This scam is now in session.
Dave Bittner: Hello, everyone; and welcome to N2K CyberWire's Hacking Humans podcast where each week we look behind the social engineering scams, phishing schemes, and criminal exploits that are making headlines and taking a heavy toll on organizations around the world. I'm Dave Bittner, and joining me is Joe Carrigan. Hey, Joe.
Joe Carrigan: Hi, Dave.
Dave Bittner: And our N2K colleague and host of the T-Minus Space Daily podcast, Maria Varmazis. Maria.
Maria Varmazis: Hi, Dave; and hi, Joe.
Dave Bittner: We've got some good stories to share this week. Joe, you want to start things off for us.
Joe Carrigan: Yes. I will start things off with one of my least favorite companies and with an app that I don't use. It's WhatsApp, all WhatsApp all the time.
Dave Bittner: Okay.
Joe Carrigan: Part of the show, Meta has come out with a news release. And the title of this news release is WhatsApp, New WhatsApp Tools and Tips to Beat Messaging Scams.
Dave Bittner: Okay.
Joe Carrigan: So the folks over at Facebook are taking some heat, I think from, you know, not only this show because you know how influential we are.
Maria Varmazis: Of course. Yeah.
Joe Carrigan: But, you know, globally, they're taking some heat against scammers. And they are claiming that, since January of this year, in the first half of this year, they have banned over 6.8 million accounts that are linked to scam centers, some of them operating out of Cambodia to tie it back into the story that Maria was covering last week --
Dave Bittner: Yeah.
Joe Carrigan: -- that these sources are -- or these -- the source of these scam -- scam operations are coming out of these scam centers where people are not exactly volunteers.
Dave Bittner: Right.
Joe Carrigan: Put it frankly, they're slaves, which immoral, illegal. I don't know that there's any country that permits that anymore.
Dave Bittner: Yeah.
Joe Carrigan: But this article goes on to talk about how scammers operate, which is kind of helpful. These scam centers typically run many scams campaigns at once, from cryptocurrency investment to pyramid schemes. We haven't had a good pyramid scheme story in a long time.
Maria Varmazis: Yeah. True.
Dave Bittner: It's true.
Joe Carrigan: I -- I'm itching for a pyramid scheme.
Maria Varmazis: Let's get on that. Somebody do something about that.
Dave Bittner: They've got to be out there.
Joe Carrigan: It also says that they're working with other people to -- others to protect people. And they have a link to an article in here from OpenAI. And I'm going to talk more about that article in a second here about -- because they've been working with OpenAI because OpenAI is -- knows that they're used to -- in these scams. So they've been collaborating with -- Meta has been collaborating with OpenAI to identify accounts that are pushing the output from known OpenAI scams.
Dave Bittner: Okay.
Joe Carrigan: And that's one of the ways they're using to shut these accounts down.
Dave Bittner: And OpenAI are the makers of ChatGPT.
Joe Carrigan: ChatGPT. Correct.
Maria Varmazis: Yep.
Dave Bittner: Right.
Joe Carrigan: They have a video in here. I have -- I was -- I was scrolling down this article, and I was like, Hey. That's Rachel Tobac. I know her. I don't think we've ever met in person, but she's been on this show a number of times.
Dave Bittner: Yeah.
Joe Carrigan: So, you know, I know -- I know who Rachel is. And there's a two and a half minute video, which I unfortunately today have not had time to watch. But anytime Rachel Tobac is talking about an online scam, everybody should listen. She is --
Maria Varmazis: Amen.
Joe Carrigan: I refer to her as the Queen of Social Engineering and defense of that -- that dark art. She is really good at the, I guess, penetration testing. You know, the social engineering penetration testing.
Dave Bittner: Yeah.
Joe Carrigan: And gives really great advice on how to -- how to protect yourself. So the article then goes on to talk about their new anti-scam tools. And I'm going to read this group messaging. They have two topics, group messaging and individual messaging. It's very hard to say group messaging without messing that up. We're launching a new safety overview that will show to you when someone who is not in your contacts adds you to a new WhatsApp group you may not recognize. It will include key information about the group and tips to stay safe. From there, you can exit the group without ever having to look at the chat. And, if you think you might recognize the group after seeing the safety overview, you can choose to see the chat for more context. Regardless, notifications from the group will be silenced until you mark that you want to stay, which means that you kind of have to opt into a group, I think.
Dave Bittner: Okay.
Joe Carrigan: Maybe. But my concern about this is, this is just something that people are going to click through, you know. They're going to say, Oh, here's a new group that somebody invited me to.
Dave Bittner: Right.
Joe Carrigan: Well, let me -- let me see what it says. Okay. I want to stand in here and see what they're -- see what's going on. If the pitch, the initial pitch is good enough, oh, yeah. I want to be part of this.
Dave Bittner: Yeah.
Joe Carrigan: Individual messaging. Additionally, scammers may attempt to first initiate contacts with you elsewhere on the internet before asking to message on a private messenger service like WhatsApp. To protect against this traffic, we continue to test new approaches to alerting people to pause before engaging. For example, we're exploring ways to caution you that, when you start a chat with someone not in your contacts, by showing you additional context about who you're messaging so you can take the -- make the -- make an informed decision.
Maria Varmazis: Speed bumps are always a good idea. Yeah.
Joe Carrigan: And then they had the typical pause question and verify steps that we always talk about here. Slow down, right? We say slow down.
Dave Bittner: Yeah.
Joe Carrigan: Ask questions. Don't be afraid to ask questions. And verify through a third channel. So, really, if I can be critical here of Meta for a second.
Dave Bittner: Please.
Joe Carrigan: It's not much. It's not much that they're doing. And I want to contrast this with the report that they cite in here from ChatGPT. So, if you go to this ChatGPT link that's linked in the article from Meta, there is a PDF. It's a PDF link. So, if you see that in the show notes, that's valid. And they have case studies of these different actors. It's like seven case studies, seven or eight case studies in here. I haven't gone through the whole thing. But deceptive employment scheme, IT workers. And then the summary is, threat actors using AI and other technologies in an attempt to evolve and scale their deceptive hiring attempts, this they think they -- although they can't really attribute things -- attribution's notoriously difficult. They say this is consistent with people from North Korea trying to get into -- into tech jobs. Again, another story we talked about last week with the woman who was sentenced to eight and a half years. But they also have, like, tools, techniques and procedures for these groups. So OpenAI is watching what users are putting in, seeing that these guys are automating the generation of believable resumes. And they're going, Oh, no. We're done here. Right? So they have another one in here, Covert IO Operation Sneer View, which I like the name of that. But they think this is likely China generating social media content and internal -- internal reviews. And then they go through some of the stuff that they put on Facebook. It's just them putting these -- these fake media posts to create division on different platforms. And the last one I'm going to talk about here, I've got to spend a lot more time going into this report because it's really well written is Philippines-oriented. They're generating bulk volumes of social media comments about domestic policies. So OpenAI is watching what's getting put into its model. They're finding that people are exploiting their model, and they're banning people for doing that. Meta is saying okay. Well, thanks to OpenAI, we know who some of these people might be. So we're blocking or banning 6.8 million accounts. But I don't know how big of a solution that is. I imagine that's a sizable chunk of the accounts. But it sounds to me like that's just the result of an automated process that --
Dave Bittner: Yeah.
Joe Carrigan: -- that this is -- you know, and, you know, good enough for Meta to -- to implement something that stops these accounts. I mean, that's 6.8 million accounts that never got used. Actually, the Meta report says these were -- these were banned before they even got operationalized, which, good. You're out in front of it. But the main crux of the Meta -- of what Meta is doing is they are informing people. Hey. Be careful. There's bad guys out there. Now, to be fair, ChatGPT is not a social media platform, right? You're not going to -- I don't interact. Dave, you and I both have ChatGPT accounts. Maria, do you have a ChatGPT account?
Maria Varmazis: A free one. I don't -- I don't pay for it. But I do. I do use it a little.
Joe Carrigan: Right. So, I mean, I can't chat to Dave on -- on that account, so I can't really interact with Dave. It's just me and the model.
Maria Varmazis: Or can you with a facsimile of Dave.
Dave Bittner: It's a new challenge.
Joe Carrigan: Right? Right now, I want you to pretend to be Dave Bittner and --
Dave Bittner: Right.
Joe Carrigan: And Dave is going to tell me that I'm his best friend ever.
Maria Varmazis: This is going to be one of those falling in love with AI things accidentally is kidding.
Joe Carrigan: Oh, I love you, AI Dave. I just made Dave uncomfortable.
Maria Varmazis: He's very uncomfortable. He did not like that. Sorry, Dave.
Joe Carrigan: Anyway, so I guess -- I guess a good move from Meta. I would like to see more, more like -- like what ChatGPT is doing. I mean, they're noticing that people are operating -- are -- are producing things at scale. And they're going, that's probably a scam.
Maria Varmazis: Yeah.
Joe Carrigan: And then they're banning those accounts. I would like to see Meta doing something more than that. Then, you know, maybe -- the problem with this is a lot of this stuff is end-to-end encrypted. So you really can't -- they really can't have cognizance of that stuff.
Dave Bittner: Yeah. I just feel like Meta has no moral high ground with anything. 222 Right, right. You know, like they -- they're -- their North Star is doing what's in their best interest, in my opinion. And I think we've seen ample evidence to support that. And so, you know, great. You know, they're doing something against scammers. But has anybody noticed any measurable difference in the number of scams that you see on Facebook or any of their platforms? I don't.
Joe Carrigan: I mean, the scams you and I were talking about last week --
Dave Bittner: Yeah.
Joe Carrigan: Just flooding Marketplace with fake ads or just flooding the sponsored links with -- with these fake -- those fake Yeti things --
Dave Bittner: Yeah.
Joe Carrigan: -- that should be really easy to detect.
Dave Bittner: You'd think.
Joe Carrigan: Yeah.
Maria Varmazis: Yeah.
Dave Bittner: Right.
Maria Varmazis: How does Craigslist do it? I mean, they've been around since time immemorial, and they've sort of figured this out.
Dave Bittner: That's a great point.
Joe Carrigan: Right, right.
Dave Bittner: That's a great point. Yeah. Yeah. So --
Maria Varmazis: Because maybe they have ethics? I don't know.
Joe Carrigan: Maybe, maybe. Yeah. Because they care.
Dave Bittner: Right.
Maria Varmazis: Yeah. Like, just be it. Yeah. I don't know.
Dave Bittner: Yeah. And I guess Craigslist has a different profit motive than -- than Facebook does and -- well, just different philosophical motive than Facebook does.
Joe Carrigan: Right.
Dave Bittner: Right. Craig -- Craigslist is happy being Craigslist and has no desire for world domination the way Facebook seems to, you know.
Joe Carrigan: Right.
Maria Varmazis: It's almost quaint.
Dave Bittner: They're happy being a handful of people making a good profit, earning a good living, and doing what they do. And that's it, you know. They're --
Maria Varmazis: Yeah. Like the artisans of the internet. They're very good at what they do, and they just stay there. Yeah.
Dave Bittner: Right.
Maria Varmazis: You kind of respect it now. It's nice.
Dave Bittner: Exactly.
Joe Carrigan: They're one of the old guard, if you will.
Dave Bittner: Yeah.
Maria Varmazis: It's true.
Joe Carrigan: Hey. I'm going to put up a website, and it's going to do this. And we're going to do that well.
Dave Bittner: Yeah.
Joe Carrigan: And we're not going to try to be all things to everyone.
Dave Bittner: And, yet, I still hear lots of folks using Facebook Marketplace. So it certainly has its audience. It's getting used a lot. But I just don't know how you jump around all those scams.
Joe Carrigan: Yeah. It's tough.
Dave Bittner: Yeah. No.
Joe Carrigan: We just bought a freezer from Facebook Marketplace.
Dave Bittner: Oh, yeah.
Joe Carrigan: Yeah.
Dave Bittner: Or did you?
Joe Carrigan: No. We did. It actually wound up -- Did you actually really? Well, do you have it? We -- we do. We actually wound up being from somebody who was in my neighborhood growing up, which was -- which was odd. It was -- that was completely random.
Dave Bittner: Okay. That's nice.
Joe Carrigan: Yeah.
Maria Varmazis: That's interesting. So you had some social proof that this person was legit, in theory.
Joe Carrigan: Yep.
Maria Varmazis: Okay.
Dave Bittner: Have you plugged the said freezer in?
Joe Carrigan: I have not.
Maria Varmazis: Does it work?
Joe Carrigan: I know who this guy is. I know where his mom lives.
Maria Varmazis: Oh, boy.
Dave Bittner: That's -- yeah. That's nice. Suddenly, this guy's mom --
Maria Varmazis: How do we replicate this at scale?
Dave Bittner: It's Joe knocking on his -- knocking on her front door. You probably don't remember me.
Joe Carrigan: Oh, she remembers me.
Dave Bittner: Oh. Joe Carrigan from down the street.
Joe Carrigan: Yeah. You're that jackass down the street. That's -- that's who I am to her. And she's not wrong. I'm not saying she's wrong.
Dave Bittner: Oh, my. My topic this week is pharma fraud, which is, as you might imagine, frauds having to do with pharmacies. This actually comes from the folks over at Avast, who's a cybersecurity company. They make products that can help protect your computer and so forth.
Joe Carrigan: I think they still make a free antivirus, don't they?
Dave Bittner: Wouldn't surprise me. Yeah. Certainly, I don't know about free. But it's certainly in their stable of offerings.
Maria Varmazis: Definitely in the AV old guard, yes, speaking of old guard.
Dave Bittner: Yeah. Exactly. They -- yeah. They're one of the original name -- the OGs of antivirus.
Maria Varmazis: The OGs of AV. There you are.
Dave Bittner: There you go. Yeah. So, before we dig in here, I'm curious. Have either of you ever used an online pharmacy?
Joe Carrigan: I use one that my insurance company provides.
Dave Bittner: Okay.
Joe Carrigan: But, I mean, I don't know that that's an online pharmacy as much as it is my insurance company going, Hey. I'm cutting out the middleman.
Dave Bittner: Right.
Joe Carrigan: And they're saying to me, for some medications, you've got to use us for this.
Dave Bittner: Okay. Yeah. That makes sense.
Joe Carrigan: Right?
Dave Bittner: How about you, Maria?
Maria Varmazis: Oh, yeah, I -- it's -- I try not to. I'm -- I know of the dangers of online pharmacies. But for certain things that I am trying to manage, it is extraordinarily hard to do it through my GP.
Dave Bittner: Yeah.
Maria Varmazis: Much, much easier to go through an online pharmacy and use their telehealth and all that kind of thing, so.
Dave Bittner: Oh. Okay. Right, right.
Maria Varmazis: Yeah. They're also a dime a dozen in the -- in the Boston area because of our sort of -- us being sort of a medical hub. So there's a lot of them being advertised around here. And they seem to pop up like Whack-a-Mole, and then they go away. And it's just amazing. But, yeah. Hopefully they're legit.
Dave Bittner: Well, yeah. I mean, so, for me personally, the only time I've ever dealt with one was I got COVID one time, that I guess the most recent time I got COVID. I'm trying to think. I think I've only had COVID twice. But this, the most recent time I had it, I wanted to get myself some Paxlovid, and the quickest way to make that happen was to use --
Joe Carrigan: Sounds like a Russian ballerina.
Dave Bittner: Paxlovid? Yes.
Joe Carrigan: Ivana Paxlovid.
Maria Varmazis: You're thinking of a Pavlova.
Joe Carrigan: Pavlova.
Dave Bittner: Ten. Right. And the Russian judge gives 10, perfect 10 for Paxlovid. So I -- I -- the quickest way for me to get that -- and, when you have COVID, getting Paxlovid into your system, like, time is of the essence. So it was through Amazon. So I used Amazon's online doctor thing. You know, you go into Amazon and you say, I want Paxlovid. And it says, Okay. Here's how you do it. And you talk to a doctor, and they prescribe you the Paxlovid. And then, in this case, they called it into my local pharmacy. But I think, if you want to, Amazon will just ship you the drug as well. So, anyway, we've all had different experiences with online pharmacies. This article points out that there are a lot of reasons why people might seek out a pharmacy online. One is convenience, like what I was describing. You want something quick. If it's in the middle of the night and you're sick, it's not always easy to get a doctor on the line to prescribe something for you.
Maria Varmazis: Yep.
Dave Bittner: A lot of these pharmacies are available 24/7. And another big one is discretion. You know, you want to get something prescribed to you, and maybe that's a tough conversation with your general practitioner. Or maybe you're concerned about your work finding out about it or, you know, something like that. So you want to get some medicine, but you want to do it in a way that's kind of on the Qt.
Joe Carrigan: Right.
Dave Bittner: This article points out that pharma fraud is rampant. In fact, they say that over 95% of online pharmacies are operating illegally. Yeah. That --
Maria Varmazis: Wow.
Dave Bittner: Avast says they blocked nearly a million user attempts to access these scam sites in the first half of this year alone.
Joe Carrigan: Okay. So there -- what's happening is --
Maria Varmazis: The scale is massive.
Joe Carrigan: I mean, like, Amazon's not a -- not a scam, right?
Dave Bittner: No, no.
Joe Carrigan: Well, there's one out there from -- that Mark Cuban -- I found out about this. Mark Cuban has one.
Dave Bittner: Oh, yeah.
Joe Carrigan: Cost Plus Drugs.
Dave Bittner: Yeah, yeah.
Maria Varmazis: Oh, yes.
Joe Carrigan: Low-cost generic drugs.
Dave Bittner: Oh, yeah.
Joe Carrigan: Which is amazing.
Dave Bittner: Yeah. It's great.
Joe Carrigan: This is what billionaires should do with their money, by the way.
Maria Varmazis: Yes. Full disclosure. I am a customer.
Dave Bittner: Yeah. Absolutely.
Maria Varmazis: That is -- he has saved me a boatload of money. Yep.
Joe Carrigan: Right.
Dave Bittner: Yeah.
Joe Carrigan: So good on Mark Cuban for doing that. But -- so these are -- these are the ones you get ads for, like the ones that come into my Yahoo! email, right.
Dave Bittner: Right, right. Exactly. So they -- these are criminal networks, usually. And, in this case, the folks at Avast, in this article, they were saying that they -- they found a single criminal network that was running over 5000 pharmacy domains.
Joe Carrigan: We're going to do it at scale.
Dave Bittner: They -- well, they do.
Maria Varmazis: Let's cast that net.
Dave Bittner: Sometimes they hijack legitimate medical websites. So they will, you know, break into a legit website behind the scenes to try to harvest your credit card or something like that. They manipulate search engine results. And one of their red flags is they accept crypto.
Joe Carrigan: Aha.
Maria Varmazis: Oh, boy. All right.
Dave Bittner: Right. So there's a number of categories that they specialize in here. I think probably the one that first comes to mind for most of us is the sexual health category. And that's your Viagras, your Cialis, those sorts of things and on the generics of those. And I think, you know, those are -- talking about OG stuff. I mean, that's OG spam, right? I mean --
Joe Carrigan: Right.
Dave Bittner: You know, Viagra ads, that it's a --
Joe Carrigan: That's what always used to come.
Dave Bittner: -- cliché.
Joe Carrigan: Yeah. That's right.
Dave Bittner: Yeah.
Maria Varmazis: It's so -- it's, like, cute when I get one in my spam folder now. Oh. You're still doing this. That's so nice.
Dave Bittner: Look at you. You made it through. Wow.
Maria Varmazis: All these years later, here you are.
Dave Bittner: Right, right.
Joe Carrigan: Still lurking about.
Dave Bittner: Yeah. But they work. And then -- but the real hotness these days are weight loss, thanks to Ozempic.
Joe Carrigan: Yeah. There's something that might work on me.
Dave Bittner: Well, exactly. Like, you know -- and I think this combines a couple of things because people see that these weight loss drugs like Ozempic work. And they do legitimately work, it seems. But you can understand somebody feeling funny about going and asking their doctor about it and being afraid that their doctors is just going to say, Well, why don't you exercise more and eat less.
Maria Varmazis: Right?
Dave Bittner: You know, like. See, but I want it -- I want it the easy way. I just want to take a shot.
Joe Carrigan: Why don't you give me -- why don't you give me some good advice.
Dave Bittner: Right. I don't want to change my lifestyle at all. I just want to be thin.
Joe Carrigan: Right.
Dave Bittner: And -- but, also, they're expensive. You know, the things like Ozempic are not cheap. So if one of these online fake pharmacies offers an equivalent to that, that is air -- in air quotes, affordable, you can understand how people could get drawn into that. A couple other categories are things for -- like hormones and fertility drugs. So, again, somebody who is trying to -- a couple who's trying to conceive, or a person who's trying to conceive, or you could also imagine someone who's --
Maria Varmazis: Trying not to conceive.
Dave Bittner: Right, right. Exactly.
Maria Varmazis: Yeah.
Dave Bittner: Trying not to conceive. Or perhaps someone who's trying to transition, you know, and is trying to get hormones or something like that. And then antibiotics, general meds, things like that. But then, also, category is misinformation, things like remember ivermectin for COVID?
Maria Varmazis: Oh, yeah. That's making the rounds for a new thing now.
Dave Bittner: Oh. Is it?
Maria Varmazis: Yeah. I've been seeing ivermectin being hawked for another thing that it won't help with.
Dave Bittner: Yeah.
Maria Varmazis: Oh, dang it. I can't remember off top my head. But it's, like, amazing, again. It's --
Dave Bittner: Right.
Maria Varmazis: It's not for that, but okay.
Dave Bittner: Yeah. So they look at the playbook here. You know, there's spam emails with all kinds of fake credentials, lots of ads on adult websites or fringe websites, what I label the usual suspects, blogs that pose as health advice but are really just there to funnel traffic to these fake pharmacies. So, again, that's taking advantage of search engine optimization. So if you search for, you know, Ozempic weight loss drug, you might land on one of these blogs that has information that I'm going to guess is generated by ChatGPT, right?
Joe Carrigan: Right.
Dave Bittner: But, in the end, it probably says, you know, and for my readers, my trusted readers, you get 10% off at, you know, pharmacy bros.com.
Joe Carrigan: Pharmacy bros.
Dave Bittner: If you click through right now.
Maria Varmazis: If that's not real, I'd say it probably is real. Yeah.
Dave Bittner: Yeah. Fake review sites with glowing testimonials. And then also they use things like domain hijacking. They say the sites all look real. But, when it comes time to pay, sometimes you'll see some red flags like crypto payments, dodgy payment processors. Here's one we haven't talked about in a while, Joe, the try a different card prompt, right?
Joe Carrigan: Ah. Right. So they steal multiple credit card numbers.
Dave Bittner: Right, right. So you give them a legit card, and they -- so they get that information. And they come back to you and they say, Oh, I'm so sorry. For some reason, that card didn't work. Let's try a different one. So now they have two of your credit cards. And then, of course, they'll ask for sensitive information, your birthday, prescriptions, Social Security number, medical records, all that kind of stuff.
Joe Carrigan: All ways to steal your identity.
Dave Bittner: Yeah, yeah. But, beyond that, I mean, some of these sites will send you stuff, but that's not always the stuff that you thought you were going to get. So, beyond the ones that are just purely a money scam where they're just stealing your money, stealing your credit card, some of them will send you something. But it doesn't mean it's the drug that you think you're buying because there's counterfeit drugs easily available.
Joe Carrigan: Right. It's just placebos.
Maria Varmazis: They're not just sugar pills, either. They'll actually send you something that will do something to your body.
Joe Carrigan: Yeah.
Dave Bittner: Right, right. Exactly. This article says some of them could have heavy metals in them. Or they've even seen tranquilizers.
Joe Carrigan: Heavy metals.
Maria Varmazis: Holy cow.
Dave Bittner: So that you feel like something's happening. So it's a real mess. They said, just some of the red flags here, if you see these things on a medical website, things like no prescription required or prices that are too good to be true, not having a listed pharmacist, of course grammar errors, suspicious logos. If you can pay with crypto or gift cards, that's a red flag. And then time pressures. If they say, limited time only, you know we're -- or we're almost out of that drug that you're looking for, that's a red flag as well. So they say, you know, to stay safe, stick to verified pharmacies. Require a valid prescription. Ask to speak with a licensed pharmacist. And, of course, avoid crypto or sketchy payment methods. The FDA also has a tool on their website that can point you to safe pharmacies. They have -- it's called the BeSafeRX tool.
Joe Carrigan: Oh, cool.
Dave Bittner: Yeah. So, if you're --
Maria Varmazis: That's interesting.
Dave Bittner: Yeah. If you have any questions, you can look it up on the FDA site to see if it's legit or not. So that's nice. Yeah.
Maria Varmazis: Interesting.
Dave Bittner: Yeah.
Maria Varmazis: I'm sure there are other equivalents in other countries, as well.
Dave Bittner: Right, right.
Maria Varmazis: Yeah.
Dave Bittner: There's another website called Safe.Pharmacy, which evidently tries to help sort this sort of thing out either. But it seems like the odds are against you, you know, if -- because, according to Avast, again, over 90% of the online pharmacies out there are not legit.
Joe Carrigan: Right.
Dave Bittner: Those are -- those are not good at -- good odds, rather.
Maria Varmazis: No.
Joe Carrigan: I would say start with the FDA site.
Dave Bittner: Yeah.
Joe Carrigan: That would be my advice.
Dave Bittner: Yeah. Some reason my pharmacy really, really wants to ship me my medicines. They don't want me coming to the store anymore.
Joe Carrigan: I don't want to go there either.
Maria Varmazis: Yeah. Feeling I'd rather them ship to me. Yeah. I don't want to go in.
Joe Carrigan: Yeah. I don't want to stand in line and have -- have -- having -- only to get to the front, only to have somebody else go, Are you sure you dropped it off? Gave it to you.
Maria Varmazis: Come back in 20 minutes, even though you called it in already. Yeah. No. Yeah. It's frustrating all around. I'm just -- I was just thinking this. We are in, yet again, another perfect storm for scams on this one because --
Joe Carrigan: Right.
Maria Varmazis: -- in many countries, we've got a doctor shortage post-COVID. So just getting to see a doctor, if you have one, it takes a lot longer. And they're overworked and just crazy busy. And then we -- in the US, especially right now, politically, contraception, hormones for transitioning is very fraught for many people in many states. And there's a lot of pressure on people to get those things.
Dave Bittner: Right.
Maria Varmazis: I mean, so you got those two items alone. And then, of course, you have, as you mentioned, Dave, like the shame of some of these conditions that people feel.
Dave Bittner: Right.
Maria Varmazis: And that is just -- just all of that is just ripe for a scammer to just -- especially with millions of them. Oh, my gosh.
Dave Bittner: Yeah, yeah.
Maria Varmazis: So, yeah. And not only -- people can't always, you know, slow down and go, Oh, I'll see if this takes a month. That's okay if I've got to take a month or two through my GP because some people don't have that much so.
Dave Bittner: All right. We'll have a link to that story from the folks that have asked. We'll have that in the show notes, of course. I tell you what. Let's take a quick break here to hear from our sponsor. We will be right back after this message. And we are back. Maria, what do you have for us this week?
Maria Varmazis: An old chestnut that kind of made me chuckle. We were talking about the OG pill scams.
Dave Bittner: Yeah.
Maria Varmazis: And I was -- I saw an alert come up from the FTC today that I was, like, reading it. And I'm going, this looks really familiar. And it is because they posted a blog post recently that was almost a carbon copy of what they posted this time last year because the scam has just come right on back, and it's jury duty scams, of all the stupid things. They're back.
Joe Carrigan: Well, we'll have to put that on the liturgical calendar.
Maria Varmazis: We do. I don't know what it is about this time of year. But the FTC, I double checked the post they put up this year and last. And they're like, here it is again. We're just basically going to give you the exact same information. Don't do these things. And then I found a recent news story about, thankfully, somebody who didn't fall victim to a jury duty scam but almost did. And I just wanted to -- for folks who don't know what this is or not totally familiar, I figured let's just go through it.
Dave Bittner: Sure.
Maria Varmazis: So the gentleman in this example, his name is Kirkland Collier -- thank you, sir -- from Baton Rouge. And he got a voicemail. So it started with a phone call. He got a voicemail claiming to be from a sheriff's deputy. And they were calling him to say that, Hey, dude. You missed jury duty. You know, we sent you the little postcard in the mail, and I guess he threw it out. And Mr. Collier, being an upstanding American citizen, said, Oh, I don't want to miss jury duty. I'm going to do the right thing and call the police back on the phone number that they told me to call. And he was informed by the supposed police officer that he needed to pay a fee for missing jury duty or he was going to face criminal charges. And I'm sure in some part of his mind he was going, that sounds right because you can be fined if you don't show up for jury duty. They do kind of put that on the card saying you have to do this. You can't skip out.
Joe Carrigan: Right.
Maria Varmazis: So he listens to the person who told him, Hey. You owe us money for missing your jury duty. So you need to withdraw $3,500 in cash and deliver --
Joe Carrigan: Which seems a little bit excessive for missing jury duty.
Maria Varmazis: A little excessive for jury duty for, like, somebody's parking ticket violation. But whatever. And he was instructed to deliver it to a location. And, when he showed up to that location, he said, Wait a second. This is a gas station. What would a police officer be doing telling me to hand them cash at a gas station. So thankfully, Mr. Collier, in the nick of time, realized. And he said -- this is the quote from the story. I said, Man, I don't believe a single thing you're saying. I'm going to the police right now. So, yes. He realized in the nick of time that this was a scam. And he went to the actual police and not the people that had called him to report what was going on. So he did not lose that money. Well done, sir. He went to the -- he went to the news in Baton Rouge, Louisiana to tell people, like, Hey. This scam is going around. And the FTC on their blog post that also went up recently we're saying that there are -- this -- again, this whole chestnut has come back. And, in some cases, the scammers will say, yeah. Please meet us at this location, or send us cash. Other times they ask for payment in bitcoin. There's that old tell. Or they'll tell victims need to -- tell victims that they need to go to this thing called a government kiosk, which I don't even know what that would be.
Joe Carrigan: It's a cardboard box with government kiosk paint on the side of it and a hole cut in the side. Government is in or something like that. I don't know. I don't know what that would be. So, yeah. That's not a thing in America. Maybe in other countries it might be, but it's not a thing in America anyway. And there's -- there are some -- well, not yet. Who knows. There's -- there are other versions of this jury duty scam where sometimes they direct the person to go to a website after receiving this fake call. And, of course, the website looks legit with all the scary looking judicial seals and legalese on it. And the URL may even seem legit-ish, and all you've got to do to figure out how much money you owe is put in your birthday and Social Security number to look for your info. I was thinking about something very similar when Dave was talking about the try another credit card thing. I was thinking about somebody I read somewhere said, I'm going to put up a credit card checking site where you enter your name, your credit card number, and the CV code on the back. And I tell you --
Maria Varmazis: Check it for you.
Joe Carrigan: I tell you that it's fine. You go about your day.
Maria Varmazis: What a handy service, Joe. We should all just rush over right now and avail ourselves of that. It's great. I'm sure nothing can go wrong. Yeah.
Joe Carrigan: Right.
Maria Varmazis: So -- and, yeah. Enter your birthday and Social Security number on this website. And then they'll say, Oh, yeah. You owe us thousands of dollars. And now here's how you can pay us those thousands of dollars. So, yeah. Please don't do any of these things. This is very much a scam. And the part that, as I mentioned earlier, it is in the United States legitimate that one can, in theory, be fined for missing jury duty. But the fine is like at most $100, and I think almost never does anyone ever get fined.
Dave Bittner: Yeah.
Maria Varmazis: And if a fine is actually coming your way, it's going to come through the good old-fashioned US Postal Service, never by phone or by website. So, yes. The courts are not advanced enough yet in our country to ask for crypto, so they're not going to ask for it that way.
Joe Carrigan: Yeah.
Maria Varmazis: And you will not get arrested. No cop's going to arrest you. So, yes. It's funny because Mr. Collier, at the beginning of this story, like, he called the guy back, which is, like, an interesting thing. Like, he's like, you know, don't call me. I'll call you.
Dave Bittner: Right.
Maria Varmazis: But, you know, the number he called was the scammer.
Dave Bittner: Right.
Maria Varmazis: But, thankfully, all is well in his case, that, you know, he figured it out before it was too late. And good for him. So, if you do get a call, the FTC -- specifically, if you get a jury duty scam call, to be clear, the FTC wants you to report it to them. So ReportFraud.ftc.gov. So they are tracking this. So, yeah. Just thought that was interesting and just really funny also that it was almost the same exact blog post from last year because there it is.
Dave Bittner: I have a couple -- couple questions here. I wonder, if he had gone through with the meeting at the gas station, would the person that he handed the money over to, would that person had been in any way, shape, or form dressed like a police officer or like a law officer?
Maria Varmazis: Can you imagine.
Dave Bittner: Right.
Joe Carrigan: Because that carries serious penalties.
Maria Varmazis: Police officer uniform from Amazon, like a Halloween costume.
Dave Bittner: Yeah, yeah.
Maria Varmazis: Maybe. That would be funny. I'm off duty right now, but I'll get it to the station.
Dave Bittner: Right? Like a -- like a Toy Story Lone Ranger badge clipped to their shirt pocket, you know.
Maria Varmazis: Like the orange-tipped pistol.
Joe Carrigan: Right. Would have been a good thing to do here is to say, Hey. I'm at the gas -- called 911. Go, I'm at the gas station right now. I'm about to give somebody who told me that they're a cop $3,500 for missing jury duty.
Maria Varmazis: Just say that out loud.
Joe Carrigan: I just realized -- I just realized this is a scam.
Dave Bittner: Yeah.
Joe Carrigan: But I'm going to go in there, and that guy's going to be there. It'd be an opportunity to catch somebody.
Dave Bittner: Right?
Joe Carrigan: Do you want to do that? See what they say.
Dave Bittner: Yeah.
Joe Carrigan: Probably say no.
Maria Varmazis: I imagine they've got better things to do.
Joe Carrigan: Yeah.
Maria Varmazis: But just interesting. I'm at a -- I'm at a gas station right now, and I'm about to hand some person $3,500.
Dave Bittner: Right.
Maria Varmazis: Do you want to do something about that? I'm just imagining that phone call.
Dave Bittner: Stop me before I'm scammed again.
Joe Carrigan: Right.
Maria Varmazis: That's an interesting idea.
Dave Bittner: Oh, my. Yeah. I -- yeah. I don't know. The whole thing with jury duty, like, I -- my sense is that they jur -- they bring in so many people that, if one or two don't show up, they're just -- they just, that's cool, you know. Not a big deal. They have plenty of people.
Maria Varmazis: Yeah. And you can often -- I know it does -- it varies from state to state, I think, right? But usually you can defer quite a bit. But, yeah. I've never heard of someone being fined, even though they do threaten it.
Dave Bittner: Right.
Maria Varmazis: It's just not worth their time.
Joe Carrigan: I'm going to talk about something. Around me, in my -- in my personal sphere, like, four or five people have been called for jury duty in the past two months, two or three months. And I don't understand what's going on because I almost never hear about anybody getting called for jury duty. But, like, my son-in-law got called and got seated on a trial. It was a civil case. But it was over in a day, which was nice. But one of the guys -- one of the guys I was -- I do some work with, he was out for like two weeks.
Maria Varmazis: Yeah. Grand jury, if you're called for grand jury, you're out for months. It happened to someone I worked with in the middle of getting ready for a product GA. It was the worst timing.
Dave Bittner: Oh, man. Yeah. I've never sat on one. Usually, you know, when I tell them I work in the media, they're like, thank you, you know. Or -- I've only gone in -- I've only -- I've been summoned several times, or I've received the jury summons. But, where we live, you could -- can call in and see if they're going to need you to actually come into the courthouse.
Joe Carrigan: Right?
Dave Bittner: Only one time have I actually had to go in. And that was just for one day and didn't -- you know, didn't end up getting seated on a jury. And that was that. I've been lucky so far so, yeah.
Maria Varmazis: Yeah. When I was a -- I was a stay-at-home mom with my daughter so years ago, and I got summoned after deferring for years and years. And they were like, can you serve on the -- on the jury? I'm going, Well, I'm just a stay-at-home mom with nothing else to do. That's the worst thing I could have possibly said because they instantly sat me. It was really stupid. I should not have said that. They're like, Well, here you are.
Dave Bittner: Right, right. No. If you --
Maria Varmazis: And, frankly, I was really glad for the break, so --
Dave Bittner: Yeah. That's right. Yeah. What you do is you say, I am really excited to be seated on this jury because of my amazing ability to instantly tell whether someone is guilty or not. All right. That as -- again, we'll have a link to that story in our show notes. And, of course, we would love to hear from you. If there's something you'd like us to consider for the show, you can email us. It's HackingHumans@n2k.com. Joe and Maria, it's time to move on to our Catch of the Day. [ SOUNDBITE OF REELING IN FISHING LINE ]
Joe Carrigan: Dave, our Catch of the Day comes from Adam, who I hope was smarter than I was last week with -- with this service turn-off notice. You want to go ahead and read this. This is from --
Dave Bittner: Sure. It's from Payment Declined. And it says, Payment attempt failure while renewing your subscription for Sirius XM. Your SXM subscription has expired today. Dear customer, we failed to renew your SXM membership. We tried to renew your subscription at the end of each billing cycle, but your monthly payment has failed. We therefore had to cancel your subscription. Obviously, we would love to see you again. If you wish to renew your subscription, click on the link below. In case of ignorance, your services will be completely suspended within 24 hours according to the terms defined in our contracts.
Joe Carrigan: In case of ignorance.
Dave Bittner: In case of ignorance.
Maria Varmazis: Ignorance.
Dave Bittner: In case of ignorance, I feel like -- like I'd love to have a sign somewhere that says, in case of ignorance, break glass.
Joe Carrigan: Right.
Dave Bittner: And actually have the glass shattered in just little shards of the sign left, you know.
Maria Varmazis: In case of ignorance.
Dave Bittner: In case of ignorance.
Maria Varmazis: It's kind of beautiful. Yeah.
Dave Bittner: I wonder what -- I wonder what they meant for that to say.
Joe Carrigan: If you ignore the -- I think it's, if you ignore this message.
Dave Bittner: If you ignore this message. Yes. That's what it is.
Joe Carrigan: Yep.
Maria Varmazis: In case of your ignorance.
Joe Carrigan: Right. Ignorance.
Dave Bittner: Right, right. Okay.
Maria Varmazis: An interesting way of putting that. Interesting.
Dave Bittner: Yeah.
Joe Carrigan: It is.
Dave Bittner: Yeah.
Joe Carrigan: Hopefully Adam didn't -- didn't go, I better update my payment information.
Maria Varmazis: Oh, I'll give them my social while I'm at it, just so they can check.
Joe Carrigan: Yeah.
Dave Bittner: Either you guys ever use one of these satellite radio services?
Joe Carrigan: I did. I did a long time ago when it first came out. I was one of the early adopters of it. I use Sirius.
Dave Bittner: Yeah.
Joe Carrigan: And it was good. It was pretty good. But the -- I think the premium music services are better.
Dave Bittner: Yeah. I had the free demo on my car. You know, they give you a couple months to try to get you hooked on it.
Maria Varmazis: Me too.
Dave Bittner: But -- which was great. Again, it's fun. It's nice. I enjoyed it, but there really was no benefit over what I have on my phone.
Joe Carrigan: Right.
Dave Bittner: And my car -- my car has -- what is it? CarPlay, so I just use that.
Maria Varmazis: Yeah. My music tastes are too weird and niche. There's no way satellite radio is going to have what I want. So it's like, yeah. I'm good. Thank you.
Dave Bittner: See, for me, I just put on yacht rock, and I just --
Joe Carrigan: Are you serious?
Dave Bittner: I said that for Joe's sake. I just cruise around, listening to Christopher Cross and Steely Dan and just, Sailing takes me away.
Maria Varmazis: It's five o'clock somewhere.
Joe Carrigan: Steely Dan, I can actually listen to but.
Maria Varmazis: Yacht rock.
Joe Carrigan: The thing about yacht rock that I -- that I -- it's all the music you know by people you can't -- you have no idea who wrote the song or who performs the song.
Dave Bittner: That's fair. That's fair. Yeah.
Joe Carrigan: Like, who is this? I don't know.
Dave Bittner: All right. Well, that is our Catch of the Day. And, again, we would love to hear from you. If there's something you'd like us to consider, please email us. It's HackingHumans@n2k.com. And that is Hacking Humans brought to you by N2K CyberWire. We'd love to hear from you. We're conducting our annual audience survey to learn more about our listeners. We're collecting your insights through the end of August. There's a link in the show notes. Please do check it out. This episode is produced by Liz Stokes. Our executive producer is Jennifer Eiben. We're mixed by Elliott Peltzman and Tré Hester. Peter Kilpe is our publisher. I'm Dave Bittner.
Joe Carrigan: I'm Joe Carrigan.
Maria Varmazis: And I'm Maria Varmazis.
Dave Bittner: Thanks for listening.
