WEBVTT

1
00:00:01.679 --> 00:00:10.759
<v Speaker 1>Produced by Pimedia. Hi, I'm Raan Levy. Welcome to CP Radio.

2
00:00:14.599 --> 00:00:17.559
<v Speaker 1>A year ago, this podcast re recounted one of the

3
00:00:17.559 --> 00:00:22.280
<v Speaker 1>most momentous decisions in cybersecurity history. It concerned one of

4
00:00:22.320 --> 00:00:26.920
<v Speaker 1>those most inedible images known to computer users. Every a

5
00:00:26.960 --> 00:00:32.039
<v Speaker 1>button from Microsoft programs like Word and Excel security warning,

6
00:00:32.280 --> 00:00:36.719
<v Speaker 1>our computers would read macros have been disabled, and then

7
00:00:36.960 --> 00:00:40.520
<v Speaker 1>there was an option for you to click to enable content.

8
00:00:41.200 --> 00:00:44.880
<v Speaker 1>The option to enable macros was always a tricky one.

9
00:00:44.960 --> 00:00:48.640
<v Speaker 1>A small sect of power users really loved using macros

10
00:00:48.679 --> 00:00:53.560
<v Speaker 1>to streamline and automate the various ways they used Microsoft products.

11
00:00:54.320 --> 00:00:57.799
<v Speaker 1>The vast majority of us never used them though, or

12
00:00:57.880 --> 00:01:02.159
<v Speaker 1>probably even knew what macro were, So when we opened

13
00:01:02.200 --> 00:01:05.680
<v Speaker 1>files and were presented with the option to enable macros,

14
00:01:05.959 --> 00:01:09.879
<v Speaker 1>we often just hit okay because we didn't know better.

15
00:01:10.599 --> 00:01:14.040
<v Speaker 1>But there is a problem with defaulting two okay. We've

16
00:01:14.079 --> 00:01:17.480
<v Speaker 1>known this for years, and even though Microsoft has fixed

17
00:01:17.519 --> 00:01:22.079
<v Speaker 1>their problem, we're still suffering as a result of this instinct. Today,

18
00:01:22.719 --> 00:01:27.040
<v Speaker 1>consider the fox It pdf reader. When it comes to

19
00:01:27.239 --> 00:01:32.359
<v Speaker 1>PDF viewing software, Adobe Acrobat Reader is clearly top dog.

20
00:01:32.599 --> 00:01:36.680
<v Speaker 1>It's probably what you use, but among its competition, Fox

21
00:01:36.680 --> 00:01:40.480
<v Speaker 1>sit Reader is a significant player. It's got over seven

22
00:01:40.519 --> 00:01:45.000
<v Speaker 1>hundred million users spread across two hundred countries. Among its

23
00:01:45.040 --> 00:01:49.879
<v Speaker 1>customers are high level government entities like the US Air Force, Army,

24
00:01:49.959 --> 00:01:55.079
<v Speaker 1>and Navy, and major cooperations Morgan Stanley, Amazon, and Microsoft,

25
00:01:55.159 --> 00:01:58.879
<v Speaker 1>to name just a few. The widespread popularity of fox

26
00:01:58.920 --> 00:02:02.480
<v Speaker 1>seat reader makes see it extra crucial that no subtle

27
00:02:02.599 --> 00:02:07.760
<v Speaker 1>security flawers end up sleeping past notice. That's why Anthony

28
00:02:07.799 --> 00:02:13.080
<v Speaker 1>Sterefo's reverse engineer at Checkpoint Research recently tested fox it

29
00:02:13.240 --> 00:02:17.439
<v Speaker 1>in x mon and Exploited Detection and Analytics tool for

30
00:02:17.599 --> 00:02:20.080
<v Speaker 1>detecting zero day exploits.

31
00:02:20.759 --> 00:02:24.000
<v Speaker 2>We got a notification from x mored, which is like

32
00:02:24.159 --> 00:02:28.919
<v Speaker 2>a vulnerability kind of sundbox. I would call it with

33
00:02:29.319 --> 00:02:33.319
<v Speaker 2>a triggered like a malicious behavior on a PDF file.

34
00:02:34.000 --> 00:02:37.280
<v Speaker 2>Once we saw that the dynamic analysis of the PDF

35
00:02:37.879 --> 00:02:43.400
<v Speaker 2>was triggering like a malicious command, I started analyzing it statically.

36
00:02:44.039 --> 00:02:48.039
<v Speaker 2>So I used some tools that are for static analysis

37
00:02:48.080 --> 00:02:51.879
<v Speaker 2>of the PDFs, like PDFs Analyze.

38
00:02:52.879 --> 00:02:56.199
<v Speaker 1>The issue. It turned out was deeper than just one

39
00:02:56.360 --> 00:03:02.000
<v Speaker 1>malicious threat. Say you're using fox it to open up

40
00:03:02.039 --> 00:03:06.400
<v Speaker 1>a PDF file you don't know is malicious, you'll initially

41
00:03:06.599 --> 00:03:09.560
<v Speaker 1>get a pop up. Some features have been disabled to

42
00:03:09.719 --> 00:03:13.639
<v Speaker 1>avoid potential security risks. Only enable these features. If you

43
00:03:13.759 --> 00:03:17.840
<v Speaker 1>trust this document, then you get two options. Trust this

44
00:03:17.960 --> 00:03:22.599
<v Speaker 1>document one time only or always. So far, so good.

45
00:03:23.080 --> 00:03:26.439
<v Speaker 1>But with the pdf Antonis who was looking at Once

46
00:03:26.479 --> 00:03:29.840
<v Speaker 1>he made his choice, he got a second message asking

47
00:03:29.960 --> 00:03:33.199
<v Speaker 1>largely the same thing, but in more words, it went

48
00:03:33.280 --> 00:03:37.439
<v Speaker 1>something like, the file may contain programs, macros or viruses

49
00:03:37.680 --> 00:03:41.319
<v Speaker 1>that could potentially cause damage to your computer. Only open

50
00:03:41.360 --> 00:03:44.319
<v Speaker 1>the file when you are sure it is safe, and

51
00:03:44.400 --> 00:03:48.360
<v Speaker 1>so on again. Here there are two options open and

52
00:03:48.639 --> 00:03:49.439
<v Speaker 1>do not open.

53
00:03:52.039 --> 00:03:55.400
<v Speaker 2>The problem in this case is that Foxy Prider is

54
00:03:55.439 --> 00:04:00.280
<v Speaker 2>a creating a SOLVB pop up messages that by the

55
00:04:00.360 --> 00:04:04.159
<v Speaker 2>fault once you click there, like the default opsio provides

56
00:04:04.199 --> 00:04:05.719
<v Speaker 2>you a malicious activity.

57
00:04:07.000 --> 00:04:10.319
<v Speaker 1>How many of us are going to read the first

58
00:04:10.400 --> 00:04:15.199
<v Speaker 1>pop up let alone the second nearly identical one, Maybe

59
00:04:15.199 --> 00:04:19.519
<v Speaker 1>if you're being attentive, but not if you're busy, distracted,

60
00:04:19.720 --> 00:04:23.279
<v Speaker 1>or just lazy. You just want to click through, and

61
00:04:23.319 --> 00:04:27.600
<v Speaker 1>the options available aren't presented equally for your lazy brain.

62
00:04:28.079 --> 00:04:31.639
<v Speaker 1>The open button is highlighted in blue as if it's

63
00:04:31.720 --> 00:04:33.879
<v Speaker 1>just beckoning you to click.

64
00:04:33.639 --> 00:04:37.519
<v Speaker 2>It, so it has all default top show like even

65
00:04:37.639 --> 00:04:39.399
<v Speaker 2>if you don't read that all the pop up messages

66
00:04:39.399 --> 00:04:41.759
<v Speaker 2>and you just click in it. You are going to

67
00:04:41.759 --> 00:04:45.800
<v Speaker 2>execute the malicious command. And this is what the threat

68
00:04:45.839 --> 00:04:47.560
<v Speaker 2>actors were taking that one that's off.

69
00:04:48.959 --> 00:04:52.759
<v Speaker 1>Think of this not as a software exploit, but a

70
00:04:52.839 --> 00:04:56.199
<v Speaker 1>human one. A design flaw that allowed a threat actor

71
00:04:56.279 --> 00:04:59.519
<v Speaker 1>to more easily fish their victims by getting them to

72
00:04:59.639 --> 00:05:03.439
<v Speaker 1>click the button that would enable their malicious behavior, and

73
00:05:03.600 --> 00:05:06.480
<v Speaker 1>all of this without the hacker having to trick the

74
00:05:06.560 --> 00:05:09.319
<v Speaker 1>victim in any way or do any work at all.

75
00:05:09.600 --> 00:05:12.439
<v Speaker 1>The program is built to get people to click the

76
00:05:12.480 --> 00:05:16.279
<v Speaker 1>button that causes their demise on its own. Though this

77
00:05:16.639 --> 00:05:19.199
<v Speaker 1>isn't the end of the world, it only starts to

78
00:05:19.279 --> 00:05:23.319
<v Speaker 1>become a problem in the context of broader fishing attacks.

79
00:05:23.839 --> 00:05:26.639
<v Speaker 2>I remembered there was one tactle that was kind of

80
00:05:26.959 --> 00:05:31.120
<v Speaker 2>an interesting one that was using a malicious PDIA file.

81
00:05:32.240 --> 00:05:35.920
<v Speaker 1>The file didn't contain any kind of exploit that triggered

82
00:05:36.040 --> 00:05:40.800
<v Speaker 1>upon clicking okay. Rather, it included a hyperlink that directed

83
00:05:40.879 --> 00:05:43.040
<v Speaker 1>victims to a second attachment.

84
00:05:44.120 --> 00:05:48.199
<v Speaker 2>And then it was downloading from Trello, which is legalityimate

85
00:05:48.279 --> 00:05:49.360
<v Speaker 2>the website.

86
00:05:49.879 --> 00:05:54.759
<v Speaker 1>Hosting malicious activity on legitimate popular sites like Trello proved

87
00:05:55.040 --> 00:05:59.279
<v Speaker 1>useful it meant that browsers and Internet traffic monitors wouldn't

88
00:05:59.319 --> 00:06:02.720
<v Speaker 1>think twice if a victim visited and clicked on the

89
00:06:02.759 --> 00:06:03.879
<v Speaker 1>attached file.

90
00:06:04.480 --> 00:06:08.279
<v Speaker 2>A PDF with a fox It vulnerability, and then it

91
00:06:08.399 --> 00:06:12.000
<v Speaker 2>was executing like a command line, a power cell command.

92
00:06:12.639 --> 00:06:15.560
<v Speaker 1>By the end of this attacker's chain of events from

93
00:06:15.600 --> 00:06:19.439
<v Speaker 1>the foxheit PDF, the user downloads remcoss.

94
00:06:19.120 --> 00:06:24.160
<v Speaker 2>Red It's like a remote access Troyan which can perform

95
00:06:24.279 --> 00:06:28.959
<v Speaker 2>all kind of like activities like get access to the

96
00:06:29.000 --> 00:06:33.680
<v Speaker 2>computer of the victim, like a few sensitive files, upload

97
00:06:33.759 --> 00:06:39.279
<v Speaker 2>sensitive files, further infect the system, still even credentials as

98
00:06:39.319 --> 00:06:42.879
<v Speaker 2>far as I know, and takes crinslets of the computer.

99
00:06:43.839 --> 00:06:47.759
<v Speaker 1>This particular threat actor, dating back to March first, seemed

100
00:06:47.759 --> 00:06:51.120
<v Speaker 1>to be exploiting fox It in Southeast Asian countries like

101
00:06:51.279 --> 00:06:54.920
<v Speaker 1>Korea and Vietnam. As Anthonys and his colleagues looked into

102
00:06:54.959 --> 00:06:58.720
<v Speaker 1>this threat though, it only became bigger. Operating under the

103
00:06:58.720 --> 00:07:02.920
<v Speaker 1>moniker at sid and killer TV, an individual claiming to

104
00:07:02.959 --> 00:07:05.560
<v Speaker 1>be an ethical hacker with more than twenty two years

105
00:07:05.560 --> 00:07:09.040
<v Speaker 1>of experience, had been selling a number of malicious tools

106
00:07:09.079 --> 00:07:13.399
<v Speaker 1>on Telegram since twenty twenty two. As of April twenty seventh,

107
00:07:13.639 --> 00:07:17.399
<v Speaker 1>one of them was a foxed reader exploit. The malicious

108
00:07:17.439 --> 00:07:21.800
<v Speaker 1>program boasted of quote one hundred percent bypass with anti viruses,

109
00:07:22.120 --> 00:07:27.519
<v Speaker 1>plus Gmail, Yahoo, Facebook, and Hotmail file sharing restrictions, which

110
00:07:27.680 --> 00:07:31.079
<v Speaker 1>sounds fake, which you'd hope is fake.

111
00:07:32.639 --> 00:07:37.600
<v Speaker 2>Most of the places, like the Gmail Facebook, when you

112
00:07:37.639 --> 00:07:40.600
<v Speaker 2>set a fight, if it's unleasius, they are going to

113
00:07:40.639 --> 00:07:43.439
<v Speaker 2>trigger for example, if it's unexecutable, it's going to trigger

114
00:07:43.439 --> 00:07:45.319
<v Speaker 2>a warning or is not even going to allow you

115
00:07:45.519 --> 00:07:48.120
<v Speaker 2>to sell that file to the coddact that you are

116
00:07:48.120 --> 00:07:52.160
<v Speaker 2>trying to send it. But with this word ability, everything

117
00:07:52.439 --> 00:07:55.720
<v Speaker 2>was bypassed. Gmail was not able to the deck, like

118
00:07:55.839 --> 00:07:58.800
<v Speaker 2>Facebook was not able to detect Silent Killer.

119
00:07:58.879 --> 00:08:03.720
<v Speaker 1>TV's exploits really could bypass traditional security checks in major

120
00:08:03.759 --> 00:08:07.959
<v Speaker 1>social media and mail platforms, but it wasn't because his

121
00:08:08.319 --> 00:08:12.079
<v Speaker 1>malicious code was so amazing and sophisticated.

122
00:08:13.240 --> 00:08:17.079
<v Speaker 2>In the majority of the cases, theerability was never prickered

123
00:08:17.120 --> 00:08:19.000
<v Speaker 2>because everyone was using Adobe.

124
00:08:19.680 --> 00:08:23.680
<v Speaker 1>Cybersecurity researchers have a set of tools they typically used

125
00:08:23.720 --> 00:08:28.839
<v Speaker 1>to investigate threats, like anti virus and sandboxes. Anthony's found

126
00:08:29.000 --> 00:08:33.519
<v Speaker 1>that his all used Adobe Reader to open PDFs by default.

127
00:08:34.440 --> 00:08:38.559
<v Speaker 2>If you are trying to exploit a specific software like

128
00:08:38.639 --> 00:08:41.679
<v Speaker 2>fox It, you'll need to have it in your soundbox

129
00:08:41.759 --> 00:08:47.960
<v Speaker 2>and execute samples with that software. With Foxy, but if

130
00:08:48.000 --> 00:08:53.279
<v Speaker 2>the majority of the sandboxes are using Adobe, we never SeeAbility.

131
00:08:53.879 --> 00:08:57.919
<v Speaker 1>Exploits happened to scart past analysts radars because of this

132
00:08:58.200 --> 00:09:02.759
<v Speaker 1>simple quirk in their sandby only x Man that program

133
00:09:02.840 --> 00:09:06.279
<v Speaker 1>we mentioned the beginning of the show ran Anthony's PDF

134
00:09:06.279 --> 00:09:10.679
<v Speaker 1>files in both the Adobe and Foxed viewers. This might

135
00:09:10.799 --> 00:09:15.759
<v Speaker 1>explain why after some further investigation, Antonisili's colleagues found so

136
00:09:16.000 --> 00:09:19.840
<v Speaker 1>many other thread actors exploiting fox It instead of its

137
00:09:19.960 --> 00:09:24.960
<v Speaker 1>more popular alternative Adobe. They found espionage actors like India's

138
00:09:25.039 --> 00:09:30.919
<v Speaker 1>DONT Team AKAAPTC thirty five and low level e criminals

139
00:09:31.000 --> 00:09:35.080
<v Speaker 1>like silent Killer TV. They each incorporate Foxed pdf into

140
00:09:35.200 --> 00:09:38.559
<v Speaker 1>their own custom design attack chains with an end goal

141
00:09:38.720 --> 00:09:45.480
<v Speaker 1>to deploy remote ex smellware like Agent Tesla, Asyncrat, dc rad, nanocoor, Rat,

142
00:09:45.720 --> 00:09:49.480
<v Speaker 1>n j Rat, Pony, venom Rat, and x worm. In

143
00:09:49.600 --> 00:09:52.879
<v Speaker 1>light of these threats to fox It readers earlier this year,

144
00:09:53.159 --> 00:09:57.440
<v Speaker 1>the checkpoint researchers brought their findings to the program's.

145
00:09:56.919 --> 00:10:04.360
<v Speaker 2>Developers, Recabota Nime, giving me to my attention that instead

146
00:10:04.360 --> 00:10:08.440
<v Speaker 2>of versions twenty four three. But there is that they

147
00:10:08.440 --> 00:10:11.919
<v Speaker 2>are going to fix it. They did that fix even earlier.

148
00:10:12.679 --> 00:10:16.279
<v Speaker 2>So the fix that they provided, in my opinion, is

149
00:10:16.320 --> 00:10:19.879
<v Speaker 2>not the perfect one, but it is a fix that

150
00:10:20.080 --> 00:10:24.559
<v Speaker 2>will solve the problem of the users just clicking okay

151
00:10:25.200 --> 00:10:29.080
<v Speaker 2>or the clicking enter without checking what is being asked.

152
00:10:29.720 --> 00:10:33.639
<v Speaker 2>So what they actually did was to switch the default

153
00:10:33.639 --> 00:10:37.399
<v Speaker 2>option from open that it was before two don't open.

154
00:10:38.159 --> 00:10:42.080
<v Speaker 1>So basically everything is the same now as ever, but

155
00:10:42.200 --> 00:10:45.720
<v Speaker 1>instead of open being highlighted in blue, do not open

156
00:10:45.960 --> 00:10:50.639
<v Speaker 1>is highlighted instead. It's not nothing. Foxy users will now

157
00:10:50.799 --> 00:10:54.039
<v Speaker 1>likely end up not choosing open quite as often for

158
00:10:54.200 --> 00:10:58.440
<v Speaker 1>documents they shouldn't open, but that might not save most

159
00:10:58.440 --> 00:10:59.399
<v Speaker 1>of them.

160
00:11:00.080 --> 00:11:03.759
<v Speaker 2>Thirty of the pdfiles that I observed, once you were

161
00:11:04.399 --> 00:11:07.360
<v Speaker 2>clicking them and opening them, it was a black page.

162
00:11:08.240 --> 00:11:14.480
<v Speaker 2>That still for users that are just users of the computers,

163
00:11:15.159 --> 00:11:18.480
<v Speaker 2>if they see that okay, I click don't open and

164
00:11:18.519 --> 00:11:21.320
<v Speaker 2>I see a wide page, maybe they think if I

165
00:11:21.360 --> 00:11:25.159
<v Speaker 2>click open, they will see the actual content of the

166
00:11:25.399 --> 00:11:29.200
<v Speaker 2>PDF file. My opinion, Foxitree that needs to do in

167
00:11:29.240 --> 00:11:34.240
<v Speaker 2>the future a more robust fix which will not let

168
00:11:34.360 --> 00:11:38.679
<v Speaker 2>thread tactles take advantage of the software against the users.

169
00:11:39.519 --> 00:11:42.720
<v Speaker 1>One more robust type of fix might be too band

170
00:11:42.799 --> 00:11:47.320
<v Speaker 1>for example, executing files from remote servers, a classic indicator

171
00:11:47.480 --> 00:11:52.360
<v Speaker 1>of hacker behavior. More advanced solutions might involve detecting and

172
00:11:52.399 --> 00:11:55.639
<v Speaker 1>blocking the kinds of commands hacker use in the course

173
00:11:55.679 --> 00:11:57.200
<v Speaker 1>of their attack chains.

174
00:11:57.799 --> 00:12:01.440
<v Speaker 2>In order for this vulnerability to trigger, they need to

175
00:12:01.519 --> 00:12:08.440
<v Speaker 2>use some specific pdf A keywords that trigger the command line.

176
00:12:08.759 --> 00:12:13.720
<v Speaker 2>So this type I would possibly not allow these keys

177
00:12:13.879 --> 00:12:15.600
<v Speaker 2>to execute anything.

178
00:12:18.919 --> 00:12:22.600
<v Speaker 1>In the grand scheme of cybersecurity. The design issue in

179
00:12:22.720 --> 00:12:27.000
<v Speaker 1>Foxed pdf reader is really very minor, but it speaks

180
00:12:27.039 --> 00:12:31.080
<v Speaker 1>to a much larger and more impactful phenomenon will probably

181
00:12:31.159 --> 00:12:33.480
<v Speaker 1>have to deal with for as long as there are

182
00:12:33.519 --> 00:12:38.039
<v Speaker 1>computers around. The instinct to default two Okay, I'm not

183
00:12:38.120 --> 00:12:41.360
<v Speaker 1>even talking about the ignorance that goes into clicking it

184
00:12:41.720 --> 00:12:44.799
<v Speaker 1>or the laziness. I'm talking about the way our brain

185
00:12:44.879 --> 00:12:48.919
<v Speaker 1>works that we default to believing in what we see.

186
00:12:50.360 --> 00:12:53.840
<v Speaker 1>Social engineering experts have preyed on this aspect of our

187
00:12:53.919 --> 00:12:58.320
<v Speaker 1>human nature to trick employees of companies into opening emails,

188
00:12:58.519 --> 00:13:01.720
<v Speaker 1>giving them sensitive information on the phone, or sending a

189
00:13:01.799 --> 00:13:05.320
<v Speaker 1>large amount of money to an unknown bank account, and

190
00:13:05.440 --> 00:13:09.879
<v Speaker 1>for years, users of Microsoft products enabled macros simply to

191
00:13:09.919 --> 00:13:13.679
<v Speaker 1>get rid of the notification because it didn't even register

192
00:13:13.960 --> 00:13:17.480
<v Speaker 1>as something to worry about. I'm careful to call this

193
00:13:17.799 --> 00:13:21.799
<v Speaker 1>an instinct and aspect of our nature rather than an

194
00:13:21.919 --> 00:13:26.759
<v Speaker 1>issue or flaw in human psychology, because ultimately it's a

195
00:13:26.799 --> 00:13:30.480
<v Speaker 1>good thing. Imagine if we all walked around every day

196
00:13:30.799 --> 00:13:35.080
<v Speaker 1>scrutinizing every little thing that comes our way, worried that

197
00:13:35.279 --> 00:13:39.960
<v Speaker 1>everything anyone might say could be a lie. Society would

198
00:13:39.960 --> 00:13:43.039
<v Speaker 1>break down. We would all be unhappy. In the best

199
00:13:43.080 --> 00:13:47.240
<v Speaker 1>case scenario, we would all just be extremely tired every day,

200
00:13:47.519 --> 00:13:52.200
<v Speaker 1>having to expand so much mental energy. In his book

201
00:13:52.360 --> 00:13:56.039
<v Speaker 1>Talking to Strangers, Malcolm Gladwell points out how people who

202
00:13:56.080 --> 00:14:00.279
<v Speaker 1>are extremely careful and untrusting of others can sometimes times

203
00:14:00.279 --> 00:14:03.720
<v Speaker 1>achieve amazing things in the world, but often at the

204
00:14:03.799 --> 00:14:07.000
<v Speaker 1>cost of their own well being, and they have to

205
00:14:07.039 --> 00:14:10.000
<v Speaker 1>be the exception, not the norm. So he writes, quote,

206
00:14:10.320 --> 00:14:13.440
<v Speaker 1>we could start by no longer penalizing one another for

207
00:14:13.679 --> 00:14:17.600
<v Speaker 1>defaulting to truth. To assume the best about another is

208
00:14:17.639 --> 00:14:21.840
<v Speaker 1>the trait that has created modern society. Those occasions where

209
00:14:21.840 --> 00:14:26.440
<v Speaker 1>our trusting nature gets violated are tragic, but the alternative

210
00:14:26.639 --> 00:14:30.639
<v Speaker 1>to abandon trust as a defense against predation and deception

211
00:14:31.279 --> 00:14:38.200
<v Speaker 1>is worse in cybersecurity. We often tell people don't trust emails,

212
00:14:38.279 --> 00:14:42.360
<v Speaker 1>even if it seems legitimate. Always check the sender before

213
00:14:42.399 --> 00:14:45.879
<v Speaker 1>you do X, make sure you check Y and Z first.

214
00:14:46.440 --> 00:14:51.080
<v Speaker 1>And yet cyber attacks keep rising every year because this

215
00:14:51.480 --> 00:14:55.399
<v Speaker 1>just isn't sustainable. The average person gets around one hundred

216
00:14:55.440 --> 00:14:58.240
<v Speaker 1>and twenty emails a day, and a lot of you

217
00:14:58.320 --> 00:15:02.440
<v Speaker 1>listening right now, we'll find that number laughingly low. You

218
00:15:02.720 --> 00:15:06.200
<v Speaker 1>just don't have the energy to double check every communication

219
00:15:06.360 --> 00:15:10.399
<v Speaker 1>you receive, every button you click in every software program

220
00:15:10.639 --> 00:15:14.440
<v Speaker 1>you use throughout the day. That's why to close our

221
00:15:14.519 --> 00:15:17.320
<v Speaker 1>today's story, we're going to leave you with a bit

222
00:15:17.399 --> 00:15:20.879
<v Speaker 1>of advice that might be a little easier to implement.

223
00:15:21.879 --> 00:15:24.759
<v Speaker 1>Just you know, keep an eye out for stuff.

224
00:15:26.279 --> 00:15:31.840
<v Speaker 2>This can't happen, even though Facebook does not allow malicious

225
00:15:31.840 --> 00:15:35.559
<v Speaker 2>spiles to be said through charts, but actually it can happen,

226
00:15:36.039 --> 00:15:41.240
<v Speaker 2>So be careful. Just read whatever, and whenever you're not

227
00:15:42.200 --> 00:15:45.360
<v Speaker 2>sure about something, does better and don't open it.

228
00:15:47.519 --> 00:15:51.639
<v Speaker 1>Don't worry over every email you get, or every message

229
00:15:51.679 --> 00:15:55.879
<v Speaker 1>online or every file attached to them. Just be aware

230
00:15:56.000 --> 00:15:59.279
<v Speaker 1>in general that they could be something other than what

231
00:15:59.440 --> 00:16:02.399
<v Speaker 1>they seem. Keep the thought in the back of your mind.

232
00:16:02.720 --> 00:16:06.399
<v Speaker 1>You'll open a document click okay once, but then the

233
00:16:06.679 --> 00:16:10.240
<v Speaker 1>second time you've got the option, maybe a little voice

234
00:16:10.279 --> 00:16:13.000
<v Speaker 1>in your head will tell you take a second and

235
00:16:13.279 --> 00:16:16.519
<v Speaker 1>look at this. It might well help you avoid a

236
00:16:16.559 --> 00:16:31.399
<v Speaker 1>potential headache. That's it for this episode. Thank you for listening.

237
00:16:31.600 --> 00:16:35.039
<v Speaker 1>For past episodes of the podcast, visit Checkpoint Research blog

238
00:16:35.120 --> 00:16:37.840
<v Speaker 1>at research dot checkpoint dot com, and you can follow

239
00:16:37.919 --> 00:16:41.559
<v Speaker 1>Checkpoint Research on Twitter or follow me at at rand

240
00:16:41.679 --> 00:16:45.080
<v Speaker 1>Levy do't r a n l e v I. Sipy

241
00:16:45.159 --> 00:16:48.879
<v Speaker 1>Radio is produced by p I Media, written by Innate Nelson,

242
00:16:49.159 --> 00:16:52.600
<v Speaker 1>produced by Hila Sheemish, and edited and narrated by me

243
00:16:52.879 --> 00:16:58.399
<v Speaker 1>rand Levy. See you next episode, Bye bye.

244
00:17:00.639 --> 00:17:02.120
<v Speaker 2>What did you want to Do