Blind Trust | A Hacker's Exploitation Artwork

Cyber Crime Junkies

Entertaining & Sarcastic Podcast about dramatic stories on cyber and AI, which actually help people and organizations protect themselves online and stop cybercrime.

Find all content at www.CyberCrimeJunkies.com and videos on YouTube & Rumble @CyberCrimeJunkiesPodcast

Dive deeper with our newsletter on LinkedIn and Substack. THE CHAOS BRIEF.

All Episodes

Cyber Crime Junkies

Blind Trust | A Hacker's Exploitation

March 11, 2026 • Cyber Crime Junkies. Host David Mauro. • Season 8 • Episode 38

0:00 | 54:30

New Episode🔥New Episode🔥The Cybercrime Junkies show dives into this critical discussion on data protection, highlighting how a "bad actor" can compromise your personal information. We explore real cyber crime stories, emphasizing the need for robust internet security and online safety measures for everyone. Stay informed and protect yourself from cyber crime.

Robert Sicliano, international Speaker on Cybersecurity and Fraud prevention, best-selling author of 5 books on the subject ad regular guest on national TV broadcasts. Find more here: https://safr.me/

Chapters

00:00 Introduction to Cybersecurity and Identity Theft
02:40 Robert's Journey into Cybersecurity
05:22 The Evolution of Cybercrime
08:13 Understanding Identity Theft and Data Breaches
11:01 The Rise of Organized Cybercrime
13:53 Protecting Yourself: Credit Freezes and Identity Security
16:40 The Importance of Freezing Children's Credit
19:30 Books and Resources for Personal Protection
22:15 The Nature of Predators in Society
24:06 The Evolution of Cybercrime
25:08 Human Trafficking and Cybercrime
26:13 Understanding Scammers' Tactics
28:21 The Psychology of Loneliness and Trust
31:39 The Mechanics of Investment Scams
35:14 The Human Blind Spot in Security
38:55 Cognitive Bias and Denial in Security
42:18 Security Misconceptions and Cultural Attitudes
48:53 Becoming a Strategic Human Firewall

Questions? Text our Studio direct. We read these and when helpful we give a special shout out for those to contact us.

Growth without Interruption. Get peace of mind. Stay Competitive-Get NetGain. Contact NetGain today at 844-777-6278 or reach out online at www.NETGAINIT.com

Support the show

🔥New Exclusive Offers for our Listeners! 🔥

1. Remove Your Data Online Today! Try OPTERY Risk Free. Sign up here https://get.optery.com/DMauro-CyberCrimeJunkies
2. Or Turn it over to the Pros at DELETE ME and get 20% Off! Remove your data with 24/7 data broker monitoring. 🔥Sign up here and Get 20% off DELETE ME
3. 🔥Experience The Best AI Translation, Audio Reader & Voice Cloning! Try Eleven Labs Today risk free: https://try.elevenlabs.io/gla58o32c6hq

Dive Deeper:
🔗 Website: https://cybercrimejunkies.com

📰 Chaos Newsletter: https://open.substack.com/pub/chaosbrief

✅ LinkedIn: https://www.linkedin.com/in/daviddmauro/
📸 Instagram: https://www.instagram.com/cybercrimejunkies/

===========================================================

speaker-0 (00:13.612)
you say if I told you 97 % of everyone you'll ever meet is good worth your trust honest safe that means three to six percent aren't and those people they don't think like you think they don't feel like you feel there's no guilt there's no shame there's no remorse ever they wake up every day hunting

and they've turned fraud into a business model. Robert Cisleano has been studying predators for 30 years. He got mugged at age 12, learned about rape and sex in the same conversation, and has built a career reverse engineering how the lion hunts the gazelle. But today he's going to explain why your brain is wired to trust people, the wrong people.

Robert's going to walk us through what he calls the human blind spot. Why we'd rather live in denial than lock our own doors. Why 85 % of people still don't use strong passwords. Why we send our daughters to college without talking about sexual assault. And while the neighbor always says the same thing when the six o'clock news reports that something bad happens. I never thought it could happen here.

So when Robert explains how 95 % of his audiences still don't use different passwords, don't freeze their credit and default into saying the clueless statement like, I don't want to live in fear, I believe them. Because denial isn't a bug. It's a feature. And organized crime is exactly how to exploit it. This is Cybercrime Junkies.

And now the show.

speaker-0 (02:26.99)
Alright.

Well, welcome everybody to Cybercrime Junkies. I am your host, David Morrow. In the studio today is cybersecurity and fraud prevention leader Robert Cisliano. He's an author, well published and constantly in the media, really focused on keeping people protected online. He's got 30 years in the identity theft and personal security space. He's been everywhere from Robert Stern to Anderson Cooper to the New York Times, which

honestly is a range most people couldn't pull off. We're glad he's here because our audience is exactly the kind of people who think it won't happen to them right up until the time that it happens. Robert, sir, welcome to the studio. We appreciate you being here.

speaker-1 (03:13.27)
Hey, thank you so much. Yeah, I've actually been on how it's turned twice.

speaker-0 (03:16.706)
Have you really? Well, that's a podcast in and of itself just to see how that goes. haven't. Can only imagine. So let's back up a little bit. How did you first get into cybersecurity, identity, privacy? You know, what what drew you to it? How did your career go? Just for listeners who may not be familiar with.

speaker-1 (03:23.416)
enough scots to discuss what I actually did.

speaker-1 (03:43.404)
You might

speaker-0 (03:44.022)
links to your books in our show notes. So we encourage everybody to check them out.

speaker-1 (03:49.614)
Thank you for that. My process, my evolution is different than most. Whenever I get off, I speak for a living, so when I get off the platform, 100 % of the time people always ask me, so how did you get into this? What are you, former CIA, Secret Service? Are you law enforcement, military? How did you get into this? And I tell them, I'm literally from the streets of Boston. That's how I, where I got my chops. And for me, early, early on, I mean we're going back in the day, I was 12 years old.

You know my dad let us get in the train and head into downtown Boston to do some shopping It was my little brother's birthday and we get off the train you could do that back then you know We have to train and there was five kids waiting for us at the top of the street and they mugged us beat me up and they took my money and I was not prepared for that at all right right I turn around my brothers in the curb crying and I didn't know what to do and then we go home and My dad explained to me. Yeah those boys well

They're the wolves. And today, you and your brother, you were the rabbits. I was like, all right, know, and they explained, you know, he made us watch the Mutual of Omaha's Wild Animal Kingdom. You remember?

speaker-0 (05:03.032)
Peace out.

speaker-1 (05:04.172)
Yeah. And so, okay. So I remember he explained to me, like, the lions, they are predators. See the gazelle, that's, that's their prey. And that's normal. And that's natural. It's always been like that. And it'll always be like that. And I was like, all right, like I kind of had an understanding of what he was talking about. And so about a year later, and this is like really kind of where, where really impacted me about a year later, I was 13 years old and I went to summer camp, like a lot of kids did. And I met a girl.

and she she was my first crush and so we would hang out at camp and then at the end of the day we get in the bus on the way home and one day we I get off at her bus stop and we go to her house and was sitting on her front stairs and she says to me and she kind of looked at me like I'll solemn or I got I didn't quite you know I knew something was wrong and she says she says I think you should know that my mother's boyfriend assaulted me and I and I didn't know what she was talking about

speaker-0 (05:52.302)
You're wondering where this is going. Yeah.

speaker-0 (06:03.148)
Right.

speaker-1 (06:03.758)
So I go home and I asked my dad, I said, dad, like, what is rape? I didn't know what she meant. Because back then, you know, we didn't know.

speaker-0 (06:13.422)
wasn't everywhere in the news and it wasn't something that was talked about.

speaker-1 (06:20.29)
didn't know what sex was 13 years old like we didn't know we didn't have any information back then that's just how it was our worlds were a lot smaller than they are today and so I learned about the birds and the bees and sexual assault in the exact same conversation that had a profound effect in the way I view the world around me and so from that point on it just became a mission of mine

speaker-0 (06:38.03)
sure.

speaker-1 (06:43.532)
to make sure that those in my life were properly protected. And so I just started to study it. I started to find...

We had just got VHS videos. I started to find VHS videos on self-defense by, you know, former military and law enforcement that taught you how to, like, mess somebody up. I learned about, you know, good touches and bad touches for children, and I just started to focus on that, and it became a business in my early 20s. Selling personal protection products, pepper sprays and stun guns and tasers, and I had my first computer, 95.

was an IBM PS1 consultant, which was the make and the model, that had a Windows 3.0 operating system, and it had 150 megabyte hard drive. And at the time, I had to buy an additional card to install so I can get dial-up connection to AOL. Back in the day.

Okay, so I started a small mail order business that I built a website for and I acquired merchant status, which is the ability to get processed credit cards online. And back then that wasn't an easy thing to do, but I did. And within the first week of being online, I got hacked. I lost thousands of dollars in credit card fraud. Now this is the mid 90s.

speaker-0 (08:11.18)
Yeah.

speaker-1 (08:12.17)
And I had no understanding of what had occurred. did not know. All I knew was that I had all this credit card fraud that occurred. And I wanted to understand it because A, I lost thousands of dollars. B, it was theft. Now my business at the time was personal protection as it relates to violence prevention. And I was also training real estate agents on personal protection.

speaker-0 (08:33.645)
All

speaker-0 (08:38.822)
Even back then you make sense because they go into houses they go into they're very vulnerable

speaker-1 (08:40.318)
Yeah, yeah.

speaker-1 (08:47.094)
Realtors are murdered selling houses. That's a thing, you know, it's not like this astronomical number But it's enough that like it there's something called Realtor Safety Month, which which I was actually I was one of the people that started that back in 2001 and so yeah, so I've been doing this forever and so I'm teaching agents about personal protection and personal protection was violence prevention

speaker-0 (08:49.378)
Yes.

speaker-0 (09:13.26)
Right. And be aware of your surroundings, awareness, all of that.

speaker-1 (09:17.048)
Yeah, yeah. And personal protection was also preventing, you know, muggings and pickpockets and like theft in general. And so now here I am, like in the in the game of personal protection, and I'm just robbed, basically. And as upset as I was, I was intrigued by what they did. I wanted to understand it because theft is now an internet thing.

speaker-0 (09:41.858)
Right, it's now digital and they can they don't even have to be in this country to be doing that to us? Yeah.

speaker-1 (09:47.586)
It was brand new. And as upset as I was, I was like, what they did was amazing. Like if they can do that to me, think about.

speaker-0 (09:56.064)
Exactly. Think of what they could do to banks. Think of what they could do to real estate firms, right? Like you just, you follow it and it's just, it's, yeah, it's very similar. I'm not interested in talking about me, but I mean, would, they had a crime victim background, like crime victim advocacy background, and then started to see cyber crime happening at scale.

And that is very similar to what you're describing, meaning it was horrible, but I was fascinated by it because I'm like, my God, this is this is very powerful what they're doing. And we have to understand it in order to protect people from it.

speaker-1 (10:38.616)
Well, that's it. Understanding it, reverse engineering their process, that's how we learn. that's how I teach. And so by the late 90s, identity theft, you your social security number ending up in the hands of criminals, it started to become a real thing. It wasn't even a law up until 1998. There wasn't a law saying it was illegal up until 1998.

speaker-0 (10:58.131)
in that prison. That ridiculous.

speaker-1 (11:01.676)
And then I met my first victim of identity theft, who was a good friend of my wife's. And I started to write about it and speak about it, along with teaching personal protection. by the early 2000s, dot com boom, dot com bust, and so forth, data security wasn't really much of a focus, but John McAfee and others had created antivirus and it started to become a thing. And then 9-11 hit.

speaker-0 (11:32.078)
Yep.

speaker-1 (11:32.462)
And so what I was doing in the world of personal protection, I'd already written a book actually by that time. I'd already done a bunch of TV shows and talk shows and morning shows. did Montell Williams back in the day and Howard Stern and Sally Jessie Raphael and.

Gordon Elliott, which is a show back then. And so when I was doing, when I was speaking to this issue after 9-11, what I had to say began to resonate in a different way. And so I saw how, and you might remember this, choice point.

speaker-0 (12:03.392)
Exactly.

speaker-1 (12:09.598)
was an information broker and they're no longer in business I don't believe and they were a company that sold information about you and I and you could sign up for ChoicePoint and buy records and it was easier back then and what happened was ChoicePoint had a breach

and their breach was such that essentially I think it was Nigerians had signed up and when I say breach they basically like walked in through the front door they signed up and they got thousands of social security numbers and stole thousands and thousands of identities you know getting their social security number opening up credit cards and so forth and back then California was the only state in the nation that had a data breach notification law California's always been on the forefront of this

speaker-0 (12:55.47)
They have been.

speaker-1 (12:56.544)
And so California was the only state that ChoicePoint was required to disclose.

speaker-0 (13:03.32)
to admit that they had been involved in a breach.

speaker-1 (13:06.872)
to the residents of California. And then other attorneys general caught on and said, okay, well, our residents were compromised too. Why didn't you let us know? And ChoicePoint's like, well, because we weren't required to. they became, ChoicePoint became the poster child for what not to do in a data breach. And as a result of that, what I had been speaking to at the time,

speaker-0 (13:09.56)
Right.

speaker-0 (13:21.496)
Right.

speaker-1 (13:34.668)
now became like national news. Now data breaches themselves was like now this real thing that we now need to be concerned about. And that was like early 2000s.

speaker-0 (13:46.018)
Yeah, exactly. then it got followed by some big names that started to get hit. And all of a sudden it started to make news. Not as much as it does today, but they were big names back then that were getting hit. And all of a sudden it just escalated.

speaker-1 (14:02.786)
Yeah, so for me, critical mass all kind of came together and what I was doing now all meant something and mattered. And then companies like McAfee started calling me and saying, hey, you want to work with us? And I became a brand ambassador for McAfee and Intel. And I did that for quite some time. You know, it's interesting and you'll, I'm sure, agree. What's changed over the past 30 years is that criminal hackers are, I guess, as they say, sophisticated, but really what they are is organized.

speaker-0 (14:33.134)
Correct. mean, it's more about organized crime than anything else. I there are layers now. You know what I mean? Like different agents have different roles and they do that. One group will handle money laundering, one group will handle this. you know, there's a lot of funding behind all of it. it is, that to me is the sophistication. What they do and how they do it to us, it hasn't really changed that much. Maybe the mediums have changed, but it's still the same way you were much

as a kid. Exactly. still right it's not that complicated. always I always scoff whenever I see like it's a sophisticated phishing attempt. I'm like no it's not it's a freaking email that somebody clicked on. Like that's not sophisticated right?

speaker-1 (15:07.096)
Yeah, exactly.

speaker-1 (15:19.714)
the sophistication aspect is the scale at which they operate. Yeah. And the fact that they treat fraud as a business. That's the sophistication aspect of it. that's where we're in. So that has changed. But what hasn't changed, and I think you'll agree, is that like we as consumers, we don't treat security much differently today than we did back then.

speaker-0 (15:28.494)
Exactly.

speaker-1 (15:43.234)
And that's the problem. The problem is that while criminal hackers are that much more quote sophisticated, we aren't much more digitally literate today. Our cyber hygiene isn't much more today than it was 30 years ago.

speaker-0 (15:59.272)
I would argue that in some ways it's worse because of social media. Now we are feeding kids iPads and phones and things with no training, no guardrails, stuff like that, right? And we see what's happening with social media. And then we ourselves have blurred lines between our personal lives and our work lives. And some people think cybersecurity issues are at work.

my home, I could do whatever. Right? And it's like, no, no, it doesn't work like that.

speaker-1 (16:37.014)
It doesn't. And that is actually the bridge that I'm trying to bring together is people's personal digital security and their work security that it is in the end kind of like the same thing. That once you recognize risk in your personal life, you're going to do a much better job in your professional life at protecting the data in which you are entrusted with. And there's so much that goes on with all of that. And that's essentially what I speak to today.

speaker-0 (16:46.328)
Yeah.

speaker-0 (17:05.39)
So let me ask you a couple things just to confirm things I believe I just always want to make sure I'm giving the right advice. Americans in general, they should freeze their credit, right? Okay.

speaker-1 (17:18.624)
yeah. So the credit freeze has been around since February of 2008. I froze it the week it became a-

speaker-0 (17:23.714)
Yes. Week after. I think I was a few months after you. Yeah. Yeah.

speaker-1 (17:31.062)
It's the best tool that consumers have available to them right now to basically inoculate yourself. It's a vaccine of your identity. your social security number is out there. We've got viruses all around us all the time. Right. And so the credit freeze locks down your social security number in such a way that the lenders can't see your credit scores when they receive an application for credit and thereby basically, you know, making you immune.

to various forms of new account fraud. Now certainly your social can be used in other ways, but you become a tougher target once you have a credit freeze. And this is a relatively easy process. It used to be a small fee and it required you to send in paperwork. Today, it's all done online or in some cases over the phone. And it can be done generally in less than 10 minutes per bureau. And now you have control. So when you want to temporarily thaw your credit, which, usually

I find as an adult in the game of credit, I've had to probably thaw my credit on average every two to three years.

speaker-0 (18:40.194)
Yeah, like you're getting a card, you're buying a car, you're doing something like there's some reason why and you just do it. I usually unlock it from my phone. They run the report. I put it back. It's super easy.

speaker-1 (18:52.878)
phone is the best thing because finally the apps for the three credit bureaus are functional. They haven't always been functional and now they make it really easy for you to temporarily thaw your credit. I've just very recently I bought the least vehicle that I was driving which required me to go to the dealership and sign some paperwork and I got a loan for it because you know it's a write-off and stuff and with my credit frozen walked into the dealership armed only with my phone and sat down

with the salesperson and temporarily thawed my credit at the two bureaus in which that they checked my credit at and applied for the loan on my phone in real time, basically thawed my credit and got the loan probably in under eight minutes. Yeah, automatically.

speaker-0 (19:41.516)
Right, and then refroze your credit. Right, exactly. Yeah. Yeah, that's the way to do it. What about kids? What about people that have children or family members? You might have a brother who has a young child, stuff like that. They should freeze their, those children's credit.

speaker-1 (19:58.07)
So freezing kids credit hasn't always been around. hasn't always been easy to do. It's a relatively recent thing, I'd say, and it could be wrong, but maybe within the past five to seven years. think Maryland spearheaded that, the state. But still, the process isn't easy. The only way to freeze your kids credit is

speaker-0 (20:17.634)
mailing it in.

speaker-1 (20:18.582)
is mailing it in. It's a manual process. They don't want you freezing your kids credit either. They don't want you freezing your credit either because it's free. It's labor for them. But you know, frankly, screw them to be honest with you.

speaker-0 (20:31.722)
Click.

speaker-1 (20:32.648)
Freeze your credit and freeze your kids credit too. I will say this is a plug a company that I'm no longer affiliated with but is really good. There's a company called Credit Parent out there and they will walk you through the process of freezing your kids credit. The only ones that I know that do that there's a fee involved there but it does take the sting out of doing it on your own.

speaker-0 (20:53.944)
Yep, but it's really important because some children get their identity stolen and they become of age and they're looking for student loans or cars or apartments and they find out they have a foreclosed condo in Nevada or they find out they have medical bills and they're like, that's not our kid. But now you've got to go through all the identity issues and it's just years of pain for this child that literally didn't do anything.

speaker-1 (21:23.062)
It's a nightmare. I've met them too. We've traveled the same paths. And if you don't do it today, they don't find out that their identity was stolen until they turn 18, until they apply for loans for school, until they go to get an apartment or a credit card. And that's when they find out their identity was stolen when they were 12.

speaker-0 (21:42.24)
Exactly.

speaker-1 (21:43.028)
In some unfortunate cases, might be like estranged parents. So it's important that parents get a handle on their kids' right now. Be proactive with this because going down the road, whether it's an estranged parent or a complete stranger, it can be a nightmare for that child. And I will recommend that prior to your child turning 18, parents who work on freezing your kids' credit now, prior to them turning

18, I would say thaw their credit within six months before they turn 18 because Yeah, so I froze my kids credit and I'm speaking from experience Yeah, okay, and so it's freezing my kids credit and then once they turned 18 became a nightmare to thaw their credit Yes that that

speaker-0 (22:21.08)
Why is that? That's interesting.

speaker-0 (22:34.332)
really?

speaker-1 (22:36.866)
paper system of freezing a child's that ends up being digitized and then you go in to thaw their credit once they turn 18, the process is not really...

speaker-0 (22:50.336)
It's not really digitized. It's fully functional. That's good to know, actually.

speaker-1 (22:52.588)
really fully functional. Okay. Yeah, it's just but if you work on thawing their credit prior to turning 18, while they are actually a minor, it gives the parent all that control to do so. And this the system doesn't break once they turn 18. And the day they turn 18, they can go in and they can refreeze their credit and start all over again.

speaker-0 (23:13.432)
That's good.

speaker-0 (23:21.356)
That's really good. That's great advice. So tell us about the books that you've written.

speaker-1 (23:26.862)
Well, I've written five. Five? One of which, yeah.

speaker-0 (23:31.074)
Wow! Holy crap, that is a lot of writing.

speaker-1 (23:34.73)
all revolving around the same topic, know, personal protection as it relates to violence prevention and identity theft protection, you know, of course, information security. And they have all, you know, you know, via Amazon and so forth, one of being a bestseller. The latest book is Identity Theft Privacy, Security Protection and Fraud Prevention, which also is again available on Amazon. It's like it's all about the basics, the one on ones, you know, just how to recognize risk, how to incorporate basic one on one security

into your daily life so that when the bad guys do come a calling now they all there always has been there is and there always will be this criminal element out there it's just just just the way it is yeah and our job is to become a tougher target and the way that i i kind of roll this out is the way i understand it the way i see it and i think anybody can do this research and i think that they'll come to the same conclusion as i will is that

97 % of all the people that you're ever gonna meet in the course of your life, 97%, in their nature, they are good. Meaning that they are worthy of your trust. 97 % of the world's population are just good people. However, that also means that as much as if not more than 3 % are not. And I'm pretty sure it's somewhere between 3 and 6 % of the world's population are just no good.

The medical community would call them antisocial personality disorders. We would categorize them as being sociopaths and psychopaths. And those sociopaths and psychopaths, they're the ones that make the most amount of noise. They're the ones that do all the harm. And they are up to 6%. It's saying that maybe 3 % are female and 6 % are male. I would agree with that.

speaker-0 (25:08.846)
Yeah.

speaker-1 (25:25.226)
that said, these are humans like you and I that don't experience like you and I.

speaker-0 (25:32.34)
Empathy, sympathy, guilt, feel remorse.

speaker-1 (25:36.276)
Exactly. They are they literally have no shame. True, true, words. And so it's it's it's that element of society of humanity that are the true predators amongst us. And I know that like most people don't want to or think that they would ever be targeted by that percentage.

But the reality of it is there always has been, there is, and there always will be the wolves and the lions. And the rest of us being the gazelles and the rabbits.

speaker-0 (26:12.35)
Unlike the National Geographic though, they don't friggin look like lions. Like in the National Geographic you're like, hey Gazelle, do you not see that lion? Right? Like you can literally, like you're looking right at the screen. Here, they're among us. They look like us. They are online with, you know, legitimate looking personas. That's where the challenge comes.

speaker-1 (26:37.09)
They're online, they're in person. They're standing behind us in the grocery store line. I mean, look at, know, Jeffrey Dahmer, he was a good looking guy, right? And he ate people, right? mean, yeah. And today, if we look at the bad actors in the realm of cybercrime, they are organized criminals that function all over the world. And

speaker-0 (26:39.469)
Yep.

speaker-0 (26:52.024)
Exactly right.

speaker-1 (27:04.14)
They are, they're not just like, you know, some criminal hacker in his mom's basement, you know, drinking Red Bull. Today, it's right.

speaker-0 (27:12.31)
exactly the analogy I always say. Like what do you picture when we say the word hacker? Like some kid in his mom's space and drinking Red Bull, cracking code, like eating Hot Pockets, like that's what he's probably a Fortnite champion. Like that is what you think of. That's not who it is. It's more Sopranos than iRobot.

speaker-1 (27:32.718)
It's way, it's beyond. It's Russian mafia, it's Chinese mafia, it's Japanese mafia. It's organized criminals that put ads online. And the ads they put online are, you know, hey, job opportunity. Be a computer programmer, be an administrator. Get a job making $25 an hour. Sign on bonus of $2,000. We'll pay for your airfare, we'll pay for your hotel, we'll pay for your ground transportation. You just come to us.

As a matter of fact, we'll give you free room and free board.

speaker-0 (28:06.582)
And you wind up in a Cambodian scam center, like trafficked, essentially.

speaker-1 (28:12.878)
Right now the UN estimates that there could be anywhere from 200 to 300,000 victims of human trafficking whose sole job 18 hours a day is cybercrime. That's all they do. And if they don't meet their quotas, they get beaten and tortured.

speaker-0 (28:30.274)
Yep, that's exactly right. just had an episode on that, somebody from the FBI. I don't know if you know Scott Algenbaum, former FBI. He's out there all the time. He just got back from Cambodia looking at his role is simply to spread awareness. Yes.

speaker-1 (28:46.466)
And I've met the victims of human trafficking. So when we get those wrong number text messages.

speaker-0 (28:53.282)
Right, that's what it's coming from.

speaker-1 (28:55.148)
That's what that that's who's doing it. It's the victims of the human trafficking that are orchestrating these text messages. And most people, they mark them as spam, they delete them, I respond to them. And I respond to all of them. Yeah, I respond to all of them. Because my role in providing and presenting security awareness training is to get people up to speed as to what the risks are, what it looks like, how it works reverse engineering their processes. So they see how these things roll out in their own phones and

and so forth. And when I engage the scammer

speaker-0 (29:29.558)
you see the methodology, the modus operandi that they do.

speaker-1 (29:33.358)
Exactly, you know? And within a day, you're getting pictures and they're saying nice things to you and the whole process is about building a relationship. And what's interesting is it's not necessarily about romance. A lot of times it's romance, but that's really not the end goal. The end goal is trust.

That's truly what it's about. So for example, most people don't realize that as many as 25 % of all humans on the planet right now who are breathing air, 25 % of us wake up every day lonely. So again, 25 % of us, our default is we wake up and throughout the day we feel the sense of loneliness. And so with that,

They say that the pain and the ache of loneliness, which is how it's referred to, is designed to get us as humans to gravitate towards other humans for the sole purpose of procreation.

so that we would essentially further the species. That's the whole point of loneliness. They say the same thing with hunger pains. We have hunger pains solely so that we would find food to nourish our bodies so that we could live another day. That's how we're designed.

You our bodies are such that we're mechanically engineered, however you want to explain it, in order to procreate to further the species. And hunger pains and the pains and ache of loneliness are designed to do just that. Well, the criminals understand this now. They understand that if we reach out to these people and they're lonely, that all we need to do is maintain contact with them throughout the day.

speaker-1 (31:26.742)
weeks, months, eventually we can persuade them to invest in cryptocurrency or whatever. Whatever the plan is. And it's not that complicated. So when I engage the scammer, what happens is over the course of a day, text messages begin first thing in the morning. Good morning, dear. How did you sleep last night?

speaker-0 (31:34.606)
Correct. Or whatever the play is. Yeah.

speaker-1 (31:52.162)
And then throughout the day, what are you doing today? What do you have going on? I'm meeting with my employees this afternoon, she says, and then I'm meeting with my investors later on in the day. I'm going out with my girlfriends for dinner. She sends me pictures throughout the day of her at yoga or her grocery cart, just what she bought for food, not even her, just the food she's buying. So I can see that she's eating organically and she's eating a lot of vegetables and she's eating avocados and just regular.

speaker-0 (32:22.414)
They built up the entire persona.

speaker-1 (32:25.718)
Yeah, and ultimately, like after a week, a week, hey, let's meet on video on WhatsApp. And I'm like, really, you want to meet like right now, like already? And then you meet them on video. And what do you see? You see generally what is a usually a young Asian or African female from my perspective, what's happened to me, a young Asian or African female that has artificial intelligence face overlay.

speaker-0 (32:32.888)
Right.

speaker-0 (32:53.998)
Yeah.

speaker-1 (32:54.56)
of often a white Russian model is the MO. And interestingly, from my experience, the voice is still that of a young Asian female with the Russian models.

speaker-0 (33:09.004)
with the they're not even deep faking the the voice they're just using the image yeah

speaker-1 (33:16.342)
Yeah. It's as if they don't really need to, you know, like once you get them, once they get you on video, that's enough. And and then from that point on, they start talking about their gold investments and their cryptocurrency investments. they're really good at what they do because, know, my online persona is Rick. I go by slick Rick and I'm a Rufa, you know. Yeah, that's great.

speaker-0 (33:24.846)
Right.

speaker-0 (33:39.298)
You're a roofer.

speaker-1 (33:42.946)
She's like, I know you work really hard, and so I've made 80 % of my crypto investments. I can show you how. And then what happens is she sends screenshots of her own phone and the two apps she wants me to download. And then step by step, I'm responding with screenshots of the apps. She's responding with screenshots of next steps. And that process is all about connecting your bank accounts, connecting your credit card accounts.

speaker-0 (33:57.772)
Right.

speaker-1 (34:11.296)
in what happens

speaker-0 (34:12.393)
And the initial investment very well might do well. Oh yeah. For like a hundred bucks or fifty bucks. Yeah. You might turn that parlay that into 400 bucks and all of a sudden you're like, well this was great and I only invested 50. What if I invested 10,000? And then you, then they get you.

speaker-1 (34:30.166)
and the beauty of it is you can take the money out right away. the initial upfront funds, you can cash out. They want you to know that it's okay. It is no different than a Ponzi scheme. It's exactly a Ponzi scheme.

speaker-0 (34:43.982)
Exactly right. Same thing that's been going on for hundreds and thousands of years. Yep.

speaker-1 (34:49.356)
Yeah, they robbed PETA to PayPal.

And eventually, you know, why would you take the money out? I mean, you trust this person. They've already like proved to you that they're real. You've already proven that you can take the money out whenever you want. And what happens over time is you begin to, you know, liquidate your investments, refinance your house and you're borrowing money. And before you know it, you're into it for six figures. Yep. And then once it's time to cash out in your mind, they all disappear. Yep.

And that is entirely possible today due to the fact that we as humans, we just want to and need to trust by default. So over the past 30 plus years of doing what I do, I've come to the conclusion that trust being our default, we wake up every day and the people that we engage with, the people that we come in contact with,

as an interdependent species, want to and need to trust that everybody we come in contact with has our best interest in mind. That they don't want to hurt us, to harm us, that they're generally like that 97%, they're just good people. We just want to believe that.

speaker-0 (36:09.006)
Right. And these people will play on that and prove it to you in the beginning. Right? They will establish trust. They will be reliable. I will contact you around seven. They contact you around seven. They do what they say. If you invest this, you will do better. You invest and you do better. Like they are earning your trust until the big payoff comes. Right.

speaker-1 (36:32.374)
and they do earn your trust. And so all of our lives, I'm 57, I am to trust and I still trust, I still want to trust. I need to trust, right? I need to know that when I go into the grocery store that I'm not gonna get down by somebody with an automatic rifle that's gonna take me out while I'm getting my eggs. Like I've gotta just trust the process that it's not gonna happen to me today.

No, don't want I personally don't walk into the grocery store saying it's not going to happen to me. I don't do that. I walk into the grocery store looking to see if it's going to happen today. I am looking around the perimeter of my body to determine if it's going to happen today.

Versus I don't walk in saying it's not gonna happen to me today I walk in saying is it going to happen today? And I'm just looking around the perimeter of my body now. I am NOT worried. That's gonna happen to me today I'm not thinking it's gonna happen to me today. I don't live in fear that this is something that's gonna happen to me I just know that it's possible Therefore I am looking for it so that in the event or the unlikely event that it does happen I know what my

next move is going to be. So I proactively recognize risk as we all should be doing. But we don't do that as a human species because we fundamentally trust that it can't happen to me. We fundamentally think that it won't happen to me. We do nothing about it as a result. So what we have, which I've determined over the past 30 plus years, is that we suffer from what I call the human blind spot.

So the human blind spot is our psychological instinct to trust what is familiar to us. It is that cognitive gap where biological trust, and that's what we have, we have this biological trust that overrides digital suspicion. And it leaves the door wide open for all kinds of fraud, including AI enhanced deception. And so this human blind spot, it's not just that we trust by default.

speaker-1 (38:49.78)
It leads to denial. So for example, when you're watching the six o'clock news, and something bad or something tragic happens in a neighborhood somewhere, something bad happens to a family, whatever it might be, home invasion, whatever, right, the local news channel goes into the neighborhood with a reporter and a guy with a fuzzy mic and a cameraman, right, and they interview the neighbor. The neighbor comes outside, they put the mic in her face. What does the neighbor always say about what happened?

speaker-0 (39:17.944)
That's such a great idea. These people, mean, it's such a shock. We're so surprised this happened here. We never saw this coming.

speaker-1 (39:26.318)
Yeah, they always say the exact same thing, right? Yeah. It's comical to me, right? Why do they say that? Because they've never once even thought...

speaker-0 (39:29.428)
every single time.

speaker-1 (39:36.866)
that it could happen here. They've never believed that it could happen here. They don't wanna think it could happen here. And because what they're truly doing is, in the presentations that I do and I speak 50, 60 times a year, I get in front of live audiences on a platform of 100 people, 500 people, and I ask the audiences questions. And the questions I ask are like basic stuff. How many of you are using...

a different passcode across all your critical accounts. If I get 15 % of the room, that's a lot. How many of you are using two-factor authentication across all your critical accounts? If I get 20%, that's a lot, right? And in that same line of questioning, I say, so how many of you have a home security system?

If I get 15, maybe 20 % of the room to raise their hand, that's a lot. And it's never 20%. And I say, okay, so why don't you have a home security system? And they say, and I get all the same answers wherever I go in the country. Well, we don't have a home security system because we have insurance.

As if insurance is going to protect you when your house is burgled while you're sleeping. And then they say, I don't have a home security system because my husband says, if they're going to break in, they're going to break in. What are we going to do? So basically, they have this fatalistic attitude that there's nothing that they can do to prevent it.

which is completely ridiculous to me, but I understand where they're coming from. But the most common answer that I get when people say, well, the reason why I don't have a home security system is because I don't want to live like that. And what they're saying is, and I say to them, well, did you know that every year in the United States between 1.5 and 2 million homes are burglarized, which is legit.

speaker-1 (41:27.234)
That means in the next 10 years, that's 15 to 20 million homes that are going be burglarized. And they say, well, I don't want to live like that. Say, and they literally say the words, I don't want to live in fear. Right. I don't want to live like that. I just want to be free. And what they are truly saying is, I don't want a constant reminder in my home.

like of an alarm keypad that I see every day that reminds me that there are bad things or bad people out there doing bad things. I don't want to have to think about that. Therefore, I would prefer to function and live in denial.

speaker-0 (42:05.9)
Right, their cognitive bias forces them into a state of denial. And then they're not prepared.

speaker-1 (42:12.846)
And here we are today in 2026. And I would say that 95 % of my audiences are that today. We just don't want to think about these things. prefer to not think about it. We prefer to keep our head in the sands. We would prefer to just watch Dancing with the Stars and not have to think about these things. And that's truly why

the bad guys are able to flee somebody out of a half million dollars because with trusting by default functioning in denial we don't recognize risk as we should we think about it as a bad thing and one of the things i say to my audiences is and this is a true thing i say to them okay listen i'm a guy that has and this is true

And this is like, I'm gonna kind of ask you a question. Like I'm a guy that has 22 security cameras, right? And so when you hear, this guy's got 22 security cameras, what might your, like, be about my disposition, my worldview? Like I wake up every day, I got 22 security cameras, this guy must be what?

speaker-0 (43:20.718)
paranoid that's what they think that's what they think but it's not you just want visibility just like for an organization you want visibility into your network you want eyes on glass right like it's otherwise I'm not gonna be able to protect myself or it'll be too late by the time I find out that they're inside

speaker-1 (43:41.41)
You can't go into a restaurant, the mall, of course the airport, without there being dozens to hundreds of security cameras. Is everybody paranoid? Is everybody mentally ill? Because that's what paranoia is. Paranoia is a mental dis-ease. And so we, as a culture, we associate security and paranoia.

speaker-0 (43:50.08)
everywhere.

speaker-0 (44:05.538)
Yep.

speaker-1 (44:06.048)
If somebody is engaged in the process of security, he or she must worry. They must truly think that others are out to get them. They must be paranoid.

speaker-0 (44:15.416)
But I think that the truth is nothing like that because I mean, I think what you're saying is spot on. But I think that the truth is having talked to some of these criminals as you have. Look, look, look, they're opportunistic. If we if if somebody puts up a little bit of resistance, they will move on and go after the people that are leaving their doors wide open with no cameras because there's so many of them.

Would you agree? like, yeah, I mean I always think of you go to a Target or a shopping mall, right, or a Target parking lot, right? When someone's gonna break into that car, they're not gonna smash the windows in the middle of the day and draw attention to them. There's cameras everywhere, etc. They're gonna walk by all the car doors and pull on them and see who left their car door open.

by thinking the way you just described what people are doing is they're creating more risk for themselves obviously because they're leaving their doors wide open yeah because i don't want to think like that i don't you know i don't want to be paranoid i don't want to be afraid i don't want to live in fear uncertainty and doubt the point is you don't have to you just lock your freaking doors

speaker-1 (45:30.534)
And that is all about an entire culture, an entire society who has essentially has created misconceptions, misnomers, myths regarding what security is. It's about worry and fear and paranoia, but it's not. It's about control. It's about managing risk. It's about putting your seatbelt on because you know it's the smart thing to do.

because it gives you control over that vehicle. It keeps you tight in the seat so that you have control of the steering wheel, the gas, and the brakes, so that you don't end up in the passenger seat swerving, right? But we don't look at security in that regard because we've never had a conscious conversation with somebody like yourself or me that explains what security actually is versus what it isn't.

speaker-0 (46:09.666)
Right.

speaker-1 (46:24.298)
in companies, when I speak to companies, they're bringing me in because their chief information security officer was completely frustrated. Because his employees are asking him questions like, so how do I know what link is okay to click when I do a search on Google?

speaker-0 (46:41.016)
Right.

speaker-1 (46:41.73)
which is such a one-on-one thing and I don't necessarily fault the public for not knowing the answer. The issue is that that chief information security officer, or she is an expert in this stuff but doesn't necessarily know to... It's about communication.

speaker-0 (46:56.386)
translated in English. Yep.

speaker-1 (47:00.618)
He or she doesn't necessarily know how to communicate the basics to the general public. know? And so who ends up back against the wall? It's that chief information security officer that is doing everything he's supposed to do, providing phishing simulation training.

speaker-0 (47:15.34)
Right.

speaker-1 (47:16.526)
whether it's daily or monthly or annually and his employees just aren't getting it and why aren't they getting it? They're not getting it because they're not locking their own doors. They're not installing their own home security system. They're not getting a credit freeze for their own identity. They're not changing up their passcodes. They're not using two factor authentication. Why? Because security is not my job. It's the chief information security officer's job. They're not going to attack me. They're going to go after somebody else. Why would they want to steal my identity?

It's like it's as if we are functioning in an adult world as our five year old kicking and screaming selves, you know, dealing dealing with the world emotionally as we were back when we were children. And we don't see security as something that we should as adults. And further, like we still aren't having what I call uncomfortable conversations with the people in our lives in regards to security. You know, like I don't know that most people actually send their daughter off to college.

and actually have an uncomfortable conversation with her about sexual assault.

speaker-0 (48:23.308)
Right. They just go, hey, do you have your meal plan? is everything, know, are you going to, you know, have you talked to the sororities? Have you? It's all positive stuff. It's all fun games because those are easier conversations. Yeah.

speaker-1 (48:38.132)
My girls know exactly what to do and how to how to significantly hurt somebody that means to do them harm. They know how to hurt somebody. And I've had my girls, you know, years ago say to me, you know, daddy, why does your brain? You know, and I'm like, well, it's reality. And so.

speaker-0 (48:52.546)
Go think like that. That's reality.

speaker-1 (48:58.182)
In the kind of dialogue that I have with my girls, it's the same kind of dialogue I have with my audiences. These uncomfortable conversations that we have are meant to ultimately get us to recognize risk. It's not to instill fear. It's to break down why there is risk. We've got...

speaker-0 (49:14.979)
That's the difference.

speaker-1 (49:20.73)
Seventy, ninety-seven percent of the population is good. Three percent isn't. This is how they operate and this is how they do what they do. This is what risk looks like.

All you need to do is these basic things and you're good. Like you said, you become a tougher target. You become a hardened target that they're just going to move on to somebody else. And you go off to that party with all your girlfriends and okay, you're having alcohol too. But like if you never allow somebody to get you the drink, you just keep yours to yourself so they don't slip you something. And then like you consciously recognize like you can only have so much and why.

and when you start to see your friends having too much and they're getting a little stumbly, right? Know that that's the perfect opportunity for somebody to take advantage of them. And so you have these conversations and sometimes you get a little bit graphic. And so now you're painting a picture. And so as they what if and they visualize and they actually see it play out in their own world, now that they get to see

speaker-0 (50:24.782)
reality for them.

speaker-1 (50:26.264)
this is what daddy was talking about. And I think that these are conversations that we should be having that we don't have and sexual assault is still a significant problem.

speaker-0 (50:36.302)
Well, Mr. Cissiano, I could talk to you for hours. That was fantastic. That was... I know our audience will get a ton out of here. I will have links to all of your books and links to your website. I encourage everybody to check you out. If you are looking for a speaker, engage him. This is just...

phenomenal conversation. It really paints a good picture of the reality of risk and why security is manageable. And why people for themselves can take reasonable steps to make life, you know, maybe slightly more inconvenient, but it's not inconvenient generally, right? It's like a seatbelt, right? Yeah, it's slightly more inconvenient to put it on, but come on.

speaker-1 (51:11.084)
Man.

speaker-0 (51:30.764)
Like, you know, when they first came out in the 80s, everybody was up in arms about seat belts, you know, and then they were I remember seeing the videos of people saying like, next time they're going to tell me I can't even drink a beer on the way home. No, no, you can't, buddy. Like, no, just wait till you get home and get out behind the wheel and then have your beer. Like, but it's some of those conversations about security or conversations like that.

speaker-1 (52:00.014)
Yeah, so, you know, and I could talk to you for hours as well. So in the past 30 plus years, I've developed a methodology which I call the strategic human firewall.

speaker-0 (52:10.286)
Yep.

speaker-1 (52:10.858)
So the strategic human firewall is essentially what I I present at my programs. It is designed to block deception. It is a proactive governance. It's a mindset that turns employees from passive targets into active detection layers. It's the shift from I trust what I see to I verify everything.

speaker-0 (52:30.528)
everything.

speaker-1 (52:31.202)
And the beauty of becoming a strategic human firewall is it's not just at work, it's across the board. It's with everything. All security is personal. It all begins with you and your physical world. It begins with violence prevention, right? And there's nothing more personal than protecting your person, your being from violence. And then from there, it's your identity, which is the digital world. It's protecting your social security number. It's protecting your information, right? And then once you understand and recognize risk, all security is personal.

and you understand how to become a strategic human firewall, going forward, you're good. You become a tougher target, both personally and for employees professionally.

speaker-0 (53:13.688)
Exactly right. Man, well done. I encourage everybody to check you out. You've written about the strategic human firewall on LinkedIn. I encourage people to check that out as well. Thank you. And thanks so much for your time today. All right, man. Thanks.

speaker-1 (53:31.062)
Hey, this is great. How are you doing? Thank you so much.