Rachel Tobac

Exactly. And they were like, oh, I get it. So I can't say that we're talking about this technology and how it's going to change my role as a product manager, because that tips off people to understand that we're going to be acquiring XYZ company in the next six months. That's where these leaks are coming from.

Exactly. And they were like, oh, I get it. So I can't say that we're talking about this technology and how it's going to change my role as a product manager, because that tips off people to understand that we're going to be acquiring XYZ company in the next six months. That's where these leaks are coming from.

Donnie O'Sullivan from CNN.

Donnie O'Sullivan from CNN.

Yeah, last year or so, I started talking more on Twitter about how I'm seeing AI get used by criminals to trick people. So I'm talking about this, scammers are tricking grandparents out of 1500 bucks, posing as their grandson, spoofing the grandson's phone number, voice cloning, or just like modulating the pitch to sound like the grandson and saying they need money for bail.

Yeah, last year or so, I started talking more on Twitter about how I'm seeing AI get used by criminals to trick people. So I'm talking about this, scammers are tricking grandparents out of 1500 bucks, posing as their grandson, spoofing the grandson's phone number, voice cloning, or just like modulating the pitch to sound like the grandson and saying they need money for bail.

Just talking about these examples. 60 Minutes sees this, They email me, they reach out, they say, hey, we want you to do a hack live. It's actually gotta trick somebody. Can you do that with us? And I'm like, I mean, yeah, I can do that, but it's complicated. I've done a lot of these live hacks over the years for large media pieces. You know, I need consent.

Just talking about these examples. 60 Minutes sees this, They email me, they reach out, they say, hey, we want you to do a hack live. It's actually gotta trick somebody. Can you do that with us? And I'm like, I mean, yeah, I can do that, but it's complicated. I've done a lot of these live hacks over the years for large media pieces. You know, I need consent.

Before I do any sort of hacking, I get consent. Like when I hacked CNN's Donio Sullivan, I hacked him through his service providers, and I also hacked him through his leaked passwords.

Before I do any sort of hacking, I get consent. Like when I hacked CNN's Donio Sullivan, I hacked him through his service providers, and I also hacked him through his leaked passwords.

And I had his consent with a lengthy contracting process and scope discussion before I was able to contact his service providers pretending to be him, before I was able to log into his LinkedIn using his breached passwords and the things that I found online. So I start explaining to them how much consent I'm going to need. And they're like, I mean, well, we'll try.

And I had his consent with a lengthy contracting process and scope discussion before I was able to contact his service providers pretending to be him, before I was able to log into his LinkedIn using his breached passwords and the things that I found online. So I start explaining to them how much consent I'm going to need. And they're like, I mean, well, we'll try.

We'll just try and see what happens. So I start to talk to them about who my target is going to be. They want my target to be Sharon Alfonsi. She's an awesome correspondent for 60 Minutes. Rachel Toback is what's called an ethical hacker. She studies how these criminals operate. So ethical hackers, we step in and show you how it works.

We'll just try and see what happens. So I start to talk to them about who my target is going to be. They want my target to be Sharon Alfonsi. She's an awesome correspondent for 60 Minutes. Rachel Toback is what's called an ethical hacker. She studies how these criminals operate. So ethical hackers, we step in and show you how it works.

She's got a lot of information about her online, so I do my OSINT.

She's got a lot of information about her online, so I do my OSINT.

I determined through OSINT, open source intelligence, that the best way to do this hack was to trick her coworker while pretending to be Sharon. Because sometimes our coworkers have just as much info and access on us as we do about ourselves. So I needed to get consent from the coworker. And here's the massive challenge.

I determined through OSINT, open source intelligence, that the best way to do this hack was to trick her coworker while pretending to be Sharon. Because sometimes our coworkers have just as much info and access on us as we do about ourselves. So I needed to get consent from the coworker. And here's the massive challenge.

I needed to get her coworker's consent because she was a major part of the hack. This coworker is named Elizabeth. I contacted her. I was like, hey, this is what we're going to do. We're going to do this hack. You need to consent to essentially being part of the hack, but you don't know when, where, or how it's going to happen. You don't know who I'm going to pretend to be.

I needed to get her coworker's consent because she was a major part of the hack. This coworker is named Elizabeth. I contacted her. I was like, hey, this is what we're going to do. We're going to do this hack. You need to consent to essentially being part of the hack, but you don't know when, where, or how it's going to happen. You don't know who I'm going to pretend to be.