Sign up to save your podcasts
Or
Share QR Code Parking Meter Scam, Optimizely Vishing Attack, and Robot Vacuum Hack
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
QR Code Parking Meter Scam, Optimizely Vishing Attack, and Robot Vacuum Hack
This week on The Awareness Angle, attackers ditch malware and pick up the phone, fake QR codes hit real parking meters, and even your weather app might be quietly fingerprinting you.
We start with Breach of the Week, as Optimizely confirms a data breach following a vishing attack. Impersonated IT support calls led to compromised internal systems and stolen CRM contact data. No ransomware, no exploit chain, just social engineering and misplaced trust.
In the news, fraudsters place fake QR stickers on 75 parking meters in Kelowna, turning everyday convenience into credential theft. New research reveals Samsung’s pre-installed weather app may create a persistent device fingerprint using hashed location identifiers. The UK’s ICO fines Reddit £14.47 million for unlawfully processing children’s data, raising fresh questions around age verification and platform responsibility.
We also cover security flaws across Android mental health apps with 14.7 million installs, exposing sensitive therapy data to potential risk, Instagram rolling out parental alerts for teen self-harm searches, and a researcher who accidentally gained control of nearly 7,000 robot vacuums worldwide.
In Awareness, we explore how AI tools like Gemini can be used to rapidly build interactive learning content, from phishing simulators to gamified modules, and what that means for the future of security awareness.
Plus, we touch on the viral Dacia Sandman campervan that never existed, the growing wave of ClickFix social engineering pop-ups, Samsung’s new privacy screen display tech, and a fresh warning about Google Ads phishing targeting Ahrefs users.
If you like your cyber news grounded in reality, focused on people, and just a little bit sceptical, you’re in the right place.
Timestamps
00:00:00 Intro
00:01:20 Breach of the Week – Optimizely Vishing Attack
00:03:40 Fake QR Codes on 75 Parking Meters
00:08:10 Samsung Weather App Fingerprinting Research
00:13:00 UK Fines Reddit £14.47M Over Children’s Data
00:17:30 Android Mental Health Apps Security Flaws
00:23:43 Instagram Parental Alerts for Self-Harm Searches
00:29:00 7,000 Robot Vacuums Remotely Accessible
00:35:00 Building Interactive Security Training with Gemini
00:46:40 The Dacia Sandman That Never Existed
00:51:43 ClickFix Pop-Ups in the Wild
00:54:43 Samsung Privacy Display Feature
00:58:17 Ahrefs Google Ads Phishing Warning
More Information
https://riskycreative.com
Follow us
LinkedIn
https://www.linkedin.com/newsletters/the-awareness-angle-newsletter-7274932363787132928/
TikTok
https://www.tiktok.com/@infosecant
Instagram
https://www.instagram.com/riskycreative
YouTube
https://www.youtube.com/@riskycreative
Our Intro and Outro Song © 16 by falling forever
https://fallingforever.bandcamp.com/track/16
License
https://creativecommons.org/licenses/by/4.0/
View all episodes
By Risky Creative - Cyber Security for HumansThis week on The Awareness Angle, attackers ditch malware and pick up the phone, fake QR codes hit real parking meters, and even your weather app might be quietly fingerprinting you.
We start with Breach of the Week, as Optimizely confirms a data breach following a vishing attack. Impersonated IT support calls led to compromised internal systems and stolen CRM contact data. No ransomware, no exploit chain, just social engineering and misplaced trust.
In the news, fraudsters place fake QR stickers on 75 parking meters in Kelowna, turning everyday convenience into credential theft. New research reveals Samsung’s pre-installed weather app may create a persistent device fingerprint using hashed location identifiers. The UK’s ICO fines Reddit £14.47 million for unlawfully processing children’s data, raising fresh questions around age verification and platform responsibility.
We also cover security flaws across Android mental health apps with 14.7 million installs, exposing sensitive therapy data to potential risk, Instagram rolling out parental alerts for teen self-harm searches, and a researcher who accidentally gained control of nearly 7,000 robot vacuums worldwide.
In Awareness, we explore how AI tools like Gemini can be used to rapidly build interactive learning content, from phishing simulators to gamified modules, and what that means for the future of security awareness.
Plus, we touch on the viral Dacia Sandman campervan that never existed, the growing wave of ClickFix social engineering pop-ups, Samsung’s new privacy screen display tech, and a fresh warning about Google Ads phishing targeting Ahrefs users.
If you like your cyber news grounded in reality, focused on people, and just a little bit sceptical, you’re in the right place.
Timestamps
00:00:00 Intro
00:01:20 Breach of the Week – Optimizely Vishing Attack
00:03:40 Fake QR Codes on 75 Parking Meters
00:08:10 Samsung Weather App Fingerprinting Research
00:13:00 UK Fines Reddit £14.47M Over Children’s Data
00:17:30 Android Mental Health Apps Security Flaws
00:23:43 Instagram Parental Alerts for Self-Harm Searches
00:29:00 7,000 Robot Vacuums Remotely Accessible
00:35:00 Building Interactive Security Training with Gemini
00:46:40 The Dacia Sandman That Never Existed
00:51:43 ClickFix Pop-Ups in the Wild
00:54:43 Samsung Privacy Display Feature
00:58:17 Ahrefs Google Ads Phishing Warning
More Information
https://riskycreative.com
Follow us
LinkedIn
https://www.linkedin.com/newsletters/the-awareness-angle-newsletter-7274932363787132928/
TikTok
https://www.tiktok.com/@infosecant
Instagram
https://www.instagram.com/riskycreative
YouTube
https://www.youtube.com/@riskycreative
Our Intro and Outro Song © 16 by falling forever
https://fallingforever.bandcamp.com/track/16
License
https://creativecommons.org/licenses/by/4.0/