We are seeing a growing scam that targets IT and security professionals with fake podcast invites. Attackers pose as production managers. They offer a paid interview, then push you into a quick tech check on a video call. During that call, they try to take control of your machine or harvest credentials. This is a twist on classic tech support tactics, dressed up as professional outreach.

Why this works

Security teams value learning and visibility. A podcast invite looks like recognition, not risk. The outreach often uses real show names, near match domains, and professional language. That mix lowers your guard and bypasses basic phishing tells.

How the scam runs

1. You get an unsolicited invite from a producer.
2. The email offers payment, often in the low thousands.
3. You are asked to join a short setup call before the recording.
4. On the call, they request remote access or ask you to enter a code or install a helper tool.
5. They move fast to capture browser cookies, session tokens, or social media access.

Red flags to watch

• Generic flattery or odd formatting in the email.
• A free webmail domain for a major podcast.
• Unusual urgency to join a setup call today.
• Any remote control request from a stranger.
• High payment offer with no contract or tax form.

Quick verification flow

1. Look up the show and host on your own. Use the official site contact page.
2. Confirm the sender domain matches the site’s listed email.
3. Ask for a calendar invite from the show’s official domain.
4. Decline any remote control or code entry requests. A real show will not need that.

Team playbook you can implement this week

• Route all media, vendor, and speaking invites through a shared intake process.
• Add a checkbox in your request form: “Remote access or code requested?”
• Require a second reviewer for any paid appearance offers.
• Log indicators, domains, and IPs for threat intel reuse.
• Run a short podcast invite drill in your next awareness session. Include screenshots and a three question quiz.

Technical controls that help

• Use separate browser profiles for social media with least privilege.
• Enforce MFA on all social and corporate platforms.
• Deploy EDR that alerts on remote assistance tools and screen sharing processes.
• Block known remote support binaries where possible.
• Monitor for impossible travel and session hijack patterns after any suspect call.

What to do if you clicked or joined the call

• End the session at once.
• Rotate passwords for any account used in the browser session.
• Invalidate sessions and tokens.
• Review OAuth grants on social platforms and revoke unknown apps.
• Run a host scan and collect logs for incident response.
• File an internal incident and report the fraud to your national center.

Copy and paste response template

Thanks for reaching out. For security, we verify all media requests through official domains. Please resend from your podcast’s listed email on your website and include a booking link hosted on that domain. We do not run remote access or code entry tech checks. If the booking still stands, send the details and we will review.

Share these awareness notes with your org

• Legitimate podcasts book through known channels and do not ask for remote desktop access.
• Payment offers without contracts are a risk marker.
• Treat any request to enter codes, install tools, or call pop up numbers as a stop sign.

Bottom line

This is social engineering wrapped in professional packaging. Treat every invite as untrusted until verified. Stand up a simple process, rehearse it, and remove the attackers’ speed advantage.

Question for my network

Have you or your colleagues received any suspicious podcast or speaking invites lately, especially with a high appearance fee or a quick tech check request? Share your experience below so others can spot the pattern.

Book Your KnowBe4 Demo Now