Talk With a Friendly Human
Attila: They know that while you're looking at what's going on in the right hand, you're not watching their left hand.
Matt: It's just an illusion.
Attila: Just an illusion.
You're listening to the Cyber Secured Podcast, helping you become safer in every way.
Now, your hosts, Matt and Attila.
Matt: Welcome back to the podcast.
Attila: Welcome back, I'm Attila.
Matt: I'm Matt.
Attila: And this is the Cyber Secured Podcast, where we talk about your security and ways that you can make yourself safer in today's digital world.
Attila: And we have a very interesting story to start with today.
Matt: Yeah, you already started talking to me about this, and I realized this would be a good topic for today's podcast.
Matt: So you want to catch everyone up.
Matt: What was it that you came in to my office?
Attila: Oh, yeah, this was good.
Attila: This is very recent.
Attila: Happened just in the past couple of weeks.
Attila: Let's get it, let's do some scrubbing of data so that we don't disclose too much about this victim.
Matt: Did you just get this call today?
Attila: Just today, I just got the call today.
Matt: All right.
Attila: And so this victim is an owner of a construction company.
Attila: So if you imagine a construction company, they have trucks and staff and high operating expenses, right?
Matt: So they're public too, a lot of advertising out there.
Matt: So yeah, pretty easy target.
Attila: And lots of assets, think about construction.
Attila: I mean, you can't get anyone to help you do anything for less than hundreds of dollars per hour.
Attila: I think there's more money in construction than even in medicine or legal at this point.
Attila: It's not real.
Matt: Especially in a place like where we're at.
Matt: Am I allowed to say where we're at?
Attila: We're in Hawaii, yeah.
Attila: We are in Hawaii, but you know.
Matt: Not to make anyone jealous out there, sorry.
Attila: But think about it.
Attila: I mean, LA, right?
Attila: They had the LA fires.
Attila: What do you think is going to happen to the construction industry out there?
Matt: Yeah, that's a lot of money.
Attila: Lot of money.
Attila: So, construction guy, right?
Attila: Owner of a construction company, calls me up.
Attila: He says, you know, I have a problem.
Attila: And my problem is all started about last week, when I got a call from someone I've known for 10 or 15 years.
Attila: And this person, he's in the automotive industry, and he sells, you know, this particular guy, he sells Harley Davidson motorcycles.
Attila: And this, you know, so he gets a FaceTime call, and he's, you know, he's got an iPhone, from his friend.
Attila: So, the caller ID is correct.
Matt: The friend is the owner of the Harley Davidson company?
Attila: Right, exactly.
Attila: So, you know, so they're good friends, right?
Attila: And the Harley Davidson guy calls him up.
Matt: They're both business owners.
Attila: Both business owners.
Attila: So, as you can imagine, high-value targets, right?
Attila: Harley Davidson's aren't cheap either.
Attila: So, he answers the phone, and it's a FaceTime call.
Attila: And on that FaceTime call, he sees his friend, you know, moving, lips are moving.
Attila: The sound sounds correct.
Attila: It's his, you know.
Matt: Friend's voice.
Attila: Friend's voice.
Attila: Everything is legit, right?
Attila: And his friend starts talking to him, telling him some sort of sob story, how he's been locked out of his Facebook account.
Attila: He needs some help.
Attila: Now, the guy who called me, the general contractor, he was driving, so he's like, look, you know, I don't want to get pulled over here.
Attila: Let's continue this conversation by text message.
Attila: And so, you know, when he gets to his destination, pulls over, starts having the text message with his friend, quote unquote, air quotes.
Attila: And this friend of his, you know, continues with the sob story, hey, I just really need to reach out to some people.
Attila: Is it okay if I just use your Facebook account really quick?
Attila: And, you know, this general contractor, he's known him for 15 years.
Attila: So big deal, right?
Attila: You know, he's okay with it.
Attila: He shares his Facebook password, it's two factor code, pops up on his phone, no problem.
Attila: And at that point, his friend says, oh yeah, thank you so much.
Matt: You're a lifesaver.
Matt: Back up.
Matt: So the friend calls him, gives him a soft story.
Matt: He's having a hard time.
Matt: And then he wants him to do what with Facebook?
Attila: So he just wants his Facebook password.
Matt: He wants the contractor guy's Facebook password.
Attila: And, you know, if you kind of think about it, I mean, imagine you're a contractor and you're building a house and you got a hammer.
Matt: Right.
Attila: And your hammer breaks.
Attila: It's okay for you to walk over to the next guy who's also working at the house.
Attila: And say, hey, can I borrow your hammer?
Attila: My hammer's broken.
Attila: I need to hammer this wood.
Attila: Right?
Attila: Yeah.
Attila: It's like kind of human nature, common sense.
Attila: Okay.
Attila: But we're in this digital age now where, you know, it's Facebook.
Matt: That's already a red flag for me.
Attila: But it's a red flag.
Attila: But, you know, imagine this guy's also driving.
Attila: So he's distracted.
Attila: He's a busy guy.
Attila: He gets a lot of phone calls.
Attila: He's thinking about things at work, you know, all the other problems that are associated with running a business and owning a business and trying to grow a business.
Attila: And so he's got a lot on his mind.
Attila: So he's like, I would say his defenses are pretty low at this point.
Matt: And so then what ends up happening?
Attila: So, you know, the guy is very thankful by a text message.
Attila: Oh, thank you so much.
Attila: You really helped me out.
Attila: And then like within hours, all of a sudden more phone calls start coming in.
Attila: But this time, it's from his friends and family.
Attila: And his friends and family are asking him like, hey, why are you reaching out to me on Facebook, asking for money?
Attila: Like, you're a big time contractor.
Attila: You got more money than me.
Attila: Why are you asking me for money?
Matt: And of course, he didn't do that.
Attila: He didn't do that.
Attila: Tries to get in his Facebook account.
Attila: Of course, passwords changed, can't get in.
Attila: And, you know, and it just keeps kind of going on and on.
Matt: So, did he reach out to the original friend?
Attila: Reach out to his original friend after a while.
Attila: And of course, his original friend is like, ah, that wasn't me.
Attila: That was not me.
Matt: Okay.
Attila: Now, fair warning, this guy is in the Harley-Davidson scene.
Attila: So, he's got a lot of YouTube videos about Harley-Davidson stuff, right?
Attila: And so, that could kind of be where maybe they were able to train some sort of AI-based.
Matt: Right.
Matt: Well, so, to, you know, catch people up if they haven't figured it out already, this is AI impersonation.
Matt: So, that's what we're getting at.
Matt: And we've seen, if anybody has been following the AI train, we've all seen what it can do impersonating voices and whatnot.
Matt: The whole thing with impersonating a face is kind of new.
Matt: It's nuanced.
Matt: There has been a report of a major financial theft attempt in East Asia.
Attila: Worked.
Attila: 350 million dollars.
Matt: Oh, okay.
Matt: I thought it didn't work.
Attila: 350 million bucks.
Matt: And I did see a demo where an AI researcher was able to very convincingly turn himself into this cutesy little Comic-Con girl.
Matt: Meanwhile, he's talking with his man voice, which was hilarious.
Matt: And he pinched his cheek, he stuck out his tongue, he did all the stuff.
Matt: It was very sophisticated.
Matt: When you're talking on a video call, especially if you're in the car driving, you actually will put up with a lot of degradation in the video call and what's happening when you're communicating with the person.
Matt: So you may not even notice if it's a poor AI generation.
Matt: But this is crazy.
Matt: This is the first time I've heard of this happening in the wild.
Attila: And it's fast too.
Attila: I mean, think about it.
Attila: Like that one crypto heist you mentioned.
Attila: It's 350 million bucks.
Attila: Yeah, whatever.
Attila: That's a lot of money, but it also took them a year to orchestrate that.
Matt: Right.
Attila: This is like days.
Attila: Yeah.
Attila: Maybe weeks.
Attila: Yeah.
Matt: Well, that tells me that there's probably some kind of open source program out there, something that someone has generated that's free on the web, or even maybe even a cheap pay to play platform that we can do this on.
Matt: That's really scary.
Attila: Yeah.
Attila: It's interesting.
Matt: Well, and then this goes back to, I was telling you about this earlier, to a similar kind of phishing, hacking.
Matt: It's hard to even call this hacking, but a scheme that we heard about a few years ago, where we had a gentleman call.
Matt: His son had gotten scammed out of $1,000, which isn't a lot, but the way it was operating was very insidious, because what happened to his son was someone, one of his close friends had reached out and told them, hey, I just signed up for this program where, you know, I gave these guys $1,000 and they quadrupled my money within a week.
Matt: Something outlandish like that.
Matt: And, you know, his son was young, doesn't have a lot of money, sounded very promising, plus it came from someone he trusted.
Matt: And so...
Attila: Trust, that's the big one.
Matt: Yeah, that's the big one.
Matt: So then the son went ahead and, you know, responded back and was like, hey, I want to get on this.
Matt: What is it that you did?
Matt: And, you know, who is it that I can contact?
Matt: So then he starts contacting this third party, and the third party is like, yeah, we can do this for you.
Matt: We have, you know, special crypto investments, and we know how to trade the market.
Matt: Just send us the $1,000.
Matt: But in exchange, can you go ahead and make a testimonial video for us?
Matt: And then we'll go ahead and work on, you know, quadrupling your money while, you know, you're making this video for us.
Matt: And meanwhile, at the same time, what the son didn't realize was while he was making the testimonial video, and he had sent that money off to them, he had also been phished, and the scammers had gotten his password to his account.
Matt: So once he had sent this testimonial video in, scammers went in, got into his account, changed his password, took his testimonial video, and sent it to all of his close friends and family.
Matt: And that's it?
Matt: Yeah, it's a domino effect.
Matt: So we, you know, submitted that to the FBI.
Matt: We got him in contact with, you know, the people up high that we know, did what we could, and was able to stop, you know, some of this from going on.
Matt: But it was the last, not the last time that I had heard of this scam.
Matt: And now we have this thing going on, which is very similar.
Attila: Well, it doesn't stop there.
Attila: It doesn't stop there, because now, now that they're inside of his Facebook account, they can light the fuse on all these other scams that are time tested.
Attila: Yeah.
Attila: Now, as a contractor, he has lots of expensive trucks and equipment.
Matt: Right.
Attila: Guess what?
Attila: All that went up for sale.
Attila: And if you wanted to buy it, you had to wire transfer your money to some mainland bank, which as you know, is a money mule account.
Attila: It's going to go through 20 different banks and then outside the country and then fund God knows what.
Attila: But in short, this is a scary part.
Attila: The scammer started getting wind of this and started to replicate the scam using his likeness.
Attila: So now he gets a call a few days later from a friend and said, hey, did you just call me because I got a FaceTime call and I answered it, and it was you, and it was your voice.
Attila: And this guy, this contractor, he's not very YouTube famous.
Attila: He's got nothing on YouTube, really.
Attila: So what that tells me is that within a span of maybe 30 seconds of him answering that phone on FaceTime, they were able to pick up enough information to generate some sort of moving likeness, exactly, that then they could use to perpetuate the scam and keep on going.
Matt: Well, and I'm sure there's a lot of people that will listen to this and be like, I do my due diligence, I pay close attention, and I've heard this podcast now, so I'm aware, yada yada yada.
Matt: And frankly, I've felt the same way.
Matt: I've been working in this industry for years.
Matt: I know about the scams.
Matt: I've gone after scammers.
Matt: And then, believe it or not, I was driving an Uber for a little bit, and one of the worst things that can happen to you as a Uber driver is getting a bad rating.
Matt: And while I was driving around...
Attila: Even worse than getting your money stolen.
Matt: Yeah, even worse than getting your money.
Matt: You don't wanna have a bad reputation, because you can always make money.
Matt: You can't always get your reputation back.
Matt: And I received a phone call while I was getting ready to drop some guys off, thinking it was the next pickup, because that happens, you get a phone call from your next person that you're going to be driving around.
Matt: And so I answer, I let them know, hey, I'll be with you in just a moment.
Matt: I'm dropping these guys off.
Matt: And the person...
Attila: You were distracted.
Matt: I was distracted.
Attila: Yeah, I was distracted.
Matt: And I'm pretty sure they did it on purpose.
Matt: The person announced that they were Uber Support.
Matt: And to take my time, he was very polite.
Matt: And once I was able to speak with him, then he let me know that there had been a negative strike on my account, and that someone had reported that when I picked them up, I was not who I said I was, or who I am in my photo.
Matt: Which, you know, put me on alert, right?
Matt: So, my caution and my awareness immediately out the window, because I'm worried.
Matt: And that's where they get you.
Matt: They get you into an emotional state one way or another, and you, you know, put all caution in the wind.
Attila: Yeah, and this has happened.
Attila: I mean, they wouldn't do it if they didn't understand basic human psychology.
Attila: And every magician or slash illusionist, we can't call them magicians anymore, right?
Attila: No such thing as magic.
Matt: Oh, is that the new PC term?
Attila: It's the illusionist, yes, illusionist.
Attila: Okay.
Attila: Because illusionists, they know that while you're looking at what's going on in the right hand, you're not watching their left hand.
Matt: It's just an illusion.
Attila: Just an illusion.
Attila: And your brain has to make sense of what it sees, so it must say all must be magic, right?
Attila: And that's exactly what's happening here.
Attila: They're saying, hey, don't pay attention to the fact that we're trying to scam you.
Attila: Pay attention to the fact that your reputation might be at risk.
Matt: Or your friend is in dire needs, and you want to be there to help him.
Attila: Yeah.
Attila: And in fact, in this General Contractors scenario, in this same story, he mentioned how the scammers reached out to some of his friends and said, hey, I need some money because my parents are really sick.
Attila: And the joke was, he's like, my parents have all passed.
Attila: Like everyone, they've all passed away.
Attila: So the people that knew me knew that something was up.
Attila: Yeah.
Attila: That's why they were reaching out to let him know that there's a problem.
Attila: And he doesn't use Facebook for business.
Attila: It's strictly for personal stuff.
Attila: So that's kind of a good thing that's on his behalf.
Attila: But part of your incident response and part of your compliance in general, this is HIPAA, this is CMFC, NIST, whatever those are, you cannot have your company's information posted on a social media site that could potentially jeopardize the business.
Attila: And this is jeopardizing the business.
Attila: So if, you know, if they do get into your Facebook account and you are running a medical practice inside of your incident response plan, you should have some playbook about what you're going to do when your social media account is compromised.
Attila: What is your communication plan?
Attila: How do you remediate it?
Attila: Do you even have a backup method to restore your account?
Matt: Well, in the first part of the incident response plan is also preparedness, which can circumvent a lot of this kind of stuff.
Attila: Preparedness.
Attila: What does that mean?
Attila: What does preparedness mean?
Matt: Well, so in this particular circumstance, I mean, you don't always have caution at your disposal, but if you do in that scenario with the Uber thing, there was a point in the calls where the little bat signal was going off in my head, and I started asking questions.
Matt: If you have anything like that, the catchphrase we came up with years ago, when in doubt, reach out.
Matt: He should have told his friend, I mean, I don't know if he had any caution at all, but he should have told his friend, hey, I'm driving right now, I'm gonna give you a call back in just a moment, or I'm having a problem, make something up.
Matt: I'm having a problem with my phone, let me call you back, right?
Matt: Most of the time when scammers are reaching out, forging a phone number, faking a FaceTime call, there's a lot of things you can do to fake the outgoing, but when you try and reach back and call them, that's a lot harder to fake.
Matt: And so reaching out to that party, the bank, the vendor that is asking for money to be sent to some weird bank account.
Matt: Reaching out to them over the phone and talking to them one on one, that's usually the best option right now, when in doubt, reach out.
Attila: Yeah.
Attila: And a lot of the larger organizations, they require, and they've gone old school, so they require to check signers, check in the mail only.
Matt: Yeah.
Matt: So they have multiple forms of verification.
Attila: And just be cautious if you're in any industry where there's high dollar amount transactions at all.
Attila: I mean, it's got to be paper check or nothing because it's just too risky otherwise.
Attila: So we see this time and time again with the contractors and subcontractors.
Attila: I think we should save that for another podcast.
Attila: That'd be really interesting to talk about.
Attila: But we try to keep these podcasts short.
Attila: So if you do like the length, we're trying to keep them around the 20-minute length because that's about the average amount of time people out here in the island spend commuting.
Attila: So we try to keep it short.
Attila: And if there's any topics you'd like to see us address, feel free to reach out.
Attila: We have our contact information in the show notes for this episode.
Attila: And yeah, you guys need to stay safe out there because they are getting clever and these AI-generated scams are just beginning.
Attila: I'm your host Attila.
Matt: And this is Matt.
Attila: Stay safe out there.
Matt: Cheers, everyone.
This episode was brought to you by Cypac.
To learn more about keeping your business safe from threat, crime, and disaster, visit Cypac.com.