's API based. And I saw a demo that worked with Slack and if someone shares a document then it can notify you on Slack that you've shared this document and this document contains certain data.
And then in Slack, it can say, do you wanna change the data classification? And right there in Slack, you can click the button to change the data classification. Or it can be, I wanna remove this file or reduce the sharing, this is shared too widely. And it was really, really cool because it was there, notify me straight away. You can have different behaviors for different roles and groups. There's Teams and 0365 stuff coming as well.
and they're just about to pivot again over to more AI-based tools as well. So, Matomic, it's really, really, it was really, the demo was really good. So if if nudging is a problem for you and you want something that bakes into DLP, DLP is a problem in many organizations, but DLP solutions, I think, are quite difficult to bring in sometimes. You can bring this in as a behavioral nudge tool and it actually serves DLP purposes as well.
Luke (48:20.12)
Yeah, takes a few boxes.
Anthony Davis (48:21.011)
It'd work really well where you are. Yeah, yeah. This is it. And it's integration because it's API based. It integrates with loads of stuff. Notion, Slack, Google Drive. Like it's really, really cool. So yeah, that's Matomic.
Luke (48:33.646)
That was interesting.
Anthony Davis (48:38.903)
The next one I wanted to mention tonight, someone on TikTok actually asked me a question on TikTok and I love this. So if there's anything you're not sure of or there's anything you want us to talk about, you just want to ask us a question, pop a question over. We don't get many questions, but this was really, really cool. So let me just, can I find it? Here it is.
lorry driver lorry r l o r i e driver on tiktok said to me what do you think about buying a product key for ms office from groupon or the like so i did a bit of digging on this so groupon um groupon is a deal site voucher is another similar one it's where you can buy
discount products and stuff. It's been around for years. There's an app on the phone. I bought stuff, I bought like a spa break on Groupon before for the wife. I actually think we both went actually. That was quite a nice off from the kids. But I had a look on Groupon and I was able to find Microsoft Windows 11 Pro with product key and lifetime use for one PC.
up to 92 % off. So Windows 11 Pro product keys normally £129.99 and right now on Groupon here it was £7.46. With promo, one hour left, pulls all the triggers. There's a promo code that gets me an extra £2.49 off so I can have a Windows 11 product key for a fiver, right? That's amazing. So I did a bit of digging, there's
Luke (50:21.272)
Yeah.
Anthony Davis (50:33.057)
Groupon customer reviews, Groupon is a trusted platform and the comments read that the reviews were all great, skeptical about this, I thought it's a scam or something but the product key worked perfectly, absolutely great purchase, placed my order and the product key was with me in minutes. So this is all good, know, this is positive. I then dived over to Reddit, always a source of great truth and
Two years ago, someone said, I've always been skeptical about Groupon, anyone agree or disagree? And Microsoft Office 2021 on Groupon for Mac should be 250 pounds, now 45 pounds. So again, massive discount. The comments are interesting. Groupon is a legitimate company, even if a lot of the stuff they have seems kind of weird anymore. And their Microsoft deals are real.
I used it to get a Windows 11 license for a virtual machine. Someone says I'm seeing Windows 11 licenses for 12 pounds versus 140 pounds. I'm looking to run something on Parallels, it seems too good to be true. People are saying yes it works, yes it works. So, yeah, it's tricky. Someone does, and it's worth noting out, someone says they downloaded LibreOffice for free and had nothing but a
positive experience. If you need an office suite, LibreOffice is free, it's open source and it's pretty good now. I run it myself, so.
Luke (52:10.37)
Yeah, it's an interesting one. mean, yeah, Groupon used to be a lot. I'm just looking at it now. It was always like a genuine business behind the products and some maybe some companies that do these special offers, but it seems to be just like a marketplace now for anybody to just list products. And yeah, it's like you can get CD keys for games and...
windows and office and stuff but they're typically either stolen or people have bought them with credit card details and all sorts of things fallen off the back of a lorry. It's a of dodgy thing. Be careful.
Anthony Davis (52:55.127)
I mean, the one I did see, the Windows license, you click through to the company and it says that there are certain, on their website, which actually, is there a website that's taken me straight to the redeem page? Okay, so their website is literally the Groupon redemption page. There's no more website, that's the homepage. I'm gonna share it, why not?
Luke (53:15.874)
Mm-hmm.
Anthony Davis (53:23.059)
So they're called License Tom and I'm not victimizing them at all. They could be really genuine, right? It says it's a Microsoft certified partner. This is their homepage. The product that you've purchased is for a lifetime activation. The discount coupon you receive from Groupon has a validity of 180 days. It does make me wonder where they get their licenses from.
Luke (53:47.405)
So yeah, I just googled that. Um, licensed Tom Groupon. Um, it's come up with like a Microsoft community post and someone's, yeah, said this is most definitely a scam only because I've just been caught out by it. Um, yeah. It's always good to research these things, isn't it? Yeah. And that we said.
Anthony Davis (54:06.355)
It's it is It used to be that you could buy licenses. You could buy OEM licenses OEM is what's that original? Equipment manufacturer so now we license would be the license that you got with a new PC and You could buy OEM licenses on eBay and when you were sent the license it used to come with like a stick of RAM
Luke (54:20.205)
Yeah.
Anthony Davis (54:33.207)
because they had to sell it with a piece of hardware it was like a get a see an old worthless piece of RAM was sent with the Windows license because they had to send you a piece of hardware to comply with Microsoft's licensing rules so to me this sounds like grey market but I don't know License Tom could be could be genuine and there's other vendors available on Groupon I think like we say with anything
Luke (54:33.646)
you
Luke (54:41.55)
you
Luke (54:51.426)
Mm.
Anthony Davis (55:02.207)
If it feels too good to be true, it probably is too good to be true.
Luke (55:06.478)
Yeah.
Anthony Davis (55:08.235)
Which leads me nicely onto my next one tonight. yesterday, last night, I got a call from my mum. Okay? And my mum said, and again, this comes back to Marks and Spencer's. I got a call from my mum and my mum said, she said, I've, can you tell me if this is real or not? And I was like, yeah, of course I can mum, what's up? And she went, Marks and Spencer's are giving away hampers.
And I was like, are they? So this was the link she'd seen on Facebook. If you remember, four, five, six weeks ago, we spoke about North Face backpacks. Yep, from Decathlon. Okay. So, this is actually, this has taken me, it's not taken me, it's remembered where I am, which is really annoying. Let see.
Luke (55:48.91)
Thank you.
Anthony Davis (56:04.929)
can't go back. Let see if I can go back.
Let's do this in an incognito browser, because that's gonna be better. It's remembered my journey. So let's just take this incognito. Here we go. Final stock clearance. Today, June the 26th. Yesterday it said today, June the 25th. You have been chosen to participate in our inventory clearance giveaway. We're surplus stock.
and you have a chance to receive an &S Collection Humpher for £9.95. Hurry, only 41 spots left to enter today's draw. That was 44, 38 spots left. Every Thursday, yesterday, that said Wednesday, we randomly select 10 lucky users to receive our extra inventory. Today's exclusive product is an &S Collection Humpher. It was also yesterday's exclusive product. This opportunity is only available for residents in the UK. I just pressed back, hang on.
Luke (56:41.422)
It's going down.
Luke (56:52.407)
you
Anthony Davis (57:05.847)
You only have two minutes to complete the survey. The timer hasn't started yet. But again, scroll down. Just got my M &S collection hamper from stock clearance today. Looks amazing. Super happy, my collection hamper. Here's my collection hamper. So lots of comments. These are fake. You can't like or reply. It's got 62 likes, but I can't like it. But I can probably comment. We've had this. This is exactly the same as the North Face one.
Luke (57:35.598)
Yeah.
Anthony Davis (57:36.183)
So, are you a man or a woman? I am man. The timer's started, I have two minutes. All the pressure. How old am I? How many members are there in your family? I'm not really alone, but I'm gonna say alone. Have you bought anything at M &S before? Yes. Hang on, they're verifying my answers. I've answered all the questions. There's no previous survey. Gifts are still available. But what? Now I have to try my luck?
I have three attempts. I bet you I'd get it on the second one.
Anthony Davis (58:13.183)
sorry, but this box is empty. You have two more luck tries. So there's nine boxes to click on and you have to try and get one. This is like a lottery instant now. It's gonna be this time, because it's always the second time. Told ya. Confetti. Congratulations, you're lucky. &S collection hamper is reserved for you. Authorized American spelling. &S is a UK company and this is only open to UK customers, remember?
Red flags everywhere your prize will arrive within five to seven business days if I press submit
It now asks me for my address and contact details. Let me just really quickly put them in.
Anthony Davis (59:01.055)
Obviously not real.
Anthony Davis (59:07.201)
Paid with credit cards, so let's just enter a name. Let's go with Postman, surname Pat, number.
Luke (59:18.338)
person.
Anthony Davis (59:20.727)
I Did know what the fake that that's not gonna be someone's real Phone number surely not I'll buy a lottery ticket if that's if that is postman at pat.com proceed to check out Do you know what do you know what? So that's just gone people listening that's just gone to a 404 not found page the third party paid that previously redirected out to a third party payment provider
and asked for my credit card details, thankfully the third party payment provider has taken that down. Which is brilliant because the next screen was where it collected all my payment data for the 9.95. And that's where my mum got to. My mum got to the payment page and then she rang me because it just like didn't. So
Luke (59:57.196)
value.
Anthony Davis (01:00:14.291)
Be careful, know these it's quite convincing and my mum's fairly savvy because she's got me as a son and I talked to her about this a lot other people would fall for that left right and center so
Luke (01:00:24.482)
Yeah, I imagine many have already.
Anthony Davis (01:00:27.465)
Like we said with Groupon, if it sounds too good to be true, it probably is too good to be true.
Luke (01:00:32.994)
Yeah.
Anthony Davis (01:00:35.743)
Yes, right. Really, really quickly, I'll touch on this. Ross from Mirage Security. saw this on LinkedIn. Ross shared an evolution of scattered spider. Scattered spider are obviously NGM hack last year, Co-op and &S this year. You know, massively devastating attacks. Well, they've published a retrospective two years of social engineering havoc.
Luke (01:01:00.494)
you
Anthony Davis (01:01:05.929)
social engineering is, spiders, know, hallmark is their unique thing. Not unique, but it's what they're known for. And you can see here, there's a link actually in the comments that takes it to a full retrospective. We'll put a link to that in the newsletter, because it's quite an interesting read. And anyone who wants to find out a little bit more about scattered spider, this write up from Mirage is a good timeline. So that's one worth looking at. Thank you, Ross, for sharing that.
and we'll put a link to that in the newsletter. I haven't mentioned the newsletter at all have I? No. Over 700 subscribers goes out every week with every podcast. You can sign up at riskycreative.com or search for the awareness angle on LinkedIn. It's out every single Monday. It covers everything we talk about in each episode and gives you little bit more detail and a couple of action points on it. So that's the awareness angle newsletter that's available every single week.
Luke (01:01:41.39)
Not yet. Better get in.
Anthony Davis (01:02:08.838)
Right, the last one, I know we talked about Windows 10, the last one I wanted to mention is that they've changed a little bit on the Windows 10 upgrade path. 10 Extended Support is now available. They're making it bit easier to get access to. You can pay a one-off fee of $30 to get Extended Support.
This is for home users. For businesses, it's $61 and then doubles each year for each device. But for a personal user, you'll get prompted with this. It's currently going out to their testers, but you'll get prompted and it will say, if you use Windows Backup, five gigabytes of Windows Cloud Backup.
Luke (01:02:39.084)
Right.
Luke (01:03:05.674)
Right, Okay.
Anthony Davis (01:03:05.675)
you get extended support for free.
Or you can redeem a thousand Microsoft reward points. Do you know what Microsoft reward points are?
Luke (01:03:16.12)
I'm low.
Anthony Davis (01:03:17.643)
you get Microsoft reward points for using Bing or for using the Edge browser. So if you continue to use Bing, Bing's a search engine, if you don't know, it's like Google but by Microsoft. Or you use Edge browser which is like Chrome, it's actually very much like Chrome now, but made by Microsoft, kind of made by Chrome but then reskinned by Microsoft. So yeah, a thousand Microsoft reward points.
Luke (01:03:25.134)
All right.
Anthony Davis (01:03:46.901)
will get you, I think, a year of extended support for Windows 10 as well. Or you can pay 30 pounds.
Luke (01:03:54.24)
as good that they're offering it. £30 seems a little bit much maybe but bit cheeky but better than nothing I guess.
Anthony Davis (01:03:56.512)
is good.
Yeah.
Yeah, for commercial though, if you're in a business, £61 per device per year, doubling for year two, £122, and then year three doubling again.
Luke (01:04:16.45)
be a lot of money depending on your business size.
Anthony Davis (01:04:19.135)
I know, right? It's definitely gonna force, I mean, people would probably just stop getting updates, which is terrible. It still shocks me that Microsoft aren't getting more, I get that you can't, there must be a responsibility, like if your product has been that successful when it's used, just to turn off the updates. Unless there's some problem with it, like.
Unless there's some fatal fundamental flaw in Windows 10 source code that means it can no longer be patched. it's probably just not compatible with AI, if we're honest, is it? Probably. Yeah.
Luke (01:04:57.838)
Yeah, it's probably in reality not that far off of Windows 11, but yeah.
Anthony Davis (01:05:06.881)
Did you have anything you wanted to touch on?
Luke (01:05:10.318)
I mean I had a quick one with maybe a swiss through. as usual I seem to bring these to the episodes which is an email I received from Experian this time. This is a real one. yeah, Experian are a company that specialises in credit scores and reports and credit I did.
Anthony Davis (01:05:35.977)
like an Equifax or a Credit Expert.
Luke (01:05:39.67)
Yeah, and they offer like additional services. don't pay for anything extra, but it was like a little teaser I guess they sent me to try and get me to subscribe to their platform. I must have used it. think obviously you've used it previously and DMO can free about how my email was found on the dark web.
bring it up or you can bring it up on the screen.
Anthony Davis (01:06:10.199)
Does it say where on the dark web?
Luke (01:06:12.866)
lawyers rick
So this is the email I received. This is pretty generic as you can see. this is, it seems to be a new feature at the trial.
Anthony Davis (01:06:25.195)
Your email address has been found on the dark web. beta trial. Yeah. I love this, the dark web. This is a hidden part of the internet where criminals sometimes share personal information. Having your details on there can increase the risk of you being affected by scams and identity fraud.
Luke (01:06:46.368)
Yeah, I mean it's interesting that I had received it, but I've been subscribed to Google's dark web search and I didn't get one from that, so not sure where they got this data from. Maybe this is some old stuff that they've got this new platform and they're sending it out. it was just interesting, they sort of talk about some actions to take, but...
Here the key action of enabling multi-factor authentication isn't on there, but when you go further it talks about it. But you'd think maybe that's one thing to put up on the first section. I mean it's a good thing but also could be better.
Anthony Davis (01:07:18.068)
wow.
Anthony Davis (01:07:32.651)
Yeah, the messaging isn't the strongest. Check which email address has been stolen. Log in to your account to see which email address we've found online. Change your passwords. Focus on the most important accounts that use this email address. This includes your email and bank accounts and password managers. And watch out for any suspicious messages. It does also say if they have your password too and can access your email.
they may be able to get into other accounts by resetting passwords or security verification links. There's a lot of ifs and buts in there, like it could be stronger. It's
Yeah, I'm still the the jury's these services so they've got your email address like phone numbers were in the phone book, you know, that wasn't a problem like Your email address on what planet now is someone's email address confidential and private I don't it's Yeah, the the action could be stronger couldn't it mfa multi-factor authentication user password manager, you know Yeah
Luke (01:08:22.338)
Yeah.
Luke (01:08:32.364)
These days not anymore. Yeah.
Luke (01:08:39.448)
Yeah, I mean in this scenario they're trying to sell a product it seems they obviously offer like identity protection type thing. But I think the general message I guess is good for your average person to sort of be aware of these things. But yeah it could be a bit more, a bit easier to understand perhaps and a bit more specific on I guess what it can be but...
Anthony Davis (01:09:08.799)
Yeah, one thing we haven't talked about this week actually which Was was in the news previously I think everyone else has talked about it was the 16 billion passwords that were exposed It was something I was gonna bring to the table within didn't this week one because everybody's talked about already But there was a massive data breach biggest ever data leak ever ever revealed
Luke (01:09:21.72)
Yeah.
Anthony Davis (01:09:35.083)
Jury's really out on whether or not it is new data or whether it's a bunch of old data that's just been recycled. But I think, what does it say? A database with 184 million records. So yeah, everybody's been talking about it and it may be that your email address has come from there. I don't know how many email addresses are in the world. But.
Luke (01:10:01.742)
Many.
Anthony Davis (01:10:02.571)
There's a good chance if you've had an email address for a number of years I've had my email address like 15 Years one of them. I've like 20 plus years of course. It's gonna be out there You know like all if I think about every single website. I've had an account with or service. I've had an account with so many Companies that no longer exist whose databases have disappeared into the ether Yeah, that's as long as the passwords aren't reused the email address is pretty
Luke (01:10:13.262)
Yeah.
Luke (01:10:26.286)
Mm-hmm.
Anthony Davis (01:10:31.543)
much common knowledge so don't fret too much if your email address is on the dark web. As long as you have good password hygiene, use a password manager, pass keys coming, know, as long as you don't use the same password and have multi-factor authentication that isn't SMS, you're good, I think.
Luke (01:10:52.504)
Yeah, pretty much.
Anthony Davis (01:10:55.287)
Right, think that's us done for this week then. Yeah, brilliant. Well it's good to be back. So much covered this week. Ambulance chases for M &S, get on the compensation claim. Nexus Mods, DDoS, Google Location, OSINT and Pizzas. Don't go sharing confidential plain.
Luke (01:10:59.118)
Yeah, I think so.
Anthony Davis (01:11:24.191)
documents on a gaming forum. If your browser asks you to copy something into an address bar or file page, don't. Ignore dodgy SMS's and don't go around somewhere blood testing places because you end up killing people and that's not good for anyone. And it's up to you whether or not... Laurie Driver, if you want to buy a Groupon license...
do it your own risk, use a credit card and just be prepared that at some point your application may become deactivated and your Windows might start asking you for a new license key or your Word might start asking you for a new license key. Don't get upset if it only lasts a few weeks, it's only a fiver. Yeah, okay, same time next week.
Luke (01:11:55.394)
Yeah.
Luke (01:12:15.906)
Yeah, catch you next week. See ya.
Anthony Davis (01:12:17.633)
Brilliant. See you later. Bye.