We take a trip to Staten Island, New York, to hear how a case of cyberstalking resulted in the arrest of 20 alleged mobsters, learn about the nude photo-loving insider threat at Yahoo, and discover how fraudsters might be boosting Match.com’s profits.
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Ran Levi of the “Malicious Life” podcast.
0:00
0:00
0:00
0:00
Show full transcript ▼
This transcript was generated automatically, probably contains mistakes, and has not been manually verified.
I'm a man's man.
I'm a man's man, he said.
If he's into men, there's no problem.
Exactly. I don't know what a man's man means.
2019, dude. You can go that way.
Smashing Security, episode 149: Falling in Love with Fraudsters, with Carole Theriault and Graham Cluley. Hello, hello, and welcome to Smashing Security episode 149.
My name is Graham Cluley.
My name is Graham Cluley.
149, clue. I'm Carole Theriault.
And we are joined this week by returning guest, it's Ran Levi from the Malicious Life podcast. Hello, Ran.
Hello, hello. Great to be back.
It's so good to have you back on. Thank you for making the time for us.
My pleasure.
Now, for those people who didn't hear you last time or may not be aware of Malicious Life, can you quickly summarize what the podcast is all about?
Because I'm sure lots of people would love to tune into it.
Because I'm sure lots of people would love to tune into it.
Sure. So I'm originally from Israel, as some of you may be noticing from my accent.
It's a very sexy accent, actually.
Oh, thank you.
Oh, here we go.
I think the Israeli accent is one of my favorites in the whole wide world.
Thank you.
You can come on the show any time you like, Ran.
One of the few times somebody said my name along with the word sexy. So I'm buying it. And Malicious Life is a podcast about mainly the history of cybersecurity.
We bring lots of interesting stories from past hacks and interesting viruses all the way back to the 1920s and 1910s, even way before there were computers.
But most of them naturally are from the past 20 years or so. So lots of stories.
We bring lots of interesting stories from past hacks and interesting viruses all the way back to the 1920s and 1910s, even way before there were computers.
But most of them naturally are from the past 20 years or so. So lots of stories.
Excellent. Yeah, lots of good fun. Really recommend it. So Carole, what's coming up on the show this week?
Well, first, thanks to this week's sponsors, LastPass, Immersive Labs, and Code42. Their support helps us give you the show for free.
Now on today's show, Graham talks of an FBI arrest involving racketeering, extortion, and buses. Ran blows away the cobwebs and gives us a Yahoo update.
And I'm diving into the online dating pool. All this and loads more coming up on this episode of Smashing Security.
Now on today's show, Graham talks of an FBI arrest involving racketeering, extortion, and buses. Ran blows away the cobwebs and gives us a Yahoo update.
And I'm diving into the online dating pool. All this and loads more coming up on this episode of Smashing Security.
Now then, ladies and gentlemen, I'm going to—
Why, why lady and gentlemen? He's not two people.
Oh, okay, okay.
Gentle person.
I mean, I don't know why you'd be rude to our guest.
Anyway, gentle folk, that's nice.
Hey, hey, hey, all right, I'm gonna take you to Staten Island, New York, okay? Right, I'm gonna do one of my accents. I'm gonna get into character right now, right?
You think I'm funny?
You think I'm funny?
No!
I amuse you? I amuse you? You think I look like a clown? Huh? Okay.
I am going to tell you about what the FBI have been up to, because they have recently charged 20 people alleged to be members of an organized crime gang called the Colombo.
The Colombo crime gang.
I am going to tell you about what the FBI have been up to, because they have recently charged 20 people alleged to be members of an organized crime gang called the Colombo.
The Colombo crime gang.
One more thing.
Hey, there's another impression. I can't keep up with all these impressions. They are part of La Cosa Nostra, the Sicilian Mafia.
And they're being charged with racketeering, extortion, operation of an illegal gambling business, attempting to bribe a college basketball game, umpteen other crimes, and cyberstalking.
And if the FBI are to be believed, their main chap is a chap called Joseph Amato.
Now, disappointingly, Joseph Amato appears to be about the only member of the gang who doesn't have a pseudonym, right? Amato Tomato.
I think they could have done something like that. But I imagine you don't call the boss names. So they didn't give him one, but other members do.
For instance, there's Daniel "The Wig" Capaldo, also known as Shrek. There's Joey the Fish. There's Dominic Bologna.
And they're being charged with racketeering, extortion, operation of an illegal gambling business, attempting to bribe a college basketball game, umpteen other crimes, and cyberstalking.
And if the FBI are to be believed, their main chap is a chap called Joseph Amato.
Now, disappointingly, Joseph Amato appears to be about the only member of the gang who doesn't have a pseudonym, right? Amato Tomato.
I think they could have done something like that. But I imagine you don't call the boss names. So they didn't give him one, but other members do.
For instance, there's Daniel "The Wig" Capaldo, also known as Shrek. There's Joey the Fish. There's Dominic Bologna.
I want a name like this, don't you?
Creepy Crawly.
Oh, nice.
That's what you could be.
Nice.
All of the alleged members of the Colombo Gang appear to be men based in Staten Island, New York. But there was a woman who was involved with the group, as you'll find out.
The FBI began snooping on alleged members of the gang after a GPS tracking device was found on a Staten Island bus in November 2016.
The FBI began snooping on alleged members of the gang after a GPS tracking device was found on a Staten Island bus in November 2016.
Like an actual physical device was found?
An actual physical device was found on a bus in Staten Island, November 2016, which was giving them the ability to track people's movements. Now—
Well, track the bus, presumably.
Well, exactly. Why would anyone want to track a bus? I mean, surely—
There's a map online that tells you exactly where it is at all times.
Exactly.
Google Maps. The bus does that.
And you imagine more or less each day the bus is going to go the same route round about the same time. Yeah. Yeah. Well, the thing is they didn't want to track the bus. Oh.
The tracking device was originally on a car belonging to Joseph Amato's girlfriend.
The tracking device was originally on a car belonging to Joseph Amato's girlfriend.
Oh, are we saying that maybe Joe and his gang put a GPS in her handbag or on her car?
They put a GPS tracking device on her car. He was obviously feeling a little bit uncomfortable as to what she might be getting up to when he wasn't able to see her.
And he had boasted that he had eyes everywhere across New York. He said in one email, he said to her, he said, "This is my island, not yours.
I've got eyes all over." He said, "I'm a man's man. I'm a man's man," he said.
And he had boasted that he had eyes everywhere across New York. He said in one email, he said to her, he said, "This is my island, not yours.
I've got eyes all over." He said, "I'm a man's man. I'm a man's man," he said.
If he's into men, there's no problem.
Exactly. I don't know what a man's man means.
2019, dude. You can go that way.
I have to say, I'm so disappointed of these guys. It's so cliché. Everything is so cliché. They call themselves what? The Cosa Nostra?
Well, La Cosa Nostra is the name for the Sicilian Mafia, but this particular gang is called Colombo.
And all these pseudonyms, it's very generic.
Fish.
And they'd have to think something more original.
The thing was, right, he had planted, or one of his goons had planted this tracking device on her car.
Right.
Because he was interested in what she was getting up to. And then he started saying, you know, I can see what you're doing now. Surprise, surprise.
Having been told by him that she was being watched all the time, she checked out her car. She's not an idiot.
Having been told by him that she was being watched all the time, she checked out her car. She's not an idiot.
She's like, hmm, how did he know I went to McDonald's yesterday? I have an idea.
Let me see if there's some kind of tracking device. And she found this tracking device and she then went and concealed it on the bus. Smart.
And so obviously he then thought, oh, she's behaving herself. She's just going around.
And so obviously he then thought, oh, she's behaving herself. She's just going around.
She's driving around in circles.
Driving in circles.
Day and night for 8 hours a day.
Stopping at every bus stop. You do have to wonder how long it took him to realise that he was tracking the bus. But eventually he did.
And when he did, he did what many people might do. He reported that the tracking device had gone missing to the tracking service.
And when he did, he did what many people might do. He reported that the tracking device had gone missing to the tracking service.
Okay.
Right. So he told them, "Oh, I had this device. It's gone missing. So I'm going to need a new one." Sorry to interrupt. Right.
So a GPS tracking device presumably is always telling you where it is.
Oh, well, there are different kinds of tracking device, you see.
Okay.
So there are tracking devices which are called passive tracking devices. And what they do is they record locations, but they don't then transmit it back to you.
You have to physically grab the tracking device and plug it into a computer or something in order to extract the data.
You have to physically grab the tracking device and plug it into a computer or something in order to extract the data.
That would be annoying if you bought that one by accident.
Well, there is an advantage to those. And the big advantage to those is that they require less power.
Aha.
And the battery doesn't go dead.
So everyone thinks, because you've watched 24 and TV shows like that, you can just attach some little pin-sized device on people, you can track them indefinitely.
It's not as simple as that.
So those kind of devices which are sort of giving you live tracking of someone, they're going to need either a really decent battery size or they're going to have to be plugged into your cigarette lighter or the car battery or something like that, right?
So I imagine that this was a passive device. And I imagine that Joey the Tomato Amato got one of his buddies, you know, Benny the Banana or Mickey Blue Eyes or whoever it was.
I imagine that whenever his girlfriend came to visit, he got them while he was occupying his girlfriend to pop out the car swap over the device or charge it up or grab the data from it.
So I imagine it was that kind of thing.
So everyone thinks, because you've watched 24 and TV shows like that, you can just attach some little pin-sized device on people, you can track them indefinitely.
It's not as simple as that.
So those kind of devices which are sort of giving you live tracking of someone, they're going to need either a really decent battery size or they're going to have to be plugged into your cigarette lighter or the car battery or something like that, right?
So I imagine that this was a passive device. And I imagine that Joey the Tomato Amato got one of his buddies, you know, Benny the Banana or Mickey Blue Eyes or whoever it was.
I imagine that whenever his girlfriend came to visit, he got them while he was occupying his girlfriend to pop out the car swap over the device or charge it up or grab the data from it.
So I imagine it was that kind of thing.
I'm just taking out the trash. Yeah.
Right.
And just doing a little swapsy.
Okay, interesting. Eventually taking out the trash. Anyway. Swim with the fishes. It's not just Dave Bickman doing the accents.
After eventually realising he was tracking a bus rather than his girlfriend, he bought a brand new device.
By now, however, the police had been informed when the bus company found the tracking device on their bus, and they said, "This is a bit weird.
Do you want to look into this?" They found out who it was registered to. They'd been listening to his phone calls.
They'd been wiretapping him and about 20 other members of this gang. It began as a cyberstalking inquiry and then turned into this massive bust of potentially a huge criminal gang.
After eventually realising he was tracking a bus rather than his girlfriend, he bought a brand new device.
By now, however, the police had been informed when the bus company found the tracking device on their bus, and they said, "This is a bit weird.
Do you want to look into this?" They found out who it was registered to. They'd been listening to his phone calls.
They'd been wiretapping him and about 20 other members of this gang. It began as a cyberstalking inquiry and then turned into this massive bust of potentially a huge criminal gang.
May I interrupt?
Is that why he reported it missing, thinking it may have been reported 'And if I report it missing, it'll be an easy lost and found situation.' Or maybe, I don't know.
Is that why he reported it missing, thinking it may have been reported 'And if I report it missing, it'll be an easy lost and found situation.' Or maybe, I don't know.
Maybe he wanted a new one sent from the tracking company.
Maybe he wanted a new improved version. I'm not sure.
Oh, you think he was trying to just get the money for the insurance to replace it?
But it's so ironic that the whole operation—
Tomato, amato.
The whole operation was discovered because he was jealous of his girlfriend. So ironic.
See, girls always bring us down, don't they? We're just running a nice little criminal operation, and then the girls get involved and they ruin it all for us. Leading us to doom.
Thank God for girls. Okay, carry on.
Anyway, the police raided his house before he was able to plant the second tracking device. They found it. They found all kinds of other communications which he'd been up to.
They raided other people's properties as well. They found evidence that they'd been trying to bribe people. They'd been extorting money. They found firearms. They found stun guns.
They found cans of tear gas, thousands of guns.
They raided other people's properties as well. They found evidence that they'd been trying to bribe people. They'd been extorting money. They found firearms. They found stun guns.
They found cans of tear gas, thousands of guns.
This was all in the house?
In this and other residences belonging to alleged members of the gang. So, you know, quite a serious criminal operation, it appears. Obviously, it's all going to go to court.
It appears has been broken up by this FBI investigation, which all began purely because of a cyberstalking incident. Now, it's quite a juicy indictment.
If you go and read up, exactly what's going on. There's a lot of this which sounds like a Joe Pesci movie when you read it.
It does sound these guys really loved— they loved their gangster movies and they loved The Godfather and they're quoting bits of The Godfather in their communications.
Oh, I love that.
It appears has been broken up by this FBI investigation, which all began purely because of a cyberstalking incident. Now, it's quite a juicy indictment.
If you go and read up, exactly what's going on. There's a lot of this which sounds like a Joe Pesci movie when you read it.
It does sound these guys really loved— they loved their gangster movies and they loved The Godfather and they're quoting bits of The Godfather in their communications.
Oh, I love that.
That's why it's so cliché.
Well, they are really living it.
But as I was reading and I was thinking, oh, I'm going to talk about this on the podcast today, it did make me think, you know, these don't seem like Goodfellas to me.
I'm not really sure that it was sensible for me to talk about this gang, even though here I am feeling I'm safe in Oxford because their tentacles—
But as I was reading and I was thinking, oh, I'm going to talk about this on the podcast today, it did make me think, you know, these don't seem like Goodfellas to me.
I'm not really sure that it was sensible for me to talk about this gang, even though here I am feeling I'm safe in Oxford because their tentacles—
The Mafia's got long arms.
Oh yes, the Oxford Mafia.
As long as a spaghetti noodle. Ran, what's your story?
Okay.
My story involves Yahoo!, which a lot of people who actually read comments on the story were kind of surprised to see that Yahoo! still exists.
So maybe you know, every time you mention Yahoo's name is a good thing for Yahoo, even if it's not in a good context.
So maybe you know, every time you mention Yahoo's name is a good thing for Yahoo, even if it's not in a good context.
Yahoo definitely still exists. It's all these people who are aged over 50, right?
Who had the same email account and password for the last 20 years.
Who don't know how to create a new account and automatically forward messages.
It really does. My wife's father has a Yahoo account. He's roughly 80. So I'm guessing that's the clientele.
You haven't moved your father-in-law over to something better than Yahoo?
He knows how to operate the user interface and it works. So why give him something new?
I can just see it right now, actually, that conversation. Why would I change? Why would I change?
Exactly. It works.
Okay.
Don't touch it. It works.
Hands off!
It's mine!
And our story begins with a guy called Reyes Daniel Ruiz. I hope I'm pronouncing his first name right. Reyes. That's R-E-Y-E-S. He's 34 years old from California.
He's a senior DevOps engineer in Yahoo. He was back then. And he just admitted last week in federal court that he hacked around 6,000 accounts and tried to find nudes, basically.
He's a senior DevOps engineer in Yahoo. He was back then. And he just admitted last week in federal court that he hacked around 6,000 accounts and tried to find nudes, basically.
And what, women and men, or—
I don't know. They didn't say, but probably women.
Oh, right. Okay.
Including those of his friends and colleagues. I think that might be even the main reason why he did that, because he targeted co-workers and stuff, which is a bit creepy.
And so how many Yahoo co-workers did he— I mean, it is particularly grim.
I mean, I think it's grim breaking into people's accounts anyway to look for private photos and things, but the thought that you might be hacking into the accounts of people who you know and who know you, it must be actually horrific for them.
Carole, if you broke into my account, you'd find it pretty tame, I guess.
I mean, I think it's grim breaking into people's accounts anyway to look for private photos and things, but the thought that you might be hacking into the accounts of people who you know and who know you, it must be actually horrific for them.
Carole, if you broke into my account, you'd find it pretty tame, I guess.
Oh yeah, I would be like, hey, here's my chess update. Hey, have you seen the new Doctor Who? Yawnville.
Nothing happens in my accounts. I mean, that's so boring. Don't try to hack my mail. Nothing interesting is going on over there.
But the horrendous, the horrendous thing here, Ran, is that he was actually a Yahoo software engineer hacking into Yahoo accounts.
Oh, he's an insider. It's an inside job. And actually, when he hacked those accounts, the story doesn't mention how he hacked them. It was probably using weak passwords.
Yeah.
And once he was in, he was able to compromise other accounts of the same people, you know, Google accounts, Facebook accounts.
They all use the same passwords.
Exactly. And if not, he reset their passwords. And then you do a reset, you get an email saying, did you just reset your account? And he has control over the email account.
So he was able to penetrate other accounts. So he got fired, obviously, once they discovered it.
And the ironic part of the story is that once he was fired, he got a job in another Silicon Valley company called Okta. And Okta, ironically, is an access management company.
So he was able to penetrate other accounts. So he got fired, obviously, once they discovered it.
And the ironic part of the story is that once he was fired, he got a job in another Silicon Valley company called Okta. And Okta, ironically, is an access management company.
Exactly.
Oh my God, are you kidding me?
So if people had been using an authentication service like Okta, maybe their accounts wouldn't actually have been hacked. So that's where he went next. Yeah, oh.
Somebody who accessed accounts illegally was at that point an access management specialist.
So he was fired from Yahoo upon discovery of his criminal behavior, but not reported to the authorities.
I think it was reported to the authorities, but nobody told Okta. And they were actually pretty cross, from what I understand, on Yahoo's management.
I would say it's their responsibility to do a criminal background check.
Well, he wouldn't have had a criminal record at that point. He wouldn't.
Well, he may have. You don't know. If he got fired.
He may have got chucked out of Yahoo, but he wouldn't at that time have been found guilty.
If you're arrested, I guess that there's no paper trail for that because you're innocent until proven guilty. Okay, right, I understand.
Yeah. So he worked there for about 5 months and when Okta discovered his background, they obviously immediately fired the guy. And now he's standing trial.
And I understand that the maximum penalty for what he did is 5 years behind bars and a quarter of a million dollars in fines.
And I understand that the maximum penalty for what he did is 5 years behind bars and a quarter of a million dollars in fines.
And cut off his goolies.
Yeah, yeah, yeah.
And it actually made it— I was interested in that story when I read it because in cybersecurity, we usually think about attackers as coming from outside of the organization.
I have a notion that a large percentage of cyberattacks of all sorts actually originate from inside, from employees of companies, from people who have access to the information, to the tools, to the programs.
And we know that the largest cases like Snowden and then Chelsea Manning, the famous cases, but I think many, many breaches and hacks probably originate from inside a job.
I have a notion that a large percentage of cyberattacks of all sorts actually originate from inside, from employees of companies, from people who have access to the information, to the tools, to the programs.
And we know that the largest cases like Snowden and then Chelsea Manning, the famous cases, but I think many, many breaches and hacks probably originate from inside a job.
These are people who have already got the passwords. They already have access to the data because they're doing work with it.
You don't need to hack in and get past all the security defenses because these are people you've let in through the front door and given access to your network.
It is, though, fairly horrific that those poor people who must have been having lunch with him, had meetings with him, who are now working there going, oh my goodness, what did that guy see of me and what's he actually—
You don't need to hack in and get past all the security defenses because these are people you've let in through the front door and given access to your network.
It is, though, fairly horrific that those poor people who must have been having lunch with him, had meetings with him, who are now working there going, oh my goodness, what did that guy see of me and what's he actually—
I had such an incident myself a long, long time ago when a coworker— it wasn't a cyber hack back then, but he actually stole a phone that I had and did calls.
It was back when cell phones were rather new. And he stole something like, I think, $200 worth of phone calls.
It was back when cell phones were rather new. And he stole something like, I think, $200 worth of phone calls.
Phone credits.
And it was somebody I knew quite well. And it was so shocking to think that a friend, a coworker, colleague will do that to you.
So are you still friends with him? Have you forgiven him?
No, no, no. Actually, when I discovered it, I almost killed the guy. I was pretty angry then.
Really? Don't mess with Ran, kids.
He's Israeli, Carole. He's Israeli. You don't mess with him. We all know that.
I was going to say, I want to go to Israel and maybe we can meet for a drink, but just don't touch my phone.
Don't touch my phone.
I was a bit younger, I was 20, so hot-headed, hot-blooded.
Did you get a big phone bill or something? How did you find it out? Was it lots of calls to sexy numbers?
Actually, it was quite an interesting story.
I got a phone bill, it was way larger than what I usually called, and then I asked for, you know, a list of all the numbers that were called, and I saw that many of these conversations were to a different city in Israel which I never called because I didn't have any friends there.
So I asked myself, who could it be? And I had no idea.
And what I did then was I called one of the numbers which were rather frequently called, and I pretended to be a newspaper salesman who wanted to—
I got a phone bill, it was way larger than what I usually called, and then I asked for, you know, a list of all the numbers that were called, and I saw that many of these conversations were to a different city in Israel which I never called because I didn't have any friends there.
So I asked myself, who could it be? And I had no idea.
And what I did then was I called one of the numbers which were rather frequently called, and I pretended to be a newspaper salesman who wanted to—
So juicy. Yeah.
And I offered the people on the other end, I had no idea who they were.
I offered them a subscription for the newspaper, and if they do a subscription, they'll get a big reward or something. You know, I made up some big reward.
And when they agreed, eventually I tried to be the best salesman that I could be. I asked them, okay, so just give me your names and street address or whatever.
And now I had the last name and it was the same last name as the guy who stole the phone because it was his parents that he was calling.
And then I connected the dots and I came over to that guy. When he saw me, when he saw how furious I was, he became pretty white because he obviously knew what was happening.
But he paid up eventually and I didn't go to the police because he was quite younger. I was, I think, 20 years old.
So I didn't want to ruin his life because he was doing something so stupid.
I offered them a subscription for the newspaper, and if they do a subscription, they'll get a big reward or something. You know, I made up some big reward.
And when they agreed, eventually I tried to be the best salesman that I could be. I asked them, okay, so just give me your names and street address or whatever.
And now I had the last name and it was the same last name as the guy who stole the phone because it was his parents that he was calling.
And then I connected the dots and I came over to that guy. When he saw me, when he saw how furious I was, he became pretty white because he obviously knew what was happening.
But he paid up eventually and I didn't go to the police because he was quite younger. I was, I think, 20 years old.
So I didn't want to ruin his life because he was doing something so stupid.
So you didn't want to ruin his life because he was 18?
Yeah, he was young.
And this was 10, 15 years ago?
He was 20 though.
Ran was 20 at the time. He was 18. And I was thinking to myself, you know, if I did give this guy a criminal record because of that stuff.
Okay, he's middle-aged now. Do you want to name him now? We can put it out on the podcast.
I don't even remember. 25 years ago. But we can shame him online.
No, no, no, no, no. I don't think we should.
See, Graham, some of us have loads of friends, right? And through the years, it's hard to keep track of them all.
Krow, what have you got for us this week?
Well, I think you are also partnered, aren't you? Graham and I both are currently, not together, thank God.
Tell me about it.
But let's hark back, boys, to our single days, right? These are the days before someone graciously invited us into their lives. And I've been out of the game for a while, right?
It was the mid-'00s when I fell into step with a hot somebody. So, and it shows, right?
I was recently out with some younger friends, and they were glued to their phones, right, while I was sitting there knocking back a delicious martini.
I mean, I don't know how you're the wingwoman when the target's on a teeny tiny screen. I don't know how to play that game at all.
So my point is the dating world has changed dramatically.
It was the mid-'00s when I fell into step with a hot somebody. So, and it shows, right?
I was recently out with some younger friends, and they were glued to their phones, right, while I was sitting there knocking back a delicious martini.
I mean, I don't know how you're the wingwoman when the target's on a teeny tiny screen. I don't know how to play that game at all.
So my point is the dating world has changed dramatically.
Of course, Tinder.
Yeah, right. But whether we're in the scene or not, we have all heard of Match.com.
Yeah, yeah.
Now Match.com is owned, interestingly, by a parent company called Match Group.
And Match Group owns a number of dating sites that you might be familiar with, including Hinge, OkCupid, Plenty of Fish, and Tinder.
So they are a seriously big player in the dating world.
And Match Group owns a number of dating sites that you might be familiar with, including Hinge, OkCupid, Plenty of Fish, and Tinder.
So they are a seriously big player in the dating world.
Almost a monopoly, I think.
Yeah, I know. I was thinking eHarmony was the only one that came to mind of a big— one of the bigger brands. There's a Bumble as well. There's a few.
Now, recently, Match Group, okay, the parent company, put out some stats on the dating world.
And it said, it was kind of an acute media-friendly report, and it said things like only 11% of Gen Z and millennials date casually.
That must be music to the ears of parents with daughters out there. And a third of millennials aren't dating much due to financial constraints.
They basically just can't afford going out for dinner all the time, right? And 42% of singles say love feels lost in our society. So basically the dating is very empty.
So, that got me thinking. I wondered whether Match Group were feeling the hit, right?
So, I wanted to check out sites like Alexa and MarketWatch to see if there was any negative impact on the bottom line.
Now, recently, Match Group, okay, the parent company, put out some stats on the dating world.
And it said, it was kind of an acute media-friendly report, and it said things like only 11% of Gen Z and millennials date casually.
That must be music to the ears of parents with daughters out there. And a third of millennials aren't dating much due to financial constraints.
They basically just can't afford going out for dinner all the time, right? And 42% of singles say love feels lost in our society. So basically the dating is very empty.
So, that got me thinking. I wondered whether Match Group were feeling the hit, right?
So, I wanted to check out sites like Alexa and MarketWatch to see if there was any negative impact on the bottom line.
Okay.
And well, well, well, since January 2019, Match Group has grown a whopping 60%.
Gosh.
Stock value ticking upwards from $43 to $74. And that's in 10 months, folks, right? It's a pretty nice return.
They're doing good.
Yeah. So why are people flocking to Match, right? So one reason is the brand awareness is pretty strong. You and I know about it even though we're not in this world anymore for years.
And there's a Match app, I imagine, as well, is there?
There's a Match app. It also ties well with the Match website as well. There's really nice slick apps apparently, both for iOS and Android.
It's really easy to sign up and it's free to sign up, right, and use the search facilities. And there's loads of add-ons available to enhance your experience.
That's all the things people say thumbs up for. What people complain about is that only members who subscribe, basically pay a membership fee, can send and reply to messages.
It's really easy to sign up and it's free to sign up, right, and use the search facilities. And there's loads of add-ons available to enhance your experience.
That's all the things people say thumbs up for. What people complain about is that only members who subscribe, basically pay a membership fee, can send and reply to messages.
So if I joined Match.com, I could receive messages from people. So it's like, oh, hey cutie, you know, they'd say to me. But if I wanted to reply—
No, no, you wouldn't be able to read it.
I—
Oh, I wouldn't be able to read. So I'd know there was a message waiting for me.
Just browse the pictures.
I'll tell you exactly how it works. I mean, I think you'll see if you can find the flaw in it before I get there. Okay. So this is how it works.
You can go out there and like people and read bios and look at pictures.
You can go out there and like people and read bios and look at pictures.
The profile.
But if someone does the same to you, you will be alerted via email that there's a message for you, but you will not be able to see anything about that message, including the contents, the profile, anything until you pay for a membership.
So you don't see it. You just see that somebody responded.
I can see how this might be abused to encourage people to sign up.
So just to make it really clear, right?
So let's say, Ran, you and Graham are both on, you know, and you're liking each other or something, and you're both, you're a freebie, you're a freebie, Ran, on the site, right?
So you kind of saw, you looking around on the site and you may have kind of thought, oh, he looks interesting, right?
And then you get inside your email something that says, he just emailed you, exclamation mark. Okay, that's what the title says.
And then it says, you caught his eye and now he's expressed interest in you. Could he be the one? Read his email.
And this is a standard email that Match.com sends to users, including those that are free, right?
Now, if you clicked on that, you would be like, ahahaha, you can't read Graham's love letter, or whoever's letter. You don't even know it's Graham, actually.
You cannot read the love letter that you've received, right, until you pay, right?
The problem: Match had already identified many of the people, of these, the people behind these emails, these interests, as scammers.
So if you had paid Match to read that message, yes, you might have gone in and had a scammer there start, a romance scammer start wooing you, or you would have an empty inbox because after you had paid, Match could say, oh, this is in our list of known scammers, we're going to delete this email.
So let's say, Ran, you and Graham are both on, you know, and you're liking each other or something, and you're both, you're a freebie, you're a freebie, Ran, on the site, right?
So you kind of saw, you looking around on the site and you may have kind of thought, oh, he looks interesting, right?
And then you get inside your email something that says, he just emailed you, exclamation mark. Okay, that's what the title says.
And then it says, you caught his eye and now he's expressed interest in you. Could he be the one? Read his email.
And this is a standard email that Match.com sends to users, including those that are free, right?
Now, if you clicked on that, you would be like, ahahaha, you can't read Graham's love letter, or whoever's letter. You don't even know it's Graham, actually.
You cannot read the love letter that you've received, right, until you pay, right?
The problem: Match had already identified many of the people, of these, the people behind these emails, these interests, as scammers.
So if you had paid Match to read that message, yes, you might have gone in and had a scammer there start, a romance scammer start wooing you, or you would have an empty inbox because after you had paid, Match could say, oh, this is in our list of known scammers, we're going to delete this email.
Oh, okay. So there's lots of romance scammers, as we know, doing online dating, and they are actually helping Match.com's bottom line.
That's co-evolution in biology.
Because they're sending— because, because they're sending messages to everyone, right? Saying, oh, you're so beautiful, come on, let's go to the bar together.
It gets even worse than this because apparently they have filters in place once you become a member.
But they don't have filters, or the argument the FTC are making is that perhaps the same defenses are not in place for freeloader users.
And the reason, as you get to the point, the reason you might want all those scammers sending all that traffic is that so you get more people to sign up.
But they don't have filters, or the argument the FTC are making is that perhaps the same defenses are not in place for freeloader users.
And the reason, as you get to the point, the reason you might want all those scammers sending all that traffic is that so you get more people to sign up.
That's a bit naughty, isn't it?
It is a bit naughty.
Actually, when you started describing the story, I was thinking more in the direction of what, if you remember, Ashley Madison, what they were doing? Ashley Madison, the—
Yes, the fembots.
Yeah, they had exactly the fembots that they fabricated users to kind of lure the users to—
Yeah.
That's different.
Because the FTC have been after this for years and years.
One of the quotes from the FTC was Match had blocked some of these suspicious accounts from sending messages to its paying subscribers, but didn't give the same protection to free accounts users.
Now, how big is the problem?
The FTC alleges that millions of contacts that generated Match's 'you caught his eye' email notices came from accounts the company had already flagged to be fraudulent.
And worse, right, Match prevented existing subscribers from receiving these email communications if they were from a suspected fraudulent account.
One of the quotes from the FTC was Match had blocked some of these suspicious accounts from sending messages to its paying subscribers, but didn't give the same protection to free accounts users.
Now, how big is the problem?
The FTC alleges that millions of contacts that generated Match's 'you caught his eye' email notices came from accounts the company had already flagged to be fraudulent.
And worse, right, Match prevented existing subscribers from receiving these email communications if they were from a suspected fraudulent account.
It's an interesting one, this, isn't it?
Because I can imagine that Match.com might say one of the benefits of subscribing to our service is that we will give you a cleaner inbox and we will keep out scammers and spammers, etc.
And then maybe they wouldn't offer that to people who hadn't yet paid.
And yet, of course, the very fact that there is spam and scams and fake winks occurring on Match.com might be an incentive for people to subscribe.
Do we have any sense as to what percentage of traffic on Match.com is fraudulent or scammy?
Because I can imagine that Match.com might say one of the benefits of subscribing to our service is that we will give you a cleaner inbox and we will keep out scammers and spammers, etc.
And then maybe they wouldn't offer that to people who hadn't yet paid.
And yet, of course, the very fact that there is spam and scams and fake winks occurring on Match.com might be an incentive for people to subscribe.
Do we have any sense as to what percentage of traffic on Match.com is fraudulent or scammy?
Yes, there is.
So apparently, I was shocked by the number, 25 to 30% of Match.com members who register each day are using Match.com to attempt to perpetrate scams, including romance scams, phishing scams, fraudulent advertising, and extortion scams.
So apparently, I was shocked by the number, 25 to 30% of Match.com members who register each day are using Match.com to attempt to perpetrate scams, including romance scams, phishing scams, fraudulent advertising, and extortion scams.
That's a lot.
Now, do those, but those people, to send those scam messages, they must have to subscribe to Match.com, right?
Yes, they create a bogus account. They go and target all the new people that have come on to the site as freebies.
Stolen credit card details?
Sure. Well, who knows if they—
I'm sorry, what noise are you making there?
No, no, no, sorry.
Was that a rabbit having a munch of something? What was that?
That was me snapping my lips. I was just wondering whether they had to have full accounts or not. You're right.
I think they would do, wouldn't they? Really?
Yeah.
So actually scammers and Match.com are kind of entwined in a mutually beneficial relationship.
Yes, that's where I think things get a little bit yucky, right? That's exactly the point.
They're kind of directly profiting from the romance scammers attempting to find fresh victims.
They're kind of directly profiting from the romance scammers attempting to find fresh victims.
But let's not jump to conclusions because it really reminds me of what people were saying about the antivirus industry for a very long time.
That the antivirus vendors were creating viruses to have more clients.
And of course, this was ridiculous because nowadays there are so many viruses and malware that you don't need to create anything specifically.
But back then in the early '90s, people really thought that antivirus vendors were creating viruses for their own products to catch.
That the antivirus vendors were creating viruses to have more clients.
And of course, this was ridiculous because nowadays there are so many viruses and malware that you don't need to create anything specifically.
But back then in the early '90s, people really thought that antivirus vendors were creating viruses for their own products to catch.
I think that's a super amazing point. My view wasn't, when I read this and did my research, I did not feel, oh, Match are behind the scammer emails at all.
It doesn't make business sense for me at all from a shareholder company. It doesn't make sense.
It doesn't make business sense for me at all from a shareholder company. It doesn't make sense.
Maybe it was a bad call from management to prevent the service from the free tier.
Although they've grown 60%, you said, since January, you know, they're doing all right.
They might be turning something of a blind eye to the problem and maybe not addressing it quite as well as they should.
They might be turning something of a blind eye to the problem and maybe not addressing it quite as well as they should.
Yeah.
I want to know if any of our listeners are on— if there are any genuine Match.com users and whether anyone out there listening is on Match.com.
And if they are, if they could send a message to HotOxfordTamale, that would be—
And if they are, if they could send a message to HotOxfordTamale, that would be—
Why HotOxfordTamale?
Isn't that your username, Carole? I thought you'd researched this.
So my advice, right, when I read all this, I'm thinking, okay, we like to end with some good advice.
And the only advice I have— All the millennials and the Z-gens out there, why don't you return to old school cool?
You know, take out the headphones, go outside, talk to real people in real life.
And the only advice I have— All the millennials and the Z-gens out there, why don't you return to old school cool?
You know, take out the headphones, go outside, talk to real people in real life.
Outside? Carole?
Sunlight?
If someone came up to you and said, "Hi, you've caught my eye. Are you single?" Would you be insulted or would you be flattered?
I'm a male. I'd be very flattered.
Carole, that's how disease is spread. The bubonic plague began because of things like that.
It's much safer to meet and interact with people. I wasn't suggesting that you actually catch the person's eye literally. I thought it more figuratively, Graham.
I don't like the zombies.
With a barbed wire. Catch his eye.
It's just Graham. You have to forgive him.
No, I was talking about you.
No, I missed the Tinder revolution. I was married long before they—
Join the club. Join the club.
I'm so bummed out. I mean, it would have made my life as a single bachelor so much easier.
A lucky escape, I reckon.
At the beginning of the show though, I said that you had a very sexy voice, right?
Oh, here we go.
Thank you. Thank you.
Made you feel good. No, whether, you know, just it's a nice daily thing. So I'm saying to millennials and Z-Gen to get out there and just tell people you might enjoy it.
Old school cool.
Old school cool.
Sponsors.
Don't you love a win-win situation? Imagine if you could have both enterprise-wide password management with single sign-on. What is single sign-on? Well, Graham, let me dazzle you.
Single sign-on is designed to connect employees to high-priority apps, all without needing the user to log in at every single hurdle.
Now, by combining these two services, our friends at LastPass may have just revolutionized security at the enterprise level. Learn more at lastpass.com/smashing.
You don't need to say the forward slash. Ah!
Single sign-on is designed to connect employees to high-priority apps, all without needing the user to log in at every single hurdle.
Now, by combining these two services, our friends at LastPass may have just revolutionized security at the enterprise level. Learn more at lastpass.com/smashing.
You don't need to say the forward slash. Ah!
So you've got an IT security team, but you want to turn them into security superstars? How can you best provide each employee with the opportunity to upskill themselves?
Immersive Labs provides a cloud-based system, meaning it's available 24 hours a day, whenever it's convenient for them to learn.
It provides hands-on experience with tools, technology, and even sandboxed ransomware and phishing. The platform provides story-based threat simulations.
It lets teams enhance their skills while stopping an online banking breach or the hack of industrial control systems. Lots of fun to be had there.
Check out Immersive Labs' skills development platform to drive down your organization's cyber risk while reducing training costs. Check them out at immersive labs.com/lite.
Immersive labs.com/l-i-t-e. Okay, so it turns out that we are all bad people.
Immersive Labs provides a cloud-based system, meaning it's available 24 hours a day, whenever it's convenient for them to learn.
It provides hands-on experience with tools, technology, and even sandboxed ransomware and phishing. The platform provides story-based threat simulations.
It lets teams enhance their skills while stopping an online banking breach or the hack of industrial control systems. Lots of fun to be had there.
Check out Immersive Labs' skills development platform to drive down your organization's cyber risk while reducing training costs. Check them out at immersive labs.com/lite.
Immersive labs.com/l-i-t-e. Okay, so it turns out that we are all bad people.
Well, not all of us, most of us though, because 60% of employees who quit their jobs admit to taking data. That's why Code42 provides data loss protection for when employees quit.
It can help you detect insider threats, investigate file activity, and respond before damage is done.
A really cool aspect is that at any time, Code42 can tell you what data lives where, when it leaves, where it goes, and who has access to it.
To learn more about how you can protect your company from insider threats, visit code42.com/smashingsecurity. Now on with the show.
It can help you detect insider threats, investigate file activity, and respond before damage is done.
A really cool aspect is that at any time, Code42 can tell you what data lives where, when it leaves, where it goes, and who has access to it.
To learn more about how you can protect your company from insider threats, visit code42.com/smashingsecurity. Now on with the show.
And welcome back. And you join us at our favorite part of the show, the part of the show that we like to call Pick of the Week.
Pick of the Week. Pick of the Week.
Yeah, naturally.
Pick of the Week is the part of the show where everyone chooses something they like.
Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever it is. Doesn't have to be security-related necessarily.
Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever it is. Doesn't have to be security-related necessarily.
Better not be.
And my pick of the week this week is not security-related.
I had a fantastic time last week because I popped out to a local art center and I saw a chap talk and the chap's name is Mark Lewisohn and he is the world's foremost authority on something I hold very close to my heart, which is the Beatles.
I had a fantastic time last week because I popped out to a local art center and I saw a chap talk and the chap's name is Mark Lewisohn and he is the world's foremost authority on something I hold very close to my heart, which is the Beatles.
My favorite band ever.
Oh, really? Oh, Ran.
I grew up.
Mark Lewisohn is, he's a historian and he has been writing an incredible 3 volumes. He's only written the first one and only takes them up to the first recording session.
It's about 800 pages of the Beatles history. Anyway, at the moment he is doing in the UK a tour called Hornsey Road.
I won't explain why it's called Hornsey Road because that's one of the secrets revealed during his talk, but it is all about the 50th anniversary of the Abbey Road album.
Of course, the last album ever recorded by the Beatles back in 1969, and it was fabulous.
It's about 800 pages of the Beatles history. Anyway, at the moment he is doing in the UK a tour called Hornsey Road.
I won't explain why it's called Hornsey Road because that's one of the secrets revealed during his talk, but it is all about the 50th anniversary of the Abbey Road album.
Of course, the last album ever recorded by the Beatles back in 1969, and it was fabulous.
I know that it was fabulous because I happened to talk to you the next day and you waxed lyrical about this show for about 20 minutes.
Which is probably the longest we've ever been on the phone other than a podcast. It was terrific.
So what Mark had done is he had taken the isolated tracks from Abbey Road, which actually had been sort of ripped off a guitar, a Rock Band game.
I think there was a Beatles Rock Band game, video game a while back, which had the isolated tracks and someone broke the encryption, managed to get the individual tracks of all these Beatles songs.
No way. Yeah, for real.
And he's able to use those and he's remixed them into his own version of Abbey Road, which highlights individual pieces of musicianship like Paul McCartney's incredible bass guitar playing, the drumming obviously, the lead guitar of George Harrison.
It's tremendous. So he was doing this and he'd made up these little videos and things.
There's video footage, interviews, tapes of them chatting in the studio, but also so much background information. You find out who the real Mean Mr.
Mustard was, if you remember that song from the medley on side two.
And another of the revelations which comes to light is he actually got a recording of a business meeting which the Beatles had had after Abbey Road was recorded, where they discuss how they want to actually record another album, which never happened.
But one of the things which comes up is discussion of Maxwell's Silver Hammer, which is a controversial Beatles track.
And it turns out during this recording that even Paul McCartney who had insisted they record it and had multiple hundreds of takes of this particular song, he admitted that he didn't actually particularly like it either.
So no one in the band actually liked Maxwell's Silver Hammer, but it still ended up on the album.
So what Mark had done is he had taken the isolated tracks from Abbey Road, which actually had been sort of ripped off a guitar, a Rock Band game.
I think there was a Beatles Rock Band game, video game a while back, which had the isolated tracks and someone broke the encryption, managed to get the individual tracks of all these Beatles songs.
No way. Yeah, for real.
And he's able to use those and he's remixed them into his own version of Abbey Road, which highlights individual pieces of musicianship like Paul McCartney's incredible bass guitar playing, the drumming obviously, the lead guitar of George Harrison.
It's tremendous. So he was doing this and he'd made up these little videos and things.
There's video footage, interviews, tapes of them chatting in the studio, but also so much background information. You find out who the real Mean Mr.
Mustard was, if you remember that song from the medley on side two.
And another of the revelations which comes to light is he actually got a recording of a business meeting which the Beatles had had after Abbey Road was recorded, where they discuss how they want to actually record another album, which never happened.
But one of the things which comes up is discussion of Maxwell's Silver Hammer, which is a controversial Beatles track.
And it turns out during this recording that even Paul McCartney who had insisted they record it and had multiple hundreds of takes of this particular song, he admitted that he didn't actually particularly like it either.
So no one in the band actually liked Maxwell's Silver Hammer, but it still ended up on the album.
This is amazing.
John Lennon's kind of saying, well, couldn't you have given it to someone else? It was an incredible two and a half hours, and for a Beatles fan like me, really unbelievable.
This is amazing. I would have loved to watch it.
Well, sadly, it isn't going to be videoed. It isn't. And I don't think it's going to go on tour overseas either.
But if you go to hornseyroad.net, you can find out where other dates on the tour are in case you want to go and check it out.
But 50 years on, still a magical album and put in so much fantastic context by Mark Lewisohn. So it had to be my pick of the year.
But if you go to hornseyroad.net, you can find out where other dates on the tour are in case you want to go and check it out.
But 50 years on, still a magical album and put in so much fantastic context by Mark Lewisohn. So it had to be my pick of the year.
And Spotify, by the way, has a special Abbey Road playlist with commentary, which is also great. I just listened to it a few days ago. It's amazing.
Yeah. Brilliant album. Ran, what's your pick of the week?
So my pick of the week is a website called jigsawexplorer.com, Jigsaw Explorer. And as you can probably understand from the name, it's a jigsaw puzzle kind of website.
And actually, it's a fantastic website to jigsaw lovers like myself.
You can — I mean, there are hundreds and thousands of puzzles and you can kind of tweak the individual puzzles to the level of complexity that you wish to have.
And lots of, you know, little tweaks that can help you, like they can kind of move all the pieces to one side of the screen, etc.
So it's very, very nice user experience in terms of bringing a puzzle together on a computer screen, which is not an easy thing to do.
And actually, it's a fantastic website to jigsaw lovers like myself.
You can — I mean, there are hundreds and thousands of puzzles and you can kind of tweak the individual puzzles to the level of complexity that you wish to have.
And lots of, you know, little tweaks that can help you, like they can kind of move all the pieces to one side of the screen, etc.
So it's very, very nice user experience in terms of bringing a puzzle together on a computer screen, which is not an easy thing to do.
So I'm trying this right now, right? It's enormous fun.
So basically it presents itself a bit like a tabletop with all of the jigsaw pieces turned the correct way up, which obviously is the biggest nuisance normally of jigsaws.
But then you can sort of with your mouse, you can point and click and attach them to each other. And once you've got the correct connection, they stick together, don't they?
So basically it presents itself a bit like a tabletop with all of the jigsaw pieces turned the correct way up, which obviously is the biggest nuisance normally of jigsaws.
But then you can sort of with your mouse, you can point and click and attach them to each other. And once you've got the correct connection, they stick together, don't they?
Like a jigsaw.
Like a jigsaw, exactly.
Like a wonderful jigsaw. So you're never left in any doubt as to whether you've got it right or not.
You know, guys, they do say that, you know, older generations are quite happy to do a little jigsaw for quite a long time.
Graham, are you saying that's what you want for your next celebration?
Graham, are you saying that's what you want for your next celebration?
I'm going to put this on my Tinder profile or Match.com profile, I think.
Do a jigsaw together. It's so romantic.
I'm going to say to some young lady, I've got a piece which would fit you just fine.
Oh, your digital door is going to get blown down with that line, sugar face.
So actually, I mean, I very much loved puzzles even when I was a kid, but being now a father of 3 kids, so I don't have much time to actually do a real, you know, real world puzzle.
And even if I would, the kids would probably run all over it and blow it up to pieces again. So on a computer.
And even if I would, the kids would probably run all over it and blow it up to pieces again. So on a computer.
How old are they? 20, 30?
I wish.
And so puzzles on a computer screen are much easier for me to, in a more practical sense. And actually, I love doing puzzles when I'm listening to podcasts.
It's so relaxing and you can listen to podcasts and you don't have to stare at nothing for an hour or something. So it's great fun. I really recommend it.
It's so relaxing and you can listen to podcasts and you don't have to stare at nothing for an hour or something. So it's great fun. I really recommend it.
Cool.
I've been playing with it too.
It looks cool.
It's definitely something to put into your, the bored file, you know, the I'm bored at work file folder on your browser.
Exactly.
Yeah. So jigsawexplorer.com. Very nice.
Yeah.
Love it.
HTTPS too.
They are all the best sites are. Carole, what's your pick of the week?
Mine is a Netflix show called Criminal. Watch it. That's all I have to say.
No, so isn't it based off a podcast? There is a podcast called Criminal.
No, I don't think it is.
Well, maybe I read somewhere that Criminal had sold the rights, so it's possible, but I didn't go and do that research because the Criminal with Phoebe Judge is an excellent great podcast, and it does have a similar approach, but it's kind of different.
This is more four miniseries. Each miniseries has three independent programs in our shows or episodes, and each miniseries focuses on a different European country.
So we have the UK, France, Spain, and Germany, and all of it is set in the same investigative room.
So the whole idea is someone's sitting in the room, the police want to talk to that person, they have a file, they've brought them in, you don't know why and you go in and start learning as they ask questions.
It's really good if you're into that whole character study.
Well, maybe I read somewhere that Criminal had sold the rights, so it's possible, but I didn't go and do that research because the Criminal with Phoebe Judge is an excellent great podcast, and it does have a similar approach, but it's kind of different.
This is more four miniseries. Each miniseries has three independent programs in our shows or episodes, and each miniseries focuses on a different European country.
So we have the UK, France, Spain, and Germany, and all of it is set in the same investigative room.
So the whole idea is someone's sitting in the room, the police want to talk to that person, they have a file, they've brought them in, you don't know why and you go in and start learning as they ask questions.
It's really good if you're into that whole character study.
So you might not know whether the character is a baddie or not, but they might have a tell. Is there a one-way mirror? Is there one of those funny mirrors?
And you go behind, you're often in that back room watching what's going on. So you're with the investigative team of the group, and the rooms are only two rooms effectively.
There's the back room and the interview room. And each, so say for the UK, the first one has David Tennant who plays the perp who's being interviewed in the first one.
He is very good. And the game is, of course, you have to decide whether he's guilty or not before the end of the show. That's the game I play anyway.
There's the back room and the interview room. And each, so say for the UK, the first one has David Tennant who plays the perp who's being interviewed in the first one.
He is very good. And the game is, of course, you have to decide whether he's guilty or not before the end of the show. That's the game I play anyway.
We played our house.
Well, interesting you said that. So it's really kind of cool to compare how it works in Germany versus the UK and Spain and France, how lawyers act, for instance, how the law works.
It's just really insightful and cool, and I love it. So go watch Criminal. It's on Netflix, and Graham, you'll love it. I promise, promise, promise.
It's just really insightful and cool, and I love it. So go watch Criminal. It's on Netflix, and Graham, you'll love it. I promise, promise, promise.
It sounds good to me.
It's an interesting idea. I mean, the idea is fantastic.
It's a great idea. Yeah.
So great to see the UK working together with European countries on a project as well, isn't it?
Yeah.
As we head into our glorious future, back to the 1600s. Anyway, that just about wraps it up for this.
Ran, I'm sure lots of our listeners would love to follow you online and find out more about the Malicious Life podcast. What's the best way they can do that?
Ran, I'm sure lots of our listeners would love to follow you online and find out more about the Malicious Life podcast. What's the best way they can do that?
Yeah, the website is malicious.life, and we are of course on every podcasting application out there, CastBox, iTunes, whatever.
Alexa, play Malicious Life.
Interesting if that would work. I think it should. I don't have an Alexa, but it should. And if you want to follow me on Twitter, that's @ranlevi, R-A-N-L-E-V-I.
And you don't have a Match.com user ID, you're claiming?
Not yet.
And you can follow us on Twitter as well, @SmashingSecurity, no G, Twitter won't allow us to have a G. And you can join the conversation on Reddit as well.
Just check out the Smashing Security subreddit.
Just check out the Smashing Security subreddit.
Once again, thanks to this week's Smashing Security sponsors: Immersive Labs, LastPass, and Code42.
Check out smashingsecurity.com for past episodes, sponsorship details, and info on how to get in touch with us.
Check out smashingsecurity.com for past episodes, sponsorship details, and info on how to get in touch with us.
Until next time, cheerio, bye-bye, bye-bye, later skaters.
Now this week we thought we'd share an independent intended comment on our last show. This one comes from Twitter.
Victor PC, or @Victor_TheyKnow, said, "The last episode of Smashing Security had me dying. Graham Cluley's laugh should have its own show. It's so communicative." I agree.
Hashtag hello boys?
Victor PC, or @Victor_TheyKnow, said, "The last episode of Smashing Security had me dying. Graham Cluley's laugh should have its own show. It's so communicative." I agree.
Hashtag hello boys?
I think that's because we were talking about the advert, Eva Herzigová, weren't we, last week? And her décolletage.
Thank you, Victor_TheyKnow. I have to say that many people have often told me that Graham sounds like he's indeed dying when he's laughing. So I don't want you to die with him.
In fairness, we are all dying, aren't we? It's not just that I sound like— well, I mean, it's just a question of speed.
That's the deepest thing you've ever said to me in 20 years. I'm blown away, and that's saying something.
It was great fun, guys.
Thank you so much, Ran.
Hosts:
Graham Cluley:
@grahamcluley.com
@
/ grahamcluley
Carole Theriault:
Guest:
Ran Levi – @ranlevi
Show notes:
- The "You Think I'm Funny?" scene from "Goodfellas" — YouTube.
- 20 Defendants Charged with Crimes, Including Racketeering, Extortion, Loansharking — Department of Justice.
- Indictment against Joseph Amato and others (PDF) — Department of Justice.
- GPS cyberstalking of girlfriend brings surveillance and indictment for alleged American mobster — The Register.
- How to Find a GPS Tracker on Your Vehicle.
- Former Yahoo Software Engineer Pleads Guilty To Using Work Access To Hack Into Yahoo Users’ Personal Accounts — Department of Justice.
- Former Yahoo engineer pleads guilty to searching 6,000 user accounts for nudes — The Verge.
- Using Match.com? Read this — FTC Consumer Information.
- Why Match.com allegedly luring lonely customers with fake ‘winks’ is just another form of ‘phishing’ — MarketWatch.
- Fembots land Ashley Madison in hot water with the FTC — Graham Cluley.
- Mark Lewisohn Official Website.
- Hornsey Road with Mark Lewisohn.
- The Beatles' Abbey Road (Super Deluxe Edition) — Spotify.
- Jigsaw Explorer — Online Jigsaw Puzzles.
- Criminal — Netflix.
- Criminal Review: Netflix Crime Drama With Parts Better Than the Whole — Collider.
- Support us on Patreon!
Sponsor: Code42
Code42 provides data loss protection for when employees quit.
60% of employees who quit their jobs admit to taking data. Your organization’s data is more portable than ever and you have employees leaving everyday.
Most organizations rely on prevention but there are simply too many ways for data to leave.
To learn more about how to protect your company’s data from insider threats visit code42.com/smashing
Sponsor: LastPass
LastPass Enterprise makes password security effortless for your organization.
LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.
Sponsor: Immersive Labs
Immersive Labs provides the world’s first fully interactive, on-demand, and gamified cyber skills platform.
Try it for free at immersivelabs.com/lite/, and drive down your organisation’s cyber risk while reducing training costs.
Follow the show:
Follow the show on Bluesky at @smashingsecurity.com, on the Smashing Security subreddit, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, Spotify, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
