Srsly Risky Biz: China Fights Scam Compounds … For China - Risky Bulletin

Summary6 min read

Risky Bulletin Podcast Summary

Podcast: Risky Bulletin (Srsly Risky Biz)
Hosts: Amberly Jack (A), Tom Uren (B)
Episode Date: January 15, 2026
Episode Theme:
This episode delves into China’s recent crackdown on scam compounds—especially those targeting Chinese citizens—and examines US cyber operations in Venezuela, reflecting on the evolving role of cyberwarfare in military planning. The conversation draws on recent news and Tom Uren’s Seriously Risky Business newsletter.

Main Topic 1: China’s Crackdown on Scam Compounds … But Whose Safety?

1. Background and Recent News

Context:
China has handed down life sentences and even death penalties related to scam compounds after the extradition of alleged kingpin Chen Xu from Cambodia. This has sparked international attention.
- Amberly Jack [00:43]: “This is great news. But you’ve looked into that and… it may potentially not be great for anyone that’s not in China.”
What are scam compounds?
Large-scale criminal enterprises, often located in border areas of Myanmar, Southeast Asia, and now shifting to other regions. They run “pig-butchering” scams targeting individuals online, frequently subjecting people to forced labor.

2. Analysis of China’s Motives

China’s Actions Are Reactive & Self-Interested
- China’s interventions typically follow viral domestic media outcry—especially when incidents involve Chinese citizens (e.g., high-profile rescues).
- Tom Uren [01:32]: “Every time they take action against scam compounds, it’s because there’s some internal media, domestic media, [that] forces them to act… not a long term strategic plan.”
Role of the Three Brotherhood Alliance
- China previously permitted ethnic rebels (the Three Brotherhood Alliance) to attack Myanmar’s ruling junta partly to “clean out scam compounds.”
- The rebels’ criminal-fighting role was unusual and suggested Chinese influence.
- Tom Uren [02:50]: “That alliance, which was known as the Three Brotherhood Alliance, one of its goals was to clean out scam compounds. That’s a strange goal for an ethnic rebel group…”

3. Rapid Response—But Only for the Right People

Striking Examples of Speedy Rescue
- High-profile cases (e.g., a Chinese actor lured to a compound) received rapid intervention once their story went viral.
- Tom Uren [05:20]: “…if the right people talk to the right people, we'll pull out this particular individual.”
- Amberly Jack [06:24]: “If the post goes viral enough and the actor is maybe famous enough, we can get him out in three days.”
Selective Enforcement
- China intervenes only when Chinese citizens are affected or public pressure demands it.
- Tom Uren [07:42]: “It’s so focused on the compounds that are targeting Chinese. If you’re not targeting Chinese citizens, we don’t care. And so it just shapes the industry.”

4. Unintended Consequences—Shifting Scams Elsewhere

Not a Solution, Just a Shift
- Crackdowns push the operations to other borders (e.g., Thailand) and new target populations.
- Tom Uren [08:11]: “The… industry is just moving to different regions. So not on China’s border… it’s also focusing on different target populations.”
- The use of AI is making cross-border scamming and targeting other nations easier.
Lingering Frustration/Disappointment
- Tom Uren [08:59]: “It’s just not as good news as I had hoped. So it continues to be… disappointing, I suppose.”

5. International Response: What Can Others Do?

Limited Collaboration with China
- China’s self-interested approach hinders US or multilateral action.
- Tom Uren [09:53]: “China is the self-interested giant in the region… impossible to imagine the US and China working very well together.”
Other Regional Partners
- Thailand and the Philippines are taking stronger stances—possibilities for US collaboration—but resources and influence are limited.
- Tom Uren [10:28]: “They’re not as influential as China is…but they’re still in the region and… can do more.”

Main Topic 2: US Cyber Operations in Venezuela—A New Military Norm?

1. Operation Overview

Context:
The US recently conducted a successful military operation in Venezuela, capturing Nicolas Maduro with apparent support from cyber operations.
- Trump hinted at using “special expertise” to “make it dark” in Caracas, pointing toward cyber activity to cut power.
- Tom Uren [11:57]: “Trump seemed to hint about the use of…disruptive cyber operations… to turn out the lights.”
Validated by Reporting
- The New York Times confirmed this was a deliberate cyber operation.

2. Why Use Cyber? Advantages and Limits

Alternative to Physical Sabotage
- The US has alternatives—physical destruction (e.g., graphite bombs)—but cyber allows for less infrastructure damage and easier restoration.
- Tom Uren [13:12]: “One of those ways is just to blow up power facilities…with graphite bombs…But sometimes with those, the facility just catches fire.”
- In Venezuela, preserving infrastructure was strategically preferable.
Not a Gamechanger—An Incremental Improvement
- The cyber attack provided a “nice to have” rather than essential advantage.
- Tom Uren [14:27]: “My assessment is that the cyber operation was a very incremental improvement. Like, we avoid the risk of short circuits. That’s really what we’re achieving here.”
- The president’s public acknowledgment is significant for the stature of cyber in military operations.

3. The Role (and Future) of Cyber in Military Planning

Political & Strategic Recognition
- Presidential notice signals cyber operations will routinely be considered in major operations.
- Tom Uren [15:40]: “For these types of operations… disruptive cyber operations will be part of the mix. So they’ll be considered every single time…”
Potential for More Advanced Uses
- While power was highlighted (a known target type), cyber operations could have also suppressed air defense networks.
- Public discussion of more sensitive capabilities is unlikely unless urgently needed.
- Tom Uren [16:50]: “Air defense networks… there was no mention of that… Maybe cyber helped as well, I don’t know. But that seems like if you had that capability, you’d be a lot more cautious about talking about it.”

Memorable Quotes & Moments

| Timestamp | Speaker | Quote | |-----------|---------|-------| | 01:32 | Tom Uren | “Every time they take action against scam compounds, it’s because there’s some internal media… that forces them to act… not a long term strategic plan.” | | 05:20 | Tom Uren | “…if the right people talk to the right people, we’ll pull out this particular individual.” | | 07:42 | Tom Uren | “It’s so focused on the compounds that are targeting Chinese. If you’re not targeting Chinese citizens, we don’t care. And so it just shapes the industry.” | | 09:53 | Tom Uren | “China is the self-interested giant in the region… impossible to imagine the US and China working very well together.” | | 11:57 | Tom Uren | “Trump seemed to hint about the use of…disruptive cyber operations… to turn out the lights.” | | 14:27 | Tom Uren | “My assessment is that the cyber operation was a very incremental improvement… we avoid the risk of short circuits. That’s really what we’re achieving here.” | | 15:40 | Tom Uren | “For these types of operations… disruptive cyber operations will be part of the mix. So they’ll be considered every single time…” |

Key Takeaways

China’s anti-scam efforts are driven by domestic interests, not global cooperation.
Actions are reactive, not strategic—focused entirely on protecting Chinese citizens and prestige.
Crackdowns do not solve the scam industry, but push it to other regions and targets.
International anti-scam collaboration is possible, especially with Southeast Asian partners, but US-China efforts are a non-starter.
In warfare, cyber operations are becoming standard, particularly for discrete, reversible and politically advantageous disruption, but are still incremental—often supplementing existing means rather than replacing them.

For further reading and updates, listeners are encouraged to subscribe to Tom Uren’s Seriously Risky Business newsletter at Risky Biz.

Loading summary

Transcript22 lines

[00:00]
A
Foreign. And welcome along to Seriously Risky Biz. This is our podcast all about cyber security policy and intelligence. My name is Amberly Jack, and in just a moment, I'll bring in Tom Uren, our policy and intelligence editor, to chat all about his Seriously Risky Business newsletter that he's written up for this week. You can of course, subscribe to that and read it on our website, Risky Biz. First, though, I'd like to thank our sponsor for this week, which is podcast Prowler, the most widely used open cloud security platform. And you can find them@prowler.com G', Day, Tom. Welcome to the first show of the year. It feels like a little while since you and I have sat down together, so it's good to see you.
[00:42]
B
Good to see you again.
[00:44]
A
And I really enjoyed the newsletter today and want to jump straight into this first piece that you've written where you're looking into China's response to scam compounds and its sort of recent crackdown, which has included quite a few life sentences and even some of these guys being sentenced to death. And this all, of course, came about after alleged scam kingpin Chen Xu was arrested in Cambodia recently extradited to China. And Tom, from the surface, you can look at this and kind of go, hey, China's doing a great job. They're really cracking down on these, on these scam compounds. This is great news. But you've kind of looked into that and their motivations behind it, and it may potentially not be great for anyone that's not in China.
[01:32]
B
Yeah, so the whole scam compound and pig butchering story, it always just seems to be bad and never be good. Like, it's, it's like when I was sort of horrified when I learned about it. And it, even the good news, like, is it always comes with a dark cloud attached to a silver lining. So the story is that they're these massive compounds. They exist on the border areas of Myanmar. And it had seemed, I was kind of optimistic when it seemed that China was taking a more aggressive role countering these compounds. So back in a couple of years ago, they basically gave the green light to an ethnic rebel group to basically launch an offensive against the military junta that's in control of Myanmar. And so they, that that alliance, which was known as the Three Brotherhood alliance, one of its goals was to clean out scam compounds. Yeah. And that, you know, at the time it struck me that's a strange goal for an ethnic rebel group to have. Like, you know, you typically rebels have some sort of like, Nationalistic purpose rather than a crime fighting purpose. And it seems like what had happened is that this was along China's border. And there's two competing goals for China. One is stability. It wants a stable border. It doesn't want conflict. Conflict on your border is obviously bad. And so its default instinct is just to tamp down on those rebel groups and make sure that nothing happens. Now the countervailing force is we need to do something about scamp compounds. And when that rises to enough of a priority, they let the leash off the ethnic rebels and they went and basically fought the junta and they. There was a lot of action against scam compounds at that time. And so that sounds like great news. They're actually doing something against those compounds now. To be fair, I guess from their point of view, it's like between a rock and a hard place, right? Like actual fighting on your border. It's not a good thing. But it seems like every time they take action against scam compounds, it's because there's some internal media, domestic media, something's gone viral that make. That forces them to act, basically. So it's not a long term strategic plan. Scam compounds are bad. We should do all these steps to try and tackle them in an ongoing way. It's like something's gone viral on entire internal Chinese media. We've got to do something about it now. So that that particular case where with the Three Brotherhood alliance, it was driven by a story where some Chinese citizens had tried to escape from a compound and several of them got shot and killed. And the viral part was that there was a rumor that it was four of these people were actually undercover Chinese police. And so that story undermines the sort of national story that China is a global power, we can enforce laws all over the world, our Chinese citizens are safe. And so they had to do something. And like they responded within weeks and a whole lot of people were arrested. Now that didn't make the scam compounds go away. And so the other story that I thought was really fascinating is that a Chinese actor ended up in a scam compound. So he was lured there by the promise of an acting job. He was lured to Thailand, got put in a car, ended up in a scam compound. It turns out his girlfriend publicized his story on Chinese social media and within three days he was back. He'd been recovered from these compounds. And so it really struck me that the people in charge, there's ways of getting people out if it becomes enough of a problem. Like three days is not a long time There wasn't a huge, like military action or law enforcement action or anything like that. It was just. My reading of it at least is that it's, you know, if the right people talk to the right people, we'll pull out this particular individual.
[06:24]
A
Yeah, that was, that was one thing that sort of struck me. And you and I were talking about this earlier as well in your newsletter was the, the speed at, you know, if they, if the post goes viral enough and the, the actor is maybe famous enough, we can get him out in three days.
[06:39]
B
Yeah, yeah. And so it's. To me, that's. China has a whole lot of, I guess you'd call it, political power or influence in the region. And so that tells me if they really want to do something, at least around the margins, they can. It's just that most of the time they don't bother because if it's not causing a huge domestic outcry, we don't need to do anything. Let sleeping dogs lie. Some of the scam compounds are like, they launder money in China, so they actually bring currency into the country. And some of them are politically connected. And so my initial thought reaction, hearing news about China arresting, sentencing to death, life sentences as well, and like quite a large number of scam compound, I guess you'd call them masterminds. Well, it's got to be good news.
[07:42]
A
Yeah.
[07:43]
B
But it turns out it's so tactical that it may actually just be shaping the industry. So there's a number of experts who look at it and say because it's so tactical. And what I mean by that is it's so focused on the compounds that are targeting Chinese. If you're not targeting Chinese citizens, we don't care. And so it just shapes the industry.
[08:06]
A
To target the social media backlash isn't loud enough.
[08:09]
B
Yeah, exactly.
[08:10]
A
Yeah.
[08:11]
B
And so the, And I guess there's an AI angle in that it makes it easier to talk across different languages. And so that the, the fear is that the industry is just moving to different regions. So not on China's border, but on the Thai border. And it's also focusing on different target populations. So the compounds have people who are forcibly detained there or sometimes work there for money, and they run scams on other countries. And it's just a massive scale. And so what seems like an initially good news story, and to be fair, it's. It's not entirely.
[08:57]
A
It's not terrible news.
[09:00]
B
That's right. It's just not as good news as I had hoped. So it's, it continues to be Disappointing, I suppose.
[09:06]
A
Yeah, yeah, for sure. And I mean, it's, you know, as you, as you sort of wrote in the newsletter as well, it's, it's very hard to feel sorry for these guys. So seeing any of them punished is good news. So, Tom, if China's kind of tackling these compounds for very sort of domestic and maybe selfish reasons, I guess rather than we are the world type, let's all band together and get rid of this industry as a whole. What can places like the US do? I mean, you sort of mentioned they can't take them down on their own. And we even saw with. What was the guy's name? Chenju, that the US had indicted him, but China got him. So what can places that aren't China do about this, if anything?
[09:54]
B
Yeah, yeah. I think there's actually quite a lot of international collaboration kicking off. I think the real problem here is that China is the self interested giant in the region. And so it's like, I just find it impossible to imagine the US and China working very well together. And so there are other potential partners. So for the US So Thailand and the Philippines have both started, particularly the Philippines reacting quite strongly to the scam compounds. So I think that there are potential partners for the US that have, they're not as influential as China is, but they're still in the region and have a presence and can, can do more. So I, you know, but I'm just kind of pessimistic that it's not really the Trump administration's style to be involved in multilateral institutions at all. So I think there's a good reason for it though. Like you can't be, you can't do everything everywhere all at once, I guess. And so you do need partners. And I think there's a clear, is it a logical chain that, you know, you need people on the ground these countries because like they're located next to the border or in the region. They just have more potential, a physical presence that I think the. Would benefit. Yeah, would benefit both countries.
[11:27]
A
Yeah, yeah, for sure. And Tom, sort of speaking of the Trump administration style, let's jump through to this second story that you've written. Venezuela, US and the capture of Nicolas Maduro. And Tom, you're sort of saying here that the use of disruptive cyber operations in this massive operation kind of marks a point in time where this is going to become a part of future military planning. Tell me, tell me a little bit more about that.
[11:58]
B
Yeah, so the story is amazing military success. What I found really interesting was that Trump seemed to hint about the use of, I call it disruptive cyber operations in. In the piece, in that they used. He called it a special expertise that they have to make it dark so to turn out the lights. So everyone thinks that that is a cyber operation. The New York Times actually explicitly says it was a cyber operation to switch off the lights in parts of Caracas and by cutting power. And so there's. My presumption is that that was on background from someone in the administration, presumably. And so we've got this all the way up from the president. A acknowledgement of this went on, and what I thought was really fascinating is that if you sort of think about the operation, there was 150 planes. They somehow suppressed Venezuelan air defence systems. And the cyber part, which got killed, called out by the president, was actually just turning off the lights. And they had. They have conventional ways to do that. And one of those ways is just to blow up power facilities. You can do that. They actually have these, they call graphite bombs as well that spool carbon fiber or conductive material out over electricity infrastructure and cause short circuits. So they have a very viable conventional alternative that would have worked just as well. So it's not as if the disruptive cyber part was a game changer. They didn't go from having no capability to a magical cyber capability. They went from having a conventional capability, where the problem is that sometimes with those graphite bombs, the facility, because it short circuits, it just catches fire and burns to the ground. And so for some situations, that's not a big deal. Like in the invasion of Iraq, they use those bombs. The idea is that they're reversible because if you clean up the facility and remove all the conductive material, you can switch it back on and it doesn't short circuit. In the context of an invasion like Iraq, if you have a few transformers or a few facilities burn, it's like, well, at least we tried, I guess. Now, in the context of Venezuela, the plan is to remove Maduro and replace him with someone who's more amenable and has been, you know, really shocked by the US Presence and so will be amenable to, like, okay, like, the alternative is getting snatched in the middle of the night. I'll listen to the US More carefully. And so having the electricity facilities destroyed, I think makes their job more difficult. And so if you can avoid it, I think it's a nice to have. So in this case, my assessment is that the cyber operation was a very incremental improvement. Like, we avoid the risk of Short circuits. That's really what we're achieving here. And yet it's interesting that the President specifically mentioned it. So I think it's really like for cyber people it's a political victory. It's, we, we got to the President, he understands what we helped achieve, he thinks it's special. And you know, really it is, it's like clever, it's tricky. It's if you're a cyber person, it's cool. And so that is I think, a signal that for these types of operations where you've got the time and space to plan disruptive cyber operations will be, will be part of the mix. So they'll be considered every single time you're doing something like this where you've got a bit of breathing room to integrate that into the operational planning.
[16:17]
A
Yeah, yeah, for sure. And Tom, I know you sort of spoke about in the newsletter and spoke about here as well that this particular raid was very, I guess nicely aligned for any weaknesses when it comes to disruptive cyber operations to really not matter at all, in fact benefit them. But you also mentioned, while kind of cool, not mind blowingly amazing, but do you think there were other potentially more mind blowing operations going on within the same.
[16:51]
B
Yeah, so the, yeah, that was one thing I thought about is like they mentioned power and power seems like a great thing to mention because it's been done before. It seems like a great thing to mention because electricity networks are a constant target of, well, the Chinese are trying to get into the US critical infrastructure. So it seems like a, you're telling us something that everyone already knows and you're not giving away anything that's a super secret capability. Now the other thing that people talk about is using cyber to degrade air defense networks and there was no mention of that. And yet, you know, many, at least many helicopters managed to fly into Caracas and fly out again without any noteworthy damage. So my understanding is that some of the helicopters, at least one, was shot at by a person on the ground. But the Venezuela has Russian built air defense systems and none of those seem to fire anything. And so the other hypothesis potential is that some cyber operation was also involved in degrading those systems. Now the US has all sorts of technical countermeasures against air defence systems, so I have no doubt those were used. Maybe cyber helped as well, I don't know. But that seems like if you had that capability, you'd be a lot more cautious about talking about it because you really want to save knowledge about it until you really need to. And so I don't know.
[18:44]
A
Awesome. On that note, Tom, we will leave it there, but thank you so much for joining me. It's been super, so great to. To sit down and chat with you again. And of course, you can read and subscribe to Tom's newsletter over at our website, Risky Biz. But, Tom, have a great week, and we'll catch you again same time next week.
[19:01]
B
Thanks, Ant.