A hacker doxxes himself, and social engineering-as-a-service
Smashing Security
Graham Cluley
4.7 • 579 Ratings
🗓️ 4 December 2025
⏱️ 45 minutes
🧾️ Download transcript
Summary
A teenage cybercriminal posts a smug screenshot to mock a sextortion scammer... and accidentally hands over the keys to his real-world identity. Meanwhile, we look into the crystal ball for 2026 and consider how stolen data is now the jet fuel of cybercrime – and how next year could be even nastier than 2025.
Plus, Graham rants about recipe sites that won’t shut up, and there's even more love for Lily Allen's album "West End Girl" album.
All this and more is discussed in episode 446 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Rik Ferguson.
EPISODE LINKS:
- Europol nukes Cryptomixer laundering hub, seizing €25M in Bitcoin - The Register.
- 4.3 Million Browsers Infected: Inside ShadyPanda's 7-Year Malware Campaign - Koi.
- Uncovering a Calendly-themed phishing campaign targeting business ad manager accounts - Push Security.
- Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’ - Krebs on Security.
- Jonathan Ross email goof highlights Twitter security issue - Graham Cluley.
- VIDEO: Mark Zuckerberg’s password choices are dadada-dumb! - Graham Cluley.
- Password to Louvre’s video surveillance system was 'Louvre', according to employee - ABC News.
- Just the Recipe.
- West End Girl - Wikipedia.
- West End Girl - Spotify.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
SPONSORS:
- 1Password - Take the first step to better security by securing your team’s credentials.
- Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
- Drata - The world’s most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before.
SUPPORT THE SHOW:
Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!
FOLLOW THE SHOW:
Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.
THANKS:
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
ENJOYED THE SHOW?
Make sure to check out our sister podcast, "The AI Fix".
Privacy & Opt-Out: https://redcircle.com/privacy
Transcript
Click on a timestamp to play from that location
| 0:00.0 | And he then says to Krebs, look, I really don't think you should write a story about me because it might mess up the law enforcement investigation into me. You could interfere with an ongoing investigation I would hate for that to happen. He obviously wants to see properly concluded and come to its right resolution. |
| 0:37.0 | Smashing Security, Episode 446, a hacker docks is himself, and social engineering as a service, |
| 0:40.0 | with Graham Cluley and special guest Rick Ferguson. |
| 0:45.0 | Hello, hello and welcome to Smash Insecurity episode 446. My name's Graham Cluley. |
| 0:46.9 | And I am Rick Ferguson. |
| 0:52.4 | Hello, Rick. Welcome back to the show. It's been many, many years since you last joined us. |
| 0:56.9 | For anyone who doesn't know, I mean, is there anybody who doesn't know rock star Rick Ferguson? |
| 1:00.3 | Describe yourself, Rick, to our audience. |
| 1:03.3 | I'm six feet tall. |
| 1:06.7 | I weigh 182 pounds. |
| 1:07.4 | Oh. |
| 1:08.7 | There you go. |
| 1:09.9 | What's that in kilograms? |
| 1:27.9 | I don't know. Actually, about 80. I don't. I'm really not sure. I should know. I left the world of Imperial behind many years ago. Okay. Well, you're a fine figure of a man, and you also work in the cyber security industry, don't you? Oh, there is that. Oh, there is some relevant to you coming on the podcast this week. |
| 1:29.5 | Yeah, it's weird. |
| 1:35.8 | I've been in technology as an industry, in IT, let's say, for 31 years. |
| 1:41.4 | And I think 26 of those have been in cybersecurity, although it wasn't called that back then. |
| 1:44.3 | And you still haven't solved the cyber security problem. |
| 1:45.4 | Don't you feel a bit of a failure? |
| 1:46.7 | Oh, no, I have. |
| 2:03.9 | I just haven't told anyone. Oh, okay. While you're continuing to make money out of it, you mean? It's like those, you know, everlasting matchsticks and everlasting light bulbs, all those other things. I've got all those on a shelf, too. Well, before we kick off, let's thank this week's wonderful sponsors, Vanta One Password and Drata. |
| 2:04.3 | We'll be hearing more about them later on in the podcast. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from Graham Cluley, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of Graham Cluley and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.