This week on The Awareness Angle, Anthony Davis and Luke Pettigrew dive into a week full of sharp turns—from a teen hacker forcing Microsoft to rethink its bounty program, to hackers hijacking a decades-old video game to take control of PCs. Also in the mix: 64 million job seekers exposed by a single password, suspicious Google Ads requests, Instagram flannel cons, and a football kit nod to Bletchley Park.

👾 Youth & Cybercrime – A UK teenager linked to major Microsoft and Nvidia breaches shows why digital ethics education can’t be optional for young, technically skilled individuals.

🎮 Old Games, New RCEs – Hackers exploited multiplayer game engines to gain remote access to PCs. Legacy software can create modern attack surfaces, on and off the clock.

📬 Phishing & Domain Abuse – The .es top-level domain is increasingly used in phishing scams. Help users decode domains and trust signals beyond just the brand name.

🔐 MFA Saves the Day – A spoofed Google Ads request almost succeeded—until MFA stepped in. A real-life reminder that layering defences works.

📄 AI Prompt Injection – Academic PDFs are being weaponised with hidden prompts to influence AI-generated outputs. It’s time to add LLM manipulation to your awareness radar.

📢 Emergency Alerts & Privacy – With government alert tests rolling out, employees with hidden phones (e.g., in domestic abuse cases) face real safety risks. Consider the human layer in crisis comms.

👚 Instagram Scams & Flannel Fraud – Niche cons on social media show how easy it is to mimic small businesses. Don’t forget brand impersonation when training around phishing.

🧑‍💼 Insider Threat Economics – A CNM insider sold credentials for just $300. Reinforce messaging around ethics, behaviour monitoring, and low-cost high-risk breaches.

🍟 Hiring Platform Data Leak – McDonald's and Paradox AI leaked data on 64M+ applicants—another reminder: third-party vendors aren’t automatically secure.

📊 Security Culture Benchmarks – Tools like KnowBe4’s Human Risk Maturity assessment help awareness pros evaluate where their culture stands and what needs improvement.

⚽ Bonus: Bletchley Park-Inspired Football Kit – What does a football shirt have to do with WWII codebreaking? A surprisingly wholesome win for security storytelling.

If you care about where behaviour, tech, and trust intersect, this one’s got it all.

🕒 Timestamps

00:00 Intro: A new intro and newsletter plug

02:53 Cyber Crime Developments: M&S and Co-op Attacks

05:56 Gaming Vulnerabilities: Call of Duty Incident

10:07 Young Innovators: Dylan's Microsoft Teams Hack

12:59 AI Manipulation in Academic Research

16:57 UK Emergency Alert System Testing

20:04 Phishing Trends: The Rise of .es Domains

24:59 Bribery in Cyber Crime: The Brazilian Bank Heist

27:58 Monzo's Fake Address Scandal

31:57 MK Dons Tribute to Bletchley Park

34:02 McDonald's AI Hiring Blunder

36:19 Paradox AI and Data Breach Concerns

37:35 Human Risk Management Insights

42:17 The Importance of Authentic Internal Communication

44:41 Deepfake Technology and Its Implications

49:34 Scams Targeting Consumers: Apple Pay Warning

53:26 Identifying Scams: The Dixon Shirt Fraud

01:00:14 Victor's Near Miss with a Scam

01:11:23 Weekly Wrap-up and Final Thoughts

📩 For links, videos, and the newsletter – head to ⁠⁠⁠riskycreative.com⁠⁠⁠

💬 ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Check Out This Episode's Discussion Points⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

📧 ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠[email protected]⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

🔗⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ riskycreative.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

🎵 Our Intro & Outro Song (© ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠16! by ⁠falling forever⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠)

License: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://creativecommons.org/licenses/by/4.0