This episode is packed with cybersecurity stories, clever phishing scams, and some big questions about security awareness. We break down why simple phishing scams still work, even when the warning signs are obvious, and how scammers continue to exploit Amazon and PayPal users with fake emails designed to create panic. Meanwhile, the FBI has issued a warning about Ghost ransomware, a group that doesn’t bother with phishing—they just exploit unpatched software to break in. If your systems aren’t updated, you’re an easy target.
We also take a closer look at malicious Chrome extensions, with over 3.2 million users unknowingly compromised. Even though Google removed these from the Chrome Web Store, affected users must manually delete them to stay safe. In another alarming scam, fraudsters are using real PayPal emails to convince victims their account was hacked. The trick? They include a fake customer service number, leading victims straight to scammers who attempt to take over their devices via remote access software. This is social engineering at its best—and worst.
Beyond scams, we discuss a huge data breach exposing 284 million users, raising an important question: is Have I Been Pwned still useful? With breaches happening constantly, does another “you’ve been pwned” alert really help? While the flood of leaked credentials is overwhelming, good security habits—like unique passwords, multi-factor authentication, and phishing awareness—remain the best defense.
We also touch on a new phone scam where an unknown number calls with an automated message, urging you to add them on WhatsApp. What’s behind this shady tactic? Plus, a viral video claims AI bots are secretly developing their own language—but the truth is far less dramatic.
This episode is a reminder that cybercriminals don’t need advanced hacking skills when the old tricks still work. Phishing, social engineering, and software vulnerabilities are still the biggest risks. Want to stay ahead? Audit your browser extensions, update your software, and always stop to think before you click.
🔗 Subscribe to The Awareness Angle for weekly security insights and practical tips!
Sign up for The Awareness Angle Newsletter today and get notified every time a new episode is released. Each newsletter contains details of the topics discussed and more from the world of Security Awareness.
You're almost there!
To confirm your subscription, please check your inbox for a confirmation email. Click the link in the email to complete your signup and start receiving our newsletter!
If you don’t see the email within a few minutes, check your spam or junk folder, just in case.
Thank you for subscribing!
💬 Episode 15 Discussion Points
📹TikTok Bank Scam
https://www.tiktok.com/@winnieandminnie0/video/7472821399057403158?_t=ZN-8u8RNqWyhpm&_r=1
🎣 Amazingly Simple Amazon Phish
https://cofense.com/blog/amazon-phish-hunts-for-security-answers-and-payment-information
🔍 PayPal New Address, New Attack
https://www.bleepingcomputer.com/news/security/beware-paypal-new-address-feature-abused-to-send-phishing-emails/
🔑 We've Been Pwned – What Now?
https://www.troyhunt.com/processing-23-billion-rows-of-alien-txtbase-stealer-logs/
🔌 3.2 Million Users Hit by Malicious Chrome Extensions
https://gitlab-com.gitlab.io/gl-security/security-tech-notes/threat-intelligence-tech-notes/malicious-browser-extensions-feb-2025/
📎 SANS Security Awareness Summit 2025 - Call For Presentations
https://www.bleepingcomputer.com/news/security/cracked-garrys-mod-beamngdrive-games-infect-gamers-with-miners/
👮 FBI's Ghost Cyber Warning: All You Need to Know https://cybermagazine.com/articles/what-are-ghost-attacks-and-what-should-your-business-know
🖥️ TWO AI’s talking to each other
https://youtu.be/EtNagNezo8w
🍎 Our Update on Apple Encryption
https://youtu.be/WAKLIdmssjs?t=1723
📞 "I'm calling from Indeed Human Resources. Please add me on WhatsApp"https://youtu.be/WAKLIdmssjs?t=1723
Missed the episode? Watch it below!