Podcast Summary: Hacking Humans – Episode: Not-so-real Deals

Host/Author: N2K Networks
Release Date: April 3, 2025
Description: Deception, influence, and social engineering in the world of cybercrime.

1. Introduction and Listener Follow-Up

Timestamp: 00:14 – 04:11

The episode begins with hosts Dave Buettner and Joe Kerrigan welcoming listeners, alongside guest Maria Varmazes. They briefly address listener interactions, including a message from Kaylee regarding toll scams. Maria explains Kaylee’s experience with fraudulent Sun Pass text messages despite her active duty military status and residency in Florida.

Notable Quote:

• Maria Varmazes [02:22]: "Seems the scammers haven't figured out who actually has the toll passes, just phone numbers."

2. Large-Scale Cryptocurrency Fraud Uncovered by Palo Alto Networks’ Unit 42

Timestamp: 04:11 – 08:35

Joe introduces a research finding by Palo Alto Networks' Unit 42, spotlighting a sophisticated fraud operation targeting crypto investors. The scammers create thousands of fake cryptocurrency investment platforms mimicking reputable brands and even leveraging events like the Paris Olympics to appear legitimate. These operations primarily target individuals in East Africa and Asia using Telegram groups to foster community and credibility. The fraudulent schemes promise unrealistic returns, such as a “27% daily return,” which compounds to an annual ROI of over 2,600%.

Notable Quotes:

• Joe Kerrigan [06:22]: "One scheme offers a daily return of $3 on an $11 investment. That is a 27% daily return, which compounds to an annual ROI of over 2,600%."
• Maria Varmazes [08:26]: "Absolutely."

The discussion highlights the use of free HTTPS certificates and domain fronting to obscure the scammers' operations, making detection and tracking challenging.

Notable Quote:

• Joe Kerrigan [07:44]: "Horus agency using domain registrars with lenient policies. Shocker. Right?"

3. Gold Bar Scam in Newton, Massachusetts

Timestamp: 09:45 – 19:21

Dave shares a poignant story of a 72-year-old woman scammed out of nearly half a million dollars through a gold bar fraud. The scam involved impersonators posing as U.S. Treasury agents, convincing the victim to transfer her assets and purchase gold bars under the guise of protecting her funds from alleged illegal activities. The scammers provided counterfeit treasury checks to maintain legitimacy. The victim’s family intervened, leading to the arrest of 23-year-old Vishal Kumar in a sting operation orchestrated by law enforcement.

Notable Quotes:

• Dave Buettner [11:14]: "This is like a classic example of, you know, really, anybody can fall victim."
• Maria Varmazes [12:15]: "When I see those gold commercials on TV, I immediately think it's time to sell gold, not buy it."

The hosts express empathy for the victim and discuss the cyclical nature of gold's popularity, which scammers exploit.

4. AI-Generated Fake Celebrity Advertisement

Timestamp: 21:18 – 24:16

Maria recounts encountering a deceptive Facebook ad featuring a fake AI-generated interview with Kelly Clarkson and Whoopi Goldberg. The ad falsely portrays Kelly Clarkson discussing personal insecurities, indicating it was not genuine. This incident underscores the evolving sophistication of AI in creating believable yet fraudulent content.

Notable Quote:

• Maria Varmazes [21:18]: "I was engrossed because it was AI slop."

5. Whiskey Cask Scam in the UK

Timestamp: 24:11 – 37:19

Drawing from a BBC report, Maria details a "whiskey cask scam" orchestrated by Craig Brooks, who previously defrauded victims of $6.2 million through investments in carbon credits and rare earth metals. In this latest scam, victims are lured into purchasing whiskey casks with the promise of investment returns as the whiskey ages. The scam involves selling non-existent or multiple owners for the same cask, leading to significant financial losses for investors, including vulnerable individuals like those with terminal illnesses.

Notable Quotes:

• Maria Varmazes [26:55]: "This guy Brooks has been in the UK, he has been disqualified, which means he can no longer run a company, but he's running this company."
• Dave Buettner [30:18]: "It’s selling multiple things that don’t exist to people."

The hosts discuss the skepticism around legitimate whiskey cask investments and the challenges in verifying the authenticity of such deals.

6. Catch of the Day: Fraudulent Social Security Administration Email

Timestamp: 37:19 – 43:33

Connor submits an example of a phishing email masquerading as a Social Security Administration (SSA) communication. The email urges recipients to click a link to access their statements, repeating the message multiple times with placeholders for logos, indicating it may be a phishing attempt aiming to install malware.

Notable Quotes:

• Maria Varmazes [40:48]: "They were registered... but I don't know if that's correct."
• Joe Kerrigan [40:05]: "We have an important update regarding your account... For security reasons, this link is best accessed via a desktop or laptop."

The hosts caution listeners to verify such communications through official channels and avoid clicking suspicious links.

7. Listener Engagement and Conclusion

Timestamp: 43:33 – End

Maria shares a humorous interaction with a listener named Connor, who commented on her appearance on the podcast. The hosts encourage listener participation and feedback, emphasizing community and awareness in combating cyber threats.

Notable Quote:

• Maria Varmazes [38:11]: "I actually sent this picture to Connor because Connor's email address."

The episode concludes with a reminder to contact the show via email for submissions and feedback.

Key Takeaways:

• Evolving Cyber Scams: Scammers continuously adapt their tactics, leveraging advanced technologies like AI and exploiting trending investment opportunities such as cryptocurrency and precious metals.

• Listener Vigilance: Encouraging listeners to remain cautious, verify information through official channels, and discuss potential scams with family members to prevent victimization.

• Importance of Awareness: Highlighting real-life victim stories underscores the need for greater public awareness and education on identifying and avoiding sophisticated fraud schemes.

Additional Resources:

• Palo Alto Networks' Unit 42 Research: [Link in Show Notes]
• Report on Whiskey Cask Scam by BBC: [Link in Show Notes]

Contact Information:

• Email: hackinghumans2k.com

Sponsors:

• ThreatLocker: Zero Trust endpoint protection platform. threatlocker.comHH

Produced by Liz Stokes. Executive Producer: Jennifer Ivan. Mixed by Elliot Peltzman and Trey Hester. Publisher: Peter Kilpe.