Adam Levin:
Beau.
Beau Friedlander:
Yeah.
Adam Levin:
Travis.
Travis Taylor:
Yes.
Adam Levin:
Ransomware, fact of life. True. Not true.
Beau Friedlander:
I don’t know. I just hate it. I don’t really care if it’s a fact of life, it really pisses me off.
Travis Taylor:
I’d say true. It’s so effective at this point. It generates so much money for cyber criminals that I don’t see it going anywhere anytime soon.
Adam Levin:
So do you think ransomware is more a state sponsored deal or a for-profit deal?
Travis Taylor:
It’s a little column. A little column B.
Beau Friedlander:
It kind of depends on how you define it because in the sense that Putin knows who’s doing this, at least on the Russian side of things and he’s not doing anything to stop it, that’s a kind of state sponsorship
Travis Taylor:
State allowed at least.
Beau Friedlander:
Yeah. State condoned,
Adam Levin:
Condoned, state condoned. That’s a good one. Of course, in North Korea it’s a profit center for the government. I think
Beau Friedlander:
Putin probably has his fingers in their pot there. I mean, his buckets of money seem to grow every day, and maybe that’s where he’s getting it from. Maybe he’s just siphoning it out of all of our collective fear of losing our data,
Speaker 4:
Attacking critical infrastructure like fuel pipelines and water supplies and hospitals, things we really can’t live without. That’s supposed to be America’s bright line when it comes to cyber attacks. That’s what President Biden meant when he said, we reserve the right to respond decisively when that line is crossed. Well, now we have just learned about a new ransomware attack by apparently a Russia based criminal group on the very critical infrastructure that is our food supply.
Beau Friedlander:
Okay. So the thing that’s getting me is that there’s now arguments because people like Putin aren’t stepping in. There’s arguments between the hackers and people being targeted that go along the lines of this like, well, you can’t hack us because we are crucial supply chain. And the hackers saying, well, we don’t really see it that way. And they’re saying, litigating their case with these hackers by saying like, well, we are because we supply feed to chicken production and beef production and pork production, and this is going to be worse than the colonial pipeline attack because people we’re not going to be able to feed chickens and they’re all going to go hungry. And so you,
Travis Taylor:
It’s also going to be something too where I can see just about any victim or target of a ransomware attack suddenly just yelling. No, we think we’re pretty critical here, guys. Yes.
Beau Friedlander:
I mean, it’s getting real. I mean, not that it wasn’t already real, but at some point there has to be some kind of governmental intervention, whether it is on our part with the Russians or on Russia finally playing ball and stopping it. But
Adam Levin:
I don’t think the Russians or I don’t think Putin believes that it is in his best interest to do anything that would not sow chaos.
Beau Friedlander:
That is he is an agent of chaos. But it gets to the point where, where’s the line? There isn’t one. I guess that’s the point.
Adam Levin:
Welcome to what the hack a show about hacker scammers and the people they go after. I’m Adam Levin ringmaster of this wonderful three ring cyber circus.
Beau Friedlander:
I’m Beau Friedlander, cyber mensch, cyber interested, and a person who always replies when a hacker reaches out to me.
Travis Taylor:
And I’m Travis Taylor, resident tech guy, and I sleep a lot better at night not having an Instagram account.
Adam Levin:
And today, as a matter of fact, we’re talking with John Juniper, a photographer and I were designer from California and he’s recently been the victim of some ransom attacks on his social media.
John Juniper:
Hold on, lemme just take the video off. There you go.
Beau Friedlander:
Hey John.
Adam Levin:
So John, I guess the best way to really start this,
Beau Friedlander:
But Adam, Adam, before you do that. Yeah. Is there any way I could get you to sing the John Juniper song?
Adam Levin:
It’s not John, it’s Jennifer.
Beau Friedlander:
Come on, do it.
Adam Levin:
Jennifer. That’s all I know. I was playing Donovan in the background, but
Beau Friedlander:
I want to bet. I want to bet. I bet that I could get you to do it. You did it. Thank you so much. You
Adam Levin:
Did. Okay,
Speaker 6:
Jennifer.
Adam Levin:
Anyway, so we’re pleased to welcome today John Juniper to the show. And as we’d like to do with all of our guests, we’d like to learn a little bit more about who you are. So John, who are you? What do you do? Where do you live?
John Juniper:
Well, my name is John Juniper. I’m living right now currently in West Hollywood, California. What I do, I’m an eyewear designer, so I design eyewear, high-end eyewear. I had a company for 25 years called Dita. Recently, about a year ago. I also did Tom Brown for almost 10 years, and now I’m currently working with Balman, relaunching their whole eyewear program, a new brand called aco, which is a Highend new brand and another really nice brand like Rodeo Drive brand, but I can’t announce it just yet. But yeah, that’s who I am. I’m also a photographer. I snowboard, I surf.
Beau Friedlander:
So you take photographs. I know I was asking Guinevere my girlfriend about you and she remembered doing some makeup for you once upon a time. What was that all about?
John Juniper:
Yeah, that’s exactly, I met her through, she’s good friends with a friend of mine and they owned a bikini company and we did a photo shoot and we were kind of blessed with your girlfriend. She showed up and did the makeup for us and that’s when the first time I met her and she was awesome. That was fun.
Beau Friedlander:
So you’re an all around kind of creative and you actually design glasses or sunglasses or
John Juniper:
Yeah, I designed sunglasses, optical fringe. Yes.
Beau Friedlander:
I understand that you actually experienced an online situation lately. What happened?
John Juniper:
My situation seems a little different than some of the other people’s situation. If I was going to details, my phone kept, I was going on Instagram and it was giving me these warnings that I was doing something Instagram wasn’t fond of.
Beau Friedlander:
Okay. So now are you on Instagram for fun or are you on there for work or both?
John Juniper:
I would say definitely. It’s probably work related for me, A lot of work relation, but I also enjoy Instagram just like anybody else. And I also, weirdly enough it’s become more of a platform for me to communicate with people than even texting has been. I have a lot of accounts I work with all over the country. Well, I’ll take that back all over the world and because of the time differences and things like that, a lot of the accounts I work with, Instagram has become a great platform because I can say, oh, a beautiful new store image or this is great or that’s great. They can respond. I can direct message and it’s actually become a great tool for me. And then as a photographer it’s a portfolio, but yeah.
Beau Friedlander:
So it’s very much work related for you.
John Juniper:
Absolutely. Yeah. I’m not going to lie, I live all the funny videos, but I would say 80% of it’s work for me.
Adam Levin:
Well, it’s really a chronicle. That’s what it is. I was kidding my wife the other day, I said in the old days someone would keep a journal, they would lock it, hide it, and die if they thought someone saw it. And today, Instagram is that journal for everyone.
Beau Friedlander:
But the weird thing about it, Adam, is also people like John and Guinevere. Just to mention too, I mean Guinevere gets tons of leads for work. I mean they are sent to other people when they come to her, but there is a lot of communication about work happening on Instagram a lot, especially among creatives. So I was curious when you said accounts around the world, is that just people buying stuff or clients for design or photography?
John Juniper:
Well actually for me, what I’m talking about is I have a lot of high-end stores that I’ve been in the business for so many years that I have relationships with stores from India, Africa, to Brazil to Mexico to Turkey, to, I mean literally like 60, 70 countries I’ve had relationships with over the last 25 years. And the way I communicate with these people is follow ’em on Instagram and a lot of ’em have their stores on Instagram. So the way I keep my relationships up with these people is you comment on their, because a lot of times the high-end retailers are not big stores. They’re really intimate stores and the owner’s doing the Instagram, so it’s a direct connection to ’em. And by you commenting on what they’re doing, they like to seek you be the one to comment on what they’re doing. So that’s what I mean by with accounts. I mean yes, of course on photography you get stuff from someone goes to your webpage or not your webpage, but they go to your Instagram, they see your work and they like it. They could just direct message you, which happens all the time as well.
Beau Friedlander:
So you were using it as a communication with clients and other people that you work with and you went on there and what was the problem you started to experience? They were telling you were doing it wrong?
John Juniper:
Yeah, well Instagram, well I was saying it was Instagram. It was warning me that what I was doing, it was frowned upon by Instagram. Whatever I was doing, I wasn’t doing anything except reading a message, but it just kept popping up. So finally after the second time, I actually shut my phone completely off and thought maybe something weird was glitching, turned my phone back on, went to Instagram and asked me to log in. So when I went to log in, that’s when it was gone in that second, I think within a few seconds my Instagram was gone and then within about three minutes I had a WhatsApp text saying, I’ve stolen your Instagram and if you want it back it’s going to cost you $200 and Bitcoin.
Adam Levin:
That’s kind of chilling.
John Juniper:
It was the weirdest thing ever. I was almost laughing going, what the hell just happened? Then I actually started a dialogue with the guy and was like even joking with him going, maybe this is good business to get into. He teach me. And he was like, pay me and I’ll teach you. I mean the guy was, I wasn’t talking to a computer, I was talking to somebody. The part that was the hardest for me was there was no way to salvage it for me. I was going online and trying to figure out how to get my site back. I couldn’t figure out anyone to call on Instagram. I did filled out all the paperwork, no response, and I just thought, it’s amazing. Someone can come in and steal something like that and you have 10 years of communication. And to be honest, I had friendships and relationships on there. I don’t have their numbers and I probably don’t remember what Instagram, their Instagram was to start with. To say the least, it sucked and I was really bummed out
Beau Friedlander:
Is like a punch in the gut. It’s not.
Adam Levin:
No, I could totally understand that. And the one thing about dealing, unfortunately with Instagram in many of their very big tech platforms, and Travis can even give us more color on this, but Instagram does not mean Insta service.
John Juniper:
No,
Beau Friedlander:
That’s for sure. But before we get into, I do think Travis is going to be able to walk us through this a lot and he’s going to have a ton of questions for you, John. I have a simple one, which is, so you got these warning things saying you were doing it wrong or they weren’t happy with you. Did they get those via the app in the DM or did you get it via email or did you get it from both?
John Juniper:
Do you remember? Yes. It was weird. It was just appearing. It was just appearing on top of my Instagram.
Beau Friedlander:
Now Apple or Android phone,
John Juniper:
Apple.
Beau Friedlander:
And so you were getting an actual warning on top of the screen, so not integrated in the app. It was sort of like coming from your phone almost
John Juniper:
Like my phone, which I’ll even get even further, is I tried to open up a new Instagram and so I opened a new Instagram under Johnny Juniper and I can’t even get on that now because when I push the icon to go to Instagram, thing pops up again and says, Instagram sees that you’ve been buying followers. And I think I haven’t even posted one picture or followed one person yet. It says buying followers and your Instagram has been compromised and you got to log in again or you need to change your password. And I’m sitting there going, I’m not going to do anything because my biggest fear is what happened once they took over my Instagram, they started attacking all the people that were following me and I had a lot of friends get hurt by that. And so I’ve literally not been on Instagram now probably for close to a month, which I know this is going to sound really funny, but it took a minute to get, because we’re addicted to Instagram, believe it or not. It’s like you actually, when you’re on it every day you go to it. And now I haven’t had it for a month. I had to go through withdrawal, I’d say.
Adam Levin:
Yeah, no, absolutely. You without question withdrawal symptoms on that. Yeah.
Beau Friedlander:
Lemme ask you this. Now. You’re designing eyewear for some of the biggest brands out there. I imagine if Guinevere is doing your makeup, you have some fairly high profile contacts in the world. So what kind of people were following you who this hacker had access to because they got into your stuff?
John Juniper:
Well, I mean I know they got into Ivana. She’s an actress I
Beau Friedlander:
Had That’s Ivana. Yeah.
John Juniper:
Yeah. My buddy Daniel Ricardo, which is one of the biggest Formula one racers I had. I had a lot. So
Beau Friedlander:
They were going after blue Checks?
John Juniper:
Yeah, they were going after anyone. I actually feel like there’s software that goes after everybody. I was hearing that they attacked everyone. I had friends that had 150 followers that had got that same email saying that it basically was an email saying that you’ve done something to copyright, you have 24 hours to appeal this and you got to press something. And when you press that and you log in, that’s when they steal it.
Beau Friedlander:
Okay. It’s time for Travis. Travis, you have some questions for John?
Travis Taylor:
Yeah, I have some questions and some of the advice I can give is unfortunately going to be retroactive. So first and foremost, when you were getting the message about buying followers, can you tell me a little bit more detail about that?
John Juniper:
Yeah, this is the weird thing. Someone said, try to log in on your computer and I did it on my computer and the same message came up when you log in. When I log, I changed my email. I tried to start a new Instagram and right when I did that, everything seemed to be working fine. And then the first day I went to push it the icon on my phone to go to Instagram. A thing would pop up and it says Instagram, it says, your account’s been compromised, something about you could see that you’ve been purchasing followers or something like that. And basically that it’s frowned upon or whatever by Instagram and that I needed to change my password, I have to change my password, but
Beau Friedlander:
That just sounds like such bullshit to me. Excuse me. But
Travis Taylor:
One tricky thing again that really only, it’s not of much help now I’m sure, but if you go to Instagram for both the desktop and the mobile app, if you go to your settings and then security, it will tell you messages that were sent specifically from Instagram. So that is right there, a very good way to be able to tell whether or not something’s on the level or not.
Beau Friedlander:
So what is that again? How do you do it just for all of us who didn’t hear it the first time?
Travis Taylor:
Sure. When you go to Instagram, you click on your profile and then go to your settings. And then under settings there’s another little menu item there called security. And in there there’s something that will say something to the effect of messages from Instagram and there’ll be two types of categories. One will be security messages from Instagram and others. The other is other messages from Instagram. So if you happen to be getting any kind of notification there saying we think you were trying to buy stuff, if it was actually from Instagram, which sounds unlikely, that would pop up under that.
Beau Friedlander:
Yeah, I’m looking at it now. It’s actually emails from Instagram is what? Emails from
Travis Taylor:
Instagram?
Beau Friedlander:
Yeah. Interesting. I don’t have any.
Travis Taylor:
The other thing is if Instagram actually catches wind of what they think might be an account hack, they’ll send an email from one specific email address and that is security@mail.instagram.com.
Beau Friedlander:
Google does say that in a quick Google search reveals that there is an Instagram official message real deal that says, tell me if this sounds familiar, John, and this is a quote, it
Speaker 7:
Looks like you shared your password with the service to help you get more likes or followers.
John Juniper:
Okay. So I think that’s what it says.
Beau Friedlander:
Now, did you ever buy likes or followers?
John Juniper:
No brand new. I just started the Instagram. I wouldn’t even know how to buy followers and I haven’t even put on one post. I don’t even think I followed anybody yet. I might’ve followed five people, something like that. It was like the same day. But I did get that. That’s what it sounded like. The warning I got sounded something like that. Yes.
Adam Levin:
The plot gets thicker,
Beau Friedlander:
So I know I just keep bringing her up. But Guinevere had a situation not that long ago where somebody must have bought followers for her. Something happened and a lot of followers came piling in and they all came piling out because she reported it and said, this isn’t right. So I’m wondering if there are these API hacks that are happening where people are grabbing accounts and fussing around with them,
Travis Taylor:
It would make a certain amount of sense because if you wanted to either sort of pad your profile to make a say, take an over account look more legitimate or to immediately try to get Instagram to block or ban that account or
Beau Friedlander:
Freeze it. Wait, you’re talking about Adam’s profile padding thing. So if I hacker, hacker Bo want to look more like a regular dude, I will make John Juniper and all of his friends follow me.
Travis Taylor:
So if you happen to get, say a DM from someone who has a new accountant, one to two followers, you’re going to say, that looks suspicious. If you see something from say, and they have three, five, 6,000 followers, then you’re going to say, okay, and
Beau Friedlander:
Some of them, and you know that they follow people. Yeah, that’s it. That is the padding thing.
Adam Levin:
And in the world of Instagram, the more followers you have, the more real you are, even to your own followers going, oh,
Beau Friedlander:
And if there’s connections between those followers and people, that really does add a layer of legitimacy that you can’t buy, but you can hack. Apparently I have a super hard time believing John can’t set up any Instagram account with a new email address. Talk to us.
Travis Taylor:
I think the question is, if you were trying to set it up with the new email address, but old phone number for instance, was that the case or was it just a completely clean email with no connection?
John Juniper:
No, I probably used the same phone number saying you got to change everything, but what do you do with if you need a number?
Travis Taylor:
I think that’s the thing there that if you had the same phone number on there as far as Instagram’s concerned, they would just say, you’re being suspicious on this phone number at that email address. Now you’re being suspicious on the same number with a new email address.
Adam Levin:
But Travis, you can get a new phone number. You can even have a new phone number added to your existing device. Right?
Travis Taylor:
Right. Yeah, that’s easy enough to set up. What might be helpful there is just through Google Voice, you can do that for free where if you have a Google account, you can set up a new Google Voice account and then set up a new phone number through that.
Speaker 8:
Moving on, then time is of the essence. So I need your acquiescence if we’re going to save this fellow.
Adam Levin:
So Travis time is of the essence. What does that mean?
Travis Taylor:
Well, what happens in a lot of cases is if someone takes over your Instagram account, you have two primary means of authentication, your email address and your phone number. So if a hacker compromises your account and changes your email address but hasn’t changed your phone number, if you go right away and say, please text me to a code to log in, then you can jump on that and then just switch out the email address. If you don’t move quickly enough with time, a hacker would most likely change both. That’s something that Andre Krall was also saying that they will, through this API connection will update your phone number and email address to something more benefiting them.
Adam Levin:
I mean, what do you think the life expectancy is on that? How fast do you have to move?
Travis Taylor:
I would say as fast as you can without also bothering to stop to check that the message that you’re getting is legitimate. One of the primary tools in a threat actors toolkit is getting you to panic and act quickly. So if they send you a link saying like, Hey, your password’s compromised, please update it here. And then you say, oh no, I really depend on Instagram for a lot. You go to a say spoofed page or something like that, or you respond to a DM that you’re getting from someone claiming to be operating on behalf of tech support and you provide your credentials and then they’re off to the races.
John Juniper:
I noticed mine was changed all within one minute. Everything, the phone number, the email address, that’s where I thought it was some sort of software. I saw that it was all within the same minute. I got all the emails back to back to back and it was all within one
Beau Friedlander:
Minute. And when did you start hearing from your friends that they were getting contacted?
John Juniper:
I would say within the hour I started getting like, you got hacked, you got hacked. And then I quickly started texting people as fast as I could that I knew had a lot of followers just saying, Hey, I got hacked. Hey, I got hacked. Don’t do anything. It took me a minute to figure out what was happening because something like this never happened to me before. And then people started sending me emails, sending me pictures of what they were getting. And then I quickly, as best as I could, started emailing as many people as I could or texting as many people as
Adam Levin:
I could. So what were they receiving?
John Juniper:
They were receiving something from Instagram saying that they have broken a copyright infringement and that they had 24 hours, their Instagram was going to be shut down unless they hit a link. And the link was called, what was it called? It was, what was it called? When you debate something? What’s the word? Just
Adam Levin:
Dispute.
John Juniper:
And they had to click something to it, said basically you got to dispute this within 24 hours and it looked legit. I’ll be honest, when I saw my friends, I’m like, oh man, some of my friends are going to get screwed. Not,
Adam Levin:
And there’s no question what these folks do is they really, really try hard to catch you at a moment of distraction and then to send you something where urgency is the number one thing
Beau Friedlander:
Or create a moment of urgency. Correct. So John to me is sounding a lot like the HVAC company with Home Depot that he might’ve been targeted.
Adam Levin:
Absolutely. So many people go, no one would want to hack me. I’m just a regular person. And the truth is that to a hacker, regardless of who you are as far as they’re concerned, you are Jay-Z or Beyonce or Adam Levine. I mean, you’ve got what they want. Either they’re looking for your information and financial, medical, whatever, or they view you as a conduit to somebody else or something else. So in the case of Target, they knew they couldn’t go through the front door because Target was a well financed, massive, iconic organization. So they found a way to compromise somebody who worked at a subcontractor for Target and then use the access of that subcontractor to get into the target systems. So in your case, you’re not only somebody who is known, but your connections are very well known. And so they may say, well, let me go after John because I really have my eye on this particular company or this particular individual. It’s like for them, they’ve hit the mother load.
Beau Friedlander:
All right, so that’s all the bad news. Yeah. I wonder, I want to know, it’s like
Adam Levin:
Other than that, Mrs. Lincoln, how was the play?
John Juniper:
Yeah, I had a funniest, the thing that happened to me too, which is crazy, is I had a bucket listing to shoot Victoria’s Secret, right? And I shot this girl Elsa Husk the week before it happened, and I mean, she has millions of followers and all of a sudden my Instagram is gone and I finally got this great story, nice editorial with all this stuff, and nobody could tag me. She couldn’t tag me vs couldn’t tag me, nobody could tag me. I had nothing to tag.
Beau Friedlander:
That’s really serious in your business. That’s no joke.
John Juniper:
It was a big deal for me. It really was a big deal for me.
Adam Levin:
That’s almost when you feel like you’ve won the Emmy, but they canceled your show. I mean, it’s very frustrating.
John Juniper:
Exactly.
Beau Friedlander:
So Travis, I mean so far what I’m tracking here is that the silver lining here is we don’t know what the handle for John’s new Instagram account is going to be, but we do know that he’s going to change, get a different phone number to associate with a new account and set one up, and then we’re going to help him get a ton of new followers or the old ones back. But the question is, do you think that’s going to solve his problem and at least get him back on Instagram? And what else? This time of the essence question, what else can you do in the first couple of seconds? I mean, is it really a question of that game when you someone slaps a hand on top of the hand, on top of the hand and top of the hand and whoever ends up on the top loses or I don’t know how it works, but at any rate, is it that way with these hackers where you just kind of have to beat them to the dispute center?
Travis Taylor:
Yeah, it’s a good idea to send the dispute as quickly as possible. Again, especially if Instagram has happened to send you an email, because if someone does jump on and then change the email address and phone number, that will often trigger a security alert from Instagram to the email address that you have on file. And as long as it’s actually from help.instagram.com, it’s not to say that email address can’t be spoofed, but that is most likely going to be the first place that you go.
Beau Friedlander:
But people are playing disputing, are playing dueling disputations or whatever, dispute complaints or whatever.
Travis Taylor:
But if you get an email to what was already your verified email address and then say, that was not me, then that will reverse it a lot more quickly. Instagram does have an official, so you’ve been hacked for that you can fill out online and that you provide identification saying this is who I am and my account’s been taken over. And it can take days sometimes if they respond to you, but they can restore access. Also, if you happen to have a connected Facebook account in some cases, you can try contacting Facebook support and just say, Hey, I’m on Facebook here, I’m on Instagram here. And then if you can actually reach someone through the support on Facebook, then they’ll say, okay, it does look like this has been changed over. And then they can Facebook support, since Facebook owns Instagram, can also unlock the account or reset it for
Beau Friedlander:
You. But you’re also being a little careful there. You know that there’s another move there, but a little more manipulative that can make Facebook move faster. And that is John, if you say, Hey, I’ve got five grand I want to spend on advertising and promoting posts, but I can’t do it. My Instagram account is locked, can you help me out? It’s amazing how fast they’ll move when there’s a sale on the line.
Adam Levin:
Of course, if you could basically say in two minutes you’re going to be receiving a communication from Mark Zuckerberg, can you help me out?
Speaker 9:
Hey everyone, we are live from my backyard
Beau Friedlander:
Where, so the best thing that John can do now is find himself a new phone number, whether that’s through Google Voice or some other way, and then use that to set up a new account. And then we just have to start a campaign to get you your followers back. And I think I didn’t say that it was a new email as well. You will have to start with a fresh email on it that hasn’t been used on Instagram and a new phone number. Am I right, Travis?
Travis Taylor:
That’s
Adam Levin:
Right. But the bottom line with all of this is that these platforms have to find another way to more effectively and efficiently service people who go through this. Because unfortunately, this is becoming more and more part of what we talk about where we say breaches of the third certainty in life. Well, the Instagram accounts are going to be, or Facebook accounts are going to be taken over by bad guys. And there’s got to be a way for the good guys to get their accounts restored without having to go through the agony of new phone number, new email. I mean, I know it’s a fact of life today, but hopefully one of the messages that can come out of all of this is there’s got to be a better way.
Beau Friedlander:
Now before we go, I know John, you’ve got eyeglasses to make people to talk to about them and all that wanted to just ask, there’s this open question as to whether your phone had malware on it. The fact that they communicated with you via WhatsApp could be as simple as they found you through. WhatsApp is also owned by Facebook. It’s all connected in some cases, so it could be as simple as that, but there are some programs out there that can tell you whether or not your phone has been affected by malware. And one of them I recently used, it’s called iaz, and it actually can be one of many tools that you can use. The main tool being though the one that Adam was talking about, which is when in doubt it doesn’t rhyme, don’t do anything. Just try to get your wits about you and slow down because they’re really looking for you to panic.
Adam Levin:
No, without question. The whole goal is to take a busy person in your case and do something that is going to require an instantaneous response while they’re in the process of living their day doing what they need to do and they get people to respond. And unfortunately, sometimes a super quick response can end up leaving you with a very long recovery period.
Travis Taylor:
One other quick note about the imaz is it’s paid for software, but it’ll give you a free trial. And with that free trial, you can run the spyware scam on it. But the caveat that we always say is, if you’re going to get any kind of app, if it’s VPN or security or anything like that, and it’s free, don’t trust it.
Adam Levin:
Well, listen, thank you so much, and again, thank you for sharing your story on our show because it’s very important for our listeners as well as for you to sort of talk about, think about new ways that you can better protect yourself.
Beau Friedlander:
All right, man, have a good day. Thanks a lot. Hey,
John Juniper:
Thank you guys. It’s nice meeting all of you. And again, thank you for giving a, I guess the best way to put it. No one cares about, not enough people care about each other anymore. So when I see people caring about other people, it’s pretty awesome. Makes me feel good at least.
Beau Friedlander:
So John had a real vested interest in his Instagram account. They asked for $200 worth of Bitcoin. Is it ever worth just paying the price and getting your account back?
Adam Levin:
Well, it depends what the government says and how you feel.
Beau Friedlander:
Well, no, I’m asking about not John, because John’s not here to answer for himself, but just a person who got hacked, where’s the line? I know some municipalities have pay. They’ve decided to just pay and get it over with, and others have said no, and the government says, don’t do it. So what do you do?
Adam Levin:
Well, the issue with ransomware versus with other forms of hacking is it’s not what your data is worth out there on the dark web, but it’s what does access to your data mean to you? Or in this case, access to Instagram mean to you. And some people go, because the way this was originally done is they would ask for a small amount. This case, this is 200, and once you paid it, they would go away. Today, of course, things have become more complicated and depending upon the size of the target, they will lock up your data. They will then that they will release your data. They will find a way to scare you to the point where you will pay. And then after you pay, they will then take the data that they copied that you didn’t think they had, and they will then go to the people on your database and say, what’s it worth to you to have your information not out there on the dark web
Beau Friedlander:
And maybe sell it on the dark web? Which maybe that’s what happened to John there with his phone number recently popping up. But also, what would you say the occurrences of people who pay and don’t get their information back is
Travis Taylor:
It’s really high. I think it was something to the effect of at least 50%. It depends a lot on both the type of attack. If it’s a account takeover, that’s one thing. If it’s a ransomware attack, that’s something else. If it’s a major company versus a relatively small account. So the statistics are sort of difficult to come by with any real degree of accuracy, but at the same time, it’s enough that you should take the guarantee of a cyber criminal holding your data hostage with a pretty significant amount of skepticism.
Beau Friedlander:
So emphasis on hack with hacker because they may not be a top flight engineer and they may screw it up.
Adam Levin:
They may not know how to give it back to you, right?
Travis Taylor:
Yeah, Instagram could get the command to get the account back in your hands, and then Instagram could just sort of say, well, that looks suspicious. We’re definitely not doing that. I mean, that could in and of itself trigger their security and make them freeze the
Beau Friedlander:
Account on there. And that’s the issue, Adam, with ransomware as a service, which
Adam Levin:
Absolutely, that’s where it is a service that somebody develops it and then somebody buys it and the person who develops it gets a VI every time that they use the ransomware.
Beau Friedlander:
Now, if you’re not from the New York Tri-State area, you may not know the word vig unless you really like criminal movies, which Adam and I love. But we do
Adam Levin:
Love. We do love Mob movies are high on our list. Vig basically means your commission, they get a commission. It’s almost like a licensing fee if you think about it. If you
Beau Friedlander:
No, it really is a licensing fee.
Travis Taylor:
Well, one of the things to keep in mind too, as far as John’s concerned is if he knows that his phone number popped up in the dark web, you don’t know what the other fields are of the data that he’s on. And one thing could say, it could just be a yes or no field saying will he pay if a hit up for ransom? So that could be part of his profile that’s available right now on the dark web, just saying, here’s his name, here’s his phone number. This guy will pay.
Adam Levin:
Yeah, easy. Mark.
Travis Taylor:
One of the things too is we’ve been hearing a lot about the sort of Instagram hack. There’s Instagram as a ban services, there are account takeovers, the ransom extortion and the like. And I think at this point, what I’m hoping is that Facebook and Instagram actually start securing their product a little bit better because of the fact that you can’t really expect every single person who’s being affected by this to be able to go through this number of steps to be able to get their account back. Yeah, it’s extremely time consuming. It’s tedious. You don’t know if it’s going to end up working out, and if Instagram can figure out a couple of settings to tweak or a couple of ways to lock that down or make it more difficult, then I think they could potentially be helping thousands if not millions of their customers.
Adam Levin:
So the moral of the story, until Instagram and Facebook and other of the large platforms figure out a way to make it easier to solve problems, come to us.
Beau Friedlander:
So listen, if you like what the hack with Adam Levin, keep listening, download it every week. We’re here every week, and you can really help people find the show by doing a few things. One of them is writing a review, but if you don’t have time, Adam, what else can they do? Give
Adam Levin:
Us five
Travis Taylor:
Stars and we’re available wherever you get your podcasts.
Beau Friedlander:
What the heck with Adam Levin is a production of Loud Tree Media.
Adam Levin:
It’s produced by Andrew Steven, the man with two first names.
Travis Taylor:
You can find us online at loudtreemedia.com and on Instagram, Twitter, and Facebook at Adam k Levin.