Phishing in the tariff storm. - Hacking Humans

Summary6 min read

Hacking Humans: Phishing in the Tariff Storm Hosted by N2K Networks | Released April 17, 2025

Hacking Humans delves deep into the intricate world of social engineering, deception, and cybercrime. In the episode titled "Phishing in the Tariff Storm," hosts Dave Buettner and Joe Kerrigan explore how evolving geopolitical tensions, particularly around tariffs, are being exploited by cybercriminals to orchestrate sophisticated phishing schemes. This comprehensive summary captures the essence of their discussions, key insights, and illustrative stories, enriched with notable quotes and timestamps.

1. Personal Reflections and Light-hearted Banter

[00:02 – 02:08]

The episode begins with Dave Buettner sharing a personal and heartfelt moment. He announces the passing of his father, reflecting on the emotional journey of grief and the significant role his father played in his life:

Dave Buettner [00:31]: "I may have told you this, Joe, on the passing of my mother about three years ago, one of the realizations I had was that I have never known a world without them in it."

Jane Veronica, co-host Maria Vermazes, is notably absent as she attends a space conference, setting a reflective and respectful tone for the episode.

2. The Density Debate: Metals and Deception

[02:18 – 08:14]

Transitioning from personal reflections, the hosts engage in a fascinating discussion about metal densities, specifically focusing on lead, gold, tungsten, and rhenium. This segment underscores the ease with which cybercriminals can exploit technical knowledge for fraudulent purposes, such as creating counterfeit gold bars.

Maria Vermazes admits a recent misconception about lead being denser than gold, leading to an insightful exploration of metal properties:

Maria Vermazes [02:41]: "I thought lead was more dense than gold. It isn't... Maria and I were theorizing about how would you make a fake gold bar coating something with gold."

The conversation reveals how tungsten and rhenium can be used to mimic gold's density, potentially deceiving traditional testing methods like the Archimedes principle. Dave ties this into real-world applications, referencing his experience as a Steadicam operator, where tungsten carbide serves as a ballast weight due to its high density.

3. Navigating Tariffs: A Breeding Ground for Phishing Scams

[08:14 – 16:41]

The heart of the episode examines how the surge in news around President Trump's tariffs creates fertile ground for phishing scams. The hosts discuss insights from Pre Crime Labs, a security research organization that identified over 300 suspicious websites exploiting tariff-related anxieties.

Key Points:

Phishing Tactics: Cybercriminals leverage the complexity and confusion surrounding tariffs to craft convincing phishing messages. Victims receive communications claiming they owe payments due to new tariff charges, often threatening legal actions or service interruptions.

Dave Buettner [10:07]: "There's no avoiding driving everybody crazy. That's right."
Exploiting Anxiety: The uncertainty and anxiety stemming from tariff news make individuals more susceptible to scams, as they might believe governmental authorities are monitoring their transactions.

Maria Vermazes [10:59]: "With threats of arrest, I'm sure."
Imitating Legitimate Sources: Scammers create fake websites resembling official US Customs and tariff pages, using domains like tariffwine.com or tariffhealth.com to appear credible.

Dave Buettner [12:10]: "I have never seen... It's all domestic wine and my kids would of course mock me incessantly about that."
Advice to Listeners: The hosts emphasize vigilance, advising listeners to avoid clicking on suspicious links and to verify any unusual tariff-related communications.

Maria Vermazes [16:40]: "You don't pay tariffs."

4. Real-world Impacts: Money Laundering and ATM Jackpotting

[16:41 – 24:46]

A. Money Laundering in Online Romance Scams

Drawing from a report by Stephanie Price at FOX News, the episode highlights the case of Christine Joan Echo Hawk, an Oklahoma woman charged with laundering $1.5 million from elderly victims involved in online romance scams.

Highlights:

Modus Operandi: Echo Hawk facilitated the laundering process by transferring funds through cryptocurrency, demonstrating how digital currencies can both aid and complicate financial crimes.

Maria Vermazes [18:22]: "Cryptocurrency is a pretty good way to launder money."
Law Enforcement Challenges: Despite the traceability of cryptocurrency transactions, law enforcement successfully traced Echo Hawk's activities, leading to her arrest and potential hefty penalties.
Expert Insights: The hosts consult with FBI contacts who reveal advancements in tracking cryptocurrency transactions, even across different blockchains, making it increasingly difficult for criminals to remain anonymous.

B. ATM Jackpotting: Exploiting Technical Vulnerabilities

Another alarming story covers a new jackpotting scam targeting ATMs, as reported by Danielle Antos from Yahoo News.

Mechanism:

Technical Exploit: Scammers manipulate ATM cassettes to alter the denomination of dispensed bills. For instance, programming a $20 cassette to release $1 bills allows criminals to withdraw significantly more money than intended.

Dave Buettner [21:14]: "Is that where I use technical means to have the ATM spit out money?"
Coordination Tactics: Criminals collect receipts from ATM transactions, using them to gain backdoor access and cancel transactions after dispensing cash. This method siphons over a quarter-million dollars without directly affecting individual bank accounts.

Maria Vermazes [23:09]: "They are emptying these things of cash."
Law Enforcement Response: Authorities have arrested several individuals involved in this scheme, including Vitaly Moraval, a Ukrainian war refugee, indicating the international scope of such cybercrimes.

Dave Buettner [23:56]: "They're walking up conducting some kind of transaction and having the transaction canceled after the money's dispensed."

5. Phishing Schemes Targeting Educational Institutions

[24:46 – 32:41]

The episode shifts focus to phishing attempts within academic environments, specifically targeting faculty and staff at Montclair University.

A. The Airstream Trailer Scam

An enticing offer of a free 2014 Airstream Sport 16-foot travel trailer circulates among university members, showcasing classic phishing characteristics:

Red Flags:

Unrealistic Offers: The promise of a high-value item for free, such as an Airstream trailer, is a common bait in phishing schemes.

Maria Vermazes [27:03]: "Here’s a free one."
Urgency and Secrecy: The scam instructs recipients to use personal emails instead of official school accounts to arrange inspections and deliveries, aiming to bypass institutional security measures.

Maria Vermazes [27:03]: "Please write so and so with your personal email and not with school email for a swift and fast response."
Technical Inconsistencies: The inclusion of mileage (e.g., "7,000 miles") in a travel trailer offer is a telltale sign, as trailers typically do not have odometers.

Dave Buettner [30:10]: "Do trailers have odometers?"
Host Insights: Maria and Dave discuss the unrealistic elements of the scam, such as the implausible mileage claim, to educate listeners on identifying fraudulent offers.

Dave Buettner [30:25]: "That's a little bit of a tell that."

6. Sponsor Message: ThreatLocker

Throughout the episode, Hacking Humans acknowledges its sponsor, ThreatLocker, emphasizing the importance of robust cybersecurity measures in combating such sophisticated attacks.

ThreatLocker [26:46]: "With ThreatLocker allowlisting and ring fencing, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities."

7. Catch of the Day: Community Insights and Further Scams

[26:46 – 32:41]

In the final segment, the hosts share additional phishing attempts and scams reported by their listeners, reinforcing the episode's central theme of evolving cyber threats tied to current events.

Notable Discussions:

Phishing Aggregation: Montclair University's proactive approach in aggregating phishing attempts serves as a model for other institutions to recognize and respond to emerging threats.

Dave Buettner [27:03]: "Montclair, to their credit, they have a web page where they aggregate phishing attempts."
Community Responsibility: The hosts encourage listeners to report suspicious activities and remain vigilant, highlighting the collective effort needed to mitigate cybercrime.

Dave Buettner [30:37]: "You don't have an odometer. No."

Conclusion: Staying Ahead in a Changing Cyber Landscape

Hacking Humans wraps up the episode by reiterating the importance of awareness and proactive measures against phishing scams, especially those exploiting current socio-political climates like tariff disputes. The hosts urge listeners to remain cautious, verify unsolicited communications, and stay informed about emerging cyber threats.

Dave Buettner [32:41]: "We want to thank this week's sponsor, ThreatLocker. Go to threatlocker.com HH where you can request a demo and neutralize the threat of malware running on your devices."

This episode of Hacking Humans masterfully intertwines personal narratives, technical discussions, and real-world case studies to illuminate the ever-evolving tactics of cybercriminals. By focusing on the intersection of current events and cyber threats, Dave Buettner and Joe Kerrigan provide listeners with valuable insights and practical advice to safeguard against sophisticated phishing schemes.

Loading summary

Transcript242 lines

[00:02]
Maria Vermazes
You're listening to the Cyberwire Network, powered by N2K.
[00:15]
Dave Buettner
Hello everyone and welcome to N2K, CyberWire's hacking humans podcast, where each week we look behind the social engineering scams, the phishing schemes and criminal exploits that are making headlines and taking a heavy toll on organizations around the world. I'm Dave Buettner and joining me is Joe Kerrigan. Hey, Joe.
[00:31]
Maria Vermazes
Hi, dav.
[00:32]
Dave Buettner
Our usual co host, Maria Vermazes is at a space conference this week, so she will not be joining us this week, but we'll look forward to having her back next time. All right, Joe, a couple quick bits of follow up here before we dig into our story. Quickly, I wanted to just touch on, as I think some people know, the passing of my father. My dad was, in a roundabout way, kind of a character on this show. Cause I would often talk about my. My trials and tribulations of being, as I called it, unlimited lifetime tech support for my elderly father. So a couple weeks ago as we're recording this, my father passed away and did so very peacefully and surrounded by loved ones and on his own terms. So as far as passing goes, it was just about everything you could have possibly asked for or wished for. But of course I miss my dad and just going through all the usual journey of grief that you go through when you lose a loved one. As important as my father was to me. So I appreciate everyone's kind words and it's just a little different. I may have told you this, Joe, on the passing of my mother about three years ago, one of the realizations I had was that I have never known a world without them in it. Right, right. And so you just don't know what the world is going to be when someone that important to you is no longer here. So.
[02:09]
Maria Vermazes
Yep. It's kind of scary. Yeah. But the thing I've always heard is, is that it doesn't ever. It'll never be the same, but it will get better.
[02:19]
Dave Buettner
Yeah, you know, that's true. That's been my experience after my mom's passing and you know, just try to be thankful for all the good times. My father was a good man and a good dad and so we're all very thankful for that. All right, well, moving on to other things, Joe, you've got another bit of follow up here for us.
[02:39]
Maria Vermazes
I said something profoundly stupid last week.
[02:42]
Dave Buettner
Okay. I'm sorry I missed that.
[02:44]
Maria Vermazes
Yes. I said that I thought lead was more dense than gold. It isn't.
[02:49]
Dave Buettner
Okay.
[02:49]
Maria Vermazes
I thought this because lead has a greater atomic mass than gold. Does. So in other words, one atom of lead is heavier than one atom of gold. But if you. If you pick up a bunch of atoms and put them together, apparently they are significantly lighter than gold. Oh. So my. I was. Maria and I were theorizing about how would you make a fake gold bar coating something with gold.
[03:09]
Dave Buettner
Right.
[03:10]
Maria Vermazes
However, I did find out that tungsten has almost an identical density to gold and root. I don't know how to say. It's rhenium.
[03:22]
Dave Buettner
Rhenium.
[03:23]
Maria Vermazes
Yeah. Rhenium has a slightly. A slightly higher density than gold. So you could mix a ranium and tungsten alloy to have the exact same density as gold. And they do mix these things together. You just need to know how much of which to put together. And then you could put that right in the middle of a bar of gold. And the old Archimedes test of weighing the gold and putting it into a glass of water to see how much it displaces would tell you that it's gold.
[03:51]
Dave Buettner
That's interesting.
[03:52]
Maria Vermazes
Yeah. So I still think you can make a fake gold bar. The difference is that tungsten and I think ranium are both very hard metals, so they're not soft like gold is. So if you tested it that way, like tried to bend it, you would not be able to bend tungsten bar.
[04:09]
Dave Buettner
Right. You know, when I. Back in many years ago, when I was a Steadicam operator, some other Steadicam colleagues, they used tungsten carbide as a ballast weight. So there are times in Steadicams are. You know, it's the camera stabilization thing. I guess the most well known thing is Rocky running up the stairs in Philadelphia. A Steadicam shot. It makes the camera look like it's floating.
[04:35]
Maria Vermazes
Yes.
[04:35]
Dave Buettner
So I used to do that.
[04:36]
Maria Vermazes
I have never seen. Actually, I've never seen Rocky. Really? Yeah, really.
[04:43]
Dave Buettner
Joe, you got some homework, man.
[04:47]
Maria Vermazes
I only recently watched the Godfather.
[04:49]
Dave Buettner
Okay.
[04:49]
Maria Vermazes
Which, by the way, is a great movie. It shouldn't be missed. Okay. But I saw Apocalypse now when I was a kid, which also great movie. It shouldn't be missed. Sure. Rocky. I was just never interested in the movie. It just never caught my eye. Not that I don't like Sylvester Stallone or respect his work. I mean, he wrote that movie, directed it, and starred in it. That's phenomenal. And it was a huge success. But the thing when you say Steadicam, the very first thing I remember is something of a. Some documentary where I was watching somebody explaining the Steadicam. And it's a woman running through a field of flowers with the Steadicam operator chasing her.
[05:26]
Dave Buettner
Oh, yeah.
[05:26]
Maria Vermazes
And they show you, you know, what it looks like as the Steadicam operator is chasing the. Chasing the woman through the field of flowers. And you're like, there's no way this looks good. And then they show you the footage from the Steadicam. And I'm like, man, that's beautiful.
[05:37]
Dave Buettner
Right, right, right, right. So it's all just physics and weights and counterbalances and so on and so forth. So in that mechanical contraption, sometimes you had things that were counterbalances that you wanted to use as ballast weight, so you wanted to have things that were very dense so that they didn't take up a lot of space, but they had a lot of mass. And evidently, tungsten carbide was a popular one, I think, because it was relatively cheap. More available than something than, say, depleted uranium.
[06:10]
Maria Vermazes
Yes. I will say this. Tungsten. I looked up the prices of tungsten and rhenium. Today. Tungsten is like $50 for a kilogram of it.
[06:18]
Dave Buettner
Okay.
[06:18]
Maria Vermazes
And Rennie, it was like $2,000 for a kilogram.
[06:21]
Dave Buettner
Oh, wow.
[06:21]
Maria Vermazes
So it would be cheap for you to make fake gold with this? I mean, in terms of. I mean, yes, rennium is kind of expensive as far as metals go. It's not as cheap as tungsten or copper or aluminum.
[06:31]
Dave Buettner
Right.
[06:32]
Maria Vermazes
But it is. It is cheap compared to gold. And you're only going to need a little bit of it.
[06:36]
Dave Buettner
Got a little side hustle there.
[06:38]
Maria Vermazes
Right. So following on to this, our question that we never really got an answer to. A lot of people wrote in. A lot of people wrote in and told gold bars at Costco. You a Costco member, Dave?
[06:52]
Dave Buettner
I think so.
[06:53]
Maria Vermazes
You think so?
[06:54]
Dave Buettner
Well, yeah, I think I am. My wife generally handles that kind of shopping. And I don't mean that in any sort of misogynistic kind of way. She prefers to handle that kind of shopping. And so she handles. I know we have a Costco membership, and I believe a BJ's Warehouse membership as well, but I think sometimes she switches. We don't always have both of them simultaneously, actually, I'm going to back up, because one of them sells gas.
[07:25]
Maria Vermazes
And never, never buy gas at the Costco.
[07:29]
Dave Buettner
No, no.
[07:30]
Maria Vermazes
The gas lines always look like Jimmy Carter's president again. And it's just. Yeah, it's awful. It's.
[07:36]
Dave Buettner
You know, I think my teenage son buys his gas there because he has more time than money.
[07:41]
Maria Vermazes
Right. You know, there's a Costco by us where they have a gas they Have a gas pump and there' like a line at least three cars deep at every pump. And just down the street there's a Royal Farms, which is like a Maryland convenience store.
[07:55]
Dave Buettner
Yeah.
[07:56]
Maria Vermazes
That sells gas for like, maybe $0.10 more a gallon.
[07:58]
Dave Buettner
Yeah.
[07:59]
Maria Vermazes
How many gallons are you going to buy? 10, 15. Is it worth A$50 of your time to sit $1.50 to. To not sit in that line? I think it is.
[08:09]
Dave Buettner
Right.
[08:09]
Maria Vermazes
So I, I go and just buy the 10 cent more expensive gas.
[08:13]
Dave Buettner
Yeah. And then you're on your way.
[08:15]
Maria Vermazes
And then I'm on my way. Not waiting in line.
[08:17]
Dave Buettner
Right, right. All right. Well, thanks to everybody for writing into us. We do appreciate it. And now a few thoughts from our sponsors at ThreatLocker. The tactics used by cybercriminals are becoming more and more advanced every day. The shift from a default allow approach to a default deny is more critical than ever. This is where ThreatLocker comes in. Stay tuned for how ThreatLocker allow listing and ring fencing as your back. Let's move on to our stories here. And I am going to kick things off for us. Joe, you and me and Maria, we talk about time and time again about how the scammers follow the news.
[09:15]
Maria Vermazes
Yes.
[09:15]
Dave Buettner
Right.
[09:16]
Maria Vermazes
They are very news savvy.
[09:17]
Dave Buettner
They are very news savvy. And what has been in the news maybe dominating the news, says we're recording this more than anything else. Are President Trump's tariffs.
[09:28]
Maria Vermazes
Yes.
[09:30]
Dave Buettner
There is no avoiding driving everybody crazy. That's right.
[09:33]
Maria Vermazes
I lost a bunch of money last week. I got some of it back yesterday.
[09:37]
Dave Buettner
Yeah, yeah. And the uncertainty is causing a lot of people a lot of anxiety.
[09:43]
Maria Vermazes
Yep.
[09:43]
Dave Buettner
And so if you have an anxious electorate, an anxious society that primes people to being susceptible to cybercrime. So there's a company called Pre Crime Labs, which sounds something out of the Spielberg movie.
[10:03]
Maria Vermazes
Yeah. It's like. Was that movie, Was it Minority Report?
[10:06]
Dave Buettner
Minority Report.
[10:07]
Maria Vermazes
With the Precogs.
[10:08]
Dave Buettner
Right, The Precogs, yeah. So there's an organization called Pre Crime Labs, and they're a security research organization. They have uncovered over 300 suspicious websites registered so far just this year, and they are looking to take advantage of these tariff issues. So there's one that is a phishing site that's posing as a legit US Customs and tariffs page.
[10:37]
Maria Vermazes
Huh.
[10:38]
Dave Buettner
So you get a email or a message saying that you owe payments due to the new tariff charges. And of course, none of us are experts on how tariffs work yet.
[10:50]
Maria Vermazes
I do know this. I do know this. That unless you're importing or exporting something, you don't pay a tariff.
[10:56]
Dave Buettner
Right. But you can see how there could be confusion.
[10:59]
Maria Vermazes
Yes.
[11:00]
Dave Buettner
And people may think that. Yeah, I don't know, is there? And if someone sends you a strongly worded letter or email or text message.
[11:08]
Maria Vermazes
With threats of arrest, I'm sure.
[11:10]
Dave Buettner
Oh yeah. Or even just, you know, you're not going to get your, your shipment or you're not going to get your, who knows, your, your Social Security payment. I mean, things that are even nonsensical.
[11:21]
Maria Vermazes
Right.
[11:22]
Dave Buettner
Are enough. Especially when people are in this sort of heightened state of, of anxiety and agitation. And if you go to this page, it is a fake site and it tricks people into either handing over their money or their financial or their sensitive financial information. Yep. And it's hosted through one of those sites that has a lot of malicious activity, the bulletproof hosting kinds of places. There are a bunch of domains that have been registered that are things like tariffwine.com or tariffhealth.com so basically just appending or prepending the word tariff onto the regular everyday things that we do and use in our lives now.
[12:07]
Maria Vermazes
Dave, are you a wine guy?
[12:10]
Dave Buettner
I would not know. I would not categorize myself as a wine guy. I do enjoy an occasional glass of wine, but I am not, I do not know a lot about wine. I would not consider myself to be a wine snob like some folks. I have friends who are very, very, I guess, self identifying as wine aficionados. And I am not that.
[12:33]
Maria Vermazes
No, nor am I. Yeah. But I, I, I did recently, just, just recently cease a wine membership for a winery in Texas that didn't ship to Maryland. So I have to go down there and pick up my wine.
[12:46]
Dave Buettner
So a little like an expensive.
[12:49]
Maria Vermazes
It's impractical, Dave. So, okay, so I canceled it. But every time I got a good.
[12:55]
Dave Buettner
Idea at the time, it really did.
[12:57]
Maria Vermazes
You know, they gave me a flight of wine. They said, hey, you'd like to join our club?
[13:00]
Dave Buettner
I'm like, sure, that sounds great.
[13:02]
Maria Vermazes
So for like three years I was a member of the wine club and you know, we have friends down there. So I'd go down there and pick it up and come back. But it was all domestic wine and my kids would of course mock me incessantly about that. But they have a wine club membership to a local winery here in Maryland. We buy a lot of our wine is domestic wine. We don't really drink a lot of imported wine. But like you, I have known some people who are wine snobs and they love imported Wine, Sure. So, you know, I can see where this would target them, you know, oh, that bottle of French wine I bought, apparently I now owe a retroactive tariff on it that I should have. And that's not how tariffs work. At least I don't think. You know, you can't have. Tariffs are applied at the moment of import and export. Right. They're not, they're not implied. Like if, if there's a bunch of Japanese cars here right now that have already been imported into the United States and these are not built in the United States, like let's say Toyota has imported some, those are not going to be subject to tariffs.
[14:00]
Dave Buettner
No. There was a story just a few days ago about before this last round of threatened tariffs were scheduled to go into effect, that Apple was basically loading up cargo planes with iPhones to insure them. Yeah. To get them here before the tariffs kicked into place. So I think you're right there.
[14:20]
Maria Vermazes
Yeah. But when there's all this news and there's all this chatter around there and you get a threatening email saying, hey, we noticed that you bought something, would it be unreasonable to assume that people would be like, well, I guess the government knows everything I buy and then they just respond to it? Or I mean, yeah.
[14:39]
Dave Buettner
I mean, someone says, hey, you bought such and such and you failed to pay your tariff.
[14:42]
Maria Vermazes
Right.
[14:43]
Dave Buettner
You know, and unless you pay the tariff, somebody's going to come and knock on your door and arrest you.
[14:48]
Maria Vermazes
Right.
[14:49]
Dave Buettner
And you know, I mean, look, there are news stories right now about people knocking on people's doors and arresting them.
[14:56]
Maria Vermazes
Yes.
[14:57]
Dave Buettner
So it's not crazy for that to be in people's minds.
[15:01]
Maria Vermazes
Yes.
[15:02]
Dave Buettner
Right. So it's all, it's all sort of intertwined. And to that point this story talks about there are some troll sites out there that are really just there to stir the pot, to amplify the outrage and spread hate. Mocking tariff policies or inflaming public sentiment, those sorts of things as well. And you know, that's not helpful.
[15:26]
Maria Vermazes
No.
[15:27]
Dave Buettner
So the experts are saying that as this tariff situation continues to evolve, and at the moment it doesn't seem like it's going anywhere, nor does it seem like it's settling into any sort of steady state. Right. No. That these scams are gonna play off of it. So they mentioned that there have been some fake consultancies offering tariff guidance. Crypto coins.
[15:53]
Maria Vermazes
That's a good way to scam people out of money on this. Yeah.
[15:56]
Dave Buettner
Yeah. So as always, pause before you click. That clever looking site could be a well crafted trap.
[16:04]
Maria Vermazes
They're so easy to stand up. You know, a good looking site is pretty easy to stand up if you know what you're doing. Yeah, I don't know what I'm doing. All my sites look like crap.
[16:12]
Dave Buettner
Well, but also, I mean, so, I mean, I think government websites are notoriously not good looking.
[16:18]
Maria Vermazes
Right.
[16:18]
Dave Buettner
And so they're even easier to copy because there's no standard for excellence, you know.
[16:25]
Maria Vermazes
Yeah, that's, I think that's a government wide problem.
[16:29]
Dave Buettner
Yeah. Yeah. All right. So just beware anything tariff related. If somebody's asking you for additional money and it has anything to do with tariffs, just pause a beat and just check.
[16:40]
Maria Vermazes
You don't pay tariffs.
[16:41]
Dave Buettner
That's right. That's right. All right. That is my story this week. Joe, what do you have for us?
[16:46]
Maria Vermazes
I should say you don't directly pay tariffs. You are going to pay the tariff, no mistake. But you don't, you don't write a check to some, you'll buy something more expensive. That's how you pay it.
[16:56]
Dave Buettner
That's right.
[16:56]
Maria Vermazes
All right, so I have some good news. This one comes from Stephanie Price at FOX News. And this is coming out of Oklahoma where it says an Oklahoma woman has been charged with laundering $1.5 million from elderly women in online romance scams. This woman is named Christine Joan echo hawk. She's 53 years old and she is alleged to have laundered money from out of state victims from September of last year until December of last year. The officials said the victims were between the ages of 64 and 79. They even tell the horror story of one of the victims who sold her house to send money to these romance scammers, which is awful.
[17:47]
Dave Buettner
Yeah.
[17:47]
Maria Vermazes
I think apparently she was not involved in the actual scamming, but she was laundering the money for them.
[17:57]
Dave Buettner
I see.
[17:58]
Maria Vermazes
So she has been arrested. She came to law enforcement's attention and they, they said they started asking her questions about it and she stopped laundering money for a little while and then, then went back to it. If, if she is convicted, she is looking at anywhere between 24 and 62 years in prison and up to a quarter million dollars in fines.
[18:23]
Dave Buettner
Wow.
[18:24]
Maria Vermazes
There's a number in this article that says if you to report fraud to consumer protection unit for Oklahoma. But these, I don't know why that number is in there because these victims were not from Oklahoma. Oh, she was laundering money with one of the things she was doing was cryptocurrency, which is a pretty good way to launder money. Yeah, you send, you know, basically what happens is you get, you get some cash. You put that cash into the banking system and then you buy cryptocurrency with it, and then you send that cryptocurrency away. That really helps the people that you're laundering the money for. But it does leave a pretty good trail for you. I get the impression that this woman was just not good at money laundering.
[19:08]
Dave Buettner
Okay.
[19:08]
Maria Vermazes
One of the things that stood out and actually, actually raised attention was one of the banks that she had an account with paused a payment in January of $120,000 from one of the victims.
[19:20]
Dave Buettner
Oh.
[19:21]
Maria Vermazes
So she may have been getting money directly from the victims, deposited into her account, which she was then responsible for laundering.
[19:28]
Dave Buettner
Right.
[19:28]
Maria Vermazes
That's not a good way to launder money because that's all traceable. You know, you need something untraceable to launder money.
[19:34]
Dave Buettner
Yeah. My understanding just from like having side conversations with some of the, like, FBI folks that I've chatted with over on Cyberwire, is that the tools that they have available to them for tracking things, even through cryptocurrencies and mixers and all that kind of thing, have come a long way.
[19:55]
Maria Vermazes
They've gotten a lot better. Yeah, yeah. And now they're able to trace it across different blockchains so they can make the association like, this person sold X number of dollars in Bitcoin. And look, they took possession of. Somebody took possession of almost exactly that amount of ethereum.
[20:15]
Dave Buettner
Right.
[20:16]
Maria Vermazes
So let's assume that's the same transaction and you know, those are two ends of the transaction. And let's go follow that Ethereum and see where it goes.
[20:24]
Dave Buettner
Yeah, interesting.
[20:25]
Maria Vermazes
Yeah, because those are all open, open blockchains. There's no privacy preservation on them. And a lot of crypto exchanges are not dealing with the privacy preserving cryptocurrency like Monero. They're not dealing with it anymore. And because of exactly the concern of money laundering.
[20:43]
Dave Buettner
Right.
[20:44]
Maria Vermazes
So my next story is actually from Yahoo News and it looks like it's sponsored by Moneywise. I don't know how Yahoo News works, Dave. Do you? Is it an aggregator? Is it actual reporting?
[20:56]
Dave Buettner
I have no idea.
[20:59]
Maria Vermazes
The author is Danielle Antos, and this story is about a new jackpotting scam, which is an ATM hack. So are you familiar with the idea of ATM jackpotting?
[21:14]
Dave Buettner
Is that where I use technical means to have the ATM spit out money?
[21:20]
Maria Vermazes
Yes.
[21:21]
Dave Buettner
Okay.
[21:21]
Maria Vermazes
Yes. I think Jack Resider had an episode of this on Darknet Diaries a while ago.
[21:27]
Dave Buettner
That sounds like. Yeah, that sounds right up his alley.
[21:29]
Maria Vermazes
Right and one of the things they'll do is if you can get into an ATM and you can change the value on what they call the cassettes, which are the things that hold the bills.
[21:41]
Dave Buettner
Right.
[21:42]
Maria Vermazes
And you tell it that the $20 bill container contains $1 bills.
[21:45]
Dave Buettner
Right.
[21:46]
Maria Vermazes
And then you go in, you make withdrawal from your account for $3, and you get $60 out.
[21:52]
Dave Buettner
Right?
[21:52]
Maria Vermazes
Right. And then you just made $57 in. In free money. So how this is working is they're going in, they're picking out receipts, and that's what the camera shows. They're picking up receipts, and then they're doing something at the ATM and getting money out. Now, the underlying way they're doing this, and they're on the phone when they're doing this, so they're coordinating with somebody remotely.
[22:15]
Dave Buettner
So this is a receipt from the atm. From the atm. So in other words, you and I go to withdraw money, we get our receipt, and we just cast it aside.
[22:24]
Maria Vermazes
Drop it on the trash.
[22:25]
Dave Buettner
Right. Okay, gotcha.
[22:26]
Maria Vermazes
They're picking some of those up out of the trash, they're taking pictures of them, and they're on the phone with somebody. And I think it looks like it's really timing sensitive.
[22:35]
Dave Buettner
Huh.
[22:36]
Maria Vermazes
So apparently there's some kind of glitch in. Or I shouldn't say glitch. This is actually probably a vulnerability that needs to be patched where there is a delay in the. From when the money is dispensed to when the transaction is finalized.
[22:52]
Dave Buettner
Huh.
[22:53]
Maria Vermazes
So the money comes out, somebody who has backend access to the ATM cancels the transaction, but the money's already been dispensed.
[23:03]
Dave Buettner
Huh.
[23:04]
Maria Vermazes
So no accounts are being impacted. Nobody's losing money except the bank.
[23:09]
Dave Buettner
Okay.
[23:10]
Maria Vermazes
And there is kind of an upside to this story, and that is that they've already arrested a few of these people, and seven people have been charged so far. Two were arrested in Harris county, and two more are in custody in Miami. And the suspected US US Side coordinator, Vitaly Moraval, is an alleged Ukrainian war refugee on a humanitarian visa, and he's also facing related charges in Georgia and Florida. So this is something that's going on. They think they're working with a. What the article describes as a big boss who might be back in either Ukraine or Russia.
[23:51]
Dave Buettner
Right.
[23:52]
Maria Vermazes
And that. That's the. That's the organization that's doing the hacking into the back end of the atm.
[23:57]
Dave Buettner
Yeah.
[23:57]
Maria Vermazes
And they're walking up conducting some kind of transaction and having the transaction canceled after the money's dispensed. That seems to be the way it's going.
[24:04]
Dave Buettner
So there's something on that receipt that they can then use to get when they're back getting backdoor access to the machine.
[24:13]
Maria Vermazes
Yeah, somehow I think it might be an identifier for the machine.
[24:16]
Dave Buettner
Interesting.
[24:17]
Maria Vermazes
There might be some kind of identifier for the machine and the receipt.
[24:20]
Dave Buettner
And they just empty it of cash.
[24:21]
Maria Vermazes
They are emptying these things of cash? Yeah, They've gotten over a quarter million dollars out of these things.
[24:27]
Dave Buettner
Wow. Well, I guess the good news is there is just taking it from the machine, not from some poor innocent victim's account.
[24:34]
Maria Vermazes
Correct? Yeah, yeah.
[24:36]
Dave Buettner
Correct.
[24:37]
Maria Vermazes
Still. Yeah. It's still going to cost everybody in the long run.
[24:41]
Dave Buettner
Right. And if you're coming up to get your own money and the machine's empty, no cash for you.
[24:47]
Maria Vermazes
That's right. That's kind of a minor inconvenience, though.
[24:51]
Dave Buettner
Right, Right. Right. All right, well, that's interesting. Well, we will have links to both of your stories here in the show Notes, and of course, we would love to hear from you. If there's something you'd like us to consider for the show, you can email us. It's hackinghumans2k.com we'll be right back after a quick message from our show sponsor. So let's return to our sponsor, ThreatLocker. ThreatLocker is a zero trust endpoint protection platform that strengthens your infrastructure from the ground up. Where traditional cybersecurity tools require you to create a list of things you don't Want to Run, ThreatLocker enables you to easily curate an allow list of everything you need in your environment and network and block everything else by default. With ThreatLocker allowlisting and ring fencing, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware. The ThreatLocker Zero Trust endpoint protection platform deploys in a learning mode that analyzes the operations of your company, using machine learning to assist you in developing your allow list for approved applications, what they can do on the endpoint, what can interact with your data and even east and west network traffic. We thank ThreatLocker for sponsoring our show. All right, we are back. And Joe, it is time for our catch of the day.
[26:47]
Maria Vermazes
Dave, our catch of the Day comes from Montclair University, New Jersey. Yeah, it's a phishing file that they, that they've discovered somebody is sending. We've, we've had stories like this before.
[26:57]
Dave Buettner
Yeah.
[26:58]
Maria Vermazes
From universities where they're sending around warnings about somebody impersonating faculty.
[27:04]
Dave Buettner
Well, in Montclair, to their credit, they have a web page where they aggregate phishing attempts that have come in to their staff and students.
[27:15]
Maria Vermazes
Yes.
[27:16]
Dave Buettner
So if you can go in and peruse them. And that's actually where I found this one. Someone pointed me to it that it's a nice little collection of. And it's sort of. They're adding to them day by day, real time, so.
[27:29]
Maria Vermazes
Excellent.
[27:29]
Dave Buettner
Kind of neat. Joe, you have had a camper in your life. Yeah, right.
[27:35]
Maria Vermazes
I'm trying to sell it. Dave. For sale 2019 Grand Design Reflection yeah.
[27:45]
Dave Buettner
Well, this is an email going out to faculty and staff at Montclair. The subject is opportunity to own a free 2014 Airstream Sport 16 foot travel trailer.
[27:56]
Maria Vermazes
Ah, now see, that's a nice travel chair.
[27:59]
Dave Buettner
This was my next question. That is a nice one. Airstream generally pretty good, right?
[28:03]
Maria Vermazes
Airstreams are built solid. They don't put slide out so you don't get the extra room. But they have a reputation for like, lasting forever.
[28:12]
Dave Buettner
They're the big, like aluminum, polished aluminum Twinkies.
[28:16]
Maria Vermazes
It's a polished aluminum Twinkie.
[28:18]
Dave Buettner
That's what they always think of the Apollo program with Airstreams.
[28:22]
Maria Vermazes
Yeah. Because that's where they put them right after they got back from the moon.
[28:26]
Dave Buettner
Yeah. All right. It goes. Dear faculty staff, I hope this email finds you well. I'm writing to inform you that so and so associate professor of Montclair State University has expressed her willingness to donate her late father's 2014 Airstream Sport 16 foot travel trailer, 7,000 miles, sleeps four, has a color TV, radio, microwave, propane heater, electric AC heater unit. If you are interested this Airstream Sport, please indicate your interest by sending an email to arrange inspection and delivery or pick up with a moving company. Please write so and so with your personal email and not with school email for a swift and fast response.
[29:08]
Maria Vermazes
Right, yeah. So that our notice. They're trying to move you off platform right away. Right, right.
[29:14]
Dave Buettner
Get you off of the school email.
[29:15]
Maria Vermazes
Yeah. Where. Where you might have. Might be protected from this. Yeah. So this is. I. I don't.
[29:22]
Dave Buettner
I.
[29:23]
Maria Vermazes
My, My daughter was thinking about buying a trailer, a travel trailer at some point in time. And here's a free one.
[29:29]
Dave Buettner
Right?
[29:29]
Maria Vermazes
Here's a free one. She saw one on Facebook Marketplace and said, hey, I'm interested in this. And the woman's like, oh, yes, my husband passed away and now it's all shrink wrapped And. And set up and she begins the whole process. And it's one. We actually had that scam on this show.
[29:47]
Dave Buettner
Yeah.
[29:47]
Maria Vermazes
And when she showed this to me, she says, this a scam. I'm like, oh, yeah, that's a scam. That's the same scam as. As, you know, we've been talking about that recently.
[29:54]
Dave Buettner
Yeah.
[29:55]
Maria Vermazes
So I don't know what the scam is here, though. Maybe you. Oh, maybe you have to pay delivery fees.
[30:00]
Dave Buettner
Yeah, I mean, I suspect so. It reminds me of the grand piano scams.
[30:05]
Maria Vermazes
Right. Yes.
[30:06]
Dave Buettner
Same sort of thing.
[30:06]
Maria Vermazes
Sounds very.
[30:07]
Dave Buettner
Thing where similar free piano. You just have to pay to have it shipped.
[30:10]
Maria Vermazes
Right.
[30:11]
Dave Buettner
And of course, there's no piano, there's no shipping. You pay and that's it, $200. One thing struck me here, Joe, that I don't know about trailers.
[30:20]
Maria Vermazes
Right. Maybe I can help.
[30:21]
Dave Buettner
Well, that's what I'm getting at. It says 7,000 miles.
[30:25]
Maria Vermazes
Right.
[30:25]
Dave Buettner
Do trailers have odometers?
[30:27]
Maria Vermazes
They do not.
[30:27]
Dave Buettner
Okay.
[30:28]
Maria Vermazes
So, okay, like I can tell you about how many miles my trailer has been driven, right. It's around a thousand, but I can't give you an exact number.
[30:37]
Dave Buettner
Okay.
[30:38]
Maria Vermazes
You know, I know where it's been.
[30:40]
Dave Buettner
You know how many. Let's say this trailer. It's not the years, it's the miles. This trailer has seen some bad campgrounds.
[30:47]
Maria Vermazes
Right. So, yeah, it's, you know, mine was driven from where we got it, where we bought it, which is up in Thurmont, and it was driven down to the Eastern shore of Virginia and Delmarva Peninsula, then up to Gettysburg, and now it's been driven back down to Carroll County, Maryland, where it is awaiting sale.
[31:07]
Dave Buettner
Okay.
[31:08]
Maria Vermazes
So, yeah, we. It's. Trailer lifestyle is a great. You know, trailer camping is a great lifestyle. If you're going to do it, you know, it's worth getting a trailer if you're going to be, you know, doing a lot of traveling and you're. You're going to be up at the trailer every weekend or up at the camper or whatever.
[31:25]
Dave Buettner
Right.
[31:25]
Maria Vermazes
Last year we didn't get to go once, which was a shame. Yeah, we didn't.
[31:29]
Dave Buettner
I.
[31:30]
Maria Vermazes
It is the. I never de. Winterized it from the previous year, so it's just not fitting our lifestyle anymore.
[31:36]
Dave Buettner
Yeah.
[31:36]
Maria Vermazes
So, I mean, you got to make the decision, but it's.
[31:41]
Dave Buettner
You enjoyed it while you had it?
[31:42]
Maria Vermazes
I did. I did enjoy it at the time. The time we had at it was had like on the Eastern Shore and up in Gettysburg was pretty good. Yeah, very nice.
[31:49]
Dave Buettner
So the 7,000 miles is a little bit of a tell that.
[31:52]
Maria Vermazes
Yeah.
[31:53]
Dave Buettner
It's not a thing.
[31:54]
Maria Vermazes
Yeah. How do you know how many miles it has on it? I mean, you could approximate it. Like, I could say mine has about a thousand miles on it, but there is no odometer. No.
[32:01]
Dave Buettner
Okay. Interesting. All right, well, that is our catch of the day, and of course, we would love to hear from you. If there's something you'd like us to consider for the show, please email us. It's hackinghumans2k.com and of course, we want to thank this week's sponsor, ThreatLocker. Go to threatlocker.com HH and check out their Zero Trust endpoint protection platform. That's the words threat and locker with no space.com HH where you can request a demo and neutralize the threat of malware running on your devices.
[32:42]
Maria Vermazes
Foreign.
[32:49]
Dave Buettner
And that is hacking humans. Brought to you by N2K CyberWire. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to hackinghumans2k.com this episode is produced by Liz Stokes. Our executive producer is Jennifer Ibin. We're mixed by Elliot Peltzman and Trey Hester. Peter Kilpe is our publisher. I'm Dave Bittner.
[33:20]
Maria Vermazes
And I'm Joe Kerrigan.
[33:22]
Dave Buettner
Maria's not here. Thanks for listening.