People Are Marrying AI Now (And Your Business Should Be Worried)

Show Notes

People Are Marrying AI Now (And Your Business Should Be Worried). New Episode🔥The Cybercrime Junkies show dives into the world of cybercrime and cybersecurity, offering insights drawn from real-world stories that question our technology readiness levels. This episode highlights common pitfalls like weak password protection and emphasizes the importance of data security for better online security. Stay informed and protect yourself from cyber crime.

CHAPTERS

0:00 When Passwords Become Identity

1:53 Meet the Chaos Panel

2:23 The Pay Near Me Panic: When Legitimate Services Look Like Scams

6:13 America's New Valentine: Marrying Your AI Companion

8:33 The Loneliness Economy: Why AI Companions Are Winning

12:30 OpenClaw Chaos: When Everyone Downloads the Forbidden Tool

16:45 Hack or Hype Game Begins: Testing Your BS Detector

24:02 GDPR Gotchas and Vendor Nightmares

26:49 Final Round: The MFA Insurance Trap

30:18

New non-fiction Book Series is out! 

• Moving Target: The Art of Online Camouflage drops April 14.
• Moving Target: The Obedient Machine drops April 21.
• Book 3 -- Ghost and the Machine -- out soon!
• 4 years. 400+ interviews. Available on Amazon. We are all Stevie Parker. 

Growth without Interruption. Get peace of mind. Stay Competitive-Get NetGain. Contact NetGain today at 844-777-6278 or reach out at DMauro@NetGainIT.com or find more at www.NETGAINIT.com  
 

New non-fiction Book Series is out! 

• Moving Target: The Art of Online Camouflage drops April 14.
• Moving Target: The Obedient Machine drops April 21.
• Book 3 -- Ghost and the Machine -- out soon!
• 4 years. 400+ interviews. Available on Amazon. We are all Stevie Parker. 

Support the show

New Exclusive Offers for our Listeners!

New non-fiction Book Series is out! 

• Moving Target: The Art of Online Camouflage drops April 14.
• Moving Target: The Obedient Machine drops April 21.
• Book 3 -- Ghost and the Machine -- out soon!

🔥 4 years. 400+ interviews. Available on Amazon. We are all Stevie Parker. 

Remove Your Data Online Today. Consider OPTERY Risk Free. Sign up here https://get.optery.com/DMauro-CyberCrimeJunkies

Or Turn it over to the Pros at DELETE ME and get 20% Off! Remove your data with 24/7 data broker monitoring. 🔥Sign up here and Get 20% off DELETE ME

🔥Experience The Best AI Translation, Audio Reader & Voice Cloning! Try Eleven Labs Today risk free: https://try.elevenlabs.io/gla58o32c6hq 

===========================================================

Transcript

speaker-0 (00:06.658)
I didn't notice how the people who panic the most about their bank account being hacked are usually the ones with a password they're proud of and tell us they use it on everything. Welcome to another chaos episode on Cybercrime Junkies, where we're breaking down three stories that make you question whether humanity is actually ready for any of this tech we keep throwing at ourselves. First up, a near heart attack involving a sketchy payment service called

pain near me that sounds more like a credit glass scam than legitimate fintech. Then Dr. Sergio dropped some depressing Valentine's stats about Americans literally marrying their AI companions. Because apparently swiping right on actual humans is now too much effort. I'll wrap us up with the wild world of AI open claw and the massive adoption that has the security industry

shaking their heads in disbelief. But wait, there's more. Before we unpack all that relationship dysfunction and financial panic, we're putting us all through the wringer with our hack or hype game. We built this beauty and spoiler alert. Some of the scenarios are so ridiculous, they sound fake, but they're painfully real. Can you tell the difference? Let us know in the comments when you see it. This is Cybercrime Junkies.

Nava Show. All right. Welcome everybody to Cybercrime Jokies. I am your host, David Marl. And today we have a special guest on our panel, Mr. Bruce McDonald. Bruce, how are you, sir?

Hey David, I'm doing great. Great to be here and looking forward to doing some fun stuff on today's podcast.

speaker-0 (01:53.55)
Yeah, absolutely. And we also are joined by the legendary Dr. Sergio Sanchez, aka Dr. Cubit, Dr. Firmware. He's got a lot of doctor names. Over on the right, I don't know which way I'm looking in there. can't see myself, but either there or there is our new app that we developed the hack or hype app, which we are going to play in just a little bit. So

Hello everybody, House everything.

speaker-2 (02:07.758)
Yes. Hello.

speaker-0 (02:23.362)
What we're going to do is, those familiar, this is a chaos episode. We each bring one story that we share with everybody so we can all stay up to date. So for the first story, who wants to go first? Any volunteers?

I will let the guest star, Bruce, ahead.

Absolutely, sir.

Mine will be quick anyway, so that's good. I had a family member reach out to me and say, you know, hey, I think my bank account has been hacked. I got an email. I don't understand it. It's not something that I use. I don't know what's going on. And so, you know, I popped over, got on their devices and started looking at what's going on. And turns out what it was is really interesting. It was a payment service.

that they didn't realize they were using when they paid someone. And obviously at first I was like, my goodness, you know, here we go. Like this may be a real thing, but it turns out that the payment service they were using is called Pay Near Me. And it is a real thing. There's, tend to service sort of high risk financials, know, like payday loans or title loans or, you know, all the things that are high risk financials. But they also service some other businesses and stuff.

speaker-1 (03:36.962)
And they're actually in some of like the drug stores and things where you can go in with cash and pay a bill that you would pay online. Okay. Some bills today are only available to paid online. so this is a service that someone can use to go like to a drug store and make that payment with cash. So the person that did it was, you a family member of mine that, you know, they did the right thing and they paused everything and were like, no, what is this? And then

I was fortunate because the next email they had received was a email that had PMN and then like underscore and the name of the business they were, they had paid. And they were like, that's legitimate. That's something I was trying to pay. And I was like, right. But PNM is pay near me. And so then I went and looked at the other email and it was the same dollar amount, same card. Everything was the same, but

What had happened was they had gotten the CVV wrong when they were reading it because they had signed across it. So when they read the CVV to the person they were paying, it got entered incorrectly and it caused that bad transaction email to be generated. But the bad transaction email didn't say who they were trying to pay. And so it turned out to be a good thing that we paused everything and got, you know, checked in on it and everything.

But also it was good that we looked into it before we kind of escalated. We could have like froze accounts and things and we didn't. you know, it was good.

still a really good tactic to take when suspicion is raised. mean, yeah.

speaker-1 (05:06.264)
Yeah.

You are lucky.

Yeah, exactly. I'm ready to do a whole entire password change scenario where we're going to go through and get your password manager and start changing all your accounts and everything. And so I would recommend all that, right? And did do some of that as well.

I remember you were texting me during that.

I was stressed and I'm like, what is this?

speaker-0 (05:29.122)
the attitude like this. He was like, he was like Batman can't even stare at the bat signal just staring at his beer.

the whole time.

Yeah, really the fear, Like, click on something, she tried to make a payment to somebody bad, now they have the banking, the wiring instructions, it's just bad.

Wow. It was someone who just moved and set up new accounts in a new location. So there was a lot of, you know, kind of, okay, high risk running around anyway, you know.

Yeah, that's good though. So it wound up okay.

speaker-1 (06:04.588)
Yeah, well, that's okay, but it's still something to think about, right? And something to keep on your mind. So that's why I wanted to bring that story.

speaker-2 (06:13.678)
Before we go, Bruce, I was going to suggest instead of start thinking in passwords, maybe would be a good idea to tell your family member past phrases. Like, love Bruce very much and I will make pie, apple pie for him. Something like that. So, because sometimes, you know, and again, I was working for very, very old end users, you know, for the people that are here.

Sorry.

Yeah. Yeah, for sure.

speaker-2 (06:43.576)
for them to use a password manager also was very complicated. So in my case, what helped them is that they speak Latin, most of them. So they used to use, you know, the favorite Bible verse, but in Latin, and a long one, so. So that was a good idea for them. So now.

Yeah.

speaker-0 (07:04.386)
That's really good.

speaker-2 (07:11.55)
I guess we're still in February. We just started the month and you know, this is the month of love and friendship. And I start searching of how much people love the devices. And actually I discovered that is people getting married to their phones, mostly to now these applications, company, companion applications.

Are you going to tell us the story of the who married AI?

Yes. You know, being a doctor, a little bit of psychology here is about people that actually are pretty lonely. We had, and this is the surgeon, the surgeon, the general surgeon of the United States in 1923 was telling that loneliness now is a problem. That 47 % of Americans

from the 17 years old to 35 years old, they consider themselves lonely. Sadly, you know, it's not another way that just go out and have a social life. Except if you discover applications like Replica with K. And these applications now offer you a boyfriend or a girlfriend.

Yeah.

speaker-0 (08:33.665)
Yes.

speaker-2 (08:41.609)
And they are doing it so good that 50 % of Americans have decided to have a relationship with that kind of entities instead of real people.

Okay. Yeah, I don't. I first we have deep fakes that we have to deal with, right? And we have to the AI synthetic, synthetic media and how that's helping social engineering. When it comes to this and the psychological aspects of it, boy, I, I, first of all, I don't think that they taught that in school to a lot of the practicing psychologists. But you let, me tell you how ready we are for this.

It's a problem there.

speaker-2 (09:17.377)
Let me tell you.

Yeah, let me tell you why it's happening. So it's several causes. First is a lonely population, I tell you, very high percentage. Phone is always available. Everybody has a phone in their hands. So this AI is always emotionally there for you. Basically you get a recipe for a synthetic romance. Now this entity, don't.

Mean addiction, right?

speaker-2 (09:49.698)
get upset with you because you didn't put the trash out or because you left, you know, the water sink running or because you didn't do the dishes. It's always agreeable with you.

So it's

Right. you had 17 characters in Character AI, it doesn't know. Exactly. You're only interacting with the one, it doesn't know you're interacting with the other 16. Right.

That's correct. So from that point of view, also, we are teaching the new generations not to have a human interaction because they don't want to deal with problems. number one, number two, in some way, this is also good, good for people. And in some studies they are doing that people in the autistic spectrum, they are using also this like a tool.

Yeah.

speaker-2 (10:44.056)
to interact like a practice. People that are nervous, you know, when they are in social environments.

I can see that. I can see that.

speaker-0 (10:53.196)
Yep, social anxiety.

Yeah, when they're anxious, they are kind of training with these. So in one side is terrible. In the other side is a tool. Like a tool.

Yeah, I can see.

Well, I'm interested. I mean, for for listeners and viewers, let us know what you guys think about this, because I'm curious to see what people are saying about this. Like when I first saw it, you know, I was reading some of the comments and some of them were really actually kind of interesting. Some of them were just hateful. Some of them were dumb. But some of were actually like, well, they had different theories of why this is happening and some of the benefits of it and some of the cons.

So, you know, think it's a really good story because...

speaker-2 (11:39.822)
If you go to a subreddit that is called My Boyfriend is AI.

And you don't know if you laugh about things or cry about things. Like, my God, really? These people, mostly in other countries, Asia, several countries over there, they are allowed to get married to objects. Also, married to a phone is, I don't think it's a everyday thing, but happy. So it's more acceptable than in our Western culture.

Yes, exactly. It's cultural, right?

speaker-0 (12:13.133)
Yeah.

speaker-2 (12:17.368)
Here you say, I'm getting married and it's an iPhone 17. Hey, it's a new one. Go for the youngest one.

Yeah, well, has to be, yeah, it has to be an iPhone 17 because an iPhone would be would be illegal.

Now imagine, imagine if you get in love, imagine that you get in love with this AI and then the company that make it change something with an update or they go bankruptcy and they...

He's not gonna it changes the whole look of it people

People have tried or have the idea of commit suicide because the AI now is different.

speaker-0 (12:58.819)
Yeah.

And then probably like they add a paywall, right? So a lot of those apps, they come to you open and then as they get popular, then they start to charge for things. And so I could see that becoming a situation where somebody would be like frustrated or disappointed with their partner. The AI. That's fascinating. I had seen it used for like, so I...

I heard of these character AIs and things and I created a character that was basically like my job, like what I do at client success for an IT, MSP, MSSP. And I ask you questions like, know, hey, I a client that was upset about this thing that happened. You know, what are your thoughts as a coworker? Right. And then we'd get a lot of good information back, but it never occurred to me to be like emotionally connected to it. And as you discuss that, it's like,

Wow, I could see where people could become vulnerable to that. Especially when you have a lot of close friends or family. I've got a best friend I talk to every day. Right? I'm good. I don't need it. Right.

Now, Bruce, imagine this, people just to use application, what is the dating application, Bumble, all of those, I wonder how many now has AI instead of real people just to scam people.

speaker-1 (14:18.424)
Migrate straight over to there.

speaker-0 (14:28.502)
Right.

using it backwards, using it to facing outwards. So like they take the interaction with a real person from one of those dating apps and mimic it into the other app and then send back the feedback.

In the past used to be people taking photographs from another website like models, gorgeous people and says, hi, I am such and such, here's my picture. And everybody, my God, this is gorgeous guy, of course, or gorgeous girl. my God. Yes. And in reality it was a fake. But now, now you don't need to copy pictures. You can create with AI. Yeah.

I mean, that's how I met my wife. She's still disappointed because I am not George Clooney. I used his photo.

There you go.

speaker-2 (15:14.528)
Well, my

speaker-2 (15:19.278)
When the people ask how I met my wife, I says online and says, which application? says eBay. She bought me.

eBay exactly.

That's awesome.

Great. All right. Well, somewhat related. I've got a similar story. The internet is buzzing about multbook. So it's a new social media platform made just for AI programs. No humans allowed. But it's come with some crazy subplots in massive risk that a lot of leaders don't really necessarily know about. So your employees want to be productive and try new things. Cool. OK.

Nothing has been more popular in the last week than the viral craze caused by an open source AI open-claw, right? It is phenomenal tons of people have downloaded it and it connects automatically to a social network like Facebook where the memes are hilarious. They plot against their humans. They talk about you know, my human tried to shut me off. So I'm gonna

speaker-0 (16:29.464)
discloses identity. They created their own religion called like it's like lobster far in or something like that or crust a far in its base lobster based freaking hilarious. Right. But some some serious issues. So in one week two hundred thousand developers installed open claw. Right. It gained sixty thousand discord members and two hundred and thirty thousand followers.

on X in one week. Like that is really big. When you download it, if you download it, and our recommendation is please, please don't, it takes command and control. It has root access on your PC. So it reads your email, controls your browser, it executes shell commands, it accesses every single file, application and program on your device. Then it connects to MoteBook.

that Reddit style social network, right? But the platform, check this out, it launched developer headed up on GitHub. It launched last week in three days. It was breached. So every agent's API keys were exposed. Security research found 1800 instances of leaked tokens, API credentials and

months and months of chat histories and 26 % of the AI agents on there contain known vulnerabilities. So one of the challenges that small business have in smaller organizations is this, right? They don't have AI policies. They don't have visibility into it, right? They don't have controls in place and guardrails. So they don't even see if somebody's trying this.

This is an opportune time to get ahead and to have that conversation with employees and say, look, you know, we're making things like OpenClaw. If you want to do it at home and you want to take an old laptop that you don't care what happens to it, right? Go try it. Go experiment. Like that's fine. But for us and our acceptable use policy, right? OpenClaw is banned, right? Because the issue is

speaker-0 (18:52.992)
Your EDR won't be able to protect you. Your endpoint detection response, your firewall won't stop this. Right? Your security team won't have visibility into this. And so it's really, really scary. It's very exciting. It's very powerful, but it just shows you like the rolling out of AI has to be done right. You know, and in an organization, so many organizations we talked to

don't even have a policy yet. Right. It's just too new. Like they don't have a acceptable like AI is not part of their acceptable use policy yet. So this is an opportunity. Yeah.

You've got to block AIs that you don't want in your environment.

Exactly. You have to decide what would help us and then show them how to do it, train them, show them prompt training, stuff like that. Roll it out, crawl, then walk, then run. But the downloading of it or getting ahead of it is really, really a big risk. Have you guys heard about this? Yes. You might have seen some of the memes. The memes are hilarious.

just think that the name is wrong instead of mold book they need to call it a Skynet.

speaker-0 (20:08.002)
Exactly. That would be good. Good.

Well, define-

mean, it's a better name. Yes. Unfortunately.

Yes. This is the beginning. What?

What time is it? You know, nothing, nothing says it like like a little quick video to this is what happens late at night when you're playing around with tools. So we also have a new addition. We have an application that we have built right in our own AI, which is wonderful. Great work, Kylie over there. So we're going to

speaker-0 (20:53.95)
I get to choose the category and then it's going to make a statement. It's going to either give us a headline, it's going to tell us a story, a stat, something and you guys are going to decide if it's a hack, if it's true, a real hack, or if it's just hype. Okay, so let's go for famous data breaches. We'll start here. Okay, got to give it a little time because after all, I designed it. So it's going to be slow. All right. First question, gentlemen.

In 2017, Equifax suffered a data breach that exposed the personal information of 147 million Americans, including social security numbers, dates, and addresses due to an unpatched Apache struts vulnerability. Is that a hack or is it hype? Sergio, you will be player one.

Perfect. I think it's real. I think it's a hack. I remember hearing about that in 2017. Pretty bad.

I agree with Sergio, it's a hack, but I'm just questioning was the number of people or was it Apache? I really feel like it's the real hack.

Could it be tricking you? It was a hack. Ladies and gentlemen, both of our esteemed players got it right. that is fantastic. This breach is real and remains one of the most significant data breaches in history. Equifax failure to patch a known vulnerability resulted in massive exposure of sensitive customer data.

speaker-1 (22:07.735)
I thought-

speaker-2 (22:30.302)
I remember was half of the American populist.

That I felt like I remember too, like half of America, honestly, I remember thinking that's half the population. Yeah.

And it's funny because when I knew the number of people that we got bridge sharing information, I feel better. Because mathematically thinking, hard for them to pinpoint you.

Right.

Right.

speaker-1 (22:54.744)
I am not interesting out of 147 million people.

that.

Exactly. All right. Next question comes from the topic, the category of ransomware business impact for 100 Alex. The average ransomware payment for small businesses in 2023 was $38,000, but the total costs, including downtime, recovery, and lost business typically exceeded 500,000.

I will say it's a hack, it's real. think.

And Bruce

speaker-1 (23:27.662)
I'm gonna say it's a hype because I think that the total is less than half a million.

The answer is correct. Look like my score. Look at that. Player one has 200 points. Bruce is trailing behind with 100. Yes. While many SMB owners found or focus on just the ransom amount, the real financial damage comes from the business interruption, IT recovery costs, lost productivity, regulatory fines.

He's on a leave.

speaker-0 (24:02.03)
legal fees and customer attrition, which means people don't want to do business with people that lose their private stuff. Right. All right. Let's go to data privacy and compliance. See if we can get a tiebreaker or catch Bruce up on this one. All right. Under GDPR, this is going to be a hard one. bet under GDPR, a small U.S. company with no physical presence in Europe.

can still be fined up to 4 % of global annual revenue just for having a website that collects email addresses from EU visitors.

That is real too.

That is real, too? Whoa.

I think it's real. mean, again, I'm wondering about the number, but it might be like 40%.

speaker-0 (24:54.188)
You guys are both right. This is true and catches many US small businesses off guard. GDPR applies based on where your customers are, not where your business is located.

Or in my case that I have to sometimes release information from Rome, the Vatican, the United States and vice versa. was HIPAA and GDPR.

Wow. All right, we're looking at category of third party vendor risks. Target's 2013 data breach, which compromised 40 million credit cards and cost the company $292 million, started when hackers stole login credentials from their HVAC vendor who had network access for remote monitoring. Is that true or is that false?

I think this is a hype. Bruce? I remember they got hacked but... not that way.

Okay, Bruce.

speaker-1 (25:57.01)
I'm going to say it's a hack. I'm going to say it really happened. I remember it.

I'm going to say it's a hack. think that's exactly how it happened. As I recall, it was their HVAC vendor. I don't know that it was from stealing their credentials again, but I think that they wouldn't lie about that because I designed it this way. I'm. Hey, all right, we got a ride. We got a ride back. All right.

Well, let's see, let's see.

speaker-1 (26:22.574)
The only reason I remember that is I had Internet of Things, HVAC stuff at the time where I was working at the time. And so I was putting HVAC equipment on Internet of Things at a community college system so that we could control the temperatures when we were closed like for two breaks, two weeks in the winter and stuff like that. Yeah. So that's the only reason I remember it. I was a little questionable about the 40 million and the 292 million, but

makes sense.

speaker-0 (26:49.678)
All right, we're going to do our final tiebreaker. Cyber insurance claims and coverage. And I'll make this one interesting. You have to guess, like if you both guess the same thing, whoever says it first gets it. Okay. Hang on. It's thinking. Most cyber insurance policies won't pay out ransomware claims if your company implemented multifactor authentication, even if you've been paying premiums for years.

And let's go.

speaker-2 (27:18.414)
Yeah, I agree with you, but Bruce.

I'll put it in there anyway. It's a hack. Yes, most cyber insurance policies, cyber insurers have increasingly added strict security requirements as policy conditions. By 2023, over 90 % of policies require MFA before they'll cover ransomware incidents.

Europe, feel the insurance information that we have to do every year. It's like 400 questions.

Yeah, it is a lot, right? And I will tell you, there's a famous case, we have an episode on it, on this podcast, because we had an insurance expert from the East Coast on. One of the big cases here was ICS versus Travelers. It was in Southern Illinois, remember? And they applied for Travelers. They were asked, do you have MFA? They said yes on their application.

They got a ransomware attack, right? But they had MFA like on their firewall, not on the server that actually was involved. And it cost them a million dollars because travelers declined. gave them back their premium and they canceled the contract when the ransomware attack happened.

speaker-1 (28:41.806)
Cyber and are getting better and better at seeing everything. They got AI, they got tools, they got all the things just like we do. So they're getting better and better at seeing like, were you actually compliant? Yeah, you turned in a document saying you did all these things, but the MFA thing is a big deal because it could be certain accounts don't have MFA and then oh gosh, it doesn't necessarily have to be the global admin account. It could be another account that has admin rights.

dovetails out of there. yeah. Yeah.

Absolutely. So I'm going to give us a bonus question as we wrap up. So in 2019, hackers breached smart building systems at WeWork style co-working spaces operated by FlexSpace Global, accessing badge reader data and security camera footage for 45,000 small business members across 200 locations in 15 cities.

This is a hype. I never hear about

I was just about to say, if this is real, we need to do an episode on it, because we need to share this story.

speaker-1 (29:53.038)
was going to say it's a hype tube because I never heard of it.

Because I'm like, how did we not hear about this one?

But you had me at FlexSpace. was like, I felt like the WeWork thing happened. I think there's some truth in this, but it's not exactly how it came out. It's not maybe to the extent, know, and that was during COVID. So that was beginning of

Yeah.

That would be. Yeah.

speaker-0 (30:18.91)
What do you guys think of our platform here? Isn't that hilarious?

Love it. I love it. So much fun. Not just saying that cause I won.

What a crowd to win in too.

speaker-2 (30:35.128)
and pick up your credits. Good for a hamburger.

That's right. They're good for emotional support. Get a hug from David next time he comes.

Yeah, we are.

speaker-0 (30:44.994)
Well done. You guys able to hear that applause? Yes. That's great. Well, you know, this is this is what we do when you give grown men with some late night toys and this is what we do. It's either this or, you know, it could be a lot worse. So this is all for the betterment of education and awareness. And that's what it's all about. So, gentlemen, thank you so much for your time. And I mean that this this was really fun.

fun episode.

speaker-0 (31:14.698)
And we will be on again soon and play another episode. I'm going to mix up the questions and make them even harder. But that was really, some of those were tough today. And I like that. I like that. I mean, that one at the end, that was a hype. I'm like so glad that it was a hype because if it was real and we didn't know about it, I'd be like, what? How did we not see this one? Right. So.

Great stories you guys both brought too. So it was really, really kind of very, very topical. So go ahead, go download, open Claw, don't tell your boss. All right. No, no, no. I'll see you guys later. Thanks, you guys. See you guys. Bye.

Thank you, Bruce. Thank you, Dave.