racheltobac.bsky.social
Hacker & CEO @SocialProofSec security awareness/social engineering training, videos, talks | 3X @DEFCON🥈 | Chair @WISPorg | @CISAgov Technical Advisory Council under Director Jen Easterly
166 posts
11,981 followers
711 following
Regular Contributor
Active Commenter
comment in response to
post
Exactly right!
comment in response to
post
Can’t wait to keynote RH-ISAC!
comment in response to
post
He tolerated this outfit for a full 5 minutes!
comment in response to
post
Ooof! I recommend the Novovax Covid booster next time, reduced on the side effect front
comment in response to
post
❤️❤️❤️
comment in response to
post
Fine with me as long as it’s stored safely and the home is safe for them.
comment in response to
post
🤣
comment in response to
post
Probably just fine, I just don’t personally have experience with their platforms.
comment in response to
post
DeleteMe, Hush, Picnic (for companies)
comment in response to
post
◡̈
comment in response to
post
told my mom and she already called amazon to verify a text “from them” about her package getting damaged in a car accident and needing certain details to refund
saving christmas, one mom at a time *high five*
comment in response to
post
Nice work!!!
comment in response to
post
◡̈
comment in response to
post
And check out @racheltobac.bsky.social's video outlining how to spot scams in the wild /end
comment in response to
post
Thanks Scott!
comment in response to
post
Thanks for the kind words!
comment in response to
post
Thank you Brian!
comment in response to
post
Rachel Tobac just did an excellent thread on this subject.
bsky.app/profile/rach...
comment in response to
post
Yikes!!
comment in response to
post
Whoaaa nice work catching that one
comment in response to
post
Thank you Eric!
comment in response to
post
absolutely!!
comment in response to
post
very good call
comment in response to
post
Yes!! It's such an issue
comment in response to
post
How to stay safe from scams this holiday season?
- Be politely paranoid
- Use another method of communication to verify people/orgs are who they say they are before taking action
- Use long, unique, and random passwords stored in a password manager (or passkeys)
- Turn on MFA for every account
comment in response to
post
You may read this as a tech savvy person and think "I would never fall for an obvious scam like that!" and I hope your right. But, some scams are less clear.
Ie. An email from you insurance provider requiring info before winter enrollment period ends (they mimic real deadlines and typical messages).
comment in response to
post
Cyber criminals think of their work like a business -- you know how business ramps up during the holiday buying season? So do hacking attempts.
Criminals don't need to do research to determine you have a package arriving soon (& you want to avoid a delay in time for holidays).
comment in response to
post
Because so many people were trained to spot only phishing emails, there is a lack of education about just how tricky scam calls, texts, social media posts/ads, and voicemails can be.
They use urgency around receiving gifts on time and our fear of fraud/monetary loss to trick!
comment in response to
post
Many people only think of EMAIL when they think of phishing, but phishing is common across every tool!
For example:
- Phishing texts about "delivery delays"
- Social media posts with scam sweepstakes
- Calls about "fraud charges on your credit card"
- Voicemails from the "FBI"
comment in response to
post
Glad you're helping them catch those criminals!!
comment in response to
post
Quite persistent and tricky!
comment in response to
post
◡̈