Sellers Can Get Scammed Too: A Rant About Imposter Syndrome
Welcome to this week's edition of the Threat Source newsletter. Hello again, my friends! Geez, it's been a year, am I right? Let's get started!
The Struggle is Real: Understanding Imposter Syndrome
In cybersecurity and particularly in Talos, you'll find imposter syndrome in abundance. It's the persistent feeling of self-doubt and fear of being exposed as a fraud despite clear evidence of competence and success. You're surrounded by incredibly bright and smart people who are paragons of what it is to be hackers. It's tough not to compare yourself to their talents, skills, and achievements.
Comparison is truly the thief of joy. The truth is – in cybersecurity and places like Talos and elsewhere, you'll be constantly assailing yourself with self-doubt of achievement and belonging. The anxiety, stress, and burnout from imposter syndrome are a real thing. So, what do we do?
Overcoming Imposter Syndrome: Tips for Success
First, look at your achievements. You're where you are because others saw value in your work. Second, challenge those negative self-thoughts. Use mentors and peer group support to help challenge those negative self-thoughts. And lastly, be kind to yourself. Cybersecurity is a hard gig, and it's not possible to absorb, understand, and master all its nuances. If you can walk away with 1% more information than you had yesterday, that's a win.
A Message for U.S. Federal Workers Affected by RIFs
All the U.S. federal workers who have been affected by reduction in force (RIFs), my heart goes out to you. This is an unearned hardship. I wish I had a magic wand to wave to alleviate the stress and trauma of a sudden event like this. If you can reach out for guidance or mentorship from private sector cybersecurity, I'll do what I can.
The Dark Side of Scams: Protecting Yourself as a Seller
Scams are a big one – they're everywhere! The average person isn't going to get smoked by Salt/Volt Typhoon or wrestle with a financial threat actor like a ransomware cartel. But you absolutely have bought and sold things online, making you vulnerable to scams.
We break down seller abuse – that is, ways to trick sellers into being defrauded out of money. The reverse is just as true: you want to keep money in your pocket, not be the victim of a scam. Understand the threat landscape for seller/buyer fraud and hopefully this work can help keep money in your pocket and not a victim of theft.
Pay attention to URLs you're asked to click and clever redirects to scamming websites. Now you know – and as G.I. Joe said, knowing is half the battle!
Top Security Headlines of the Week
- Sensitive financial and health data belonging to millions of veterans and stored on a benefits website is at risk of being stolen or otherwise compromised.
- Attackers are wielding a novel Linux backdoor against the education and public sectors in the US and Asia that demonstrates particularly stealthy ways to avoid both detection and deletion from a system.
- Hackers claim to have published a trove of sensitive data belonging to IVF patients after a cyberattack on Genea, one of Australia's largest fertility providers.
The Beers with Talos B-Team Comes in Swinging Hard on Cyber Security Careers
New research: Lotus Blossom espionage group targets multiple industries with different versions of Sagerunex and hacking tools. The Beers with Talos team comes in swinging hard on cyber security careers. I get a little spicy, and you want to hear it.
Upcoming Events Where You Can Find Talos
- Talos RSA (April 28-May 1, 2025) – San Francisco, CA
- CTA TIPS 2025 (May 14-15, 2025) – Arlington, VA
- Cisco Live U.S. (June 8 – 12, 2025) – San Diego, CA