The Wolf Of All Streets - Haseeb Awan, CEO of Efani and Inventor of the Bitcoin ATM on Sim Hacking, Why Your Personal Information is Readily Available, the Dark Web, Protecting Yourself from Hackers and More
Episode Date: April 28, 2020Haseeb Awan, CEO of Efani and Inventor of the Bitcoin ATM offers a masterclass on Sim swapping and securing your phone and information from hackers. Haseeb and Scott Melker discuss what SIM Swaps are,... how hackers find your personal information, how the dark web functions and, most importantly, the best ways to secure yourself. We also discussed his long history in crypto and the invention and proliferation of the Bitcoin ATM. This episode will keep you up at night and compel you to take security seriously - starting today. --- ROUNDLYX RoundlyX allows you to dollar-cost-average into crypto with our spare change "Roundup" investing tool, manage multiple crypto exchange accounts in one dashboard and access curated digital asset content and services. Visit RoundlyX and use promo code "WOLF" to learn more about accumulating your favorite digital assets when making everyday purchases and earn $4 in free Bitcoin. --- VOYAGER This episode is brought to you by Voyager, your new favorite crypto broker. Trade crypto fast and commission-free the easy way. Earn up to 6% interest on top coins with no lockups and no limits. Download the Voyager app and use code “SCOTT25” to get $25 in free Bitcoin when you create your account --- If you enjoyed this conversation, share it with your colleagues & friends, rate, review, and subscribe.This podcast is presented by BlockWorks Group. For exclusive content and events that provide insights into the crypto and blockchain space, visit them at: https://www.blockworksgroup.io
Transcript
Discussion (0)
What's up, everybody? This is your host, Scott Melker, and you're listening to the Wolf of All Streets podcast.
Every week, I'm talking to your favorite personalities from the worlds of Bitcoin, finance, trading, art, music, sports, politics, and basically anyone else with an interesting story to tell.
So sit down, strap in, and get ready, because we're going deep.
Let's go.
I'd like to thank my sponsors, Round the X and Voyager, for making today's episode possible.
We'll hear much more about them later on in the episode.
This podcast is powered by BlockWorks Group, the only events and podcast production company I trust.
For access to the premier digital asset conferences and in-depth podcast content, visit them at blockworksgroup.io.
I promise you will not be disappointed.
Today's show will be a masterclass
in security. So get out a pen and some paper and be ready to take notes. This topic hits close to
home for me as I've been the target of various hacking attempts. A couple of months ago, I was
sitting at my desk and happened to look down at my phone. I watched my T-Mobile service disappear,
but thought nothing of it as it's common for me to lose service temporarily because T-Mobile just
doesn't offer that great of service.
A few minutes later, I started to receive emails
asking if I had attempted to reset my password
to sites like Coinbase, GoDaddy, and Gmail
and quickly realized that someone was trying to hack me.
As I'd recently heard a similar story
of someone being the victim of a SIM swap.
The next few weeks were absolute hell.
While I was lucky and avoided any financial losses,
the experience was horrid
and not one that I would wish on my worst enemy. Then I got in touch with today's guest.
Haseeb Awan is a cell phone security expert and the CEO of Afani, America's most secure and private
cell phone service. He also is the creator of the Bitcoin ATM and has a long history of innovation
and success in the crypto space. Haseeb, thank you so much for being on the show today.
Thank you. Thanks for having me here, Scott.
All right. So let's just dive right into it from the beginning. What exactly is SimHacking?
Okay. So I actually went to the same experience that you had. Someone took out my telephone
number and then I started getting emails. But luckily for me, I didn't get any financial
problem with that. But at the same time, I suffered a lot of emotional loss and painful.
It was a painful process and happened to me four times.
And that's how I started the company.
So SIM hacking.
Purely as it looks like someone just takes over a SIM card.
So they buy a brand new SIM card from the store or online,
and they transfer your number to their number.
So now they can do whatever you can do with your telephone number.
They can pretend to be you, get into your account,
and finally bring you.
So they can take over every piece of money that you have,
every money that you have, and also get into your account
and try to blackmail you with some information that they found
or ask you for ransomware to get your accounts back.
So that is what you would do with sim hacking.
It's a pretty simple process.
Generally, it's done through social engineering or, in some cases, through bribe, where they
will pretend to be you or use a fake ID or call that, hey, there's someone there.
You lost your cell phone.
And based on the information that's publicly available or on dark web, they will just take over your telephone number. And you may not know it within
like 10, 15, 20 minutes, or sometime even up to like six to 10 hours. But like imagine someone
sims up here at 10pm at night, and you're sleeping, so you may not even know till you get up,
and then everything that you had is gone.
Right. I was so lucky that they attempted to do it at like two o'clock in the afternoon,
my time, because I happened to be sitting there and watching it. What you just touched on is
exactly what I thought was, oh my gosh, if this had happened at 2am, it would have been 10 times
a nightmare. And I actually know that recently Charlie Shrem told me and he tweeted about it,
that you helped him at two o'clock in the morning with his not first, but second or third SIM swap.
Yeah. So a lot of people think that, hey, we are protected. And I think in your case too,
like when we try to SIM swap you or we try to do something similar to that, a lot of people
that, hey, because I'm in AT&T or like any other major carrier, I've told them, hey, I'll get some facts,
so have protection on my phone.
But 99.99%, we are still able to hack them.
And if I can hack them, think about the white label methods,
what cyber criminals can do to them.
So yes, think about it.
Or you're traveling.
Imagine you are going on a vacation and you
are just sitting on a plane for 10-15 hours. And, you know, they hack you in the meanwhile.
Right. And, you know, it's just a really crazy experience because you then go through the whole
process, you turn your phone off with T-Mobile. That was the first thing I did. I said, absolutely
shut my phone down.
But then you go through these next weeks of talking to their fraud department and all of their experts.
And they tell you, you know, we've added this protection.
We've added this protection.
We've added this protection.
You're good.
Literally nobody can get it.
And so then what happened when I called you to switch to your service?
You SIM swapped me in less than two minutes.
Correct.
I think you were done in like 60 seconds or 120 seconds and you
were sim swapped. And you had experience. You told them that, hey, put through. And they will assure
you that we have gone through. It's impossible for them to stop it. I think that's what people
don't realize. But I understand why someone would hack me. I'm a public figure in the space. It's
my real information. I'm doxed. I'm not an anonymous person. But do they attempt to SIM swap, you know, anonymous people or people that maybe are not
as visible in the crypto space? Well, certainly. So I'll give you an example
of like, we do get victims who are like old, like 65 plus or some people who are ordinary
because when they're SIM swapping, they have three motivations, right?
So number one could be financial, which is the biggest motivation.
Second is reputational.
They want to fuck you or they basically want to make sure that you have,
they destroy you, right?
Like, you know, social media account or something.
Third is emotionally.
They really want, they hate you.
So if you believe that, you know,
none in the world have either of these motivations to hurt you.
I don't know what you're doing in your life right now.
Right.
Everybody's a potential target.
Yes, it does.
A lot of people think, hey, I'm already a person, right?
Like, you know what?
Why do you put a lock on your door?
Don't put a lock on your door.
Like, just sleep without.
Like, think about sleeping in your house if you are nobody without having a lock on your door,
I wouldn't be able to sleep.
I don't know if anyone else would be able to sleep.
It doesn't mean that you're targeted.
Like sometimes you're targeted, targeted.
And sometimes you're just like a victim of like random thing.
It's the weakest link, right?
Whoever they can find the most easiest way and whoever is the most vulnerable.
So they have all the algorithms and the way they start off it a lot of information is public right now like frankly some is by intentionally
some is unintentionally so your company is selling data uh and they sell it to anyone like basically
it's paper play so if i say hey i want to buy data of this zip code i can just literally find
out top thousand zip codes in us and then find out everyone who lives in that zip code and buy
their data and then i can run through an algorithm and through algorithm, I can find out who's the
best target.
And my algorithm can also tell me that, hey, what car they drive, what, you know, like
if they're rich or if they're not, like, you know, where do they work and everything.
And same time, it may not, you may not be directly target.
You may be connected to someone who's a target.
Like, think about it.
If you are, you may live in a very cheap neighborhood, but you are like an executive assistant or like some secretary
or some security guard for a big firm, they may hack you, right? Because they're trying to get
into that system. So, but again, like I said, if no one in the world have any financial,
you know, reputation or emotional attachment to you i think
you know i i can't find those people but if you do let me know right so it's somewhat clear that
they're willing to hack anyone it's not as crypto specific as people in this space might think but
if all of your you know crypto is secured in theory in theory do you still need to worry
about being sim swapped it depends so number one you you will get SIM swapped because you know that,
you know, you don't have like, think about it. Like, you know,
if you're rich, right.
People may still attack you because they may not find crypto,
but they may find other information. So I'll give you a simple example.
Is your social media account important, right?
Is your IRS account important? Is your like, you know,
your pension plan or like, you know,
WhatsApp or telegram
is important because they can still get into that they can still get into uber accounts i'll give
you a very interesting history about a case that we had to walk through um a person wanted some
information from uber and uber obviously will not give information to the sims of the person
and then when they sims up uber you can can basically click on reset password and send you a password on your telephone number.
And now you can see where the person has traveled in the last, I think, 90 days or I think one year.
Now, this is a small one thing I can tell you about.
Like, you know, if you're an Uber driver, right, we have seen a lot of cases where you can go into someone's Uber account.
So I'll give you a simple account of Uber driver.
Like Uber driver would think like no one cares about me but once you have an uber you can have a scanner which costs you like 100 200 and you can
scan everyone by imei numbers and potentially from that you can also get telephone number
so if you sit in uber and you ask for his number he may give you this number correct and if you
believe that he's a he makes a lot of money you can since up him and you can change the the
way he receives the money so you can just change it to like your own bank account and he's driving
and but you will get the check and frankly he would not even he may not even realize for maybe
uh two months or one month that hey where my money's going because you got the money and now
good luck securing that money and that money may turn up offshore so you don't have any control over that right and i would have to imagine that
uh for a wealthy person extortion or blackmail is also an issue correct it is so so in dark web you
can unfortunately find out someone call log and also can find call locations imagine like in
covid 19 i'll give you give you example uh You can exactly find out that where the person is right now.
So imagine you live in New York and or like you live in San Francisco,
but during COVID you went to Tahoe.
So you can actually find out who can, where someone is.
So frankly, like if you know the person, his house is empty right now,
he's in Tahoe right now.
I think that information is not fun to have for everyone.
Yeah, I mean, that's very, very scary, even beyond.
But and then there's the, you know, they could get personal information and tell you that they're going to spread it.
If you know, you don't pay them a certain amount of money or something like that as well, I would imagine.
Oh, certainly. So fun is financial.
Like, you know, they go into crypto, you're going to bank account, like they have a cron job. So once they get into email, they can actually scan through all the information within minutes, like it's all done through like a software. And then they, the fun is financially, they try to train you as much as possible. Then secondly, they go into, like they try to get into PayPal, Venmo, anything they can do. Second thing is emotional. So they'll try to get into your person accounts like Facebook, Instagram, try to download the history,
trying to find into your, if they can get into iCloud,
find your pictures. You know, we had cases of revenge porn.
We also had cases of it like, you know, purely like, you know, they found some
information on their customers and they blackmail them. If you
don't give me this information like
think about a lawyer if your information is compromised you may be okay to give money to
someone to not disclose that information because you'll lose your entire career of it so they do
pay something so yeah first is emotional then they come after reputation and then third is emotional
they just wanted to because they're criminals they're evil minded right so just wanted to, because they're criminals, they're evil minded, right? So just don't want to screw with your mind. They will basically push you until you break down.
And frankly, I would not be surprised if people have done suicides.
Right. I'm sure that that's true.
So you've touched on a few times the dark web,
and I think that that's a foreign concept to most people.
Can you talk about what the dark web is, how it works, what it's used for?
So dark web is, think about like, you know, as dark web, like the name suggests, like, you know, basically it's very dark.
It's hidden from the internet.
It's not discoverable to ordinary person.
So you need to have a special browser and you need to have a special method to go into that.
So think about like ebay.com.
There will be like ebay.com for illegal stuff.
So anything you can find uh you
cannot find on like legal web you can find there like like literally anything you can ask someone
to murder someone you can ask someone to buy a specific gun you can get any kind of like medicines
that you cannot get in store for cheap but they're obviously uh not legal or not to the proper
channel you can ask for drugs you can
ask for any person so there are people who are selling that information there so with specific
case like imagine you are an employee of like a cell phone carrier and you work at a kiosk
it's like similar working at a mcdonald they'll just say hey let's sign up tomorrow and now the
person will have access to everything so he will create an account on dark web and start selling information because right now he's getting a 15 out store but online he may
make money like 300 400 by selling one account so if he said like 10 accounts per day he made
like three four thousand dollars so he may not make money from his regular job but he make money
from his uh dark web so dark web is technically um it's just an illegal web right that is not discoverable not
catchable so there's no like regular domain like you know you have body like code addy where you
register domains it's all illegal it's just based on decentralized system and you pay them in crypto
and sometimes like a lot of currencies like monero or other currencies, which are not private. It's quasi like, like, you know,
anonymous to,
to pay.
And so all the transactions,
purely,
purely,
purely illegal.
99% cases,
transitions are illegal.
That's why they happen dark web.
So your data right now is being sold right now.
Like if you say,
Hey,
I want to get access to people who were hacked in Facebook hack,
you can go there and find out.
And you can also pay people to,
so pretty much every major company
have their employees selling your information there.
So that's really how it happens.
It's an employee who's a low paid worker
and has an opportunity to make more money.
I would also imagine, I mean,
we all heard about the Equifax hack a couple of years ago.
Didn't that pretty much released, I mean,
a huge percentage of data on almost every American
into the dark web?
Yes, and also it's not like, so these hackers,
like number one, they mostly are outside US,
so they will work in a foreign country.
And the laws are pretty simple and they don't get exposed to a lot of regulations that we
have here.
They may get some information from Equifax and they may get some information from Facebook
hack.
They will basically go into multiple of those hacks and combine that information because
once they come after you, they come with a lot of information.
And that may not just be from Equifax, but it's a combination of multiple things.
Yeah, that makes sense.
So now we know how the dark web works.
What do the criminals do with this information to actually end up swapping you?
I mean, I know someone like me, my information is somewhat public.
You can find me on Facebook.
You can find information about me anywhere.
If you're an average person,
what is that criminal,
what information are they specifically looking for
for the opportunity to hack you?
So number one information they have already,
like frankly, it's very, very hard
for every American to,
because we are giving information,
like if you sign up a contract with your,
I'll give you an example, like any contract that you sign, we don't read
it.
And it's specifically says that we are okay to share this information with third parties.
Right?
And even within the party, you don't know, like there was a recent sprint hack where
they had a contractor who had this information stored in the Dropbox.
So whenever you go in a store and you swap something, like you don't know what they do with information.
They may throw it out, but they may not.
Right?
So for an average American, it's actually bigger talk
because like imagine if you got hacked
or like a high profile person got hacked,
he may be able to spend money lower than do stuff
to protect himself.
But every American doesn't have a lot of support.
You know, they're basically on the mercy of any,
like where would an average American go?
He can't go to a lawyer
and say, hey, here's $10,000.
Secure me. So what will happen is
he will get constantly drained by those hackers
who will come. So I give an
example of having someone like,
imagine you are on the ground,
like on a playing field, and someone is
holding a sniper from
the top. Now, his goal is
who he needs to hit today.
And frankly, it's up to him.
He may watch and he may have algorithm to scan
who I should be hitting today.
And that's where he targets.
Every second, three Americans become a victim of cyber crimes.
Every second.
And who's protecting us from that?
Anyone? The government?
Well, that's a good joke, right?
Frankly, like I had, I don't trust, like
I believe in government, but I'm certainly libertarian. I just think that it all comes
down to your own self too. Like, you know, there's some kind of sanity that you need to do. Governments
are doing a good job, but frankly, there is a very,
very thick line,
not a thin line between privacy and security and liberties and freedom
and all those things.
Government cannot come after everyone.
They can't protect a small crime.
They're doing a fabulous job at protecting a lot of us,
but at the same time, they may fail at multiple things too.
That's why we have bulletproof cars.
If the government were protecting everyone, then there should be no guns right but they don't like you know there should be no
health care problems but ultimately it comes down to like you like you know we don't put a lot
we don't like you know leave our doors open that hey governments are basically protecting us no
they are they are but it doesn't mean that you need to be a fool that's why every car will say
that uh if you go outside they will say that hey, put a lock on your car, right? Like why you should not leave any expensive
stuff in your car. So frankly, there's no one like, you know, and 99% time this out on fault.
Right. So specific to crypto, we all know that you're basically your own bank, you're in charge
of your own security.
It's not like your money is insured. So if you get hacked and you lose your crypto, it is gone.
So I think the most important thing we can talk about is how do you secure yourself and make sure
that that doesn't happen? First of all, I know you run a service. We can talk about that to actually
prevent the SIM swap in the first place. But let's say you're an average person and you actually get SIM swapped, what protection should
you have in place to make sure that they get nothing? So number one thing I put is like the
Google authenticator or Authy or some kind of like third party authenticator. So it's an app
based authentication, right? So number one, that's like very, very important. Like never,
ever use SMS as a two factor. And now it's convenient, right? It's simple that you have SMS, you get a text message in,
but never ever use it for any sort of...
Because that text message is going to the hacker once they swap you.
That's exactly what they're counting on.
Yeah, yeah.
And so for folks, I'll reiterate,
when a hacker has your control,
basically they will get every phone call that you're supposed to receive.
And they can call anyone from from telephone number that they own.
Like imagine they may call like Comcast and say, Hey, I am like Scott.
This is my telephone number. This is everything.
And obviously the guy on the other end is saying, okay, this is a Scott number.
I'm looking at it right now that they can do that. So yes,
for protection, like for pure protection, like, you know,
don't sign up for every another random
service right have a so for two factor always use an sms and not never use an sms always use
like an app-based authenticator and try to have a different phone like you know a phone like you
can buy a phone off ebay for like 50 dollars like a random basic phone just get it like an android
or apple like an old app and just use it for 2fa
yeah i use a separate phone for for my 2fa it's a bit of annoying but it's worth it obviously
yeah the thing is like you know it's a simple thing like 50 is nothing like you know uh you
can just buy and have a separate offline kind of a 2fa thing that's the single thing that saved me
from uh losing my money was that my 2fa was on a separate phone so they really couldn't access
anything you know no matter how much yeah so if you do that that will basically be very secure
so that's like number one thing second thing is I maybe have like a two kind of a tier email system
so you can have one email that is like totally like a proton email or like any in the secure
and one is like regular for other stuff so that's a bit like one is like a public email and one is like giving email to
everyone kind of thing um so that's like second thing you should do and certainly then i'd be
biased around like using a secure cell phone service like ours uh but if frankly if you don't
then have a maybe use like a couple of telephone number like you know so if one get hacked you know uh
that's your public number but that number is not connected to any service right so you could connect
a google number that nobody knows and has access to to all of those other things even though you
don't really want to have your phone number attached to anything correct i mean part of i
know part of your service getting ahead of ourselves is that you go online and make sure
that people's phone numbers are detached from their accounts we run a check and see you know we advise them but uh and we make
sure that their entity is not linked to a telephone number so the first thing we do is basically we
try to anonymize number we try to delete as much information as possible which is linked to a
telephone number but frankly if people keep on giving their telephone number to everyone like we can keep on
deleting it but ultimately it's up to people too uh so we are kind of uh like we try our best right
frankly like we do because that's why we are very focused on these two things security and privacy
we don't sell you a cheaper plan we don't focus on family plan we don't focus on a lot of things
that you're current like we don't give our netflix because that's you can buy it by your own self right so yeah these are two things that
and frankly i started the service because i was hacking myself right and you know you did it for
yourself right i remember you telling me the story you were like i need a better sim card so you just
built yourself one is that correct yeah yeah it was very painful man like i had it happened four
times and after four times you know it has impact on my mental health too.
Like, you know, I was getting paranoid because like sometimes you do lose signal.
You may go into a cave or you may get off-roading or you may be,
and you lose signal and you know that you believe that it's impact.
So it had a negative impact on your head too.
And like WhatsApp, like, you know, you can have multiple numbers,
but frankly, your one number should be with anyone that want to
reach out to you can't have a different number of a single
different number of telegram and different number or anything.
For public space, you have one number. And if someone get
access to that they can control a lot of you know, like you
got in WhatsApp groups, right? Everyone is like, done of
WhatsApp groups. What if someone has on your phone and gets into
the WhatsApp groups, right? And based on that info you can do you can do a password reset
multiple it's a lot of things that they can do frankly um so yeah so coming back to use a 2fa
as an app that's what it is that's really the the key thing to protect yourself so
let's talk about specifically what you do. You sent me a new SIM card.
You told me it had 11 layer of military grade protection.
What does that mean?
It's way over my head still.
So I'd let you know.
Well, so the thing is that military grade is basically,
we just say, hey, there's some standards,
like, you know, there's no like hard and fast.
Basically, it just says that it's like a generic term
for someone who says,
okay, you know,
we are super secure.
So I make a joke that
if you can basically
break into our system,
you can break into
any military systems too.
Right, right.
And that is what it is.
So by 11 layer of military
authentication is that
we go through multiple
checkpoints to verify that,
hey, it's you who's
asking for this information.
So imagine tomorrow you say,
I want to change my plan, which we don't offer.
But hypothetically, you say, hey, I'm Scott, and I want to do this thing.
So we say, okay, Scott, that's good.
I understand you want to do this, but we have to go through multiple processes.
So I'll give you an example.
First of all, we may text you a call.
We may text you.
So once you receive a text message, we understand that you are in control of your cell phone.
Then we may email you, and we find out, okay, you respond to emails, so you have control of you.
We may send you a physical letter, physical mailing letter.
We may call you.
We may access to your IMI number and see if you're actually the person who's responsible.
So we go through at least 11 different processes to verify it to you, right?
So, like, imagine if one of those process breaks,
you don't get through our systems.
And all those processes are independent from each other.
So if you even are able to like fool one or two processes,
it's almost impossible to pass through like 11 processes.
Right, I mean, because someone who's hacking you, A, has no idea that you're not with one of the major networks
at this point or one of the major carriers,
and they assume that they're going to basically just need
either your name, social security number, pin number, account number,
something that's very simple to sort of find,
and then they're going to run into a brick wall with you.
Correct.
In our case, we understand basically anyone who asked for anything,
we assume it's a sim hacking.
So now it's up to you to prove that you're not a sim hacker.
Right. It's the other way around. It's not like, you know,
okay, you know, this is Scott. So let me do the verification.
Like we don't ask you for mother's maiden name.
We don't ask you for your address.
We understand that this is our address.
So we actually go through a very rigorous process.
I'll give you an example in multiple cases you have to send your
physical physical card like you know physical
letter that you have to sign and send it back or you have to write a code
now if someone is in your house after seven days you know then it's a
different story but if someone have access to your
email your call your phone your home record your physical because we also go
through a couple of other checks.
Like I'll give example, like what if you are being like, you know, kidnapped right now?
So we also look into that scenario. We understand like what if you are being like held hostage by
someone and someone is trying to, so we go through multiple scenarios and we work through like,
make sure that hate is in multiple cases. we have lawyers who actually intervene and they go and do verification on our behalf too.
Wow. It's pretty intense.
That's what we do.
Like, you know, our friendly, like, you know, if even single case happened to us, you know, like we basically should not exist at that point of time.
We only exist for one reason, to protect you and to secure and private you.
That's the only reason we exist.
Like, we don't offer cheaper plans.
Absolutely not.
We are actually the most expensive one, right,
in the market.
We don't offer you, like, Netflix
or, like, Disney Plus subscriptions.
We don't offer you any kind of, like, fancy database
or any kind of other perks.
We don't send you, like, every Tuesday
you'll get, like, a freebie from us.
We only offer you two things, security and privacy.
That's the only thing we offer.
So if you don't do that, like, you know, basically go to a restaurant.
If you go to a McDonald's and you say, I want a burger, and they don't have a burger, like, you know, they can't say to you, hey, I'll give you a hat, right?
I'll give you a toy.
You know, no, you are there just for a burger.
So I just want my burger.
So that's what we do.
Only focus on two things, privacy and security, nothing else.
RoundlyX.com is one of my favorite companies in the entire crypto space.
What they do is they take all your small purchases and they round them up to the nearest dollar and
invest that money into any of 25 crypto assets of your choice. They integrate with your favorite
exchanges so that you can round up into different assets all at the same time. And they do this all without ever holding any of your Bitcoin.
This is by far the best way to dollar cost average into Bitcoin. You'll never even notice that the
money has gone from your account and you'll look up one day and hopefully you'll have made thousands
and thousands of dollars on crypto. Go to roundlyx.com and use the promo code WOLF for $4 of free Bitcoin after making your first roundup or purchase.
That's R-O-U-N-D-L-Y-X dot com and code WOLF for $4 of free Bitcoin.
Are you sick of paying ridiculous fees to trade crypto?
It's time you try Voyager.
It's hands down my favorite place to buy and trade crypto, and it's 100% commission free. Voyager gives you easy access to more than
30 top crypto assets, and you can instantly transfer cash from your bank account so you
never miss a trading opportunity. Even better, you can now automatically earn interest on your
crypto holdings. Currently, they're offering 5% interest on Bitcoin and 6% on USDC. Yes,
you heard that correctly, 6%. And there are no limits or lockups, which means your funds always stay liquid. Find out why so many people are making the switch to Voyager. Visit investvoyager.com or search for Voyager on the iTunes or Google Play Store and get $25 in free Bitcoin when you use the promo code SCOTT25. That's investvoyager.com, promo code SCOTT25 for $25 in free Bitcoin and start trading today.
It's almost scary when you think about the fact that they do do all those other things when you really think about it.
Yeah, correct.
Like, you know, like, hey, I'll give you a cheaper plan.
I'll give you a family plan.
Hey, you bring more line.
And actually, family plans make you more vulnerable.
Like, you know, a lot of us are on family plans.
Like, you know, you're a fan and that actually makes you vulnerable. So I give example,
imagine if you're at risk, like Scott, think about it. You're at risk and you are in trouble.
Like imagine you're going to a war. Would you take entire family with you or you will go by yourself?
Clearly the answer is go by yourself.
Correct. So if we are vulnerable and believe someone is trying to hack us, we are risked. Why would we involve the entire family? Because we had cases where the primary victim had said, they may not hack you directly, they may hack you through someone else. So what if your daughter, you're like, I know you have a daughter, like, you know, so I was a kid too, right? I have a son and imagine he becomes a victim because of you. Oh, well, I mean, the worst part of the entire experience,
hands down, was that my wife was involved.
I mean, we spent, I'm not kidding.
I mean, even with our children, everything,
we spent probably three straight nights awake almost all night,
you know, one hour, two hours of sleep, changing passwords,
trying to, and then you start to forget what your passwords were
and where you store them.
And then you start thinking you're being hacked when you actually just made a
mistake on your own or something. But really, you know, I mean,
I can tell you one of the things that they hacked that they did get into,
which shouldn't have been possible was GoDaddy.
Yeah.
And because that's where my, one of my main email addresses was, was,
was hosted.
And what they ended up doing was somehow they got past our 2FA,
which makes no sense.
GoDaddy has given us no reason.
But they basically went in there.
They then got access to my email.
They locked us out with 2FA by putting it on.
And it took us three days to prove to GoDaddy that we were ourselves.
So during that time, they had access.
And my wife runs an internet company, has client websites, things like that. Nothing was compromised on that end.
But what the person did is kind of the final FU on their way out was they deleted her company
website and email, which takes 21 days to show up. But we went through the process with GoDaddy
for... I'm not kidding you.
We spent 20 hours on the phone with them. Did they change anything in our account? Nothing.
And then one day, she wakes up and her website and stuff is gone. Of course, we were able to recover it. But still, it's like these lasting effects. They messed with her business for no
reason. There was nothing they could access just to be spiteful. So like you said, it's really...
I mean, I don't think people understand that emotional impact of being swapped. I said to you when you
were going through the process of switching me over that when my phone turned off, it like gave
me, I felt like I had PTSD from seeing my service go out. I know, I know, man. Like, you know,
I hear a lot of stories. Like that's why we have 24 service. And frankly, we do get called at late
night, like 1 a.m.,
hey, I got this hacked, and what should I do?
In a few cases, we are able to recover, but in a lot of cases,
like, no, we can't because damage has already been done.
So people don't realize it because a lot of people don't talk about it.
It's like a taboo, right?
Like, imagine you're a lawyer and your client database was breached.
You would never talk about it.
Right, because everybody's going to think
that their own data, which it may be,
has been compromised.
Correct.
It's a reputational problem at that time.
And doctors on any one small business,
and then we try to cheap out on this because it's very fancy,
right?
Like, you know, have a family plan or cheaper plan
and you think you're smart,
but actually you're the victim here.
Like it's just a, in a short term, yes,
it's a very cheap, but it's like,
you can also have an old insurance on your house or your car run like,
you know, no health insurance. You know,
you can save money there too or don't put a lock on your door.
You can also save money there, but cell phone is the most, I don't,
I think I spend most time with my cell phone more than my wife.
Of course. That makes sense.
I think we all get in trouble for that very same
thing. I can say that I actually just spoke with Charlie Shrem, who's a friend of mine. And
randomly, on the podcast, we ended up talking about you and what we kind of went through.
It was completely unplanned, but we obviously knew that we were all mutual acquaintances and
had worked with you. But as I touched on earlier, and I know he talked about this publicly in
Mote Mind, he got swapped in the middle of the night when he called you and
said, shit, what do I do here? What was your actual process? Walk me through what it looks
like for you, as he described it to me, wrestling back his phone from the hacker.
Yeah. So first of all, the first thing we always ask is, is your life in danger? That's a very important question, right?
Do you know, are you under a typical threat?
That's the first question I ask everyone who calls me.
And the answer was no.
Then I said, okay, give me some seconds.
And we get on a call, I think like three o'clock.
And so I woke up and I said, okay, let's solve this problem. So, um, let's solve this problem. So luckily within for his thing,
I think we were able to get the number back in like two minutes, three minutes,
very, very quick, similar to what happened with you too.
So really quick to be clear, he was with Verizon or another plan.
He wasn't actually with you. You were just helping him.
Yeah. I just helped him. I actually wanted to, uh, yeah.
So I actually was with you now
like you know he got it like a lot of people they basically will say hey they'll keep on
delaying it because they believe hey nothing is going to happen to us so i just tell them hey
stop putting the lock on your door nothing's going to happen to you i did the same thing with you i
did this yeah i know i know a lot of people do that and then they come back to us and frankly
a lot of time damage is done right and we can't do we protect them so in his case and i i got an online so i'm a kind of a white hat a white hat
hacker too uh for some people don't know i'm actually a telecommunication engineer and that
i'm with cyber security background and i learned cyber security because i was actually a victim
myself and no one was there when i needed someone so i said okay i will be there when people need us
and i don't push my product a lot.
And the reason for that is purely because one day they will come to me.
And at that time, you know, damage, maybe you're done.
But in his specific case, I got on system and I was able to get it back.
So we have some kind of, I don't want to press more on technical detail because some of this information is propriety.
And some of this is secret. But, you know, we have ways to hack it back.
Like we just hack it back.
Like just think about it.
But a lot of influencers get hacked.
Like, unfortunately we are in business of privacy.
Unfortunately too.
So we can't disclose a lot of our customers unless they give us permission.
Like in Charlie's case, he tweeted about it.
Yeah.
That's the only reason why people talk about it now.
He's not on our website right now because he hasn't given us permission so
far,
which I haven't asked for,
but we do ask explicitly for permission from customers,
but we are very,
very high profile.
We are like a boutique shop.
So we are not for everyone.
We basically only work with like important people and people who care about
the security and privacy.
So in this case, like, you know, within five minutes,
so I control the SIM card and I basically got hold of his telephone number. And I think within like 10 minutes, I called him from his own telephone number. Hey Charlie, hi, how are you?
And he was kind of surprised, you know, and he said like, what the hell is this? Cause he actually
thought that everything is secure. He had every assurance
from everyone in his current career that, hey, you're secure. And false security is
worse than having no security at all. If you're unsecure, you should know. But if you're
carrier, everyone believes that, hey, you're safe, and still you're not. And this is, we
can prove it to anyone. I say, why don't you call your carrier
and tell them that,
hey, you are getting hacked
and we'll hack you in front of them.
Right.
And that's a very simple claim.
Like, you know,
if you believe you are safe,
you can off mitigate like,
hey, I don't,
it's fine if I get hacked, right?
That's a different story, right?
Like I can't convince you
because you don't know
what's going to happen because it's very hard for me to, it's like Bitcoin, right? That's a different story, right? Like I can't convince you because you don't know what's going to happen because it's very hard for me to, it's like Bitcoin, right? There were
naysayers when we got into Bitcoin, like people, hey, Scott, you're stupid. You are getting into
Bitcoin upon this team, just scams, dark web. So you can't convince them, right? It's difficult.
So let's time decide. Right. That makes sense. So do you have any legal recourse against a carrier if they allow
you to get SIM swapped? We've seen some high profile cases where people were hacked for
tens of millions of dollars and sued and were successful. But if you're an average person,
you get swapped, you lose a little money, someone hacks an account. Do you have any legal recourse?
Not really, frankly. So if you got into crypto, like imagine you're with one of the major
exchanges. I'll try not to be very specific here because of legal reasons, but I'll just give you, that's
why I'm using the common terms.
So imagine your carrier sims swap you, but no, the only recourse may be that they may
pay you for the days that you have lost your service.
If you lost your service one day and you're trying to turn it off, they may return you
$3.
Oh, great.
And I'll give you a very simple analogy around it.
Again, I'm not a legal expert, but I'll give you a simple analogy.
Like imagine you are sitting on an American airline, right?
And you miss your flight because of some mistake by them.
Like, you know, so you didn't get for your meeting, right?
To New York.
Because you're flying from Florida, Miami.
Now, can you sue your American airline that, hey, because I lost the meeting, I lost the
business.
So you are supposed to give me the money.
You know, it doesn't work like that, right? the meeting, I lost the business, so you are supposed to give me the money.
You know, it doesn't work like that, where they may return you the ticket flyer, or they
may give you $100 extra to have a nice dinner, but it doesn't depend on the impact, because
they're not taking responsibility of your business.
And that's what we do.
We actually have a 500-dollar insurance policy on top to cover any unfortunate event, because
frankly, regardless of my thing, but practically, it's impossible.
But theoretically, it is possible that even we can be hacked or anyone in the world can be hacked.
Anything in the world is hackable.
Even Bitcoin is hackable.
Right. And you never know what new techniques or technology is going to develop.
It seems like if you're in this business of security, you're basically trying to stay one step ahead of hackers who are constantly evolving, correct?
Correct.
And that's why we say we are the most secure,
but obviously we are not the ultimate security.
And so we just have a fallback policy as insurance.
If something goes wrong,
we have some insurance policy to cover it.
I mean, $5 million.
So what is that insuring?
Is that insuring the losses from your bank account
or your crypto or things like that?
Is that what it's...
We lock that results from our service.
So imagine you...
It doesn't mean that, hey, you went for camping and you didn't get a cell phone call.
It doesn't include that, right?
It doesn't include that, hey, you gave your information to someone and he hacked it to you.
But if you get synced up, yes, we are responsible for any losses.
It's really interesting.
So you obviously, you talked about Bitcoin in the early days
and people thinking it was a Ponzi scheme,
since this is a crypto-based podcast.
Can you talk about what got you into crypto?
What was your early interest in Bitcoin?
And then of course, you're the inventor of the Bitcoin ATM,
which is huge.
So could you talk about all that?
Yeah, so the reason I got into crypto was frankly, like when I went to, I came, I went to Canada
in 2010 for school and around that time was working on a startup and I bought Bitcoin
purely, purely, purely for speculation reasons.
Bitcoin, I think was $60.
So I just read somewhere, I think on TechCrunch or some other newspaper that, hey, Bitcoin
is increasing.
So I said, I'll buy it for $60, maybe sell it for
like $100 and just make some money. That was it. I was like early 20s. When I bought the Bitcoin,
actually dropped like more than 60% the next day. I said, okay, you know, I got scammed. So I thought
it's a bond scheme. It's like, you know, I guess what I want to do, someone did on me.
So you actually thought that? I mean, you actually were one of the people who bought it and then we're like,
ah, this is a joke.
Oh yeah, man. I was very depressed. Like, man, I put my,
I bought it through my credit cards. Like, you know,
I went and did a cash advance and I was student, right? Like, you know,
I basically had, uh, uh, I wasn't saving, like, you know,
I had a couple of success in the past, but ultimately I was a student.
So was it being cheap? Uh, But yeah, I did spread that out.
Okay, I got scammed.
And so I think I bought like 100 Bitcoins
for $6,000 or something.
$6,000, $7,000, like something.
And I bought it on Morngox.
Of course you did.
Yeah.
And then, you know, like next time I wanted to buy Bitcoin,
you know, it was nowhere to go but to buy a Bitcoin.
It was almost impossible to buy Bitcoin because for people people who don't know your account can get shut down if you deal with like
coinbase or any other account and because i was living in canada i'm also canadian so when i was
living in canada it was very difficult for us to have an exchange in canada there was literally
one or two exchanges and those exchanges were not like it was you have to do a wire transfer and
when you do a wire transfer you have to go through like it was a very very complicated process like
you have to send a wire fees you have to send it to a different bank account or the other option
was btce which was in russia and no one knew who who they are uh but there was no like krakens
at that they weren't but like you know they were mostly in america but i was doing canada right
we said why don't you just buy buy like a chaos frankly like you know, they were mostly in America, but I was doing Canada. Right. We said, why don't you just buy,
buy like a chaos,
frankly,
like,
you know, that was idea,
but we thought it was just like a joke.
Um,
so when we started the company,
um,
so around the story,
you know,
we said,
okay,
you know,
that's the thing I called up.
My first customer was Anthony Diorio.
Anthony Diorio was one of the few people,
first people who funded Ethereum.
So I don't know if you know that,
but I think Antonio, Anthony was the first person who gave checks to Ethereum Foundation.
He was the first backer of Ethereum.
Interesting.
Did you know that, Scott?
No idea.
No idea.
The first person who gave money to Ethereum was Anthony Di Iorio.
He lived in Toronto.
Run the company called Decentral.
So I gave him a call.
I think I found him.
So Anthony's background is he made a website in crypto and he sold it to Eric,
I believe.
Yeah.
Who didn't shift,
But anyway,
Anthony was very early into crypto too.
He was a local Bitcoin,
a very,
very smart guy.
And he says,
okay,
you know,
so I saw his interview on LinkedIn.
No,
I think on CNBC or something about Bitcoin.
But think about like 2012, 2013,
not a lot of people were talking about Bitcoin.
Right now, everyone's talking about Bitcoin.
By that time, frankly, it was very hard
to find a single person in your city.
Yeah, nobody even heard of it.
Yeah, yeah.
Like, you know, and now unless you live under the rock,
right, somewhere, you know,
there's a fair chance you may have heard of it.
You don't know what Bitcoin is,
but you may have heard about it. But at that time what Bitcoin is, but you may have heard about it.
But at that time, it was almost impossible for people to know about Bitcoin.
So I reached out to him and he said, okay, you know, that's fine.
You know, like, okay, you know, let me come down.
So he was building a decentralized, decentralized in Toronto.
And around that time, so these were like physical houses
because you have to educate people. So every city was
building like, decent house, like Bitcoin embassies, you
know, like Bitcoin, the center like these kinds of he was one
of the pioneers of that system in a place. So he got a place in
on Spadina Street, I remember, in Toronto, like, it's like,
Times Square, and not a time zone, but it's very, very close
to like downtown in Toronto.
And he got up there and he said, I'm opening a center then.
And it would be wonderful if we have a Bitcoin ATM there, which would be the first machine in Toronto.
And he said, okay, that's fantastic.
So I think it was around like November.
And I remember specifically that we drove around like I think on the midnight of New Year night.
We rented a car. Everything was closed. We went to the airport, we rented a car.
It was like a van, we put the Bitcoin ATM in and we installed on 1st of January 2014,
the first Bitcoin ATM installation in Toronto.
Once we did that, you know, like frankly, media start pouring in, you know, we got a
call, we got mentioned in multiple news outlets, because this was a big thing, like
first Bitcoin ATM,
it was something that would
fascinate people, and then we became like,
to go for Bitcoin ATM,
we had more business than we
could have handled. Around that time,
I met Alexis Ohanian, which is the founder
of Reddit. He used one of our machines,
and he said, okay, well, try to Y Combinator,
which I did, and we were fortunate to be among the used one of our machines and he said, okay, well, apply to Y Combinator, which I did.
And we are fortunate to be among the,
one of the most smartest,
every business smart,
more than most,
like,
you know,
a crypto focused badge in YC,
like,
you know,
Blockstack,
which was known as
one name at that time,
Filecoin,
which is known as IPFS.
There was another company
called San Francisco Exchange,
Open Exchange.
They're one of the biggest aggregators in the US.
So it was a crypto-focused group.
And then we hosted a meetup in our house in Los Altos, California,
around crypto-focused.
And then I met folks from Stellar, you know, like MetalPay.
Like, those were all companies.
Like, it was very hard for someone to actually work with us at that time.
Because no one wanted to work with us,
frankly,
because every investor said,
I remember a word of a very famous investor.
I think it was,
they were Sequoia and they said,
you know,
we are okay to come late to the party and pay a premium,
but it won't want to be,
we don't want to be somewhere where there's no party.
They said no to everyone.
We met with like A16Z at that time.
I remember meeting with like Ben, Mark, all from pretty much A16Z, every major investor
and everyone said no to us, except Pantera Capital and Blockchain Capital at that time.
And so you started this though, right before the Mt.
Gox hack, correct?
So the Mt.
Gox hack kind of put a
negative spin on bitcoin for quite a while was that a challenge for you or did it not affect you
i think it actually worked in our favor because people still believe that physically they trust
physical uh more than data that's still the mentality like if you go in a store and you
buy something you may trust them more than something you buy online so our thing was
you're just paying like a convenience So you can just walk into a store
and just pay money
and get Bitcoin immediately.
Like that's what the best feeling.
You can just put $100
and see actually $100 appear
in your account immediately.
Right.
That is like, you know,
so I think maybe,
maybe 1 million people
bought their first Bitcoin through me.
I may be able to claim that.
Like maybe the first,
like we introduce people
to like literally to me.
Because even right now,
if you go on Coinbase
or any other exchange,
you have to make an account,
you have to send an ID.
It becomes like kind of
a tough experience.
It makes you paranoid.
Like you're sending ID to someone,
then you're wiring transfer,
wire transfer to someone,
connect you to a bank account.
It all is a tough experience.
But our case, simple.
Our goal was you will buy a Bitcoin within 60 seconds.
That was the pitch.
Buy a Bitcoin within 60 seconds.
You walk up to a machine, you put your telephone number,
we do a small KYC, you put,
and that's how I discovered telephone numbers,
how telephone numbers are important.
Because there are companies who will sell you multiple data
just based on telephone number.
We can actually know when the number was activated,
which company is it with, how long are you using the number.
So we had our algorithm to flag it.
So like imagine your Florida number that got activated in New York
and now using in Michigan, we could have tracked that.
And based on that, we could have red flag and lost the transaction.
But yeah, so around that time, I learned so much about like, you know, this KYC and email and, you know, how numbers are important.
Your telephone number is more important than a social security number, mind it.
Right.
And far easier to get, right?
I mean, that's far easier to find.
Correct.
And you don't think about, like, if I ask for a score, like, can I have your social security number?
Like, you say, what the hell is it?
Like, you know, why do you need my social security number?
But if I give you my telephone number, the only thing that you may be afraid of that has he may spam me
has he make cold call me that's the only fear that comes in your mind of course no other fear
um but technically you're giving me key technical but one thing i missed was which was very
interesting so when i sold machine to uh anthony uh so around that time he introduced like
vitalik was living in toronto right and And he said, I'm working on this
project called Ethereum. Okay, that's fine. So we don't have a
website right now. But I think they will website. But they say,
okay, you know, next month, we are we are going to Miami
Bitcoin conference, which is more lemon, which is a good
friend of mine. And they said, Why don't you join us in the
theorem house? Okay so this is where
stories get very i think there were seven people like uh charles oskin from uh cardano we were all
living in the same almost same apartment uh vitalik uh velad uh anthony and i think uh consensus
joseph you know like all the core group, right?
Right, it was a small group.
Yeah, yeah.
All the group, we were living in one house, right?
For the conference, right?
Around that time I met Charlie,
because again, it's very early days,
it's very hard to find like really, really fanatics
for like crypto.
And yeah, so the story happened
and around that time, you know,
we were talking Bitcoin. There's one person who said, no, I don story happened and around that time, you know, we were talking to Bitcoin.
There's one person who said, no, I don't want to join the Ethereum foundation. And that was me.
Like, you know, why the hell I did it. Right. But at one point in time,
we were doing a, so Ethereum ICO was supposed to be done on our ATM.
But because of some reasons we didn't go ahead with that, but luckily they were,
I was able to buy Ethereum at a very good price price i think 15 cents at that time unbelievable yeah so because they
were pre-ico so they were actually pre-ico too so you just did sell some croppings beforehand too
and so we went through all that kind of transition and that's how i got in crypto
and obviously like think about it like you know you are sitting in class with like smart people
from filecoin blockstack were really smart um and then you know talking to ethereum folks like you know you are sitting in class with like smart people from file coin block stack were really smart and then you know talking to team folks like you
know guys who are building the net at that time you know so I frankly was
becoming like lucky I would say lucky but purely for I was surrounded by so
many smart people and why combinator and dick you know like Jed I think he was
working as teller at that time because Ripple was, he was getting off Ripple and he started working with Stellar.
And these were all concepts, like, you know, this is how the world will work.
And I remember the conversation with Ethereum because Ethereum was called Bitcoin 2.0.
But again, you know, for the sake of conversation of this thing, maybe we can keep a lot more
stories about how interesting things happen in crypto and how we thought it
would work and how they're working right now. But focus most on security. Right. So that obviously
transitioned you, as you said, learning about phone numbers and those things and into security.
So I want to pivot back to SIM swaps a bit. With the global pandemic that's happening,
is there extra risk? What's the impact of COVID-19 on your security and your
potential for being hacked? Well, it's increased. Number one reason is that, imagine a system of
collapse. Right now, if you want to get hold of your bank, good luck calling and speaking to your
banker right now. Hours. It takes hours. I've tried. It's horrible. Correct. And it's impossible
to find. Imagine you are with a carrier and you are one of those cheaper cell
phone plans. Good luck calling them right now.
And they may put you on a hold.
So if you got SIM card or you got screwed up or anything like this.
So imagine like you've got SIM card, right? Think about it.
And now you may take like one day to get hold of your account.
You can't get a sim card anymore
because obviously the stores are closed so they have to ship your sim card which will go through
their regular process that may take you a week before you actually get your sim card back from
them then you have to start calling your bank accounts and before like frankly off like you
don't have a lot of response time uh once they once they initiate an attack on you they will
plan properly and they want to attack you uh You're done within maybe hours, maybe half an hour.
So, yeah, you can't do it at that point in time.
So, yes, COVID-19 has actually, unfortunately, as we are quarantined, the criminals are also quarantined.
So, they actually, with zero risk, think about it.
If you're a cyber criminal, you can literally sit anywhere in the use a vpn and hack someone and be untraceable they don't operate out of all
and in majority of the case sometimes they do but a lot of cases they don't operate out of our
lands or jurisdiction so they have no control over them right what's really crazy something
you just touched on that i never thought of but if if this had happened to me now, if I had been SimSwap, say today, I mean, I had to close
every financial account that I had, right? Not only crypto, but I had to shut down my bank
accounts. I was literally living off of cash for two weeks that I happened to have, but my bank's
closed. I had to physically go into a bank to open a new account. That's not something they'll do online.
You have to sign papers and show ID and do those things.
So I literally would not have had a bank account until this was over.
Correct.
And frankly, if you close, getting hold of them and verifying your ID,
because they may think that you're a hacker, right?
So they may do their check.
But before everything happens, because one thing you forget a lot about,
when people actually have hacked you, they have the latest information.
You may not have it.
Like, how would you remember that what transaction did I do like two weeks ago?
But hacker can sit in front of computer and can go through all the transactions
and verify that he's actually you and you are not you.
Because he has control of your account.
So he has a much better chance of potentially acting as you.
Right. And I mean, do you think that these hackers do a trial run in advance?
Like, do they call the specific, you know, like if they were trying to hack your bank, for example,
do they call and see what information they ask for before they do it so that they can make sure that they have that information on hand?
So they actually have everything right. So before they come to you, before they do it so that they can make sure that they have that information on hand?
So they actually have everything, right?
So before they come to you,
before they attack you,
they have already done a lot of their groundwork.
Right.
Like on Charlie Shramp,
like attack was very, very perfect time,
like three o'clock in the morning,
at night, like imagine like the banks,
I think it was Friday night, right?
So on Saturday night or something like that,
I think it was a weekend
and uh the bank will be shut down next day so they will get like 48 24 hours and they would have probably everything before uh you can react to that so like imagine chase bank it's a it's a
list right it may be a list of like five questions you have to ask like uh uh and uh and those
questions are public right so based on whatever that
happened they it's it's a it's a machine that's going on so all good and that's
running you're not competing of you know you're competing about criminals who are
very sophisticated and they're coming after you so they run everything we have
all good at them smart folks who are actually unfortunately using their mind
for to hurt you or damage you
uh but yeah right now like you know you can't call anyone frankly it's almost i call i try to
call my bank for some other reasons um i think i wanted some statement or something and they said
we are not taking appointments over the phone you have to set up an appointment online uh and then
we will tell you when we are available.
Wow. Yeah, I mean, I've been through a lot of the same things. Just a really quick question as well.
We've talked a lot about phone security.
I know that some people have asked and are curious,
are there browsers online that are secure that will actually protect you,
or is that something that's not necessarily useful?
So I prefer to use a VPN all the time.
Like, we don't offer a VPN right now,
but we will be starting offering our own personal VPN
because right now the problem with the VPN
is that they share the same pool.
So like think about IP,
like maybe you are using an IP that's shared
and that's making you vulnerable to do the right thing.
Like you may log on to Facebook
or go to your bank account or any other thing
with the person who is using that IP
specifically for wrong reasons.
So that's why. So go for a better VPN.
Browser-wise, I personally
use Brave, frankly.
They don't pay me for that, but
I do like them. But
if you're too far out, you can actually build
kind of your own browser too.
You can go on
GitHub and compile.
Chrome browser is basically built on Chromium, so you can go on github and compile like like chrome browser is basically
built on chromium so you can compile your own browser and and have the right plugins and use it
uh if you want to go that far but for average customer i think brave is fairly decent what uh
what information is someone getting from your browser if you're using say chrome i mean we
know that google's gathering everything but it sounds like people are getting your information on the dark web or elsewhere
anyways but what extra risk are you taking by using a browser like chrome so it depends like
the when google use information they basically use it for different purpose other there is it
could be kind of similar too but they basically use it to target you so you can basically pay
them more so if i want to run an ad on google i can tell them hey this is person that we should talk to this is what uh this person is uh like you know i want to show
them better ads right i want to make sure that they i can impact their mind if they want to so
that's one thing that google does um like they will not like say hey i want this information
because i want to have this person um so so depends, like, you know, what's your goal?
Is your goal more like no one should track me
or is it your goal around like no one should hack me?
If the goal is around like no one should hack me,
like, you know, frankly, like Google is not going to do that.
But if you say, hey, Google should not be listening to my information
and because Google has that information,
they may compromise that information,
then just use Brave.
Like Brave is a fairly good browser.
Right.
That's, I think that's what most people in crypto want to hear
because I think it's the favorite browser,
certainly in this space.
So any other additional tips before we finish
that people should know about security
before we quickly go to how someone can actually contact you
and use Afani?
Yeah, yeah.
So certainly.
So I do actually help people without like, you know, like they don't have to switch to
our service, right?
Because obviously I do it mostly for mission revenue company.
Ideally, they should use this.
But for some reason, like people may want to save money, right?
They may not be able to afford it or they may think that they want to compromise on
getting a Netflix or their own personal data.
Because someone is paying for that data, right?
Either it's you or it's criminals.
That's the true story.
Like either you got a product,
so we believe that you're not the product.
So form secure, 2FA is very, very must, right?
Try to use 2FA as much as possible.
Get a new phone, get on eBay or like Amazon,
any other store or find it in your closet,
like, you know, an old phone.
That can have a 2FA and install it.
And implement, don't, like, wait.
Like, don't say, I'll do it tomorrow.
Do it right now.
That's one thing you should do.
Second thing is, like, you know, have maybe a multiple email address.
Like, you know, maybe have two email addresses.
Like, you can go on Gmail and create, like, two email addresses
and connect them together.
You don't have to check two inboxes.
So one should be, like, giving spam to everyone.
So if you want to sign up for a service, you can like multiple there's one other tip that i want to give it to
you is i don't know if you know that but on gmail you can actually add plus to your id and have a
unique email address and you can give it to different people so imagine you want to sign up
for uh for our service just to give examples you can have a scott plus ifany at gmail.com sorry i did not know that that's
interesting yeah so if you sign up for like imagine um um like you know uh chase bank you
can have a funny sorry scott plus chase at gmail so whatever come up plus and after gmail ignores
that but this is a very good trick for you to understand if your data has been
sold anyway.
And if you make it a practice and everywhere,
it's simple.
Like,
no.
So as soon as your Chase bank account is reached somewhere or something
has happened,
you can immediately track what's the source of spam on what's the source of
like,
imagine you give your address to,
to Chase bank,
but now you're getting email from some lawyer
or some other thing.
You can understand that,
hey, Chase is the guy who's releasing my data.
That makes sense.
So how does somebody contact you after this
and get secured?
Well, it's afani.com.
So if they want to go up and sign up for afani.com,
they actually do this way.
If they want to reach out to me,
I'm Haseeb on Twitter,
simple H-E-S-E-B-E-B
or they can email us
through our own website,
like Haseeb at ifany.com.
I'm happy to help them.
And, you know, like if they,
you know, they have any concerns
about security like that,
I do this for passion, frankly.
So I actually,
I want to listen about people's story too.
What they have suffered,
like, you know,
because it obviously helped us improve too. So,
and frankly, if someone is going through a pain right now,
cause a lot of people don't talk about it. Like, you know, I'm,
everything that you talk to me is confidential. Like, you know,
we basically that we are in business of privacy and security.
So think of us as a doctor, right? Basically we have those kinds of
Hippocratic oath yeah security yeah yeah
this is our we do like you know everything you do is like is your
confidential and you can call me directly we can have a secure line and
we can go over the issue right now because a lot of people are going
through ransom so I'll give you a simple example before you finish off on Gmail
you can set up a label right so and this is a tip so you can set up a table so a
lot of time what hacker will do they may hack your account and before they giving they give you your account
back they may set up a label there in your account so if you want to do for a
path of reset right if you want to do for like I want to record this account
so Scott don't change the password and pay me thousand dollar per month you
keep on paying but one day you say I don't want to pay you anymore. I'll just change my password. You
change the password. I can recover that password because I already have the labels. I'll go to
Gmail and say, because I'm actually Scott, I lost my password, but I remember these two labels.
Right. So Gmail will say, Hey, yeah, this is basically Scott. Cause how would someone else
know that these are three labels, right?
And they will give you account access to a new guy.
And now he'll ask, rather than asking $1,000,
he'll ask for $2,000.
And you would not even know how he's hacking you again.
Because he's already in your account.
He's already left a backdoor in your account.
Man, I feel like I'm not going to sleep at night after this conversation
because it brings back all the crap
that I went through doing this before.
And you know that you
know it's very clear that even once you've been a target that you're probably more of a target not
less of a target and they're going to try to come for you again 100 like i'll give a simple example
of another person like how people will hack you like you know how do you convince imagine i give
you i can go online and find your number like it's pretty simple like you know if you're a general
person there's a lot of services that offer your number you just you have to pay for it
and what i'll do is basically i can just call you right now and uh and leave a voicemail or like you
may pick up the call and say hey ken scott can you call me back and you call me back now there's
a transition of record of like i made a call to you I'm, you made a call back to me so I can call,
so I can call your carrier and tell them that, Hey, uh, I'm Scott. I lost my SIM card. They say,
how do you prove it? Okay. Just my name. This is everything. But Hey, the last call I received is from this number. Right. And the last call I made is from this number. Now that's the very
confidential information. And now based on that, they can just transfer the number.
So scary. Yeah, I know. I know. It's it's like i unfortunately the only reason you have to do is because
you have to educate people on about like how every second as i said three americans become
a victim and frankly we tell everyone like you know act before your victim you know like you
don't have to wait like you know other things can, but security should not. If you can sleep in your house without locking your door, then yes, you can.
Then you have the balls that I don't have.
Right.
I agree with you.
I mean, I think that it's very important that people understand that you don't have to be
a certain kind of person to be a target of this and that everyone should be securing
themselves.
Doesn't matter who they are.
100%. 100%. If they don't do it they're being a
disadvantage favor and a lot of time it's not then they're putting themselves
on race but a lot of people who may be wonderful in the family who are at risk
like their grandmother their father the family their kids like imagine some kids
they're like five five years old like ten years old and they're using tick
tock or they're sending some videos on their phone and how would you and they're using TikTok or they're sending some videos on their phone. And how would you, and they may be getting blackmailed right now.
You don't even know.
Yeah.
I've seen that.
We had a friend of a family who went through something like that with a eight year old
child.
So again, we don't want to emphasize a lot, but frankly, it's a problem and people don't
realize unless under, until they're, they're screwed up.
So it's like insurance, right? You don't be, you, you just think you're paying for insurance because like people don't realize unless under until they're they're screwed up uh so it's like insurance right you don't be you you think you're paying for insurance because like you don't never
had an accident but the one day you get out your insurance off or you go for your class that's the
day where you have an accident every time every time well this has been uh very enlightening and
very uh eye-opening and i hope everybody listens and takes all of the advice to heart and that
you get a lot of people calling you to help them,
because I know that there's so many people out there who have been victims of
this. When it happened to me and I put it on Twitter,
I had hundreds of messages of people who said, Oh, this happened to me.
Like it was an everyday occurrence, but you never hear about it.
Like you said.
So now hopefully we're shining the light on what a big problem this is and we can help people secure themselves to get private. So thank you so much for coming on today
and spending time. Hey everyone. Thanks for listening. New episodes go live every Tuesday
at 7am Eastern standard time. Links to our Apple and Spotify channels are in the show notes.
You can also follow me on Twitter at Scott Melker to continue the conversation. See you next week.