This week on The Awareness Angle, Anthony Davis and Luke Pettigrew dive into a week full of sharp turns—from a teen hacker forcing Microsoft to rethink its bounty program, to hackers hijacking a decades-old video game to take control of PCs. Also in the mix: 64 million job seekers exposed by a single password, suspicious Google Ads requests, Instagram flannel cons, and a football kit nod to Bletchley Park.
👾 Youth & Cybercrime – A UK teenager linked to major Microsoft and Nvidia breaches shows why digital ethics education can’t be optional for young, technically skilled individuals.
🎮 Old Games, New RCEs – Hackers exploited multiplayer game engines to gain remote access to PCs. Legacy software can create modern attack surfaces, on and off the clock.
📬 Phishing & Domain Abuse – The .es top-level domain is increasingly used in phishing scams. Help users decode domains and trust signals beyond just the brand name.
🔐 MFA Saves the Day – A spoofed Google Ads request almost succeeded—until MFA stepped in. A real-life reminder that layering defences works.
📄 AI Prompt Injection – Academic PDFs are being weaponised with hidden prompts to influence AI-generated outputs. It’s time to add LLM manipulation to your awareness radar.
📢 Emergency Alerts & Privacy – With government alert tests rolling out, employees with hidden phones (e.g., in domestic abuse cases) face real safety risks. Consider the human layer in crisis comms.
👚 Instagram Scams & Flannel Fraud – Niche cons on social media show how easy it is to mimic small businesses. Don’t forget brand impersonation when training around phishing.
🧑💼 Insider Threat Economics – A CNM insider sold credentials for just $300. Reinforce messaging around ethics, behaviour monitoring, and low-cost high-risk breaches.
🍟 Hiring Platform Data Leak – McDonald's and Paradox AI leaked data on 64M+ applicants—another reminder: third-party vendors aren’t automatically secure.
📊 Security Culture Benchmarks – Tools like KnowBe4’s Human Risk Maturity assessment help awareness pros evaluate where their culture stands and what needs improvement.
⚽ Bonus: Bletchley Park-Inspired Football Kit – What does a football shirt have to do with WWII codebreaking? A surprisingly wholesome win for security storytelling.
If you care about where behaviour, tech, and trust intersect, this one’s got it all.
🕒 Timestamps
00:00 Intro: A new intro and newsletter plug
02:53 Cyber Crime Developments: M&S and Co-op Attacks
05:56 Gaming Vulnerabilities: Call of Duty Incident
10:07 Young Innovators: Dylan's Microsoft Teams Hack
12:59 AI Manipulation in Academic Research
16:57 UK Emergency Alert System Testing
20:04 Phishing Trends: The Rise of .es Domains
24:59 Bribery in Cyber Crime: The Brazilian Bank Heist
27:58 Monzo's Fake Address Scandal
31:57 MK Dons Tribute to Bletchley Park
34:02 McDonald's AI Hiring Blunder
36:19 Paradox AI and Data Breach Concerns
37:35 Human Risk Management Insights
42:17 The Importance of Authentic Internal Communication
44:41 Deepfake Technology and Its Implications
49:34 Scams Targeting Consumers: Apple Pay Warning
53:26 Identifying Scams: The Dixon Shirt Fraud
01:00:14 Victor's Near Miss with a Scam
01:11:23 Weekly Wrap-up and Final Thoughts
📩 For links, videos, and the newsletter – head to riskycreative.com
💬 Check Out This Episode's Discussion Points
📧 hello@riskycreative.com
🔗 riskycreative.com
🎵 Our Intro & Outro Song (© 16! by falling forever)
License: https://creativecommons.org/licenses/by/4.0
