Stenobird

Episode

Your Google Account Just Got Hacked – And You Didn’t Click Anything

Podcast
DTF Cyber Podcast
Published
Dec 9, 2025
Duration seconds
3820
Processing state
not_requested
Canonical source
https://cyberpodcast.net
Audio
https://episodes.captivate.fm/episode/2c8c40f2-9e4c-4f0f-a953-25a202f6cd1d.mp3
JSON
/v1/public/podcasts/dtf-cyber-podcast-7304144/episodes/your-google-account-just-got-hacked-and-you-didn-t-click-anything
Markdown
/podcast/dtf-cyber-podcast-7304144/your-google-account-just-got-hacked-and-you-didn-t-click-anything.md

Actions

  • POST https://stenobird.com/v1/public/podcasts/dtf-cyber-podcast-7304144/episodes/your-google-account-just-got-hacked-and-you-didn-t-click-anything/transcription-requests
    Idempotently request low-priority transcript generation for this episode.
  • GET https://stenobird.com/podcast/dtf-cyber-podcast-7304144/your-google-account-just-got-hacked-and-you-didn-t-click-anything.md
    Read the agent-friendly Markdown representation of this episode resource.

Summary

2.5 billion daily account-takeover attempts. That’s one every 34 microseconds. Damian, Troy & Fern go full send-it mode on the 2025 ATO playbook: SIM swaps, session-token theft, MFA fatigue bombing, rogue QR codes, deep-fake family scams, and the OAuth tokens you granted in 2017 that are still wide open. Timestamps 00:00 – Intro 05:20 – SIM swaps & losing your phone number in minutes 09:40 – Why password resets are useless (session tokens survive) 14:20 – MFA fatigue / push-notification bombing 19:10 – OAuth & old third-party app tokens nobody revokes 24:30 – Rogue QR codes at restaurants & hotels 30:15 – Enterprise reality – weekly O365 token theft 37:40 – Non-human identities & service-account sprawl 44:50 – Passkeys in 2026 – will increase ATO risk if misconfigured 51:00 – Public Wi-Fi, juice jacking & QR code myths 58:00 – Closing thoughts Discord (coming soon) #AccountTakeover #SIMSwap #MFAFatigue #CyberSecurity #Infosec #ZeroTrust https://www.fcc.gov/consumers/scam-alert/grandparent-scams-get-more-sophisticated https://newsroom.servicenow.com/press-releases/details/2025/ServiceNow-to-Expand-Security-Portfolio-With-Acquisition-of-Vezas-Leading-AI-native-Identity-Security-Platform/default.aspx https://thehackernews.com/2025/04/customer-account-takeovers-multi.html https://www.gartner.com/reviews/market/identity-threat-detection-and-response-itdr http://cyberpodcast.net Spotify: http://spotify.cyberpodcast.net Apple: http://apple.cyberpodcast.net X: https://x.com/dtfcyberpodcast IG: https://www.instagram.com/dtfcyberpodcast/ Linkedin: DTF: https://www.linkedin.com/company/dtf-cyber-podcast/ Damian: https://www.linkedin.com/in/damianchung/ Troy: https://www.linkedin.com/in/kosovotroy/ Fern: https://www.linkedin.com/in/fernrojasaz/ Business Inq…