Maria Fernanda

You're listening to the Cyberwire Network, powered by N2K.

Simon Horsewell

This is someone who can never meet you in person because the person they presented to you doesn't exist. So look out for the fact that you can't meet this person in real life.

Dave Bittner

Hello, everyone, and welcome to N2K CyberWire's Hacking Humans podcast, where each week we look behind the social engineering scams, phishing schemes and criminal exploits that are making headlines and taking a heavy toll on organizations around the world. I'm Dave Bittner and joining me is Joe Kerrigan. Hello, Joe.

Joe Kerrigan

Hi, Dave.

Dave Bittner

And our N2K colleague and host of the T minus Space Daily podcast, Maria Vermazes. Hello, Maria.

Maria Fernanda

Hi, Dave. And hi, Joe. Missed you both.

Joe Kerrigan

We miss you too. Yeah.

Dave Bittner

Welcome back, welcome back. While you were gallivanting around rocket ships in Florida, we were holding down the fort.

Maria Fernanda

Well, it's a tough job, but someone had to do it, so.

Joe Kerrigan

I know, with Michelle's help.

Dave Bittner

Yeah, that's right. Thank you. We've got some good stories to share this week, but first we've got some follow up here. Joe, you wanna do the honors? What do we got?

Joe Kerrigan

Sure. This one says, hi, Dave, Joe and Maria, I love your podcast. One of my favorites. I look forward to it each week.

Dave Bittner

That's nice. That's very nice. Thank you. That's nice.

Joe Kerrigan

I like to think of myself as fairly scam savvy. And this text my wife got me had me convinced it was a phishing text. And it's a text from BofA Securities.

Maria Fernanda

No, no, no. Bank of America. Bank of America. Oh, no.

Joe Kerrigan

I couldn't resist saying BofA.

Maria Fernanda

No, no, no, no, not BofA.

Joe Kerrigan

I will enlighten Dave as to the meaning, the mean meaning of BofA after.

Maria Fernanda

No, no, I'm pretty sure Dave knows I'm.

Dave Bittner

What?

Maria Fernanda

Dave, you've got to know it.

Dave Bittner

No, I have.

Maria Fernanda

No. Really? Oh, man.

Dave Bittner

Google BofA.

Joe Kerrigan

No, no, don't.

Maria Fernanda

No, no, no, don't Google that, Dave. Don't Google it.

Dave Bittner

I'll wait till after the show to Google it. Yeah, okay. All right. BofA. Am I making it worse by saying BofA? BofA.

Joe Kerrigan

BofA. Yes, much worse, but also much funnier.

Dave Bittner

I can't wait to learn more about BofA.

Joe Kerrigan

I gotta say it.

Dave Bittner

Really looking forward to the end of the show when I can experience BofA. Oh, this is gonna. I'm so happy that everyone's laughing at night's things.

Maria Fernanda

I'm like crying over Dave.

Joe Kerrigan

When I tell you what this is, you will be like, I wish I.

Maria Fernanda

Didn'T know, it's perfect that he doesn't though. It's right.

Dave Bittner

No, no, don't ruin it. Save it.

Joe Kerrigan

I'll.

Dave Bittner

I'll get it after the show figure out and we can enjoy it off air together. In the meanwhile, this message from bank of America.

Maria Fernanda

Bank of America. B of A. Yeah.

Joe Kerrigan

Right.

Dave Bittner

Yeah.

Joe Kerrigan

We need you to view this image of check number and it's got a bunch of zeros and then four ones for which is an odd check number. Right. It's essentially just four ones.

Dave Bittner

Yeah.

Joe Kerrigan

For $169.40 from the account ending in some numbers. I'm not going to read those out loud to confirm it's accurate because scammers may change the payee's name. Log in to log in online or go to www.bankofamerica.com to validate and it has a link there.

Dave Bittner

Yeah.

Joe Kerrigan

Is the pay payee name correct? Reply yes or no by 5pm tomorrow to opt out of fraud alerts. Reply stop.

Dave Bittner

Okay.

Joe Kerrigan

This reeks of a scam message.

Maria Fernanda

It's certainly weird looking.

Joe Kerrigan

Click on this link.

Maria Fernanda

Yeah.

Joe Kerrigan

No, click on the lick. Right?

Maria Fernanda

I would not click on the link. No, no.

Joe Kerrigan

How many of them?

Dave Bittner

No, I'm not gonna. No, I would not.

Maria Fernanda

Both of them.

Joe Kerrigan

Right.

Dave Bittner

I would. I'm just bathing in my ignorance here. I'm just.

Joe Kerrigan

You're gonna be so sort.

Dave Bittner

Absolutely ignorant.

Joe Kerrigan

I'm going to take away your bliss after the show.

Dave Bittner

Yeah. All right, good. I'll look forward to that.

Maria Fernanda

I'm going to be seated for this one, let me tell you.

Joe Kerrigan

Okay, so the check number and the URL were clickable in the original format in the original text. She didn't remember writing a check recently. And when she went to her banking app. Not going to the link, which is good. There was no check listed in the activity window. I loaded a throwaway VM and loaded the link. It goes to what looks like the bank of America login screen. No way am I entering any information there. So good. Good policy. It so looks like a fish. Is what what Dave says. This is from Dave, by the way. I forgot to mention that at the beginning.

Dave Bittner

Different Dave.

Joe Kerrigan

Different Dave.

Simon Horsewell

Not Dave.

Maria Fernanda

Yeah, Dave E. Davey.

Joe Kerrigan

Yeah, I told her to call the bank and talk to them after waiting on hold for about an hour. An hour? Really? It turns out this is a real text from bank of America fraud department.

Dave Bittner

Huh?

Joe Kerrigan

It was a check someone had hung onto for a while before depositing. Why in the holy heck would bank of America have procedures like this? Just thought you might find this interesting. I do find this interesting. I also find it interesting that you call the fraud department and wait on hold for an hour.

Dave Bittner

An hour?

Maria Fernanda

Who's gonna do that? That's crazy.

Joe Kerrigan

Yeah, yeah, yeah.

Dave Bittner

I don't have an hour.

Joe Kerrigan

I have an hour in my day to sit around and wait for someone to get to me on a fraud issue.

Maria Fernanda

Yeah. If I'm freaking out that it's fraud, I don't want to wait an hour. But. Yeah, yeah, yeah.

Joe Kerrigan

This, this is something would make me consider changing banks. First off, the text is not. Not great. But the fact that I'm. I would wait on hold for an hour to talk to fraud, the fraud department. Yeah, that would be. That would be enough to set me off.

Maria Fernanda

Yeah.

Dave Bittner

I agree with Dave here that this has all the hallmarks of a scam.

Joe Kerrigan

Absolutely.

Dave Bittner

I mean, there's the artificial time horizon.

Joe Kerrigan

Right.

Dave Bittner

Contact us by 5pm tomorrow.

Joe Kerrigan

Right. Or else.

Maria Fernanda

Or else check gets it.

Joe Kerrigan

Right.

Dave Bittner

Yeah. I mean, the only thing, when I was originally looking at this, the URL looks legit. Bankofamerica.com Right. There's no red flags in the URL.

Joe Kerrigan

Yeah. But I'm always leery of clicking on these things because maybe they're using a different. A different letter, a different Unicode letter that looks like a B or an.

Dave Bittner

A or an O.

Joe Kerrigan

An O, yeah, yeah, that's.

Maria Fernanda

Yeah. Or if your glasses prescription needs a little update and you just miss it because. Yeah, it's easy. It's bank of America. That of is actually a zero, but right.

Joe Kerrigan

Where that B is actually an L and a C crammed really close together.

Maria Fernanda

The cheming.

Dave Bittner

You know, I recently got a call from a bank out of the blue. I was. See, how do I say this? As listeners know, in the last year my father passed away. We've been settling his estate and in doing so, there was a check that my brother received that was sizable. Right. Not life changing, but sizable.

Joe Kerrigan

Right.

Dave Bittner

And. And I am the executor of the estate. So it was a check that I had written and signed and all that kind of stuff. And I was sitting home doing what I do best, minding my own business.

Joe Kerrigan

Right.

Dave Bittner

And my phone rings and it's a woman from the bank comes up on my phone as being from. I believe it was like Navy Federal Credit Union, something like that.

Joe Kerrigan

Right.

Dave Bittner

Which would be a place that my brother would bank because his wife is a Navy veteran.

Joe Kerrigan

Your father was also a Navy veteran, right?

Dave Bittner

My father was also a Navy veteran. That's right. And so anyway, she was just calling to check to make sure that I had actually written this check and signed it and that it was all on the up and up. She didn't ask for any specifics. Didn't ask for, you know, just basically just checking, checking in. She seemed very appreciative that I answered my phone. Cause that probably never happens.

Joe Kerrigan

Anyway.

Dave Bittner

You know, just an interesting little bit of follow and I wonder. It made me wonder what would happen had I not answered the phone. Would it just meant that they hold it for another week?

Joe Kerrigan

Yeah, I don't know. It's a good question.

Dave Bittner

Yeah, I don't know. So anyway. All right, what else do we have here, Joe? Any other follow up?

Joe Kerrigan

I got some chicken updates, Dave. Oh, I now have more than one hen laying. I know that I have at least two different hens laying because the eggs are different colors. And I think I may have as many as three hens laying eggs on slower schedules than normal. But it could just be two with one just getting into a rhythm. I don't know, but I have at least two.

Dave Bittner

Is this a thing where like once one chicken starts laying, do the others get the message and say, get jealous? Yeah, yeah, they get jealous. Or is there some, you know, something in the air or the water where they. It just now it snowballs and they all start laying?

Joe Kerrigan

I think it just has to do with the fact that they're all about the same age within like a day of each other. Yeah, that's much more likely.

Dave Bittner

That makes sense. That makes sense.

Maria Fernanda

Well, that's cool. I also have a chicken update. Oh, I do not have chickens. I have a. I put a link in the, in the script that I wanted to get your reaction to. And the headline says, let's stop shipping baby chickens in the mail.

Joe Kerrigan

What is this about? I mean, I guess they're saying we should stop sending baby chickens in the mail.

Dave Bittner

I mean, nothing gets by you, Joe.

Joe Kerrigan

You're right. Is that it?

Maria Fernanda

Yes, because USPS can't guarantee 48 hour delivery anymore for the chickens chicks. So.

Joe Kerrigan

Okay. Yeah, well, if that's the case, then yeah, absolutely. You should stop sending them in the mail. When chickens hatch, they have enough food and water, they can go three days. They don't need to eat or drink for three days. Oh, but you know it. In the time between hatching, you can't just pick them up and put them in a box. But like within a day you can pick them up, put them in a box, and if you can get them anywhere, within one day or two days, they'll be fine. Yeah, and, but if, if not, if it's going to take more than 48 hours. Yeah. You're going to get a dead box. A box of dead chicks.

Maria Fernanda

Yeah. Apparently nobody wants that. This, this article is about how people are basically receiving box of deck boxes of dead chicks.

Joe Kerrigan

It's a heart, it's a tongue twister.

Maria Fernanda

Yeah.

Joe Kerrigan

Very sad tongue.

Maria Fernanda

Chicks that are spending like five days in transit.

Joe Kerrigan

No, that, no, that's terrible. You can't do that.

Maria Fernanda

Yeah.

Dave Bittner

Huh.

Maria Fernanda

Yeah. So I just wanted to, I just wanted to share that. I was like, I'm curious what you think. So cool.

Joe Kerrigan

Yeah, that's, that's maybe a different carrier. I don't know. If you can get a carrier that can guarantee that you'll get them in, in two days, then yes, go ahead and do that. But if it's going to. If, you know, USPS says we can't guarantee this anymore, then you just go.

Dave Bittner

To Harbor Freight and get some chickens. Don't they occasionally carry chickens?

Joe Kerrigan

Tractor supply has them.

Dave Bittner

Tractor supply.

Maria Fernanda

That's what I say. If you live anywhere somewhat suburban, a lot of places have chicks that pretty easily just walk in. Usually find them.

Dave Bittner

Okay.

Joe Kerrigan

Yeah, usually in the spring.

Maria Fernanda

Yeah. But don't get them for Easter because that's not a good idea.

Joe Kerrigan

No, I've heard that people do that. That's just terrible because you can. No, don't do that. If you're going to raise the chicken to be a chicken, remember these are flock animals. They need multiple. You can't. In fact, when I, when I bought the ones attractive supply, they said, we will not sell you less than three chicks.

Maria Fernanda

Yeah, right. That's right.

Joe Kerrigan

Because you need, you need, you know, it's like any herd animal or flock animal can't live alone. They need to have other, like sheep. You can't buy just one sheep and expect that sheep to be okay.

Dave Bittner

Right.

Joe Kerrigan

You need like two or three sheep at least.

Dave Bittner

Huh? Okay. You know, I saw a video last week of a, of a. I believe it was a, it was a hen. It was a mother hen defending her brood from a hawk. And I mean, man, don't mess with a mother hen.

Joe Kerrigan

No.

Dave Bittner

This hawk didn't know what hit him.

Joe Kerrigan

Yeah. I've seen roosters, videos of roosters killing hawks.

Dave Bittner

Yeah.

Joe Kerrigan

You know, like having them pinned down and like, it's like war, war footage, you know? Yeah, it's like the, the hawk's last moment of life and the rooster has his claws up and has, you know, one set of claws pinning the root, the hawk down and the other set of Claws about to just end this hawk.

Maria Fernanda

Yeah. And this hawk.

Simon Horsewell

Right.

Dave Bittner

And finish him.

Joe Kerrigan

Right.

Dave Bittner

Yeah. All right, tell you what, let's get some stories here.

Joe Kerrigan

That's enough chicken talk.

Dave Bittner

It's enough chicken talk. But before we do, thanks to everyone who sends us in. Follow up. We do appreciate it. And thanks to Dave E. For sending in your story. Interesting stuff. And if you'd like to send us something, it's hackinghumans2k.com. Every attacker counts on one thing. Environments that Trust too much. ThreatLocker closes that gap with default deny at execution. Unknown software blocked. Trusted apps contained with ring fencing configurations verified with Threat Locker DAC so you stay secure and compliant. ThreatLocker delivers the visibility and control CISOs need without adding operational pain, making zero trust real for teams of any size. Stop ransomware at its earliest point. Book a demo@threatlocker.com N2K. All right, Maria, you are up first this week. What do you got for us?

Maria Fernanda

Well, Dave, in this season of love, I figured I'd go for a throwback. When is the last time either of you have thought about Nigerian princes?

Dave Bittner

Oh, it's been a while.

Maria Fernanda

Yeah, it has been a while. It has. Even just that phrase, a Nigerian prince. Oh, it's been a little bit. So why don't we dust that part of our brains off a little bit for this story? So I should mention that this is all allegation. No one has been formally charged in this story yet. So innocent until proven guilty, I suppose. But this one comes to us by way of the Organized Crime and Corruption reporting project and ghanaweb.com there's a little mini documentary that just got published about this specific situation just as of time of this recording. I was kind of fascinated about it. It was a romance scam and a humanitarian scam all in one. So to set up the story, unfortunately, our victim is a. You know, her name is Laura, or that's the name she's going by for the story. She is a Romanian businesswoman and she got some outreach on LinkedIn like a lot of us are. She's spending a lot of her time on LinkedIn and there was like, this hot lead on LinkedIn and it seemed totally up her alley. And, uh, it's someone looking to invest millions of Euros in humanitarian causes in her native Romania. And if this wasn't just anyone, this was the Crown Prince of Dubai on LinkedIn.

Dave Bittner

Wow.

Maria Fernanda

Reaching out to Laura specifically.

Dave Bittner

Yeah.

Maria Fernanda

So, yes, not a Nigerian prince, but an Emirati prince. Well, put a. Put a pin in that one, actually. But yeah. So obviously we know this is not the real deal, just. Just in case, spoiler alert on that one. But the chat between Laura and the so called Crown Prince of Dubai goes on for two years. Thousands and thousands of messages go on between the two of them. And it actually does lead to romance at some point. So it blossoms. How sweet. And slowly, over the course of those two years, Laura is losing hundreds of thousands of euros, of course, because I guess the Crown Prince of Dubai needs money.

Joe Kerrigan

Right? Right.

Maria Fernanda

Anyway, this story actually has, like this two really interesting twists. That is really what caught me here. The first one was there actually was a request to meet up in person in London with the Crown Prince of Dubai's financial manager. And there was a real person that Laura met with. There was a real meeting. And at this meeting, there was paperwork and banking websites shown to Laura where, you know, large deposits have been shown, and then that she was also assured that more deposits need to be made. And, you know, of course, because we're talking about a lot of money crossing international borders. There are fees, so she was shown the fee charts, all that kind of thing. And to be fair, banking across international borders is confusing, and I sympathize. So, you know, it seems all on the up and up, especially since Laura flew to London and met someone in person who seemed very legitimate that, you know, knew exactly what she'd been talking to the Crown Prince of Dubai about. And in all, Laura sent nearly 3 million euros bit by bit to someone over the course of time that she starts to suspect might actually be a scammer. Yeah. So she starts to have the realization that maybe this is fake. And it's a very slow wave of realization, especially as she starts getting hit with more fees. And she's messaging her contact through the Crown Prince of Dubai, saying things like, I hope when I pay these fees, I will get access to some of the funds that I have sent, because I'm starting to suspect nothing's happening to this money. Of course. And so she's sinking more and more money into this scam because the bank that she was shown at, that in person meetup was fake. The website was fake, the fees, all fake. All of it going into the pocket of the scammer. You want to guess who it was that she met with in person in London?

Dave Bittner

Was it the guy who was pretending to be the prince?

Maria Fernanda

Indeed, one of them.

Joe Kerrigan

Oh, this is a team of people.

Maria Fernanda

Yeah, it was one of them. So here's my favorite little twist. There were apparently three people involved on the scam side. Of things. All, yes. Based in Nigeria. That's how the Nigerian prince tie in happens here. What do you think happens when you put 3 million euros or so in the hands of three scammers? What do you think might happen there?

Joe Kerrigan

They buy a lot of cool stuff, like flashy cars.

Maria Fernanda

This is true.

Dave Bittner

They retire and think better of what they do.

Maria Fernanda

No, no, no.

Joe Kerrigan

They keep going.

Maria Fernanda

I think they are nice and they share the profits evenly.

Dave Bittner

Oh, sure, sure.

Maria Fernanda

Yes, sure. So as Laura is starting to slowly figure out that maybe this is a giant scam and she's trying to get her money back and trying to do refunds or some. Just trying everything she can, the other scammers in this team of three are speaking up against the one that met up with her in person going, don't give him any more money. Give it to me and I'll help you. Because that guy's terrible. That's not actually going anywhere, but I'll help you. So, like, quit giving him your money. I'll, you know, like, I, I'm, I'm actually the one you want to help you. And over the course of time, Lara goes well. Okay, so what is the name of the person I've actually been talking to if he's not actually the financial advisor for the Crown Prince of Dubai and one of the scammers gives the actual government name of the prime scammer here, the person that Laura met with and happens to have a photo of. So one of the scammer partners turned in his buddy. Yeah.

Dave Bittner

No honor among thieves.

Maria Fernanda

Truly, Truly. So this, this the head scammer has been outed. And I guess at this point is when Laura reaches out to the occrp, the Organized Crime and Corruption Reporting Project. Because then with that information and the guy's photo, they start looking into this. And as Joe, as, as you kind of predicted, this guy's not hiding whatsoever having his legitimate name. He's all over Instagram, he's all over social media. He is real thrilled for everyone to see his new wealth. His multiple houses in Nigeria, his fancy cars, his luxury watches, Louis Vuitton, whatever, the luggage. I guess he's flying first class to London from Nigeria. Why is he flying to London? And my scam more people. Maybe his wife's also posting a lot. Oh, thanks be to God for all this money that we're getting that's letting us buy all this wonderful stuff. Not going to say how we're getting this money, but isn't it super, super great? So, yeah, he's not the dude is not hiding whatsoever. He's just thrilled to have all this money. So right now, the UK police are involved here as our Nigerian authorities. So this is all ongoing. It's all alleged until someone is formally, formally charged. I am very much going to keep an eye on this case because I think it's. It's fun and it's just a drop in the bucket, I'm sure. But for Laura's case, she's only gotten back around €100,000 of her nearly 3 million that she has lost. So I don't know if she's going to get any more money back. It's. That's a cry and shame, because that is a lot of money. But I find it really amazing that the key to this story was that the other scammers turned the head scammer in.

Dave Bittner

Yeah.

Joe Kerrigan

That'S pretty funny.

Dave Bittner

That's a good wrinkle playing one off of the other.

Maria Fernanda

Yeah, Yeah. I mean, 3 million euros is a lot of money. So I can see why people would start getting really greedy, you know, over.

Dave Bittner

On the Only Malware in the Building podcast that I do, one of my co hosts, Keith Milarsky, is a former FBI agent and he worked a lot of these scam cases with folks overseas, money laundering and all that sort of stuff. And he always talks about how a lot of the information they would get was from the crooks wives bragging online about their wealth.

Maria Fernanda

Yep.

Dave Bittner

That's how they would know where they were. They would if. You know, if they. Because a lot of times they'd get them for traveling to a country that had an extradition agreement with the US So they'd vacation in the south of France. And by watching the wife's social media, they would know that they're there. She's posting pictures of herself and her spouse and living high off the hog. And that's how they get them. They're the wife.

Maria Fernanda

Yeah. I wonder how often the wife actually knows where that money's come from. I'm sure many of them are not.

Dave Bittner

Ignorant, but I'm wondering, maybe willfully ignorant.

Maria Fernanda

Yeah.

Dave Bittner

What's her name? Carmela Soprano.

Maria Fernanda

Yeah. Will for ignorance is a great way of putting it.

Dave Bittner

Right.

Maria Fernanda

Yeah. As long as the checks keep clearing, I'm not gonna ask too many questions. Right?

Dave Bittner

That's right. That's right.

Maria Fernanda

Yeah.

Dave Bittner

All right, interesting. Well, we will have a link to that story in the show notes. Joe, you're up next. What do you got for us?

Joe Kerrigan

Well, I am also keeping in line with the Valentine's Day theme, and I have a Story about a woman named Heather Rovitt. I hope I'm pronouncing that name right. She's 46 years old and a real estate broker at the time of the scamming. And there is much more to this story than we can go into because this is an in depth story. And I read one article where Heather was like, I don't care about any shame that I feel about this. I'm going public with this, which I think is great.

Maria Fernanda

Scorched earth. Good for you, Heather.

Joe Kerrigan

She's not just going public, but there's also an Amazon documentary that she's done that she's been part of here. So there's links to that in the article. So if you go to the show note, you can find. Go to the show notes, click on the article, the link to the Amazon prime video documentary, two parts. I haven't watched it yet, but I think I'm gonna try to watch it. So anyway, one day Heather needs some cabinets fixed. So she calls her handyman service, thinking they're gonna send over the same guy they sent last time. But when she opens the door, she finds this charming man in his 40s. And he has salt and pepper hair and a really nice smile.

Maria Fernanda

He's kind of rugged looking.

Simon Horsewell

Yeah.

Joe Kerrigan

If you look at the picture, this is.

Maria Fernanda

I look at this dreamboat eyes. I'm not gonna lie. That guy, I can see. I can see it.

Joe Kerrigan

Yeah.

Dave Bittner

Yeah.

Joe Kerrigan

This is not a scam I could ever hope to pull off.

Maria Fernanda

You're at least self aware, Joe. Good for you.

Joe Kerrigan

Yep. I'm like, okay, where's the cabin you need fixed over there.

Maria Fernanda

Please leave, sir.

Joe Kerrigan

Fix it and get out.

Dave Bittner

Please leave. Do you not own a belt, sir?

Joe Kerrigan

I do. It just doesn't work. I have to wear. Never mind. I have a nice pair of suspenders for when I'm doing work around the house. Hooks on them.

Maria Fernanda

Nothing more rugged than suspenders, Joe.

Joe Kerrigan

Especially the ones that hook to a belt. Yeah, that's just the lowest form way to keep your pants up, but it's all that works. So the guy introduces himself. His name is Jace Peretti. Right, That's Jace. Right, That's a fake name. His real name is actually Jason Porter. And they chat. It's nice. And then Heather says, after he leaves, Heather says, hey, I need a towel rack fixed. So she calls Jace back, and this time she says, why don't we go do lunch? Of course, Jace says, okay. And then that leads to some texting and eventually a proper date. And within a few months of dating, Jace Goes and meets Heather's parents. So this is now looking really official.

Maria Fernanda

You in danger, girl.

Joe Kerrigan

Right. But she doesn't know that. I mean, oh my God. From our perspective, it's obvious.

Maria Fernanda

Have any girlfriends?

Joe Kerrigan

She does and one of them tries to help her out later.

Maria Fernanda

Okay. I was like, ladies, what are we doing here? Your friend does something like that, you take her aside immediately. Okay. Anyway, sorry.

Joe Kerrigan

After that, a few months later, Jace gets a key to her condo and he winds up spending the majority of his time there. And Heather says, well, he was a night owl. And he said he had picked up a new software job where he was working on his computer late into the night. So Heather went to bed before him.

Maria Fernanda

Oh no, he's a hobosexual.

Joe Kerrigan

A what?

Maria Fernanda

Hobosexual.

Joe Kerrigan

Hobosexual. What's a hobo?

Maria Fernanda

Basically a guy who's just gonna. Just mooch off you.

Joe Kerrigan

Oh, okay, okay.

Maria Fernanda

Sorry. I learned that one on Reddit the other day. I'm like, that's such a great. That's a great term for it.

Joe Kerrigan

Yes, that's a good one.

Dave Bittner

It's good.

Joe Kerrigan

In the music industry we call them guitar players.

Dave Bittner

Yeah. Drummer jokes. Or you know, how do you. How do you know a drummer's homeless? He doesn't have a girlfriend.

Joe Kerrigan

Right. That's the same one with guitar.

Dave Bittner

Yeah.

Joe Kerrigan

Well, I said, what do you call a person who hangs out with musicians? A drum drummer. Yeah, but my drummer would say, what do you call a guy that can't play guitar? It's a bass player. Yeah, that's what I was.

Dave Bittner

All right.

Joe Kerrigan

Anyway, after a while, things start going missing, right? Like just think random things around the house. Like an iPhone that Jace bought for. For Heather. And Jason blames the building concierge and nearly gets her fired. Then a friend's Rolex vanished on a cottage weekend. I don't know. This is written in the sun, which is UK paper, so I don't know what cottage weekend means, but I guess it's just a getaway where you go to an Airbnb or something.

Dave Bittner

Yeah, yeah.

Joe Kerrigan

Her parents mysteriously lost $750 in cash. Or it says pounds here. But it's Canadian dollars probably. I don't know what that is in Canadian dollars. A Tiffany necklace, a gold and diamond wedding band and a diamond engagement ring. Those things just go missing from her parents house on two occasions. Jace also backed out last minute of two different trips with two different excuses. One was, oh, I don't have my passport anymore, it's expired. I can't go to the Dominican Republic. And one was a trip actually planned. And he bought tickets. The tickets were of course, fake, but he said right before the time, it was time to go to Rome. This is going to Italy. Oh, I got. I've got to go to court for a custody thing with my son, with my girlfriend that has my son, and eventually a friend. This is where the friend comes in. She tells Heather, hey, I found Jason Bumble. Which is a dating app, I guess. But Jace convinces Heather that this is all a bunch of BS because he of course, lies his way out of it. So at this point, they've been dating for a long time. And then in the summer of 2021, it wasn't so much the money that Heather says bothered her, but he became. She became more concerned with his sudden shift in demeanor. Like he didn't want to go to any of the events that she was hosting. And then one Memorial Day or Labor Day weekend, Jace disappears. And Heather gets access to his email account. And when she gets into the email account, she finds out that Jace is all over all kinds of dating apps. EHarmony, Match, plenty of Fish and Bumble. And she says that he is talking with hundreds of women. Not one or two hundreds.

Maria Fernanda

How does he have time for that?

Joe Kerrigan

Well, that's what he does at night. He's not developing software, he's scanning.

Maria Fernanda

That's a lot of work.

Joe Kerrigan

It is.

Maria Fernanda

Okay.

Joe Kerrigan

And of course, this is one of my favorite parts of the story. Jace is using names like Jace, Don Donato. Don Donato. I would look at that as like, Donato. Like I'm Donato.

Dave Bittner

Yeah, yeah. You've heard of the tornado, right? This is the Don NATO.

Joe Kerrigan

I'm the Don NATO. Brace yourself.

Dave Bittner

Here I come.

Joe Kerrigan

Watch out. And of course, the ever present Mike.

Dave Bittner

Yeah.

Joe Kerrigan

I don't know how many years in.

Dave Bittner

Are we at this point?

Joe Kerrigan

It's like three years into this. So she. She finds us off, she breaks it off with him. The police say there's nothing illegal about. About talking to women online. Sorry, if you don't feel safe, you should leave. So she does leave. She moves back to her parents house. Then she gets a call from. Because she had since moved from the first apartment. And now they're in another. Another house. And the landlord is like, hey, Jace isn't paying his rent. I'm going to evict him. And she's like, that's fine with me. So then she goes in there and she finds all kinds of documentation. Like she finds bills of sale for the. The stuff that was missing from her Parents, house. And then all told, it looks like she lost around 150,000 pounds, which is probably close to $200,000 in American money and probably even more than that in Canadian money. But it's. I can't say I would be happy with losing $150,000. It would affect me greatly. So I don't want to say this is not. This is not as bad as we hear. Like, Maria's story had someone losing $3 million.

Dave Bittner

Joe, I've seen you misplace your glasses.

Joe Kerrigan

Yes.

Dave Bittner

And go apoplectic.

Joe Kerrigan

Should have seen me yesterday. I was working on my car and I couldn't find the tire gauge. I was like, I just had it.

Dave Bittner

Right. Is it in your hand?

Joe Kerrigan

It was in my pocket.

Dave Bittner

Okay.

Simon Horsewell

There you go.

Maria Fernanda

Not in your backpack?

Joe Kerrigan

No. It's a tool. It's got a specific place.

Dave Bittner

Yeah. I mean, it's sad and I guess all too common. I also feel really bad for her parents because the violation of the parents trust, you know, this ne' er do well boyfriend who comes in and stuff starts disappearing.

Joe Kerrigan

Yeah. There's a lot more to this story. I mean, I would encourage listeners to go and read the story. There's much more to it than I can cover here, but it's a good story, and I really want to watch this documentary now.

Maria Fernanda

Yeah, same here. I'm going to have to find a way to get to it because I don't have Amazon prime anymore.

Dave Bittner

I'm curious.

Maria Fernanda

Yo, ho ho, Maria.

Joe Kerrigan

You have friends that have Amazon Prime?

Maria Fernanda

Yeah, yeah, yeah, yeah. Yep. Me and Bezos, we're buddies.

Dave Bittner

So, Maria, at the outset of this, you were. You were lamenting that this woman's girlfriends weren't having a more active part in her defense here. Can you flesh that out for us?

Simon Horsewell

I.

Maria Fernanda

Some of that was out of. I'm just thinking back to my.

Joe Kerrigan

I.

Dave Bittner

This.

Maria Fernanda

Okay, I'm gonna organize my thoughts on this one. This was not terribly uncommon for people I knew in our 20s. However, she's. She's 46.

Joe Kerrigan

Yeah.

Maria Fernanda

I don't know. In my 20s, when I had friends that had situations like this where it wasn't necessarily a scammer, but things moved way too fast. There was an element of maybe that's normal. I don't really know. By 46, you definitely have enough life experience. So I don't know. I think that's a girlfriend's need to sit down with you and go, this is moving a little fast. Honey. Are you sure about this? But of course, if she goes, yeah, it's great. He's fine. I promise you. It's great, you know?

Joe Kerrigan

Yeah. It didn't move like romance scam level fast.

Simon Horsewell

It moved.

Maria Fernanda

It's still pretty fast.

Joe Kerrigan

Yeah. I mean, three months, three or four months season. He's living with her. Yeah, that's pretty fast.

Maria Fernanda

With a key to her condo. I don't know. I mean, I'm not saying, like that's unheard of, but it's just that it's a little fast to me. To me. So I don't know. I don't know. That would raise some eyebrows for me. Are you sure? You see, all right, he's on the up and up. He's got a job. You sure about that, right?

Simon Horsewell

Yeah, yeah.

Dave Bittner

Especially the kind of. I mean, he moved.

Maria Fernanda

How'd you meet this guy? He showed up at your house.

Dave Bittner

Yeah. He's staying with you. Have you ever been to his house?

Maria Fernanda

Yeah.

Joe Kerrigan

And where does he live?

Dave Bittner

Right.

Maria Fernanda

Have you met his friends? Like, is he legit? Yeah, there's all sorts of. Yeah, especially at this age. Like, there's gotta be, there's gotta be more to it. And if it's just he just shows up out of the blue and now he's moved in with you and you haven't met anyone on his side of things and you haven't seen him actually go to a job. I just don't know. Too many red flags.

Joe Kerrigan

I mean, well, she did see him go to a job. He fixed the cabinets in her house.

Maria Fernanda

Well, then I'm a handyman too, Right. My red flag would have been find me on TaskRabbit. It's jeez.

Joe Kerrigan

My red flag would have been when he says, oh, I got a software job. I'm like a software job for a handyman.

Maria Fernanda

I mean, have you just open up notepad and you know, I'm a software engineer.

Dave Bittner

I also wonder, could he be. If you think about him being a predator, which you know, seems clearly allegedly. But if he's involved with hundreds of women, he chose to live with her. Which makes me wonder, like, what was it about her? We talk about, why didn't her girlfriends help her? Maybe he sensed in something in her that she didn't have the support network that was gonna blood in the water. Yeah. And he said, aha, I got one. And this is the one I'm gonna live with.

Maria Fernanda

Right. I'm just imagining in my weekly catch ups with my friends, if one of them told me, hey, this guy who showed up at my house fixing my cabinets 3 months later is now sleeping on my couch. He has moved in with me, I'd be going, this is not a tap the brake situation. This is a red alert.

Joe Kerrigan

Right. So.

Maria Fernanda

What is going on there? So, yeah, you're right. She probably was isolated. So that, that makes her a perfect victim, sadly, yeah.

Dave Bittner

All right, we will have a link to this story in the show notes, and once again, we would love to hear from you. If there's something you'd like us to consider for the show, you can email us@hackinghumans2k.com we're going to take a quick break. We will be right back after this message from our show. Special Sponsor. Most environments trust far more than they should, and attackers know it. ThreatLocker solves that by enforcing default deny at the point of execution. With Threat Locker allow listing, you stop unknown executables cold. With ring fencing, you control how trusted applications behave. And with Threat Locker DAC defense against configurations, you get real assurance that your environment is free of misconfigurations and clear visibility into whether you meet compliance standards. ThreatLocker is the simplest way to enforce zero trust principles without the operational pain. It's powerful protection that gives CISOs real visibility, real control, and real peace of mind. ThreatLocker makes zero trust attainable even for small security teams. See why thousands of organizations choose ThreatLocker to minimize alert fatigue, stop ransomware at the source, and regain control over their environments. Schedule your demo@threatlocker.com N2K today. And we are back. I have a special treat for us here this week rather than a story. Actually have an interview Again with our Valentine's Day timing here, we thought it would be nice to talk to Simon Horsewell, who is a senior fraud specialist at a company called Entrust. He has more than 20 years of experience in fraud investigations and document examination. He's supported law enforcement with their work. But lately he's been tracking this surge in romance and confidence scams. So I thought it'd be a perfect person to talk to. Here's my conversation with Simon Horsewell. So today we are talking about romance scams. Being that it is right around Valentine's Day, I would love to start off with some high level stuff here. My understanding is that romance scams go way before we actually had an Internet. This is as long as people have been in love, there have been people trying to scam each other and use it as a way of doing that. Is that an accurate perception?

Simon Horsewell

Yeah, I think that's fair. As long as people have had the ability to take advantage of one another, then unfortunately they have.

Dave Bittner

So what Are we seeing here today when it comes to romance scams? What is the current, let's call it state of the art.

Simon Horsewell

Yeah. So what we're seeing now, people reaching out to. Well, we see fraudsters reaching out to people via social media platforms. So this could be using dating apps with a view to getting them off the dating apps and into private messaging service. Or it could be on Instagram or Facebook or one of those other social media platforms that are a lot broader and that can make the trouble, that can make the problem a bit harder to spot because those platforms aren't necessarily geared up to monitor certain patterns of behavior.

Dave Bittner

Can you walk us through the playbook? I mean, how does something like this begin and what happens as they progress?

Simon Horsewell

So initially someone will reach out to you. They're not going to be an ugly person. Right. This is going to be someone who is probably like a 10, a nine somewhere sort of unbelievable where you're like, wow.

Dave Bittner

And someone way out of my league.

Simon Horsewell

Right. We're not, nor you personally, but like us as a people.

Joe Kerrigan

Right.

Simon Horsewell

These are going to be people that are objectively good looking. Yeah. They will reach out to you out of the blue and they'll say, hey, look, I just stopping by, I saw you like this or I, I saw you were into this, or I just saw your profile and I thought, I just wanted to say hello because you look friendly.

Dave Bittner

Right.

Simon Horsewell

Or you look beautiful. But what will then progress from there is a really intense period of the relationship. So normal relationships progress, you know, various different speeds. But one of the hallmarks of this particular trend, this scam, is that it will go straight up to 100 and it won't lay off the gas. It will be very intense. You will have the most attention attentive person ever. They will find everything you say amusing. You will have no disagreements as long as you're not talking about not giving money, let's put it that way. Everything's going to be the best thing they've ever heard or they're going to think that you are the only thing that they think of all day long. They will not miss a call, they will not miss a message. And they will. Yeah, we see this technique called love bombing. For those of you who aren't familiar with it, love bombing is when you, you, you basically just spam someone with affection. You're constantly telling them how important they are to you, how much you miss them, how you dream of being together. You're sending poems, you're sending stories, you're sending songs. Just, just really intense but over a very short period of time. And this is all to progress and accelerate the relationship to the point where the victim is emotionally invested, and then it's very, very difficult for them to pull away.

Dave Bittner

How much time is there typically between this. This. This period of time where they're building the relationship, and then when the ask comes for something for money, for, you know, something out of the ordinary?

Simon Horsewell

Well, it can vary. It really can vary. In some cases, it can be sort of a couple of weeks. But in other cases, we've known this to go on for a few years. But with the use of AI now, it's relatively simple. We live these lives online, and if you've never met someone in person, it can be very easy to fall into this trap. Some victims have reported the fact that the tone changes when they're talking to this person over a period of years. That. That's generally not the case. Right. If you're talking to a genuine person, they tend to be the same person. But this is, you know, considered to be fraudsters sharing these victims with other people. Or if you like, if you think of it in terms of the business, I've got someone who goes out and does the research and initiates the contact, and then they pull them in. Then I give them to somebody else to keep them warm. And then later on down the line, when it's required, I have my closer. So that kind of pattern, this is why it can feel like sometimes you're talking to a different person or the. The tone changes. Likelihood is you may have been sold on your. Your profile, as it were, may have been sold on to somebody else to go to the next stage. So it can be any period of time, but it does have some hallmarks to it that you can look out for that will let you know that you're trapped in this situation.

Dave Bittner

What sorts of things should people be on the lookout for?

Simon Horsewell

Well, as I say, this intense period right at the beginning, this is someone who can never meet you in person because the person they presented to you doesn't exist. So look out for the fact that you can't meet this person in real life. Now, it could be that from the beginning, the scenario they've given you is that they work overseas, that they can't be with you in person, otherwise they would. Or they work all the time, or they're constantly traveling. Some excuse that is baked into the scenario from the beginning, which means that seeing them in person is going to be very difficult. And we should just put that to the back burner for the time being. Now most of the time, you know, you can have a long distance relationship and it can work, but you're on the assumption that you're eventually going to meet. And if the person on the other end is never going to do that and has never got that intention, then you're working under false pretenses.

Dave Bittner

Now my understanding here is that when someone gets drawn into something like this, it's very hard for them to admit that they've been taken. First of all, does that match your research? And I guess the second question is if you suspect your loved one is involved with something like this, what's the best way to try to break the spel sell?

Simon Horsewell

Yeah, it's very difficult. It's very difficult because these are social manipulation. That's how these scams work. They manipulate the individual, the target. Quite often we're seeing people that are, well, they're being targeted based on things that they put out on social media. So fraudsters now can find out an awful lot about you, build a profile and then they kind of know what buttons are going to work through tried and tested means. So it can be very difficult once someone's caught in this, or as the, the phrase that I'm hearing, quite a lot of, the phrase that we're using, quite a lot is, is breaking the spell. You have banks that are trying to warn people about these payments saying like, you know, we, we have seen this before, this is going to be a scam. And again, the fraudsters have got that as part of their script. So they'll be saying like, don't worry, the bank is going to tell you this, but I just need you to put this money in this location or I need you to buy this amount of crypto by this time because of the intensity of the relationship, the attentiveness that they're giving the victim, the fact that they are making it for the victim feel incredibly real and the dream relationship. The victim is emotionally invested and it's not a case of not, not being able to admit it. It's a ca. Yeah, it's, they're so emotionally invested that they, they, they can't get away from this. It is everything to them. They, they are in love. It is very real for them. So the fact that other people are coming along and waving bits of evidence or, you know, trying to pull them away from it, the fraudsters know what they're doing when they're creating this scenario. It's very difficult for loved ones to pull them away. The fraudsters know what the regular Objections are going to be and almost counter attack them before they happen. So trying to isolate that person more and more from their support network, from their family, from their loved ones, from their friends, discrediting the warning signs that banks will put up. And a bank can't stop you spending your money, they're not allowed to do that, but it's in their interest to warn you.

Dave Bittner

Several times you mentioned AI. What role does that have in the scams these days? How much has it accelerated or made it easier for these folks to do the things they're up to?

Simon Horsewell

Yeah, so this has been a problem since we have started living more of our lives online. And that means that we are now used to having conversations with people just through text, for example. And whereas before, with some of these scams, the fraudster would have to take a photograph from somewhere else on the Internet, which still happens, but they would have to take a photograph, which would mean that you could potentially take all the images that your romance has, you know, your romantic partner has sent you, and you can put them on a search engine to see if they see if and where they've popped up elsewhere before, which may give you some indicators that the relationship is not genuine. It used to be that the fraudster would have to write the pieces themselves, they would have to write the messages, which means that you could use things like spelling and grammar, syntax, you could use all of these as indicators. But now we have generative AI, we have LLMs. So these will allow people who don't necessarily speak, let's say, English as a first language, it will allow them to communicate in perfect English, even set a tone. The grammar will be great, the syntax will be great, and you can say, I want to make this playful. So it will have a playful tone to it, it will use playful type words. You can converse quite convincingly without necessarily having the ability to do that yourself, which is what the fraudsters do. And now you've got this generative AI allowing people to create someone from scratch. So an image of someone or a video of someone, you can use generative AI, so you can use deep fake, for example, to wear the face of somebody else. So if you have to do a video call, you can wear the face of the AI generated person that you've created so that you now appear like them in a video call. You can use generative AI to mimic a voice so that you can have a more realistic sounding tone that maybe matches the image of the person that you're portraying. So it's made it that much more Realistic and harder to spot because gradually it's removing some of the red flags or the characteristics that we would have used potentially to pick this up. It's making the appearance of it that much more realistic.

Dave Bittner

So what are your recommendations then? I mean, are there consistent ways to successfully inoculate your loved ones against this sort of thing ahead of time?

Simon Horsewell

What I would say with all of this, it's like any scam that's ever been perpetrated. It's all about making people aware before it happens. Once someone is ensnared, as we've. As we've mentioned, it's very difficult in some cases to convince them otherwise. It depends how invested they are, how far down the track they are. But even sometimes, people are presented with the full facts and all of the evidence and they're still not convinced. So really, the best form of defense is awareness, making sure that people are savvy about this potential pitfall as early as possible so that they can avoid falling into this trap. So there are a few things to look out for, as I say, the acceleration of the relationship, the fact it becomes so emotional and so intense so quick. There's always going to be whether someone is prepared to have a video call or not, there's going to be an excuse why they can't meet you in person. And then at some stage, and this is the key thing to look out for, there is going to be some form of crisis or event that requires the victim to hand over money or help out in some way financially. And that's the big thing. And it could be. We've seen kind of really protracted ones where one victim of a romance scam is actually the money mule for the other victims of the same romance scam. So it'll be send money to this address. And the person at that address is also involved in the romance scam. They are also a victim, but they think they're helping out. I'm sending, you know, my. My future husband has asked me if I can forward money for that I received from this address and forward it to that address because it helps out his business, which is building for our future. So it's that request in there that involves money. Whether it's you handing over money, whether it's you buying crypto, whether it's you investing in something as well. That's another kind of facet of this, is getting people to invest in fake scams or Bitcoin or buying gift cards. These are the kind of things to look out for. And you'll find that around that time, the intensity of the emotions kind of drops off and a lot of the messages are just checking in and asking where the money is or have you sent this yet, or have you purchased that yet?

Dave Bittner

So, I mean, Maria, let me start with you. I mean, obviously these sorts of scams we talk about every week, but it was really interesting to me how Simon just sort of emphasizes the growth of these, how they're everywhere.

Maria Fernanda

Yeah. And we focus on them a lot this time of year, certainly. But I don't really think there is a season necessarily. And we've talked about a lot on the show about even if the victim or victim's friends or family know that they're being scammed, they're so insidious. And people often really want to believe that they're real, no matter what their self image sort of hinges on this possibility of it maybe being real, that it's very hard to get someone.

Joe Kerrigan

To.

Maria Fernanda

Stop going along with it, even if they're causing themselves harm. So I don't. We often talk about it, and I don't know what the great solution is here, aside from we just gotta keep trying. But it's not great that there's not only more effective than ever, but now with AI in the mix, they're even harder to detect. So people are getting hooked more easily. It's just insidious.

Dave Bittner

Yeah, yeah, yeah, yeah. Any thoughts, Joe? I mean, this thought thing about psychological coercion and social engineering being such a key part of this.

Joe Kerrigan

Yeah. And the AI enablement of this just lets you do it at scale.

Dave Bittner

Yeah.

Joe Kerrigan

Which is something that really. This kind of. These kind of scams really needed to be done in person. And you. There was a limit, and now that limit has been pushed. Also, I've noticed in researching for today's show that the FBI, a lot of branches of the FBI, like different field offices, have released guidance on being aware of romance games around Valentine's Day. So I think one of the things Maria said was absolutely correct. This is not a seasonal thing. Valentine's Day is just when we pay attention to it. This goes on 365 days a year.

Dave Bittner

Yeah, absolutely. All right. Well, again, our thanks to Simon Horsewell. He is a senior fraud specialist at Entrust and we do appreciate him taking the time for us. Joe, Maria, it is time for our catch of the day.

Joe Kerrigan

Our catch of the Day this week comes from the scam subreddit and it is a letter from the U.S. department of Justice Drug Enforcement Agency. Or at least its seems to be.

Dave Bittner

Yeah. So it goes like this. It starts off and it says, federal investigation of violations of U.S. law. This letter is to inform you that you've been identified as a potential witness in a federal investigation being conducted in the Eastern District of New York concerning felony violations of U.S. federal law, including but not limited to, mail fraud, wire fraud, money laundering, distribution and possession with intent to distribute controlled substances, misbranded drugs, entry of goods by false statements, and conspiracy in violation of multiple U.S. statutes. Specifically, investigators have determined that there is evidence establishing that you have either directly or indirectly purchased via the Internet, counterfeit pharmaceutical and chemical products from an illegal international drug trafficking organization. This investigation is ongoing and no final charging decisions have been made. If you would like to provide a statement or speak with an investigator, please share your preferred contact information or phone us at this number. Sincerely, David Olesky, Special Agent in Charge.

Joe Kerrigan

Is this. This seems real. I don't know if this is fake. This would 100% work on me. Really?

Maria Fernanda

It has all these numbers on it, too. You're in violation of 18 USC section blah, blah, blah.

Joe Kerrigan

It says they're investigating a crime and you may have purchased counterfeit goods. Yeah, this seems like they're looking for plaintiffs.

Dave Bittner

Yeah. It says you could be a witness.

Joe Kerrigan

Yeah.

Dave Bittner

Well, it is a scam.

Joe Kerrigan

It is a scam.

Dave Bittner

It is a scam.

Joe Kerrigan

Well, thank you for bringing this to me because I'm like, oh, interesting. Totally worked on me. Right through my filters. It's well worded. Interesting. So what's the scam?

Dave Bittner

Well, I mean, it's just, you know, you. You scan, they're just trying to get you on the phone, on the line, they're trying to get you to call them, and then there's, you know, any number of scams that they can then pull on you.

Joe Kerrigan

Okay, so this is just the. The tip of the spear, as it were.

Dave Bittner

Yeah, I mean, it's a law enforcement scam. Same sort of thing where you get a voicemail message from somebody claiming to be the sheriff and you missed jury duty or.

Joe Kerrigan

Right.

Dave Bittner

It's. It's along those lines. One of the things that caught my eye is that on the letterhead here, allegedly from the dea. It says it's coming from the Rocky Mountain Field Division in Colorado, but the body of the letter says it's an investigation in the Eastern District of New York.

Joe Kerrigan

Yep.

Dave Bittner

Okay, good point.

Maria Fernanda

Yeah, I was wondering about that.

Dave Bittner

That's a possibility. But, no, I followed through and chased this one down. And it is indeed a scam. The folks who researched this actually got in touch with the folks at the Department of Justice. And they were like, yeah, nope, that's not us. That's a scam. Yeah.

Simon Horsewell

Wow.

Dave Bittner

Yeah. A pretty good one.

Joe Kerrigan

Yeah.

Dave Bittner

Pretty good one.

Joe Kerrigan

Yeah, that's. I mean, really good. I mean, I just totally. It just knocked all my defenses right down. And what made it look not like a scam to me was that they're not saying, we're coming to get you. Right. It looks to me like, hey, specifically, investigators have determined there's evidence establishing that you have either directly or indirectly purchased via the Internet, counterfeit pharmaceuticals, chemical products from illegal distribution drug trafficking organizations.

Maria Fernanda

And Joe, you're like, yeah, that's plausible. Yeah, sounds like a thing I would have done.

Dave Bittner

I'm always buying janky drugs online.

Joe Kerrigan

Right. I do put it immediately in the.

Dave Bittner

Trash because I'm looking for a deal. Yeah.

Maria Fernanda

Yeah, me, I would have been like, yeah, that's not a thing I do. So, you know, if they said, you know, maybe you've been pirating videos, I go, yeah, maybe I know somebody who might be doing that. But not drugs. No.

Joe Kerrigan

Well, I mean, I get my. Some of my maintenance medications delivered on Through a mail order pharmacy.

Dave Bittner

Yeah, right.

Joe Kerrigan

Yeah, I access that online. You know, this is why it would.

Dave Bittner

Work on me, right? Yeah. It's plausible. If they sent this to you, they would have found someone that this checks enough boxes.

Joe Kerrigan

This checks enough boxes that I would.

Dave Bittner

Have fallen for it.

Joe Kerrigan

Yeah, I mean, you heard me. I was on the side that this is. Maybe we made a mistake putting this in here.

Dave Bittner

Yeah, I agree. It's one of the better ones we've seen out there. It's funny, in looking at the responses to this, how many people said, just in general, never provide a statement or speak with an investigator unless you have to. Unless you have no other choice.

Joe Kerrigan

Yeah, I've heard that advice from lawyers.

Dave Bittner

As well, thing, you know, never talk to the cops. You never know what they're up to. So people had that response too. I don't know how much you need, how breathless a response that is or not, I don't know. But it was interesting to see that. That came up multiple times in people's responses to this and the comments of this one. But, yeah, turns out it was actually a scam. Huh. So, wow. Beware.

Joe Kerrigan

Oh, look at that. I guess I look like the idiot this week. But that's okay.

Dave Bittner

That's your turn.

Joe Kerrigan

You know, it happens, right? It happens to all of us.

Dave Bittner

That's right.

Joe Kerrigan

Nobody is immune.

Dave Bittner

Even me.

Joe Kerrigan

I sit here every week talking about somebody getting scammed.

Dave Bittner

Yeah, yeah, yeah. Well, you know, I'm about to find out what BofA means, so.

Joe Kerrigan

Yes, you are. Oh, my God.

Dave Bittner

Most environments trust too much and attackers know it. Threat Locker enforces default deny at execution, blocks unknown apps and limits what trusted apps can do. Stop ransomware at the source. Get your demo@threatlocker.com N2K. And that is our show. We want to thank all of you for listening. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast. Apparently, please also fill out the survey in the show notes or send an email to hackinghumans2k.com this episode is produced by Liz Stokes. Our executive producers, Jennifer Ibin were mixed by Elliot Peltzman and Trey Hester. Peter Kilpie is our publisher. I'm Dave Buettner.

Joe Kerrigan

And I'm Joe Dees Kerrigan.

Maria Fernanda

And I'm Maria for most. Joe. No, I'm not doing it.

Dave Bittner

Thanks for listening.

Maria Fernanda

I'm not doing it.

Dave Bittner

All right, I'm looking this up now.

Maria Fernanda

Oh, God.

Joe Kerrigan

No, no, no. Just Dave now. Now we're not recording. You can ask me what is. What is both.

Maria Fernanda

Oh, we're definitely recording this.

Joe Kerrigan

Oh, yeah.

Maria Fernanda

There's no way we're missing this. You kidding me?

Dave Bittner

This is going after the show credits, so. All right, so should I ask or should I look it up?

Joe Kerrigan

No, you should ask.

Dave Bittner

All right. Joe.

Joe Kerrigan

Yeah.

Dave Bittner

BofA. What does it mean?

Joe Kerrigan

BofA. Ds nuts.

Dave Bittner

Are you kidding me?

Joe Kerrigan

No.

Dave Bittner

It's that simple.

Maria Fernanda

Yes, it's that simple, man. Oh, It's middle school humor at its very best days.

Joe Kerrigan

That's why I said I'm Joe Dee's Kerrigan. I was hoping that Maria would go off.

Dave Bittner

Marie. I am not kidding me.

Maria Fernanda

Are you saying it, dude? I'm not saying it.

Dave Bittner

Maria. You knew this?

Maria Fernanda

Yeah. Oh, what do you think, I'm a lady.

Simon Horsewell

Come on.

Dave Bittner

You know, my youngest son got me with the Ligma version of this.

Maria Fernanda

What's Ligma? Ligma.

Dave Bittner

Yeah. Yeah.

Maria Fernanda

What's Ligma?

Dave Bittner

What's Ligma? Ligma.

Simon Horsewell

Balls.

Dave Bittner

Oh, okay. You're a teenager. I'll allow it.

Joe Kerrigan

My son still tries to get me with you. He's 26.

Maria Fernanda

So when you go back and re. Listen to the part where you're like, I'm enjoying learning about BofA, and you hear me pissing myself laughing.

Dave Bittner

Yeah. At the end of the show, I'll experience BofA.

Maria Fernanda

Both of these nuts. There you go.

Dave Bittner

See? And here I thought it was going to be something sophisticated, clever.

Joe Kerrigan

I told you. You.

Maria Fernanda

I'm very glad you didn't Google it.

Dave Bittner

Humor. All right, I'm going to stop the recording.