This week, our hosts⁠⁠⁠⁠⁠⁠⁠ ⁠Dave Bittner⁠, ⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up from listener Abdussobur, who wonders if a pair of suspicious text messages—one sent to his wife and another to him with a nearby address—could be the result of a data breach. Joe's story is on a surge of financial aid fraud where identity thieves, often using AI chatbots as “ghost students,” are enrolling in online college courses to steal federal funds—leaving real people like Heather Brady and Wayne Chaw with fake loans and months of bureaucratic cleanup. Dave's got the story on how the FIN6 cybercriminal group is posing as job seekers on LinkedIn to trick recruiters into opening malware-laced resumes, using deceptive tactics like fake portfolio sites and the MoreEggs backdoor to steal credentials and launch ransomware attacks. Maria's story is on a Pennsylvania woman who scammed over $800,000—nearly $466,000 from a Cedar Rapids church—by hacking emails and rerouting payments, claiming she did it under the direction of a famous British actor she was allegedly dating. Our catch of the day is on a convincing but bogus text claiming an overdue traffic fine under a fake regulation—complete with threats of license suspension and credit damage—all designed to trick recipients into clicking a malicious link.

Resources and links to stories:

⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠[email protected]⁠⁠⁠⁠⁠⁠⁠⁠.