A few years back, a listener wrote to me to tell me about a problem they are facing OK. Check this out. They went to buy a house, right? And when you go to buy a house, there's like a little dance, and everyone does, like, do you give them the money first? Or do they give you the deed first and the keys? Or do you do like a quick swap at the same time? What if it's a phony check or the deed is made up? This is where esco comes in.
Both are selling and buy your hand their things to a third party, someone that both sides trust and waits for everything to clear. If the check clears and the deed is valid, then echo says, OK, the deal is done and gives the money to the seller and the keys to the buyer so this guy, a listener by, says he bought a house and during this process he gave two hundred and fifty thousand dollars to the s grow company. But then someone scared the s go company.
They post as the said, hey, I could you just deposit the money into our bank account directly? And I was like, oh yeah, of course, no problem. We do this all the time.
here. go. And they deposited the two hundred and fifty thousand dollars into the scammer account instead of the actual seller. But here's the crazy part, because the seller never got the money. Sco, when I give the keys to the buyer, they were being and jerks about IT.
They were trying to say of, sorry, we lost the money, um no house for you, the deal has been cancelled and the players like, oh, oh, no, no, no that's what esco is for. You are our trusted third party. We trusted you to do this deal.
You screwed up and that's not our problem that yours but as was like, no. I'd never got an update on what happened here. And if this got resolved, I think the buyer took as grow to court to try to get their money back. What a nightmare, though, to send a huge cc somewhere only for you to go to the wrong place, and then someone else runs.
These are true stories from the dark side of the internet. I am jack ryder. This is darkness dies.
This episode is sponsored by mint mobile with big wireless providers. Your mission is to kit in and get out before you've signed up for a super expensive contract. You've got a dodge questions like do you want streaming included? Do you want more data than you need? No, just want the less expensive wired mobile.
E, T, be simpler. All my mobile are interested in getting you grey coverage and huge savings with no hidden fees for fifteen dollars a month. When you purchase a three month plan, how do they do IT? Well, it's things to means no store, no sales people, no nonsense approach, which guarantees you huge savings on the nation's largest 5g network。
I ve been using mid mobile for over a year now, and it's been great. I get great coverage in. The pricing is nice and simple. A few times, i've needed customer support, and I was very pleased at how easy was to work with them. They were nice and fixed my problems without any issues.
To get this new customer offer and your new three month premium wireless plan for just fifteen bucks a month, go to mint mobile dot com sih dark net that's mint mobile dot com sash dark net cut your wireless built a fifteen books amount at mint mobile 点 com sash dark net forty five dollar up front payment required, which is equivalent to fifteen dollars a month new customers on first three months plan only speed slower above forty quick bites on unlimited plan additional taxes, fees and restrictions apply see mid mobile for details. This episode is sponsored by net sweet. What does the future hold for business? Ask nine experts and you'll get ten answers.
Rates will rise or fall. Inflation, it's going up or or down. Can someone please invent a Crystal ball? Until then, more than thirty eight thousand businesses have future proved their business with the sweet by oracle. It's a cloud, eerie service and one that I, D S, if I needed to help next week, brings accounting, financial management, inventory and H, R, into one fluid platform.
When you're closing the books and days, not weeks, you're spending less time looking backwards and more time on what's next and make use of real time insights and forecasting, allowing you the opportunity to look into the future with actionable data. Speaking of opportunity to know the C, F, S guide to A I A machine learning at net sweet com sash dark net, the guide is free to you at net sweet dot com flash dark net, net sweet dot com flash dark net. Was clicking around the other day and came across the story on good morning america.
Her daughter, a thought sh'd, met the man of her dreams on a dating APP.
only to find out her prince charming was a scan. And SHE was out more than four and fifty thousand dollars. How in the world? Top guy on a dating APP. Scm, someone for four hundred and fifty thousand dollars. Insein presented themself to be everything I was looking for.
SHE was the victim of a sm known as pig buttering. A scammer pretends to be looking for love online. They find a love interest, actually encourage them to invest in crypto via a fake APP, but eventually they can access the money at all. The money is gone. The investment not real.
The things we do for love um or maybe was for money or maybe he was for the love of money, I had not even know yeah so .
hearing that story i've heard a thousand times .
over OK hold who are you and what you do?
Oh yeah yeah so my name is roney took as oski i've been fighting business no compromise, for the last eight years now. So my role in this is I work behind the scenes with a lot of people who are working with the room, came back dms, I do love work with secret service. F, B, I.
I also work back and forth with victims too, because love. What happens is the customers will go to different dating websites. They will go and fine people order to date. They will move up the discussion to off of the platform because most of platforms cause what they move or to like what APP. And then from there they will start grooming ing the person, they ll say, loving things, who had pick cases where some of the victims might to do pictures over to their lover. And once they go and are exchanging those with nothing, the scammers directly build that way to build those of oceans.
So I heard this term higg butchering, and I just i'm not connecting the dots here. And nowhere in this romance or crypto or cold, you know, sending money to people is there a pig involved? Where is this term pig buttering coming into?
yes. So the term pig veteran comes from eh chinese for a called charge you pan, which is essentially, uh bro think it's brul me to remember, I get forget the exact translation. But what the concept is is the scammers will go and try and fat in the pig of U L.
So what they will do is extract as much one years they can out of a victim. And the where the pig buttering comes in is that once the scammers get to a point where they feel like they can't get any more money out of out of the victim, they will take the pig in for slaughter, or a slaughter the pig. And what they mean by that is actually pulling the rugged up from out of the victims and like walking away. And so really, like I got all the money that we could. So that's kind of the phrase big budget comes from.
okay? So for some reason, roney is attracted to this type of sm or fraud or what everyone to call IT and zoom in whenever he sees these stories come up. And one day he heard about a colleague who got pig budget and wanted to help him out.
Human, his uh, girlfriend. Ah they were dying for several years like they been together for as long as I would probably probably about eight years now that we've been together. So they were engaged, we married, they had a house together.
And unfortunately things happened. And that relationship kind of lots. So they went their separate ways. He was the house and and forty IT wasn't really a good .
circumstance. Break ups are hard. It's a tough time for anyone. You can sink into deep levels of depression. Your defenses are weak and your vulnerabilities .
are exposed. So he want to go online and go date somebody. So he went to a dating platform from this really pretty french girl who was very involved with him, a very kind of attached to him.
So they vote. The two of them really hit off. And at some point you popped the question to say, hey, I am also doing a lot of cypher al investment. Is that something that you be interested in?
OK, I don't see your red flags yet. And he done in either. At this point, they were just chatted through text like a lot SHE seemed to be in to everything he was interested in and he was like in that he was coming out of his break up and he seemed to be caring and helpful.
Yeah okay. So she's into cyp to investments. That's fine. SHE could be under that. But he was curious, was IT really working for her? He had some critical somewhere.
I was like, tell me more about what you are investing in so he tells them, man, there's this hot invest. Me is making mad bank and he's like, yeah, okay, what is IT show me? So he keeps talking up.
I'm basically just leaving off the profit from nesting. It's not and he's like, you gonna show me what you talking about so she's like, okay, so you know how your savings account makes interest, right? This is like that, but IT just pays much more.
You put your money in and then daily IT makes interest and you could just take that interest out if you want or leave IT in and that adds up and you make even more. So he's like, what how much just are you earning? She's like twenty percent.
If you have a thousand dollars invested, it'll earn you two hundred dollars and interest day and any time you could take. And he's like, man, that does sound too good to pass up. So he gives them the links to read up on .
being in the field. He knew a little bit, upgrade is naturally a very sackett skeptical person. So he did his research on a lot of the whether they present the money. So he went, they provide links and information for him to jack once he got went and submit his money.
This scheme was very, very clever. I mean, this guy was a cyber s security professional. He knew about the dangers of cypher to currency. IT was suspicious about all this, but this had a mix of legitimate information, was just a small d fraud. See, the way they had they set up was they made IT look like IT was using a legitimate exchange, in this case, crypt to or con.
And the way that the application was presented to him was, and this is his prospect. I am still trying to get the full scope here, but there is actually a browser that they could use with crypto that com that will have a show up that actually looks like the application. And looking at some the string also, that looks like IT was right within egypt 点 com application。 And because of that, when your user goes and clicks itself, IT appears to be a hundred percent legitimate.
I looked at some of the screen shots myself. It's hard to tell what's going on. But one thing is clear. The social engineered him and trick them in the decending his script out to the scammers wallet. They just disguise the wallet to look trust early.
Basically, he would buy crypto currencies on cyp to a com with real money and and send those crypto coins to this investment project. Investment in there really IT was a scam. And IT looked really good IT.
Then IT looked like a scam at all. You could see your baLance, you could see your earnings, interact with, pull your money out any. So he decided to give them a try.
He puts the money in, sent the crypto. And when he saw IT was generating interest, he tested IT. I take IT some out and was like, wow, this is actually working because IT looked like I was.
But this is where the pig butchering scm comes in. The scammers wanted him to take debate, start with putting in a little, see that it's working, and then hopefully more. And and and hope that dumps a ton of money and when they think he's put in enough to take the money and run. So as he starts watching the money grow on this site, the scammer start rapping up the pressure. They tell him if he invest a little bit more within this time frame, he'll get locked in for bonus interest, basically presenting him with more exciting opportunities that were time sensitive .
in addition to fight playing his own money in there because of the high returns that were being shown. He also went and had filed, had gotten a one. So we actually use use a loan to go and put more money into IT because again, if you can use that loan to go and money, who would do that? So that's another kind of thing we see. The law people is so go take loans out from a financial due to take a more second, more about on their homes in order to go and get more money based on those investments .
taking loans out. Now I see why someone can end up losing a ton of money in this again. But not only that, these scammers are really tRicky.
They would sometimes tell them, look, we locked your account because there's not enough funds to cover with draws. Please deposit another forty thousand dollars in the next ninety six hours to unlock your account. And it's like, wait a minute, what if I don't deposit that? Do you risk losing your money? So I H no, I don't want that.
And so we goes scrambling, looking for even more money to put into this. So this guy eventually goes all in, and some putting all his savings and and taking a one to add more to him to get out of debt, a past financial freedom. And he was very exciting. From there.
the scams were able to successfully collect about ninety thousand dollars out of them.
好 cruel。 And yeah, this ninety thousand dollars was a nice fat pig. And the scammer, like OK, that's right.
Let's take IT. And they did. They took his money, leaving him high and dry out.
He saw his money disappear, and he knew he was. But he's sad and thought about IT for a bit. Is there a way to get any of this money back from the scammer?
What he did was he used the exact same of motion manipulation tactics against the scammers. And what he did was used like, hey, i'm going to go home, invest more, but I need to pull this little bit money out in order to help with this loan, so you can let me pull some of my money out. Or why reever, here I go, had do that.
So he was able to get ten thousand dollars of his back, buy again the point of same tactics against the scams. And he is able to build up enough trust with them where he's at. Look at that money back.
He came him back. alaric. Man, that reminds me of the story I have OK.
So this one time was in vegas, right? I was actually going there for dev con, and when I went, I brought a burner phone with me, right? As just a phone that I paid with cash, got a prepaid plan, all that stuff.
IT was a new phone number. And when I got to vegas, I was getting text messages from a scammer. I sniffed out right away.
They were trying to play on my empathy, saying things like we can't afford money to bike food for our kids and medicine and clothes and some. And they specifically ask for seven hundred and forty nine dollars to get themselves sorted. And I D be an absolute Angel if I could help.
And I was like him, I replied, look, I love to help, but i'm currently stranded. My boyfriend and I got in a fight, and he dumped me off in the mental of nowhere. And I don't know anyone here who can help me.
I don't have any money to get home. I am screw. I was trying to use the scammer tactics on themselves, trying to be someone in distress, just like they were sign you did not work.
They kept as keep me for money and I else like, OK, listen, i'm happy to help you. I have money to help you. But my boyfriend took my purse and all I have is my phone and the strangers all around me.
So unless you can help me get home, like, I don't know, send me two hundred dollars, then once I get home, then I can help you. Didn't work this texting after that and just left me one. So when you run in to someone who's been a victim of this, how you help them?
So the way I help him is I help him. Oh, a couple ways. So the first place is that when IT comes to understanding the emotions in our body tied back to a lot of way to scam works, people feel a lot of shame.
They feel love hurt. They feel love disconnect because of the stig als association. I mean, by that is, when you're a vict like this, people don't want to come for them.
So I try and help them learn how to work with their own bodies. And that in that regards. So that's the one way I help them. On the second way, I point them to the resources where they can go and submit a lover class so they may be working with icc three and may be working with colleagues who also work with romance scams um or maybe helping introduce them over two some of the crypto assets when they can start getting pulling some that body back.
Um the third thing I do is again just trying to help put them in contact with the right people because what happens is when you're in this game IT become your heads spin in a thousand miles an hour. You don't know which way is up, you don't know which waste down, you don't know who you trust. And many of us work behind the scenes to try and help be that good driving force for many of these Victories.
And when we go, we try to help out that kind where we do our assistance. In addition to that, we've also been running a mAiling less ARM for the last seven years, talking on many things. There was a result of visiting or compromise and copier collapsing things with that. And we have a close contacts with allow the bags of financial institutions to help either try reverse some of that money or do what we can to get some of that money back or try to flag those things, those assets where we know, hey, these are actually part of this game.
ninety thousand dollars. That's a lot of money to lose. Is that kind of the upper limit of where you seem people lose and stuff or people losing more?
I really wish I could say that that was the upper limits, but I have seen so much more. I'm working with one victim now the worker them for the last two weeks where he was um suicide and didn't know which way to turn.
G, C, really takes some heavy phone calls. So how do this .
money so very much the first son, he uh found the relationship. And as the relationship built the U. K.
I have this great investment opportunity. They strong him along as far as they could. And what he went and put some the money in, he saw his return.
That was the same story. Uh, this individual actually had is, uh, was ready to retire. He had several homes as well. So because of that, he ended up opening in doing a second morning on on a couple of his home force money out. So because of that and because of what he was able to pull out on those homes, he may now be facing losing those homes as well. And as IT stands right now, he has lost over one point seven million dollars.
I'm enough heard of people losing their life saving, but for some reason this feels worse than that. I guess it's one thing to lose all your stuff on your Young, but it's different when you've worked your entire life to save up for retirement and then lose all of that. You retirement now gone poof. You were financially able and now and that and your whole future is screwed, as is .
awful. I was as a last year, this year's manufact got to speaking with somebody who had, he was a grandfather, who the suicide, and they didn't know why, and they end up going to look through his records. And IT was over five million dollars that he had lost.
Why people are actually killing themselves over pig buttering scams. This is nice. Whoever is behind this is just ruthless.
I wish that was an icon case, but i've also had I had another victim out at death con a couple years ago and for her SHE end up losing her house, losing costing for kids uh her lost her relationship with her acts for her husband and lost her business and SHE wh shoes to over two and four million dollars.
And when I ask her what kept her in, SHE said her husband was a used and he just want if you allowed and like that's the reality of many of these crimes, is that people don't real lize. That you have two factors at play here you have the financial losses and then you have the ability for her that goes along with that. And somebody may you lose ninety thousand dollars that may mean nothing to them. Or you may have somebody who lose as eight thousand dollars and the entire world to them. So I really right now, we're not accounting for the emotional losses on this or the emotional .
dammages formated victims. So so in this, in this first few stories we've heard IT IT IT keeps getting back to romance, right? Do you do you see like kind of a pattern of who the victims typically are? Are they usually people who are looking for love? Or what are some other like if we're gona watch your own back, like we ve got to know when we're in a vulnerable state and what makes a person more vulnerable to this sort of stuff?
yes. So first and foremost, one of the constant patterns i've seen this is supply. See many victims. I've kind of discuss, research the topic.
Many of them tend to be extremely trussing, where if you to be walking on the side of the street, this is the type of person who will go and help a homeless person in need. If a dog was heard on the side road, they will go and help them out. And there are some of the most kindest souls you ever meet.
And because of that trust, the scams have figured out that they can go manipulate and abuse that person and get them to do things that they want alive. What happens is from that control perspective, they will actually clinical. I'm going to use a term that when the victims use and may is a bill, essentially hijack their own consciousness and give them a different perspective of reality, a different perception of reality.
And what happens is is the victims will be manipulated to a point where they will be pulled away from friends. I'll be pulled away from family and only put other trust in this one person. And because of that, and because of the kind words that they're saying, the victims will want to go and be with that person.
In addition to that, you've also got case where they will say the right words in the right way to make the victims want to stay and even longer. So like I said, it's a matter of working with the emotions kind of manipur the people in that way. To the another piece, I also know this is that when IT comes to how we as human, process our emotions, so many of us are just disconnected, and we only know how our emotions work. It's like we might feel this one way about this one thing, we might feel this one way about another, but we don't realize that how that we actually pick up emotions from other people. And because of that is something where we all understand how those becomes work in our own bodies alone, how we are emotional manipulated to go do this thing or influence to go to that thing.
Yeah it's so so what what are some of the skill sets that these scammers or thaves um have because that sounds like they understand psychology gy of bets so that would put them in engineering skills right to trick people are posing as someone on the dating APP whatever um but also being able to set up these websites and understanding cyp to and putting mware on systems, whatever the cases where do you what do you see as their skill sets in nase cases at least?
Yes, I so I kind of all kind of talk on the geographic of verse of these skills that are so for the pig buttering angle, which is out of mostly out of like southeast asia, we see scammers who are skilled and saying up websites. They're skilled at working with cypher currencies. They understand that they need to influence a person's emotions and play on the emotions.
We have some two tools and documents from the scammers where it's like thirty thirty page powerpoint um in chinese that essentially comes out to here's where you go and tell them this piece here's where you influence our motion here and do this so they understand that a most manipulation peace there for similar omean cammas in nigeria. Um there a whole different basket for them. They're sophisticated in money launder ing.
They know how track systems work. They know how to wire money from the united states bank out to another bank. And they also understand the underline script of currency networks to go and cash out a gift card or move money over here for um for big coin. So in any way, depending on the geography of where the scammers are coming from, IT really depends on like what that skills is and not just two of the top countries that we see, but there is probably for more that could list off that we see elements of silence during scams coming out of that. Again, go back to that human emotion and count those human pieces.
The thing that strikes me um you know I think you should strike us all with like a Better of fear, is that this isn't, you know, you see, you see the cyber security news every day, you know, ransome, where hit by this company and company got hugs and all that. This is us getting hacked. This is U.
N. ne. This is each one of our neighbors, this is individuals of the world, the citizens of the united states whereever they are. Uh and and that is just such a close to home thing. It's not far away. And some other company that I don't have to deal with, its me and my personal assets are being attacked um and and and that I don't know like when you realize that the threat actor is right here in my bedroom on my computer IT gives you have a different sense of safety .
yeah and and the other thing too, because of that safety, we will go in place so much on crossing the social media provider be I O K. The social mea provider has a really big names. That means they have to be safe and I can trust I think it's coming from there.
So because of how lords many of these providers are, there's in here of trust of using these platforms and so many victims of will go and be like, okay, i'm going go on trust facebook for seeing this stuff yet there was an article that came out a couple weeks o that said, no eight of ten cyber crime or eight of ten cases of cyber ford aboriginal on facebook. Um so when you see numbers like that is something where the scammer who are going to use those trusted platforms to trying to go after people on that. But now I agree to go hundred percent is that IT definitely adds a different level of fear to how the scam actually works.
Because he is like that scams out in your bedroom with you, and they are now stuck in your head as your ruminating over all of the ways where there be like, okay, does this person love me? Or they turned about this relationship. We also go on, and the victims run through their head over over again .
with these victims. You've talked to like, you know, the ninety thousand thousand one one point seven million dollars. Are they actually like how far along in in the how how clothes are they to these people, right?
Are they having video calls with them? Are they having phone calls? Are they testing?
Yes, so many of them will be taxing back of earth or using WhatsApp to communicate. Um like I said, we know that that's how some of more and many of them are receiving like multiple messages per day. Um the one colleague who was in for ninety thousand hours, um i'm prey sure they would have been sending pictures back and for um because again, you're now you're not thinking of IT in the case of, okay, this is a victim you now trying to think about who somebody who believes are in a relationship so you're gna go and do everything that you can you believe of that you're in a relationship like I had one victim who was sending pictures of his food to his girlfriend and the scammers .
do all kinds of weird things like the send photos of two different outfits and ask which outfit should I wear today and then when the victim picks one IT gives them just that a little bit more of information to know about them. Like, do you like formal clothes more than casual clothes? Let's send them more photos of that. Keep among the hook and just think about how much you share about yourself on a personal level, when you have a new love interest, a camma could easily write all that down and figure out your vulnerabilities and play on that if they're really good. But I still think one way to sniff out these scammers is just to pick up the phone and column.
I'm bending that a lot of these scammers just guys posing as women, you know how how do they sound on the phone, even if they grab someone else to dispose as them and get on the phone, that person isn't gonna know your whole chat history and won't be able to Carry on a conversation in any way that makes sense. Or even more, let's do a video call and see what you really look like. And so just keep down in your head. That is probably a red leg if your love interest refuses to answer the call or get on video chat with you.
Yes, so so sometimes that is a red flag. However, some gamers have figured ways around that. Um I know in the concept of deep fakes and A I and I know it's a whole buzz right now, but some scammers are using that technology in order to generate video. Message is back on board. The other thing too, some of them will also use online video without O O, and I will just be kind like moving in the Carry, like all my working, although go and share and have a phone call, bam, and they won't share video to say, hey, my, my, my, this part, my video is a working so though, so there they know that that I peace that people use as a metric, but they were going trying and find different ways to bypass.
Oh yeah, I even think of that. So I ve done video interviews with people are, you know, but I use a snap chat filter on my video to obscure my face in real time. On a line video call, my face gets distorted.
And yeah, you could absolutely just use a filter to change your phase to be a pretty lady, even though you're just some do do doesn't even speak english. We're gona take a quick outbreak. You stay with us because when we come back, we're gonna talk about black eggs and you won't wanna miss this.
This episode responded by spy cloud with major breaches and cyber attacks. Making the news daily taking action on your company's exposure is more important than ever. I recently visited spy cloud dot com, check my dark exposure, and I surprised see just how much stolen data criminals have a dispose from credentials to cookies to P I.
I. Knowing what's putting you in your organization at risk and what to remediate is critical for protecting you and your users from account takeover session, hy jacking or ran somewhere. Spy cloud exists to disrupt cybercrime with a mission to end criminals ability to profit from solan information with spy cloud.
You're never in the dark about your companies 的 exposure from third party breaches and info stealer infections。 Get your dark net exposure report at spy cloud dot com slash darkness dies at spy cloud dot com flash dark net diaries. Okay, so i'm looking you up online. You're known as that be E, C guy. What's be easy?
B, E, C is a business more compromise OK.
So they stop .
there OK 上 这个, 上 这个。 B, E.
we break down the term business email compromise right? So the compromise part makes me think somebody has taken over my office three sixty five uh you know email server and is in my emails if compromised my emails but that's not what you say is be easy now so so you go .
and look up the history of be easy um business in compromise has been the number one crime seven years in a row as last year um but the weight and most people know IT as is if you're try, if you receive an email this is hi, i'm the C E. O of your company, I need you to do this urgent wire transfer for me. Can you wire forty thousand dollars up to this account? And that's what most people think of as businesses of compromise.
Well, that to mean, I just think when you tell me the story, I just think that's a fishing. I I don't call fishing B E C. I just call fishing .
right and and its fishing is kind of the overworking term for any email base thread like bad.
Is B E, C always money related? Or is that sometimes no, we're just going to fish them so that we can get our power on to steal .
their intellectual property business or compromise. Um in most of the cases, IT does not use mower, does not employ any those tactics are trying to install software in the computer. At most they will do credential fishing model, try and harvest the email dentists and email password, but for a vast majority of visiting compromise, there is no matter or tied to that. Um there is only been a handful of cases they're been publicly documented specifi C2B ec act ors usi ng now whe re or som ething lik e tha t. Um but just for for the most case, there is just no mail where that high back to these those types of crime.
So so we're going to classify something to let you know I see we get fished right some sense of fish. We click the link we installed now where you'd say, ah that wasn't be easy, but if that is okay, we have got fished IT was send money to this and I send the money that you'd say all yeah, that was be easy yes. okay.
So if you if you going to classify B, B, E, C, it's likely gonna financial related. Yeah so now this pivots the whole thing in my head, right? Instead of you and me being targeted. Now they're like White target somebody who has thousands of dollars when we can target business who has hundreds of millions of dollars.
yes. And that is exactly what that is. So when you so we did a study, what we found was that when you go and think of your nigeria prince scams, your four nineteen scams or you have this long lost relative in nigerian, go send me this money um what we found was that business mall compromise was not some new crime IT was a symptom of ignoring your equally easy for nineteenth gams. And we've had direct confirmation that the scammer behind visiting more compromise are the same people who have been doing these niggers ian print scams for years.
By the way, four nineteen ams are those nigerian print scams. Know the ones where they send you an email saying, if you pay us, the money will released the inheritance that we owe you. And the reason why it's called for nineteen camps is because specifically in nigerian section 4 makes IT illegal to do。 We've all laughed these games in the past, but they get more sophisticated now.
They're evolving so very much with what you said they realize. Or wait, no, I can go get forty thousand dollars this company as opposed to going to hit this one victim over here. And that's what we see. The overlap gh between the romance is that when the is when they go and send that fishing email to that company, they will use those romance scan victims as the money newly network to send money for these scams. So the victims will be the ones who will be receiving the money, who then wear IT from the united states elsewhere in order to launder up the chain.
I mean, what I was a that's amazing. But what I am surprised of is just like hearing the evolution of IT sounds like theyve really hold their skills over time. They have.
they have yeah and it's a combination of holding their skill yet still keeping mistake, but that these things are simple and unsophisticated. And that's the thing, is that, quote, simple and unsophisticated? Me minus again, minus. Last year IT was the number one crime seven years in a row base ed on financial .
losses works in .
a moon crime uh business compromise. So from two thousand and fifteen to two thousand twenty one IT was the number one cybercrime based on losses year after a year. And the only reason the only reason was not the number one lap for twenty twenty two was because we had this uh, crime called pig buttering that came up. So the way IT was ranked as pig buttering was number one. This emo compromise was number two.
wow. So this is the number one crime. I guess i'm just so surprised that it's those awful nigerian scammers who are doing this. And when I say awful, I mean the least sophisticated fishing, if else have ever seen.
You know the ones, sir, you had a long lost relative with the prince of nigeria, and he has recently died and left a large, and here is for you, just send us five hundred dollars so we can process this and will give the money over to you. Who in the right mind thinks their long lost relative is the prince of nigerian? You never knew IT.
It's just the absolute domus attempt and a fishing scm that everyone laughs at, and it's those guys who are number one, this is the biggest criminal financial loss for companies today now or getting a business to pay a fake invoice can take a lot of prep. You got to figure out whose this company Normally pays large bills to and then trying to pose as them. And one way to pose as them is to registered domain.
That's one letter off from the real one. So at first gLance, that looks like it's from that person you Normally do business with, but it's not. Or sometimes you can pose as like the C, T, O sending A B to the CEO of the same company.
But still to know who the C, T, O and co. Are, you got to know who the people are that work with this company and what their emails look like and what their invoices look like so that I can be as close to the original as possible for this to work. And that takes a lot of work.
We've in cases where they will go and find and use different, different generation services in order to identify the key controllers and the key take holders within the company when they that that's where they get that information on, who's the person within the company that they can go hand target and based on somebody and tells us that we've seen we know that target the controllers of companies and we know that they will target different a financial adviser. So they will go on final week in order to identity. Who can I start within the company .
would have not always build paying. Sometimes they try to scamp these companies to send them gift cards. The scammers will pose as like some manager in the company and ask someone hie up.
The company did such a great year. I D like to get my employees gift cards as rewards. And the person's like, it's a great idea OK. Well, since everyone is remote, could you purchase the gift cards and then send me a photo of the back of the cards and i'll just pass those give cards out? And employees, and that's how these companies end up sending gift cards to nigerian cameras is crazy.
And the and we actually without we actually study where we gave gift cards to the scammers and tracked where they click from. Um crazy, crazy insights that we are able gain from the hap hot IT was such a different perspective of what we thought was when we were going to get. But I say I was really faster with somebody day that we had to came back from that.
Now email providers or system edges need to work to protect users from all this. You can just present every email that comes into the user that used to be the case in the old days when we didn't filter any emails at all. But think about this.
Suppose you do get an email, but it's one letter off. They switched the lower case l for the capital eye. And IT looks the exact same to the human eye to make you think these emails from someone you Normally get emails from.
But that one letter off means it's not. So if a human can't detect IT, we Better have machines that are detecting IT. There's a thing called the leverage time distance, which is an algorithm that will compare two words to tell you how differently are. And I sure hope that email providers today are using this to first to develop a baseline of who you're Normally getting email from and then look for emails coming in with a very similar domain. If the avenge time distances very low, meaning is only one letter off from someone you Normally see, email from the net should be flagged, maybe rejected or quarantine, and let the user know.
Another area to look at for a live domains is how long has the domain be registered if it's been registered within, like the last month, more than likely it's going to be a fishing email. So looking for the reputation, the age of domain is a very, very successful way to do so because most cameras are going and just like get one months worth of the meantime and then use that for their attack. You know.
now that I think about IT, i'm disappointed that there's not Better information on these emails. I get sure I have a spam folder and stuff get thrown in there, but I love to see reasons for why my email provider put IT in spam. To me, spam is ads I don't want.
So why not have a second folder of threats? You know, spam and threats are two different things in my mind that they all seem to end up in the same bucket in my email. I would love, love, love to get threat intelligence on my inbox.
I can see a little dash board that says, we've blocked twenty fishing emails for you this month. And there we had five B, E, C attempts, two pig buttering emails and thirteen emails containing many aware from a threat actor known for targeting journalists at a bare minimum. Just show me a big bright red banner on the email that look out. This email comes from a domain or register two days ago. That would be really cool.
Google, if you're listening, fix that you, and fix the google debug too. so.
I mean, they might be already filtering IT out and put in a spam but yeah stuff that get through you know i'm like, hey, that is a good tip.
Yeah and and just just from the way B, E, C is, it's so many of these email. So get through like there's a reason it's been the number one crimes seven years in a row. So many email gateway ds or try to put protections and a lot of like information security focuses on the mower, the A P S, the blinky boxes and like this subs.
So gets past because there's no power, there's no malicious eying or content in there. It's manichean, the humans. So it's so many. These attacks bioactive real gateways with a love you be ec actors from an attribution perspective, the size back to groups such as like black acts, where they will go and use those of manipulation in order to gain that foot home.
great. So who? What's black? Ex.
so black acts is one of the larger nigerian comfort unities that davin this. So if you're entreprise with the term computer ity, think of a college alternate here in the states but mixed with um black magic and video um and I mean by that is some of the hazing reuters for black acts include a human sacrifice or trying to use those hyp po techniques in order to clean cloth, gain extra powers to become a Better scammer .
you store on the same podcast.
what is here? Hey, hey. Trust me. Trust me. Yeah no, I am time that series on no went often to desiring. But no, no, but no. Black acts is one of the larger groups who's doing awd. The business compromise activity OK.
are we really going in here? I mean, when someone tells me they're using vaud o and black magi C2Become a B et ter sca mmer, unlike skeptical and just want to move on past that, I don't want to pick that up. For some reason, i'm feeling compelled to look this one up. So first of all, I watched an our long BBC on who black axis and it's absolutely bonkers. I mean, just living to the first forty seconds of their documentary this morning.
several bodies stone with the hey capitated ted with related around the city. Plenty people have been killed in called related killings within the past week. A secret death cut is driving in nigeria more terrifying than anything i've ever seen around the world. Crime agencies are cracking down on the multimillion dollar internet fraud and human traffic network. Nigeria are trying to fight back too, but here in their homeland, the calls see on stop world .
and thousands .
of Young lives are being destroyed.
This documentary, y explains that black acts is a cult full of gang violence.
They have agreed to letters film what they call a generation called this ceremony.
and.
These guys are really dangerous. They go around murdering people all the time. Sometimes shoot up buildings are causing mass acres. I guess the U. S. Called mass shootings.
The black ex is killed thousands of people. universe. And where the violence began, the black acx found here forty years ago, and students are still being murdered on campus today, the black ax em out N A move rica, the movement initial is stood for peace, but over time became linked to crime. Today, many people use the names black acts and N, B, M. It's a changeability.
This has been going on for forty years. What that's interesting because they initially started as a neo black movement to fight oppression, but it's very different now. And it's unclear to me that our motors are now something, something freedom, something, something defend. But even though wikipedia thinks N B M and black acts are the same, the people within N B M don't agree. Here's the president of N B M.
B M is not black. S, N B M has nothing to do with criminality. M, B is an organza that tends to help achieve greatness in the world.
Despite the president denials, the nbn is facing mountain international pressure. Weeks after our interview, the FBI arrested more than eighty five NBA members in the U. S.
And south africa charged with multimillion dollar internet fraud. But the us. Department of justice statement named the new black movement of africa as a criminal gang, ization and part of the black acts.
Okay, so you've got this extremely violent street gang, a cult black eggs flash nbm ah, but they seem to also be involved with in a net scams. Here's vice explaining what they found.
The black acts is anonymous with Simon crime IT spread around the world. They've claimed to have as many ist thirty thousand members globally going to get .
out of like ninety six jens on serious fraud d charges. The men were allegedly members of the black acts and notorious nigerian organized .
crime crime and specific to the the human sacrist, the way of that plays out is for your nigerian scammer. They are called a yahoo boy. So in order to become a Better scam or a yahoo boy plus um there is a human sacrifice ritual where you have to kill somebody to gain Better powers to go and continue this type of scanning.
And like I said, sounds far out there, but it's widely documented that this is unfortunate. Those cases, and that's why I get so bitter towards land somewhere, is that people I think some may might die here over here, some may might here because of this transformed. And like, no, we have people literally sacrifice each other because of this stop. And like, that's where that the problems are on some of these cases.
Holy .
moly.
I also watched a few videos about yahoo boys. I guess they get their name because they started out using who messenger to conduct their scams over. And they interviewed some of the yahoo boys who then explained how they do IT, and they open about what they were doing. Again, we people were still lots of money from them. In fact, they even posted a video of one of their victims on the verge of suicide here.
Listen, 因为 在 看着 你我 那 一般 的 你 鬼 的。 So even though they're ruin people's lives and know that some of these victims that they have are committing suicide and they say they're all addicted to drugs, they deny their involvement with human bloodshed. IT wasn't exactly clear from these interviews I watched, but I did seem like they were killing cows or other animals to try to level up their gaming, which I have to admit at first time, just like shocked that anyone would think that they have become Better scammer because of an animal sacrifice. But the thing is, the culture of nigeria is a rich with a lot of this voodoo and taxing and charms and stuff. In fact, when the BBC reporter went to investigate the black acts, could he found a vigilante group who was trying to stop the black acts, and they gave him a charm to protect .
him during his investigate. Its protect just got this a sort of Emily, and this would guarantee my safety on this rate that no bullet will into my skin. I read, what do you ples we give .
an mute to protect them from gunshots? He still wore her bullet proof fast. But this is what I mean. A culture there is really big into this.
And you know, luck is a weird thing that feels like a mysterious force can IT be changed in anyway. So I can see why somebody would want to do weird stuff to try to improve their luck. And if you really, really, really want to improve your luck, then maybe you've got to to do something a little insane.
And I can see how bloodshed can get mixed up in all this. It's very awful and strange though, how how do we get from roman scams to this, the places we go on this show? Now I can see why yourself fascinated by all these.
These stories are crazy. Yeah, yeah. Tell us about that one, that one story you heard about going on in south africa.
Okay, yeah, yeah. But so so this was a, so this was a black x case they had down in south africa um and like i'm into your idea, a lot of work backing forth with long forced so I get to hear a lot of the good stories, a good as a result this but uh they were doing the case.
They went down to go arresting individuals, and they were kind about this compound down south africa, and they didn't really, and they rarely get into most of the houses and most of the buildings. And there was one building in the one window in the back that they couldn't get into. So we will put that down, got in there.
And in that building what they found was they found a pile of money covered with blood and dead chicken s so as they came out and the lock to the door to get in there, they kind of got talking to the people that they were had breathing, and they were like, what this, because you don't really expect to find that on a long force aged. So what the scammer has said was, well, IT turns out that the magic here in south africa is not as strong as the judge in nigeria. So we need a larger pile of money.
And that one, the things that most people don't realize, is that there is spiritless aspect that plays on this that many of the Sanders believe. And when you account for that, you account for a lot of whether they perceive a lot itself. IT gets really, really interesting.
And because of again, that spirit to last back, it's on the relic. I said it's there are so many other things that the scammers are kind of playing with them using or believe that they don't fully understand like what they are playing with. A my .
inie man, ronny, I don't even know what ask you at this point I you just got me going down jack rabbit holes are .
something yeah, yeah, yeah I I yeah i'm the kind of a guy who is a dinner table is like, hey, let's talk about blood across ices and video.
okay. So while looking at these nigerian scammers, I saw something about this group called scattered canary. Do you, can you tell us about this? Yeah.
scattered. I was a mostly nigerian cyberia, a group that we found back in two thousand, and that was engaging in bussy microprobe SE. The reason we named them scattered canary was because when they were very scattered and they're targeting, and two, they were kind of our canary in the coal mine that let us identify a lot of things around four nineteen scams and basically more compromise.
One of the things that happened during the pandemic was unemployment. Money was was given out fairly easily. And whenever one of these programs happen, the scammers are quick to jump on that, and they quickly jumped on that bandwagon.
And for a lot of the unemployment funds, what scattered did was they used a different email accounts or email accounts. I had the google that blog in them, and they went and hit the unemployment fraud systems. And at the peak, we saw them hitting fourteen different states for unemployment fraud in general.
Where that stands, we are upwards around four hundred billion dollars that has been stolen in as a result of some of these things. And there are some new information coming out from about I D dim e and how some of these solar money may not have been uh fully articulated. But what we know right now is that a hundred billion dollars was confirmed from secret service. We know that four hundred billion dollars is up .
in question for the money.
That was hundred .
billion dollars was confirmed. So that was, I ll submit, IT unemployment on behalf of some american, and then i'll tell them to send the money here to me in nigeria. But IT probably money through in to nigeria. But that's where a billion that's what million .
with a big billion with a bit yeah, yeah. So and and that's kind of where the lines get money between businesses. More compromises because we know that scatter canary again who was doing basically compromise.
We know they were doing romance scams. We know they were doing unemployment fraud. And that kind of why I say ec is the number one criest out there because that's over five hundred billion dollars that we know are tie back to business in more compose scams.
We are doing this and we know other scammers were involved in that too. But no, it's I yeah IT was one hundred billion dollars that was confirmed from secret service. There is a possible it's a possible four hundred billion dollars that is up for discretion and kind of being being pushed through for congress. But that's what looks like the the new number is going to laya is about four hundred billion dollars that has been confirmed.
I mean, i've got ta try to understand these numbers more. okay. So i'm just walking through IT in my mind.
So hundred billion is coming from the U. S. treasury.
Yes.
that's a lot of money. That's just like the U. S.
Treasury has lost money. The us. Treasure loss. That's a lot of money that came out of are you in american citizen? Ah okay.
So that's a lot of money that came out of money. Your pocket in addition to that scammers may a way looks like a man been up about four hundred billion dollars. So and the other kicker here or two is that that all is still happening to my intellect sources out in nigeria.
Within the last two weeks, they're still stealing money from the government. The average salary for a nigerian is one hundred U. S. Dollars per month. So when you go and you have that much plenty coming in, IT becomes very enticing for your youth out there want to go and trying to do this fraud.
But still I can't find them. This amount of money coming in like the entire GDP of nigeria is five hundred billion dollars. You're telling me that this one group has stolen almost equivalent to the whole country's GDP from the U.
S. Government, almost doubling nigerians GDP. It's just to real thing services.
Nearly a hundred billion dollars andel c relief funds have been stolen. That adds up about three percent of the cash handed out by the government. Most of the lost money is from unemployment fraud right now, the secret services that has more than nine hundred active criminal investigations, independent mic fraud d with cases in every single state.
And the more I look into this, the more problems I see. I mean, listen to this guy, Michael horwitz is the top cup overseeing the effort to make sure the five trillion and taxpayer dollars when to the right place. This is his first interview in his role as the head .
of a pandemic response accountability committee. The small business ministration in sending that money out basically said to people, apply and sign and tell us that you're really entitled to the money. And of course, for bridgers, that's an invitation. Or what didn't happen was even minimal checks to make sure that the money was getting to the right people at the right time.
The U. S. Government spent five trillion dollars to try to help americans get through the pandemic, but that sounds like they didn't do a very good job at protecting that money from frodi ers.
I mean, this wrong ling stone article reading right now says this more like one trillion dollars was stolen from the U. S. treasury.
My goods, I guess, IT really is the number one crime. And that's such a waste of money. What an awful problem.
How can a trillion dollars be stolen from the U. S. treasury? Y and IT be an acceptable amount of laws, and to me, I must be acceptable.
Since this gut rolled out in phases, I think two trillion dollars was the first to be approved. And of course, scammers immediately start grab in that cash. And when that wasn't enough, they rolled out even more trillions of dollars without putting changes in place to stop this from happening.
You think someone would have said, um this in that last round a lot of money got stolen. Is this really acceptable amount? us. But no, nobody listened and the money just kept get handed and handed right to the when I embrace me, i'm tempted to get to the bottom of this and figure out hot, who bungled this money, who was in charge of handing out five trillion dollars, was like, oh, we don't need guard rails. I don't think anyone's gna steal from us.
Who denied the budget for a security audit or team who ignored the person saying, hold on, if we start having money out this way, we're gonna lot stolen. Who out there thinks it's totally fine that we lost a trillion dollars. I want my voice to be clear.
As an american, this is unacceptable to me. Very disappointed that the U. S. Government ended this much money to the same nigerian gamers who try to convince us all that her long lost relative was the prince of nigeria.
I would be understanding if the government fell victim to some sophisticated cyberattack like a ruthless, unstoppable bull. But you got taken by the least sophisticated scammers on the planet. You need to do Better when you're handing out as much money as fast as you can.
You've gotten look at who you're handing IT too, the very least give IT to an american. What is this your first day on the internet? Listen to secret service agent roy dots in here. He's the lead investigation of this case.
Fast money equals pass crime.
Well, I mean, i'm at this point of this interview, i'm just kind of feeling defeated and well.
come to the last seven years of my life because it's up the words like it's very disarmed and like I said, staring at the stuff for so long, it's something worth like if this is very dearling because you do feel defeated, you do feel like, okay, we've literally lost five hundred billion dollars and that's just what we know I give we were to actually like piece together what we knew i'm good.
I got throw this other like we're easily over two hundred dollars of you last year. And a lot of what IT comes down to is admitting that there is a problem, admitting that something needs to be fixed to mean that something needs to give. Because if you keep having this much money that's going out and you don't admit that is a problem like you're just going to be stocked.
And when you go and look at the twenty twenty five years of nigerian prince camp, this is the whole reason network here right now is because no one wanted to admit that, no, this is actually something is happening. Yes, there are people who are actually being social engineering to this. We have to work with those people in order to identify some of that. Trust me, I totally resent with the I totally feel you when you're like you feel the feed on that because like a lot times I do do but knowing that i'm on the right side of this, knowing that i'm helping that them sign and help him to recover their money and knowing that i'm helping reshape a lot the way that the industry things about themselves like that one you to find stuff everyday.
A big thank you to ronnie talk is ask you for sharing his stories with us. He works for a place called intelligence for good, and he's a chief fraud fighter there. If you run into any other problems that you heard today, you might want to check out intelligence for good, because they might be able to help you.
This episode was created by by the mysterious s breakfast mater cylinders. You might be wondering what my political association is. I'm all tab this dark dials.