Yeti or not, it’s a scam.

Maria Vermazes

You're listening to the Cyberwire Network, powered by N2K.

Dave Bittner

Hello, everyone, and welcome to N2K, CyberWire's hacking humans podcast, where each week we look behind the social engineering scams, phishing schemes, and criminal exploits that are making headlines and taking a heavy toll on organizations around the world. I'm Dave Bittner, and joining me is Joe Kerrigan. Hey there, Joe.

Joe Kerrigan

Hi, Dave.

Dave Bittner

And our N2 colleague and host of the T Minus Space Daily podcast, Maria Vermazes. Maria.

Maria Vermazes

Hi, Dave. And hi, Joe.

Dave Bittner

We've got some good stories to share this week, and first of all, let me just say welcome back to both of you.

Joe Kerrigan

Yeah, sorry, Dave.

Maria Vermazes

Wait, you were out too?

Joe Kerrigan

Yes, I was. Yeah. I was planning on being there.

Dave Bittner

Yeah.

Joe Kerrigan

But then. Yeah, something.

Dave Bittner

Joe has this thing called a career, and it's unlike you and me, Maria. His career does not focus around recording podcasts.

Joe Kerrigan

I try to make it so. I try to make it so it does. I try to block this time out so I can be here.

Dave Bittner

Yeah.

Joe Kerrigan

Very important.

Maria Vermazes

How dare you.

Dave Bittner

90% of the time that works out. But every now and then, you know, Joe, Joe's an important person. He's dealing with issues of national security.

Joe Kerrigan

And I don't know if all that's true.

Dave Bittner

President. Sometimes the president calls him into the Oval Office and says, joe, Dave, come on.

Joe Kerrigan

Trying to keep. Keep my employment with the Trump administration on the down low.

Maria Vermazes

You're canceled, Joe, you go.

Joe Kerrigan

I do not work for the Trump administration.

Dave Bittner

No, no, you do not. You do not. All right, let's do some follow up here. First of all, before we dig into listener follow up or anything like that. Joe, you have a new Facebook profile.

Joe Kerrigan

I do, I do. This was taken just a couple of days ago at my daughter's house at the chicken coop. And I grabbed one of the chickens and I picked her up and I was holding her and my wife or my daughter was there, and she goes, I'm going to take a picture of you in portrait mode and you can make this your new profile pic. So I struck a pose.

Dave Bittner

Yes.

Joe Kerrigan

Looking very stately, I think. Yeah.

Dave Bittner

Looking wistfully off to the distance.

Maria Vermazes

Oh, my goodness.

Joe Kerrigan

Held the. Held the chicken and held the pose. And my daughter snapped a picture of me that's actually not one that I finally. I don't look and go, man, I look like a big fat guy in this picture. So you look good. Yeah. The chicken is comfortable. She was very nice, actually. Once I held her and once I got her comfortable, she didn't want me to put her down. She Was loving it. Yeah, it's nice.

Dave Bittner

What kind of chicken is that?

Joe Kerrigan

This is a Wyandotte.

Dave Bittner

Okay.

Joe Kerrigan

They're not laying yet. They're all Wyandottes. But the, you know, the roosters, the two roosters are still in the garage. They're getting bigger. And soon they'll be ready to go out here with the ladies to protect them from would be predators right now.

Dave Bittner

Have there been any signs of would be predators sniffing around?

Joe Kerrigan

Well, the insider threat is still around. You know, this is the dog that killed the last batch of chickens.

Dave Bittner

I see.

Joe Kerrigan

She took a charge at one of the chickens while I was in the coop and like, just smashed her face into the hardware cloth we have on the side of the coop.

Dave Bittner

Oh.

Joe Kerrigan

And, you know, looked really stupid.

Dave Bittner

Yeah.

Joe Kerrigan

You know, after doing that, like, I can't believe I did that.

Maria Vermazes

Oh, man, that must hurt.

Joe Kerrigan

My goodness.

Maria Vermazes

That stuff's not. Yeah.

Joe Kerrigan

My daughter is saying that the dogs are always around there peeing on the ground. So she thinks that's going to keep, like, foxes and coyotes away. I hope it does. I don't know that it does. It certainly does not keep groundhogs away. I will tell you that right now. They've got a groundhog.

Maria Vermazes

Nothing keeps groundhogs away.

Joe Kerrigan

Yeah. Groundhogs fear no man or dog. No man nor beast.

Maria Vermazes

This is true. Well, it's a very regal picture of you, Joe. Honestly, like, in the perspective is really nice with the hardware cloth. Like, given that really nice vanishing point perspective. It's very cool. I never thought I'd say someone holding a chicken would be really cool. That's a cool photo.

Dave Bittner

Yeah.

Joe Kerrigan

Two people made similar comments on the photo. One of them said, I thought you were free range Joe, because I'm actually inside the coop and another hashtag free Joe.

Dave Bittner

That's right. Right. So what happens when Joe's got a disagreement with Lisa? He goes and he goes and it's a euphemism. In the Kerrigan house, Joe spends a little time out in the chicken coop.

Joe Kerrigan

Not the doghouse.

Maria Vermazes

The chicken coop, not the doghouse. That's right.

Dave Bittner

Go cool down and enjoy some eggs.

Joe Kerrigan

Right.

Dave Bittner

Yeah.

Joe Kerrigan

So the doghouse is the big house that we live in, you know, because the dogs have a nice comfortable bed to lay on and they share it with me when I go to bed. It's nice.

Dave Bittner

All right, we got some other follow up here, Joe. What do we got?

Joe Kerrigan

So a couple weeks ago, I can't remember who it was that had this story, but one of us had the story about the Arizona Woman who was indicted for helping North Koreans fake that they were in the United States. And then These guys funneled $17 million to North Korea.

Dave Bittner

Yeah.

Joe Kerrigan

And she has been sentenced for her role in this to eight and a half years in prison.

Dave Bittner

Wow.

Joe Kerrigan

Yeah. So that's. There's some closure on that story.

Dave Bittner

Yeah. All right.

Joe Kerrigan

She's 50. She'll be 58 and a half when she gets out.

Dave Bittner

Okay.

Joe Kerrigan

Possibly 59.

Dave Bittner

Some justice done.

Joe Kerrigan

Yep.

Dave Bittner

All right. Well, of course we would like to hear from you, our listeners. If there's something you'd like us to consider for the show, you can email us. It is hackinghumans2k.com and now a word from our sponsor. ThreatLocker, the powerful zero trust enterprise solution that stops ransomware in its tracks. Allow Listing is a deny by default software that makes application control simple and fast. Ring fencing is an application containment strategy, ensuring apps can only access the files, registry keys, network resources, and other applications they truly need to function. Shut out cybercriminals with world class endpoint protection from Threat locker. So I'm gonna kick things off with our stories this week. And this. There's no link to this. Cause this is a personal story.

Joe Kerrigan

Okay?

Dave Bittner

And friends, I went down a rabbit hole.

Maria Vermazes

Okay?

Dave Bittner

I. Chasing a wild hair. I'm. I'm doing what I do on Facebook. Which is what, Joe, what do I do on Facebook?

Joe Kerrigan

Doom Scroll, Dave, what else? Oh, and you also report the ads you see.

Dave Bittner

Okay, One more thing. You'll get there. You'll get there.

Joe Kerrigan

You comment on my pictures. You were the first one to comment on this new picture, by the way.

Dave Bittner

I was minding my own business, Joe.

Joe Kerrigan

You're minding your own. That's right. Minding your own business. Sorry.

Dave Bittner

Minding my own business.

Joe Kerrigan

Walking down the street.

Dave Bittner

Right. Just scrolling through Facebook, minding my own business, and something comes by on my Facebook feed, and it is a sponsored post from an individual, and it is someone with a way to get yourself a free or nearly free Yeti cooler. Okay, now we're familiar. For folks who may not be familiar with Yeti coolers or Cult of Yeti.

Joe Kerrigan

Yep.

Dave Bittner

Yeah. It's a brand of insulated products.

Joe Kerrigan

And they're very well insulated.

Dave Bittner

Yes.

Joe Kerrigan

But they are not cheap.

Dave Bittner

No.

Maria Vermazes

Yeah. For some reason in America, we really like our insulated cups, like Stanley's yetis, You name it. There's all these different brands. We love them. I don't get why, but it's our thing, right?

Dave Bittner

And they make backpacks, they make coolers, and it is a premium brand, so they are not cheap and so they're also desirable. It's a well known brand. People like them. All that good stuff. So this particular ad that scrolled by that caught my eye, it reads like this. It says, this is from someone who claims to be Ava Davis. It says, my father dedicated seven years of his life to Dick's Sporting Goods Store, and when he turned 50, they fired him, threw him out like a rag. So I want to share something that only employees and their families know. There's a loophole in the store's website where you can get a Yeti hopper for almost free. You just need to answer a few questions, leave a review, and the backpack is yours. They don't advertise this because they want only employees to use the offer. I have nothing to lose anymore. So I'll post the link in the comments, answer the questions, and get your Yeti backpack. If you want, you can share it with your friends too. Maybe it's not completely right, but please try to understand me. It's unfair for the company to act like this. Okay.

Joe Kerrigan

Rage bait.

Dave Bittner

Yeah.

Joe Kerrigan

Wow.

Dave Bittner

I mean, we all want to put one over on the man, right?

Joe Kerrigan

Yeah.

Maria Vermazes

Got nothing left to lose. Here's a Yeti cooler. Yeah, that follows.

Dave Bittner

I'm sharing a discount code on a yellow Yeti. Yeti Cooler.

Joe Kerrigan

That'll show him.

Dave Bittner

Yeah, that's right.

Maria Vermazes

Stick it to him. Stick it to the Yeti.

Dave Bittner

Yeah. Yeah.

Joe Kerrigan

That's the last thing I want to stick anything to.

Dave Bittner

Hey, Ava led a simple life, but when the time came, she stuck it to the Yeti and to Dick's Sporting Goods.

Maria Vermazes

It's better than saying, yeah, this set.

Dave Bittner

Off my radar just a little bit. And I thought to myself, okay, first of all, why is this a sponsored post, right? Why would somebody be paying money to put this in front of me if it's just an individual sharing their good fortune of having this discount code on this Yeti cooler. So I click through on this profile and I see that this person has 0 friends and 0 followers.

Joe Kerrigan

Is it a new profile?

Dave Bittner

Don't know. But they list their profession as a digital creator. There are a few family photos, and then all the rest is pictures of yeti products.

Maria Vermazes

Okay, that tracks. Okay.

Dave Bittner

Yeah. So I do myself a little search on Facebook for free Yeti Cooler. So I come across the pre mentioned. Ava Davis is one. I come across Emily Johnson. Emily Johnson. Also zero likes, zero followers. And in her profile, my father dedicated seven years of his life to Dick's Sporting Goods store. When he turned 50, they fired him threw him out like a rag. So the exchanges.

Maria Vermazes

Like a rag.

Dave Bittner

Like a rag, like a rag.

Joe Kerrigan

Everybody gets thrown out of dicks like a rag. I guess like a rag.

Dave Bittner

Found another one. This is Charity Allen. She has different. Slightly different angle here. Do not, repeat, do not purchase a Yeti Camino. Because my husband works at YETI and told me most people don't know that if they answer a short survey, they can get a cooler bag. I've already checked it out and received my bag. I've attached a picture. I'll leave a link in the comments. He sent it. You can fill out the survey.

Joe Kerrigan

Are they the same pictures?

Dave Bittner

No, this is a different product. Different Yeti product.

Joe Kerrigan

Okay.

Dave Bittner

Okay, so here's. So before I dig into my unpacking of this, let me ask both of you in turn, what do you think's going on here?

Joe Kerrigan

What do I think the end game is here?

Dave Bittner

Yeah. So let's just base level and all agree this is a scam.

Joe Kerrigan

Yes.

Dave Bittner

Okay.

Joe Kerrigan

Yes, a scam. It is a scam. 100% a scam.

Dave Bittner

Okay.

Joe Kerrigan

How do they scam you? How do they get you?

Dave Bittner

What do you think the scam is? What do you think's going on here? What. Why are they doing?

Joe Kerrigan

I think you enter a bunch of information on a survey site which is just a way that they can then monetize that by selling the data. And then you also. They may also contact you and say, hey, we're getting ready to send you Yeti cooler, but I need like you to send me like the $25 fee or something like that or. Because it's not saying that it's free, it's saying that it's really reduced price. Now a Yeti. I know my cup, my 20 ounce tumbler was like $40. Yeah, right. So if they're selling this cooler for like, which they typically go for like $200, that's where they start. If they're going to give that to you for $25 and you think you're getting a good deal, maybe that's the scam. They're just gonna make 25 bucks off you.

Maria Vermazes

Yeah, Maria, I mean, I had two thoughts on this. One was that maybe it could be a way to AstroTurf reviews if it was asking for a review, but it's not. I did not click the link. You'll be very proud of me. I did not click it. Oh, Maria, I know, but I did look at the URL. I'm just looking at it. I'm not clicking it. And it's one of those very spammy looking quiz websites that could. Where they usually have a gajillion ads on it. And I'm sure the ads are all very malicious and do all sorts of nasty stuff. That's why I'm not clicking it. So yeah, to me it just smells like an astroturfing, basically. So. But it's, it is interesting. The, the Facebook profiles that you mentioned, the addresses they all show are all for like major metropolitan areas like New York City specifically, or Austin, Texas or Toronto. Like, they're, they're, they're being very generic. I don't think they're even really trying to hide this. It seems very low effort.

Joe Kerrigan

Right. So can I tell you something that has, I, I have found that is almost, almost identical. The scam is almost. Well, I don't know if it's an identical scam, but it's almost an identical thing that's happening.

Dave Bittner

Okay.

Joe Kerrigan

Dave and I, Maria, we're both now amateur radio operators at the general level, which means we have a lot more operating privileges than I have had for the past 10 years. Dave was my inspiration for going out and getting my general license, by the way.

Maria Vermazes

Oh, congrats though. That's cool.

Joe Kerrigan

I'm going to go do that.

Maria Vermazes

Yeah.

Joe Kerrigan

So when are you using Cooler? Right. I don't have anything that I can use to communicate, to use my general privileges. Right. So I don't have an HF transceiver. All I have are like two little VHF, UHF transceivers that I can already use as a technician. So I need to go out and get a new high frequency transceiver. And I'm cheap, so the first place I go to look for it is Facebook Marketplace and I just type in hftransciever and I do local and all it is is ad after ad after ad after ad, pages of it for the. I'm going to say this wrong. Zaegu Zaeq Z I E Q.

Dave Bittner

Yeah.

Joe Kerrigan

Yeah.

Dave Bittner

I would have had it if you hadn't said it.

Joe Kerrigan

Right. It's a Chinese radio.

Dave Bittner

Right.

Joe Kerrigan

It's an STR software defined radio and it's, it's the model number X6200. If you look this up online and you can find them online, it is a real radio and I hear a lot of people talking about how good they are despite the fact that they cost around like $400.

Dave Bittner

Right, right.

Maria Vermazes

Okay.

Joe Kerrigan

They're selling all over this site for $96. Every single ad is for $96.

Dave Bittner

Yeah.

Maria Vermazes

Like it's all scams oddly specific. Yes.

Joe Kerrigan

Oddly specific, right?

Dave Bittner

Yeah.

Joe Kerrigan

And I did the same thing you did. I went down the same rabbit hole. I started clicking on the. The ads and seeing who was posting it. It was somebody that just joined Facebook, which is why I asked that question.

Dave Bittner

Yeah. So, Maria, you are on the right track here. I did the same thing that you did. I started looking at all the URLs for these, and they're all spammy URLs. None of them actually go to YETI. Right. So the one I'm looking at right now is promo Official Pro, you know, and so they go to these survey sites, these coupon sites. I don't know if the people who are running this get some kind of payoff for every person who clicks through. That's possible. Certainly for everyone who signs up to get the YETI bag. Now, let's keep in mind, nothing is truly free. So the $10 you're paying or whatever, you're giving them some kind of payment information, so you're putting that at risk. The other thing I noticed in here is when you go through the comments on a lot of these, you'll see other people saying, I was skeptical, but I did it, and it works. I got my bag last week.

Joe Kerrigan

Right.

Dave Bittner

And if you click through on those people, they're the same people.

Joe Kerrigan

It's the same network of people.

Dave Bittner

Right. Same people, zero followers, zero friends, zero integrity.

Joe Kerrigan

Right.

Dave Bittner

But to a casual viewer, you could see how this would be attractive because it is a good deal on something, and they're pressing all sorts of emotional buttons. Right. Like, listen, hey, everybody, here's a secret. I have an insider bit of information that not everyone has that I'm going to share with you. So you look at that and you think, oh, I'm going to get this thing for cheap. And then you look through the comments and you say, well, gosh, other people are saying that they've gotten this, so it must be legit. And I'm willing to bet it ain't.

Joe Kerrigan

No.

Maria Vermazes

Yeah. Because insider deals are famously blasted publicly on Facebook all the time. Right, Right. Definitely. This is where the exclusive information goes. Yeah. And yeti. And yet people fall into it all the time.

Dave Bittner

And yeti, see what I did there?

Joe Kerrigan

I do.

Maria Vermazes

Yes.

Dave Bittner

It is very frustrating to me the degree to which Facebook does not tamp down on these things.

Joe Kerrigan

Yeah.

Maria Vermazes

These are not even trying. That's the thing that's amazing. You can tell instantly these profiles are scammy because, as you said, no followers, no friends, one or two photos that I'm Sure. Were stolen from a legitimate profile. And for fun, I looked at some of them. They actually have a street address thing as their actual address. Did you click through any of these? Because one of them goes directly to the Museum of Jurassic History in Los Angeles. Ah. Like, there's no effort being put here. This is, like, such an obvious scam. And yet I. When I was. I think I mentioned this to you all a few months ago when I had to rejoin Facebook. Or maybe I only mentioned this to my husband. I can't remember who I told. I didn't want to make a brand new profile. I. I didn't want to make a legitimate profile. Rather, I wanted to make a brand new profile that was just fake because I wasn't going to use it to contact friends or anything. I was just trying to read my town's news, and that was it. And Facebook wouldn't let me. It's like, no, you're clearly. You're clearly fake. We know that you're a real person. You need to use your real name. It's like, you know, I just wanted to be anonymous, just to read an article. I can't believe that they're forcing me to use real info, and yet these scammers are clearly better at it than I was. So I. I need to put my address as the Museum of Jurassic History in Los Angeles. Jeez.

Dave Bittner

Yeah.

Maria Vermazes

What the hell?

Dave Bittner

All right, so I put it all out there. Just as a little bit of warning to our listeners. Spread the word for these sorts of scams. To Joe's point, there are dozens of these, probably hundreds of these. If there's something that you're interested in, somebody's running this kind of scam about that type of thing.

Joe Kerrigan

Yes.

Dave Bittner

They're just. There's no escaping them. So for me, the initial red flag was the fact that this was a sponsored post coming from an individual. And then there's so many other red flags of this being a scam, just if you dig in the tiniest little bit. So beware. And if you're curious, if you want to check these out, just go on Facebook and do a search for Yeti Cooler. Free Yeti Cooler. And you'll find they'll. They'll just pop up all over the place.

Joe Kerrigan

Or HF transceiver.

Dave Bittner

There you go. All right, that's my story this week. Maria, you're up next. What do you got for us?

Maria Vermazes

Well, I've got one that's a bit geopolitical. And admittedly, my angle for this is that I live next to one of the cities with the largest Cambodian diaspora in the United States. I live next to the city of Lowell. So there is a large Cambodian population and always has been as long as I've been alive. And there has been an armed conflict between Thailand and Cambodia that has flared up in recent. The recent weeks, if not months. And there's a reason I'm talking about this on this show. So just for context, for people who don't know about this conflict or aren't up to date, the armed conflict that has sort of reignited between these two nations has currently left about 33 people dead and forced tens of thousands of civilians to flee their homes. And this is happening along a contested border between these two countries. As of the time of this recording, the two nations are in a ceasefire with Thailand saying Cambodia is not honoring the ceasefire. And Cambodia says this is not true. So that's the current state of things. The BBC is saying that, well, this flare up in the conflict that has been lethal now and then for decades started in 2008 when Cambodia tried to lay claim to an 11th century temple in the disputed border area. That aggravated things further with Thailand. But there was an article that I just saw on the register that says a lot of what's actually really fueling what's going on right now in this escalation is actually related to Cambodia's scam compound industry, which we have talked about many times on this show about people being basically enslaved in these scam compounds and, you know, calling people and these like phone banks not just all over Asia, but really all over the world. So a reminder about some of the stats on this. Cambodia is home to cyber scam slave camps where at least over a hundred thousand traffic victims are forced to run romance and investment frauds, which we cover a lot on this show. And many of these scam centers actually operate very close to this contested border region. So in the recent months, Thai officials have been threatening to cut off electricity and Internet to parts of Cambodia to disrupt these operations specifically. But Cambodia says this cutoff is actually in aid of Thailand's border ambitions. Nothing altruistic there about stopping the scams. So add into this mix China, because it's a huge, huge global player, especially.

Joe Kerrigan

In that region, to say that I did a story a couple of weeks ago about China working with Thailand to. To do exactly that. Cut off the power in the Internet.

Maria Vermazes

Yes, I remember. Yep, I was just thinking of that when I was reading the story. I was thinking that one of us covered it. I couldn't remember if it was You, Joe, but yes, exactly. So, as I think you mentioned at the time, Thai operations are getting support officially from the Chinese government to cut off these scams in Cambodia that are being run in Cambodia. But flip side, Chinese organized crime is running a lot of those scam centers in Cambodia, and they're actually also trafficking kidnapped Chinese citizens. So it's very messy all around. So there was this really interesting quote from an analyst named Angela Surianesi, who is a researcher at the Australian Strategic Policy Institute. And she said, while not a direct trigger, Thailand's parallel efforts to counter transnational cyber scam activities operating near the border may have contributed to the broader strategic environment in which this conflict escalated. These efforts may have contributed to a broader climate of mistrust and friction between the two governments, which. That makes a lot of sense to me, honestly, especially I. I didn't know about the actual financials of this, or maybe I've forgotten because my brain is with cheese. But according to one estimate, the scam centers, the slave scam. Slave centers. Really, I don't want to euphemize these. Are you from. I don't want to use euphemisms for what is slavery, truly.

Joe Kerrigan

Right. It is slavery.

Maria Vermazes

Yeah. Yeah. These call centers are generating an estimated $12.5 billion annually, which is half of Cambodia's GDP. And the main opposition leader for Cambodia's government, their opposition in exile, says that apparently the Cambodian government is also pocketing a lot of these profits, although allegations are ongoing. So your mileage may vary on that one. But this story from the Register I thought was really important and something that felt natural for us to just talk about, given how many times we cover these scams on the show and just really was sad. And that these scams that are enslaving people, causing so much heartbreak and turmoil around the world, not to mention the financial losses. I mean, that they're actually contributing to armed conflict where people are being killed also. I mean, it's just. It can be really easy to forget the stakes, but this is real life and death. And it's just like, wow. I don't know. I just wanted to make sure I brought it up on the show.

Dave Bittner

Yeah. I mean, it's serious stuff. And I think to your point, you don't often think about where everything flows, right? Yeah, yeah.

Joe Kerrigan

What the source of these things are.

Dave Bittner

Yeah. You know, you get a call on your phone that somebody scamming you, it might be somebody down the street, but it might be somebody on the other side of the world who's trapped In a call center and has no choice.

Maria Vermazes

Exactly. Yep.

Dave Bittner

Yeah.

Maria Vermazes

It's horrific. And then something a little footnote to this since we were just talking about Facebook, social media, like Facebook is certainly involved in all this as well as we've frequently covered, because many of the victims who've been trafficked in these call centers were initially found on social media platforms. So there is a whole flow. You can just sort of watch the whole flow from social media platforms all the way through an armed conflict where people are dying. It's like wild if you really think about that sort of domino effect. But it might sound hyperbolic to say that. But I think in this case it's not. It's true. So.

Dave Bittner

Yeah, yeah, well, and I think just to reiterate this scenario because we talked about this here before and I want to say it was probably before, Maria, you were joining us on a regular basis. The how people get lured to these places with promises of good jobs, good, well paying jobs. And then they get there and there is no job and they're kept there. They've crossed a border, their passport is taken away and they're kept there under the threat of violence or.

Maria Vermazes

Yeah. Or directly beaten if they tried to leave or.

Dave Bittner

Right.

Maria Vermazes

Families threatened, the whole thing.

Dave Bittner

Right.

Joe Kerrigan

They have drugs in these places to keep you in line.

Maria Vermazes

Yes, they do, yeah. Yep, yep, yep.

Dave Bittner

So I think, you know, the good news is that we are seeing crackdowns on a lot of this stuff. I don't know to what degree. Like the Cambodian government is merely paying lip service to this. As, as you said, Maria, there's a lot of opportunity for grift and that sort of thing when you have half their gdp.

Joe Kerrigan

Yeah.

Dave Bittner

A huge business like this where there's so much money flowing around, there's probably lots of people who are highly incentivized to keep it running, which I imagine it takes to even build it in the first place.

Maria Vermazes

Yeah, horrific. Yeah, yeah, yeah.

Dave Bittner

All right, well, we will have a link to that story in the show notes. I tell you what, let's take a quick break to hear from our sponsor. We will be right back. And now back to our sponsor, ThreatLocker, the powerful Zero trust enterprise solution that stops ransomware in its tracks. ThreatLocker Protect is the core threat locker product focused on Endpoint security, designed to prevent unauthorized software from running, control how applications interact and manage access to storage devices. Its building blocks are allowlisting, ring fencing and network control. Allowlisting is a deny by default software that makes application control simple and fast. Ring fencing is an Application containment strategy, ensuring apps can only access the system resources they truly need to function. Network control locks down access by port, source, IP or dynamically with ACLs that automatically update as IP addresses change. Shut out cybercriminals with world class endpoint protection from Threat Locker. And we thank Threat Locker for sponsoring hacking humans. And we are back. Joe, you are up. What do you got for us?

Joe Kerrigan

Well, my story comes from chamomile. I hope I'm saying that right. And I'm pretty sure I got that one chamomile Shumba from CoinDesk. And this comes via the finance.yahoo.com page. So it's the Yahoo. Finance page. There is a grand jury in Denver, Colorado that has indicted Eli Regalado and his wife Caitlin. Now, it's important to note that they are preachers at the Victoria Grace Church. And the indictment alleges that between 2022 and 2023, these two allegedly solicited nearly $3.4 million from investors looking to buy their index coin cryptocurrency from Kingdom Wealth Exchange. Okay, so already. Go ahead.

Maria Vermazes

Sorry, there are a lot of names and just.

Dave Bittner

What?

Joe Kerrigan

Right, so already we're into confusion here, right? I don't know if this index coin is indx coin. I don't know if that's like a thing that cryptocurrency crypto bros do, right? They'll make an index coin.

Maria Vermazes

Kingdom Wealth Exchange.

Joe Kerrigan

Right? Kingdom Wealth Exchange. That's their Christian. Yes, that's exactly what it sounds like.

Dave Bittner

Oh, no. Okay.

Joe Kerrigan

They have been charged with 40 counts of theft, fraud, deceit for allegedly operating this multimillion dollar cryptocurrency scam that mostly targeted churches. So the index coin, I guess. I guess this is their own cryptocurrency or their own crypto token or something. But it says the index. The article talks about the index coin white paper. Because every cryptocurrency begins with a white paper, right? In fact, bitcoin started with a white paper, but it states that this coin was, quote, engineered to grow as the cryptocurrency market explodes by benchmarking the coin to the world's top 100 cryptocurrencies, allowing users to capitalize on growth while mitigating risk.

Dave Bittner

Aha. Yeah. And you have an opportunity to get in on the ground floor, right?

Joe Kerrigan

Yep.

Dave Bittner

Okay.

Maria Vermazes

Nothing scammy about this at all.

Joe Kerrigan

All right, so we're building this crypto. This crypto coin is index coin. And what's interesting is they're benchmarking it, right? Benchmarking the world's top 100 cryptocurrencies. Sounds like they're trying to peg it to something. There are cryptocurrencies out there like stablecoin. Stablecoin will always be worth $1, and it takes some effort to do that. And I'm not entirely sure how they do it, but. So, I mean, when you start saying that we're going to be pegging this value to something else, unless you're going to go out and buy something, like you're going to do a cryptocurrency mutual fund kind of thing, but you're going to have it as your own coin, then the index coin could very well have almost no value. And in fact, that's kind of what the indictment says.

Dave Bittner

Yeah.

Joe Kerrigan

The couple targeted Christians from their church as well as other churches to buy their cryptocurrency. They were promising, of course, big returns, like you said, Dave.

Dave Bittner

Yeah.

Joe Kerrigan

The. The indictment also says that these two spent $1.3 million of the proceeds of. On the token sales on personal expenditures like home renovations.

Dave Bittner

Okay.

Joe Kerrigan

Right. Eli and Caitlin deceived prospective and current investors and did not disclose to them that they lacked the liquidity. So that's actual money. Right, Right. That.

Dave Bittner

To back up this magical coin.

Joe Kerrigan

Right. So, I mean, I guess if you're going to. I, I don't know, maybe if you actually have real money behind something, or you, you actually go out and buy real cryptocurrency with it, then you have something. But the, the in the indictment does say that this was not pegged to the value or to the average of the top 100 cryptocurrencies, but instead backed essentially by no assets once whatsoever and had no real value.

Dave Bittner

Right.

Joe Kerrigan

So a year ago, the commissioner of the Colorado Security Organization, the Colorado Securities Commissioner, his name is Tung Chen, initially filed charges against the pair. And in March, the pastor appeared in a video. In a message, he stated the charges are true. And he also said at the time that the venture was something he believes God told him to do. And here we get to my favorite quote of this article, and it's from the video that Eli posted in March. The Lord told us to walk away from our parking company. He took us into this cryptocurrency. Well, that cryptocurrency turned out to be a scam. And I said to the Lord, you told me to do this.

Maria Vermazes

Oh, my God.

Dave Bittner

Wow.

Joe Kerrigan

So I guess God's ultimately the scammer here.

Maria Vermazes

It goes all the way to the top, Gerald. Right.

Joe Kerrigan

These are not words I would like to be accountable for one day taken.

Maria Vermazes

Wildly out of context, Joe, you are in some serious trouble.

Joe Kerrigan

Right? Yeah.

Dave Bittner

Yeah.

Joe Kerrigan

So my point here is that this is one of the things we talk about a lot on this show and that is that your religious community, your faith based community comes with some already built in trust. Right, Right. And these people exploited that like crazy.

Dave Bittner

Yeah.

Joe Kerrigan

And. And made off with, with 3 point X number of million dollars from, from these other churches and other Christian investors.

Dave Bittner

Right.

Joe Kerrigan

This is not, I'm sure this is not unique. I know this is not unique to Christians. There's a. There. We'll put a link in the show notes. There was one that happened last year, actually, this was another, another Christian pastor in Florida that was indicted for a multi million dollar crypto, cryptocurrency scam. And that's that post is from the Department of Justice. So he was indicted federally. This is one of those things that sets me off, and I've mentioned this before, it's one of the things that I have built into me, into my level of distrust about other people. And that is whenever somebody approaches me and tries to demonstrate their membership in some spiritual community with me, I am instantly suspicious of that. Instantly.

Dave Bittner

So let me interrupt you here because let me ask you this question. I'll put it in front of both of you, but I'll start with you, Joe.

Joe Kerrigan

Okay.

Dave Bittner

What is your reaction when someone in good faith says to you, in describing another person, that person is a good Christian?

Maria Vermazes

It depends on who's saying it.

Joe Kerrigan

The first thing I remember to myself is, hey, every single person is not perfect.

Dave Bittner

Right, Right. Okay, that's fair.

Joe Kerrigan

And I say that you've got, I think that to myself. Normally what I just do is, oh, that's good to know. But I don't give it any credence. I really don't. Because that could be. Well, I don't know if that's why. I don't know. I've seen this go both ways. I've seen people. I was in a church community once where a guy just up and left his wife and there was no explanation as to why that happened. And everybody was like, isn't that awful? And I'm like, there's more to this story here than we know. All we have is the information that he's gone and we can't get his story. He's not talking to anybody. Yeah, we don't know what it is. I mean, he. Yeah, you're right. He could be a complete, you know, a complete heel here. But yeah, I don't know. So you know, when, when, when those kind of things come, I'm, I'm initially skeptical of that. When people tell me that that guy's a good Christian, I'm like, oh, okay, good, good that you think that.

Dave Bittner

Yeah. What do you think, Maria?

Maria Vermazes

Oh, there's, it's. I don't really do anything with that information because it really depends on who the person is who's saying that. To me, the, the. I, I grew up in a Christian community, but that, that was not really a phrase that people used in Greek Orthodoxy. It's just not really anything that's said.

Dave Bittner

Right.

Maria Vermazes

So it's sort of like, okay, are you talking about good Christianity the way I understand it or you understand it? What does that mean? Does it mean you're dogmatic and you follow a certain dogma, or does it mean something else? So it's just not enough information. So I just kind of don't do anything with that. I go, okay, right. I will wait to find out what that actually means when I get more info.

Dave Bittner

I guess where I come at it from is that I think it's coded language. Right. So it's part of it being an in group. And I think the person who says that in good faith is saying that this is someone who I believe upholds what I believe to be Christian values. And I think for some people, that would be the teachings of Jesus Christ. For some people, that would be the values of the church. You know, capital T, capital C. Right, right. But the flip side of that, and I think this case brings this to bear, is that someone can take advantage of that trust.

Joe Kerrigan

Absolutely.

Dave Bittner

And so if you have someone, like you said, Joe, these folks, these are pastors, so they're probably good communicators. They know what resonates with the people in these churches. And if they were coming at this in bad faith, as is alleged here, they would know how to short circuit that coded language to stand in front of a group and say, hey, look, we're all good Christians here. Right? Right, right. And that has power and it has meaning and can help short circuit somebody's rational mind when it comes to getting somebody to turn over their hard earned money.

Joe Kerrigan

Yep.

Maria Vermazes

Yeah, we're all good Christians here, but money is money, so please be careful with your money.

Dave Bittner

Right, right, right. And again, I think the core of this is just whether or not somebody's coming at this in good faith. You know, there's. And that's the unknown to Joe's point. It can mean so many different things.

Joe Kerrigan

Right.

Dave Bittner

You just never know. And I think part of the problem is one person may say that. Say a phrase like that, says, I think this person's a good Christian, and you or me or Joe or Maria might hear that phrase and interpret it in a completely different way.

Joe Kerrigan

Correct.

Dave Bittner

Than the person who said it.

Joe Kerrigan

It's very subjective to the listener, isn't it?

Maria Vermazes

It very much is, yeah. As I said, for me, that is a. It invites more questions in my mind. I just go, okay. Because it can be very revealing about the person who said it. And also, why are you telling me this? What are. What are you, like, what are you hoping for me to reveal by saying that to me? So, yeah, it's a very interesting question, Dave.

Dave Bittner

Yeah, it is. All right, well, prayer beware, I guess.

Joe Kerrigan

Look, if you're in a church and they start pitching a cryptocurrency, probably time to find a new church.

Maria Vermazes

Don't do it. Just do it.

Dave Bittner

Yeah, that's true. That's true.

Maria Vermazes

TL Dr. Of that story.

Dave Bittner

Instead of passing the collection plate around, we're going to put up this QR code and then you're going to buy some coins.

Maria Vermazes

You know, some churches do that, though.

Joe Kerrigan

They dot who actually has Venmo. You can donate via Venmo.

Dave Bittner

Oh, is that right?

Maria Vermazes

Careful there, Dave.

Dave Bittner

It's been a long time since I've been in a proper church, I guess. So I'm horribly outdated. So apologies to anyone I've offended. All right, we will have a link to this story in the show notes. Joe, Maria, it is time to move on to our catch of the day.

Joe Kerrigan

Dave, our catch of the day comes from me.

Dave Bittner

Oh, no.

Joe Kerrigan

Oh, yeah. All right, Dave, I'm going to let you read the catch of the day, and then we're going to get into the story behind it.

Dave Bittner

Okay, well, this comes from the folks at Xfinity, right? Formerly the company formerly known as Comcast.

Joe Kerrigan

Xfinity is the product that Comcast produces.

Dave Bittner

Okay, very good. And it says, reminder service interrupted, exclamation point. Your automatic payment was declined by your bank. As a reminder, here's a quick summary of your service suspension. Last day of Service, Friday 25th July, 2025. Please make a payment soon to avoid any downgrade quality service. If you don't make a payment within one days, we will temporarily turned off your service. There's a button that says update my account and then another button that says manage your alerts and pay your bill online. Learn more. Yeah.

Joe Kerrigan

Pretty bad fish, right?

Dave Bittner

Well, actually, I was surprised as I was making my way through it. Of the grammar errors and something this concise.

Joe Kerrigan

Right?

Dave Bittner

Yeah.

Joe Kerrigan

Right. You want to know the worst part about this email?

Dave Bittner

Go on.

Joe Kerrigan

It worked well, because I actually do notice the last day of service is Friday, July 25th. Right. So I actually was like. I looked at it, and I'm like. I click on the link, and it goes. Takes me to Verizon Wireless. And I start thinking to myself, I do have or not Verizon Wireless. I'm sorry, that was wrong. It's Xfinity Wireless Services. And it takes me there, and I'm like, I do have that one phone number that had been my phone number for the past 25 years or so, or I guess 22 years, but I can't find the phone that's associated. Do I care if this service is suspended?

Dave Bittner

Right.

Joe Kerrigan

Also, there's the issue that they've been charging me too much for this service. They should be charging me a lot less. And, I mean, maybe I just let it lapse.

Dave Bittner

So.

Joe Kerrigan

And I decide, nah, I better make sure nothing's going on. So I go ahead and I enter my. I open my password manager. My password manager, not integrated with my web browser, by the way. So it lets me go ahead and enter the password that was in the password manager, which actually, because I'm doing this at a different location, was not in sync with the actual password. So I did not surrender my actual password.

Dave Bittner

I found out lucky, lucky. So you got lucky.

Joe Kerrigan

I got lucky, okay. I got very lucky.

Dave Bittner

All right.

Joe Kerrigan

And then as soon as I enter the email, it says, give us your password. And you can see here, I put in BillyJo Jimboblose.com because I went back to do this again to take pictures of it, and the next screen is just Xfinity, Enter your credit card. And I'm like, wait a minute.

Dave Bittner

Then.

Joe Kerrigan

I check the link, and I'm like, ah.

Dave Bittner

Yeah.

Joe Kerrigan

Why'd they get me? Why'd they get me? Because they caught me when I was. Had my defenses down. They just so happened to hit me at the right time. They happened to hit me with a. With. With a bill that I know is due around now, and they happen to. To hit me with a service that I use, and I was not paying attention. I let my guard down on this one.

Dave Bittner

What did the link end up being?

Joe Kerrigan

The link is just a. Actually, did I leave it in here? I may not have left it in here.

Dave Bittner

It was just a bunch of gibberish.

Joe Kerrigan

Yeah, it was a Brazilian website. Br.

Dave Bittner

Okay.

Joe Kerrigan

And that's when I was like, wait a minute. Oh, no. So quickly, quickly, I ran to the Comcast website, the actual Comcast website, and changed my password just in case something had happened. And I went back and tested this website and said, you know, if I can put in Billie Joe, Jim Bob. And then I put in not my password. Sure enough, I just get the same credit card information page.

Dave Bittner

I see.

Joe Kerrigan

So the only thing that tipped me off was that when I. When I got to the credit card input page, there was nothing else on the page. The visual nature of it tipped me off, and I was. I was very upset with myself and embarrassed with myself. But if we can have stories about people who come on here and they talk about how they were romance scammed out of millions of dollars, I should be able to come on here and tell my story about when I get hit by a obviously bad phishing email.

Dave Bittner

Right.

Maria Vermazes

As we talk about on the show all the time. I mean, nobody's immune from this stuff. I mean, glad that you caught it. Glad that you caught it before it got any worse. But they got lucky. And that's often how it goes.

Dave Bittner

Yeah.

Maria Vermazes

Because, I mean, Internet's kind of important. So not having Internet would make me go, oh, blankety blank. So, yeah, yeah, yeah. Please don't phish me.

Joe Kerrigan

The mobile service. Right. Don't Phish.

Maria Vermazes

Please don't Phish me.

Joe Kerrigan

I'm gonna get just.

Maria Vermazes

It'll definitely work. I will click that, link tons of.

Joe Kerrigan

Phishing emails to my Yahoo email address where this came from.

Dave Bittner

I'm thinking that, you know, like, if we wanted to have a listener contest or something, we should make it so we should have the. The social engineer Joe out of his.

Maria Vermazes

Eggs contest when he freely gives them to you? Is this really difficult?

Dave Bittner

Who would be the first person who could convince Joe to part with some of his eggs once his hens start laying in a situation where Joe was not aware that he was being scammed out of eggs. Right. Wouldn't that be fun? That would be fun for everyone but Joe.

Joe Kerrigan

For everyone but me. I don't like the idea of this.

Dave Bittner

Can you imagine how paranoid Joe would be if we put that into action? Like, no one in his family would get to eat an egg.

Joe Kerrigan

Right. Certainly not my son.

Dave Bittner

Right.

Maria Vermazes

Can I have an egg, Joe? Can you send one to me?

Joe Kerrigan

My Rick rolling milk dropping son.

Dave Bittner

Yeah. Oh, hilarious.

Joe Kerrigan

The story behind that, Maria, is Dave came over to my house one day, and my son had just gotten back from the store and goes to shakes Dave's hand and drops a gallon of milk on the floor, which just shatters and spills milk everywhere.

Dave Bittner

Oh, yeah.

Maria Vermazes

Oh, God.

Joe Kerrigan

Well, that's all my son remembers about that interaction.

Maria Vermazes

Well, that's true.

Dave Bittner

I do remember that. There's a lot of milk.

Joe Kerrigan

It was.

Maria Vermazes

Yeah. I was like, that is a lot of milk.

Dave Bittner

Anybody who's dropped a gallon of milk lives. You don't forget it.

Joe Kerrigan

No, no.

Dave Bittner

We've probably all done it at one time.

Joe Kerrigan

I have done it, too. Yeah.

Dave Bittner

Yeah. All right, I tell you what. We're going to wrap things up there. Of course. We would love to hear from you. If there's something you'd like us to consider for our catch of the day, please do email us. It's hackinghumans2k.com thank you. To ThreatLocker, the powerful zero trust enterprise solution that stops ransomware in its tracks. For sponsoring hacking humans, visit threatlocker.com and that is Hacking Humans. Brought to you by N2K CyberWire. We'd love to hear from you. We're conducting our annual audience survey to learn more about our listeners. We're collecting your insights through the end of this summer. There's a link in the show. Notes. Please do check it out. This episode is produced by Liz Stokes. Our executive producer is Jennifer Ibin. We're mixed by Elliot Peltzman and Trey Hester. Peter Kilpe is our publisher. I'm Dave Bittner.

Joe Kerrigan

I'm Joe Kerrigan.

Maria Vermazes

And I'm Maria Varmasis.

Dave Bittner

Thanks for listening.