Idriss Qibaa - The Stalker Who Sold Fear Online - Sins & Survivors: A Las Vegas True Crime Podcast

Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:00):
To listen ad free, visit sinspod dot com slash subscribe
starting at two ninety nine a month. You'll also get
access to our exclusive bonus content episodes when you join
through Patreon or Apple subscriptions. Thanks for supporting the show.

Speaker 2 (00:14):
Most people in twenty twenty five would never just leave
their front door open, their credit cards or identity information
just lying around, But many times that's what we're doing online,
sharing so much personal information out on platforms like Facebook
and Instagram, and we often don't give it a second thought.

Speaker 1 (00:31):
For many shady people on the Internet, that's an opportunity
to take advantage of unsuspecting people, including those who are
older or less tech savvy, as well as influencers, small
business owners, and celebrities who have come to depend on
their social media and have it tied to their brand.
These bad actors use their influence and skills to exert
leverage and power over others, and in one recent case,

(00:53):
use that power to threaten, humiliate, and destroy people's reputations
and livelihoods.

Speaker 2 (01:07):
Hi and Welcome to Sins and Survivors, a Las Vegas
true crime podcast where we focus on cases that deal
with domestic violence as well as missing persons and unsolved cases.
I'm your host Sean.

Speaker 1 (01:17):
And I'm your co host John. This week we.

Speaker 2 (01:19):
Are turning to an area of John's expertise, technology and
online safety. We did some Tech Corner episodes in twenty
twenty three, back in our first season, and we said
we'd returned to that when there was good reason to.
So today we're highlighting a particularly bad actor who trapped
unsuspecting people online with promises of account banning or unbanning

(01:41):
on their social media, lock out recovery services for folks
who were locked out of their accounts, and reselling personal information.
So John, why don't you get us started with what
you're talking about this week?

Speaker 1 (01:54):
The person we're talking about is Iddris Danny Kiaba, who
is involved in some pretty sketchy activity. He was a
twenty seven year old Moroccan national living in Las Vegas
who in an interview said that as recently as twenty eighteen,
he was working construction, living paycheck to paycheck and kind
of living out of his car, and he just stumbled

(02:15):
into this line of work, although he wasn't really clear
about how that happened. He operated a business called Unlocked
for Life under the name unlocked for life LLC, and
he had a slew of different aliases that he used
online in these various platforms. Danny is what his clients,
or more accurately, his victims knew him by unlocked, unlocked

(02:35):
for life on Instagram, and unlocked uncensored on Telegram. It's
worth noting that all of those IDs seemed to be
gone at this point, so you can't really find him
on Instagram anymore. Or Telegram.

Speaker 2 (02:46):
You said Telegram, Can you explain what Telegram is for
anyone out there listening who doesn't know.

Speaker 1 (02:52):
Telegram is a messaging app like WhatsApp or a signal.
It's much less regulated than something like Meta's Facebook Messenger.
It has no content moderation. It's encrypted for end to
end privacy, just like Signal is. Anyone can create an
anonymous Telegram user with no validation at all. You can
create huge group chats and public channels to reach potentially

(03:13):
millions of people. It also allows for self destructing messages
like WhatsApp does, which disappear after a preset time, allowing
for people to remove evidence. So it's like a mix
of chat and a public feed. Legitimate businesses can use
it too, but all of those features make it a
popular place for scammers, food deal instolen data, and the

(03:34):
kinds of account recovery schemes that Idris was running.

Speaker 2 (03:38):
So Idris kind of fell into this work, as he
called it. So some of the services that his company,
Unlocked for Life offered included were things like account banning
or unbanning, or recovering locked accounts on Instagram, Snapchat or TikTok.
And he said that he had special tools that he
had developed and he had access to ins whatever that means.

(04:02):
I know that you have some experience in losing an account,
getting locked out of an account, so I thought that
would be an interesting story for you to share with
everyone here.

Speaker 1 (04:11):
I got a text message a DM in Instagram from
someone I knew, and the message said, Hey, you know
I'm having a problem with my account. Can you help
me reset it? I need someone to read me the
code after you click this link, ostensibly to get their
password reset because it had been hacked. Well, in reality,
what they did was they generated that link from my account.
So when I clicked it and I gave them that code,

(04:34):
it gave them the ability to reset my password, which
they did, and then they changed my phone number to theirs,
which I didn't know, so I couldn't reset it anymore
because it wasn't going to send me a message anymore.
And then when I messaged them from your account, they
changed my handle entirely, so I didn't even know where
it was. My account was basically gone. I had no
idea where to find it or how to contact this

(04:56):
person anymore, and for a while, it was just gone.
I never considered going to an unlocked service or anything
like that. But his goal, which I learned later, was
to just keep repeating that process. So he would hack
accounts like he did with my friend, and then reach
out to people who that person was friends with to
try to hack other accounts, and eventually he was hoping

(05:18):
that he would get someone that would pay him to
give them their accounts back, or he would reach someone
who had a large following that had monetized their posts
and he could use the audience.

Speaker 2 (05:27):
And I think, looking back on it, it was easy
for you, as someone who works in tech and is
known among your friends, to be someone who's like an
expert on some level in social media, and it stuff
for someone to reach out to you and ask for
help with unlocking their account that that was. That was
not something really uncommon.

Speaker 1 (05:44):
No, it was really common actually that people ask me
for help all the time. Yeah, and I felt so
dumb when my account got hacked. I felt so dumb.
But it happens, and it was someone that I knew,
and I actually ended up reaching out to that person
afterwards and they were like, yeah, that person's collecting my
followers accounts. Now. I eventually did get the account back

(06:04):
because I happened to know somebody who worked at Meta,
and they walked down and spoke to a database administrator
who could change the ownership back to me after I
sent them proof that I was actually me and I
was vouched for by this person who worked there. But
that's really rare. You can't really depend on that. It's
hard to get in touch with somebody who works at Meta,
so you can't really depend on that at all. But

(06:26):
that's the only really official way to get an account
back like that. So these services that promise they can
get your account back are called trappers, and like I said,
I didn't work with one of them, but they're very
common and they're always trying to gain access to accounts
with large followings and I'm not anywhere near the level
of someone who Cabo would have gone after. He's more

(06:47):
after celebrity accounts things like that, But he went after
people with large Instagram audience as a large incomes from
their social accounts, people that it could afford to pay
him his ransom to get their account back.

Speaker 2 (07:00):
So for people who are older or not tech savvy,
and even small businesses depend on their online presence, losing
their social media account can just be the beginning. In
many cases, the trapper turns out to be the one
who hacked the account in the first place, and then
they're turning around and offering account recovery services to the

(07:20):
people that they hacked. So Idris went even further. He
offered a scam of ongoing account protection, which was just
an ongoing monthly fee to maintain account access. The types
of accounts that it just dealt with were companies like dispensaries,
people allegedly involved in selling drugs, not just your average person,

(07:42):
and he would charge insane amounts like seventy five hundred
dollars for account recovery and even more for the ongoing protection,
which sounds to me like something you'd hear about the
mafia doing to small businesses.

Speaker 1 (07:57):
Absolutely and around the time of a between April and
June of twenty twenty four, the FBI Las Vegas Violent
Crimes Task Force was investigating multiple victim complaints about Idris
or the person who would turn out to be Idris,
because they didn't know who he was at the time.
They collected digital evidence, text threads, telegram posts linking Kiaba

(08:20):
to threats, extortion, and docksing across several states. And that
part's in port for later. We know all this because thankfully,
he was arrested on July twenty fifth, twenty twenty four,
right here in Las Vegas by the FBI after a
criminal complaint and arrest warrant were issued. That complaint, which
surprisingly just contains two counts of interstate threats, was filed

(08:42):
in the US District Court for the District of Nevada.
From there, he was taken into custody by the US
Marshals after a grand jury indicted him. And if you're
wondering how investigators finally caught him, the answer is simple.
He told on himself. So remember that interview we talked
about earlier. He went on a podcast called No Jumper

(09:04):
with Adam twenty two. If you're not familiar with No Jumper,
it's a podcast and a YouTube channel based out of
la hosted by Adam twenty two. Like I said, he's
known for interviewing rappers, internet personalities, and people from the
corners of social media most of us kind of only
ever hear about, sometimes controversial and sometimes just being honest,
just plain weird. This show is a huge following, mostly

(09:26):
because the guests tend to say things that they probably
shouldn't say on camera, and that's what happened here. Iris
went on No Jumper and essentially walked everyone through how
his whole operation worked. He bragged about the money he made,
the people he controlled, and what he could do to
their lives online. He talked about how he charged people
to restore their accounts, how he charged them protection fees,

(09:48):
how he ran a reseller and a mentor program to
train others, and how to do this. You can listen
to that whole interview and hear him spilling all of
the beans, and we will link that podcast episode in
the show notes. So I mean a huge shout out
to Adam twenty two for what he does. In his
interview with Kiaba, Kiaba brag that he was making six
hundred and twenty thousand dollars a month from his schemes,

(10:10):
which was essentially extorting money from Instagram and TikTok users.
He also talked about dealing in what's called TLOs, which
were crucial in how he would dox people online.

Speaker 2 (10:21):
Will you please explain what a TLO is because I'm
still not even sure what it is.

Speaker 1 (10:25):
Yes, So, a TLO report is often called skip trace data.
TLO comes from the name of the company that originated it.
It's called the Last One TLO. The Last One. A
data pioneer named Hank Asher started that company TLO, and
he created a next generation data platform which contained billions

(10:47):
of public and proprietary records. TransUnion, the Credit Union, bought
that company in twenty thirteen after Asher died, and they
kept and rebranded the platform to TLOX, which is now
called TransUnion Locator Service Expert Platform. It's a skip tracing
tool that's used by debt collectors, investigators, law enforcement to

(11:11):
locate people and verify identities and family relationships. So if
you ever get a call from a debt collector and
wonder how they could possibly get to you through your family.
This is probably how they use credit bureau information, addresses,
phone numbers, and public data, and it's only supposed to
be available to those with legitimate reasons for accessing it.
Kiaba did not have authorized access. The FBI affidavit says

(11:36):
that he had posted samples of what he called TLO
files on the website. Agents compared all of that with
law enforcement databases and confirm that that data was all real.
That means that he either bought the reports on the
dark web, received them from someone with legitimate access, or
used someone's leaked credentials within those systems, and we don't
know which. So what did he do with that data?

(11:59):
He re sold it on his website as intel packages
or intel drops to other trappers for them to use,
and that helped him build his credibility and clout in
those shady circles. He would also post or threaten to
post his victim's private data like names, addresses, social security numbers,
relatives information, either on the site or on his huge

(12:21):
channel on Telegram, and he would use them to validate
his threats. So he would send screenshots or PDFs to
the information to prove to people that he knew where
they lived or what their social Security number was before
demanding money. He basically used the files as leverage, proof
that he could find you or ruin you or whatever
it was if you didn't pay him.

Speaker 2 (12:42):
So most people don't even know what a TLO is
or that it even exists. But this definitely blurs the
line between losing an online account and perhaps being afraid
for your life.

Speaker 1 (12:53):
Absolutely, he was engaged in cyberstocking, and I had no
idea what a TLO was before I started doing this research.
So it's really likely that most people have no idea
what that is or even that it exists.

Speaker 2 (13:04):
Like you said, the criminal complaint had some examples of
what he did to his victims, including screenshots of the
text messages. All of his victims were only identified in
the criminal complaint using their initials, and will only mention
their initials here to protect their privacy as well. So
here are a couple of examples from the criminal complaint.

(13:25):
JT was a well known social media influencer who ran
pages like Cali Plug and the Blacklist. Xyz Kiaba initially
offered to sell him a username for around five thousand
dollars when JT turned him down because of the price.
JT's Instagram account was suddenly disabled and Kiaba demanded ten
thousand dollars to restore it. JT eventually paid eighty five

(13:48):
hundred dollars in cash to get the account back, but
he still continued to be threatened. At a businessman from
San Diego, paid Kiaba twenty five thousand dollars for the
rights to the username at Ace, but never got it.
When at tried to get his money back, Kiaba demanded
one hundred thousand dollars instead, and the messages that followed

(14:12):
included direct threats to eighty's daughter and other family members,
and one final example, EH, a journalist and comedian, contacted
Kiaba about her blocked Instagram and then was spammed with
more than two thousand SMS messages. Kiaba told her that
he had her solid security number and he would blast

(14:33):
it out, demanding twenty thousand dollars to stop the attacks.

Speaker 1 (14:37):
As we said, Kiabo was tried in the district court
here in Nevada. There really wasn't a trial because he
pleaded guilty to two felony accounts of interstate threats, one
for a Beverly Hills dentist he terrorized with hundreds of texts,
and another for a Las Vegas landlord and realtor that
he harassed after a rental dispute. Both involved threats that

(14:57):
crossed interstate lines, which made them both federal crimes. Note
that there were other victims that we didn't mention in
the list, but the government pursued those that they had
the most evidence for and reference to the other ones
in the long list of victims to help show intent
and build the case. He was sentenced to thirty six
months in federal prison at Victorville Federal Correctional Institution, a

(15:20):
medium security facility in Atlanto, California, and he will be
released on February fourteenth, twenty twenty seven, and he will
be around thirty one years old. He also had to
pay a fine of seventy five thousand dollars and pay
two hundred thousand dollars in restitution. We'll talk more about
that in our Swing Shift overtime episode. But for a

(15:42):
person who's pulling down six hundred and twenty thousand dollars
a month in income from this work, it seems really light.
So if you want to hear that discussion, head over
to sincepod dot com. Slash subscribe and you can listen
to that. The case here itself is interesting, but in
reality our goal is to help people, and in this case,
to talk through how this can affect you potentially and

(16:02):
how you can protect yourself. There are a few simple
things you can do to make yourself a harder target.
First up, though, I want to remind you how you
might be targeted by unscrupulous people online. You might be
targeted by an account recovery or unlock scam, with people
claiming that they can restore or somehow verify your social
media accounts, and oftentimes it's going to be the same

(16:23):
person who may or may not have attacked your account
in the first place. You might be the victim of
phishing or spear phishing or smishing. So those are fake
emails or text messages that look like they're from banks
or meta or the State of California Department of Transportation
asking you to pay your moving violation or something like that.

(16:46):
For example, I saw one recently from the California Toll
road payments system. Allegedly it was a scam text that
sends a link that steals credit card information. There's also
social engineering DMS that's the one that got me. A
friend of yours asks for help resetting their account, you
click the link and you lose your account. There's also

(17:06):
the family emergency or imposter call scam, where a scammer
might call you and claim that a relative has been
hurt or has been arrested, or owes money, or perhaps
hit somebody with a car or something like that, and
they will push you for payment in the form of
a credit card payment or something like that. Sometimes they
will even use AI cloned voices for that, so be

(17:29):
aware of that. And then of course there's doxing and
data abuse. Criminals can get personal data from leaks or
skip trace databases like the TXP files that Kiaba used
and use it to intimidate or extort. So how can
you protect yourself? What I always tell people is never
immediately click a link in an email or a text,

(17:50):
even if they look real, unless you're one hundred percent
what the source is. You have to look at the
return address and hover over the link to make sure
that the link is going where you think it is.
But instead, to be safe, what you can do is
just open a new browser window and type in the
site directly. So, for example, if you get an email
you're not sure it's real from Capital One, you can

(18:10):
just open up a new browser window and go to
Capital one dot com yourself and log in and see
if it's real, or you can call Capital one and
find out if it's real. That applies to text messages too.
I very rarely click on a link that I get
in a text message. Another best practice is to get
yourself an authenticator app like Google Authenticator or Athy rather

(18:31):
than using text message codes, because if someone steals your password,
they can't access your account without that code. They could
potentially clone your cell phone though, and get those codes
for you. If you're using just text message validation, it's
always important to use complex passwords that are at least
twelve characters long, mixing upper lower case numbers and symbols,

(18:53):
and change them frequently, and you can use a password
manager like one password or bitwarden to keep them secure
and unique. If you're looking to recover your account, that
recovery is only going to happen through the official channels.
So if it's a Facebook account or an Instagram account,
that's only going to happen through meta. So HELPEDDI. Instagram
dot com, Facebook dot com slash hacked, and they have

(19:15):
pretty good tools for that. These days, no legitimate Meta
employee will DM you to fix your account, and no
one can verify you for a fee. We also recommend
that you lock down your personal data, so we, for example,
have all of our credit bureaus frozen so you can
log into Experience, TransUnion and Equal Facts recommend you have
an account with all of them, and if you freeze

(19:37):
your account, it's free, reversible, and it stops new accounts
from being opened in your name. We also use a
data removal service called Incogni, but you can use delete
me or any other data removal service that is reputable
to reduce what data is available on public information sites
like Peoplefinder and other broker sites. But essentially, just remember

(20:00):
that if you're targeted by this sort of a scam,
that fear and urgency are your red flags and they're
your enemy. You have to slow down, confirm all the details,
and verify through some other channel before acting. If you
are targeted by a scam like this, make sure you
don't just delete everything. Take screenshots of texts and URLs
before deleting or blocking people, and report to the authorities

(20:23):
You can report to the FBI's Internet Crime Complaint Center
at IC three dot gov. And for imposter or family
emergency scams, you can report to Report Fraud dot FDC
dot gov. And you can forward spam texts to seven
seven two six Spam or just report them to your carrier.

(20:44):
And remember, don't pay or negotiate. Extortionists are rarely going
to stop coming after you for money after just one payment.

Speaker 2 (20:51):
And it's important that you mentioned if your credit is
locked and someone claims they have your social number and
they're going to make it public if your credit's locked,
is that something that would scare you to make you
pay urgently If you already know your credit is protected.

Speaker 1 (21:04):
You should never pay urgently. If someone tells you they
have your social Security number, you should report that to
the authorities. But yes, they can't open a new account
and your name if all of your credit is frozen, absolutely,
so you shouldn't act rashally if that happens. All these
scams rely on all that urgency and fear and panic,
so you just have to slow down, verify, and you're

(21:24):
basically going to take away their power. Remember to think
of your online accounts like you think of your home
lock the doors, know who you let in, and don't
trust strangers with the spare key. Remember to harden the target.
If you're a hard target, most attackers will move on
to someone easier.

Speaker 2 (21:39):
Those are really good tips show on this really helpful.
And even though Kiaba is locked up, we know that
him just talking on that podcast probably educated a lot
more people about how they could run scams like this.
And there are so many bad actors out there.

Speaker 1 (21:54):
And it's not clear to me how many people he
got that information out to, because he was selling those
tlo he drops to other trappers. So I always be
aware of that.

Speaker 2 (22:03):
Yeah, And I had never thought that before that there
were folks that would steal your account simply for simply
so they could make you pay so you could get
it back, and that there's a whole industry of that
kind of account stealing out there. I hadn't thought about
that before we started talking about this case. Before we
conclude this episode, we're going to talk about missing person

(22:23):
Daniel Reza. This year. As we mentioned in previous episodes,
we're going to cover a missing person's case on every
one of our episodes this season and probably throughout this
whole year. The LAS Vegas Metro Police earlier this year
published a missing person's cold case website, and we want
to continue to highlight people on this list and hope
that someone can come forward with the lead or any

(22:46):
information to help these families. Daniel Reza has been missing
since August twenty fifth, twenty nineteen, so just over six years.
He was thirty five years old when he was last seen.
Today he would be forty one. Names are Fernando and Ida,
and they were first alerted that Daniel was missing by
his roommate, who told Fernando that Daniel had been missing

(23:07):
for about two days. It was reported that he was
last seen in the area of Warm Springs, Indicatur, which
would be the southwest part of town, but according to
Red Rock Search and Rescue, he was actually last seen
on a trail at Mount Charleston. They have said that
he was spotted on several trails during that week, which
was the week leading up to Labor Day that year,

(23:29):
and his car was located at the Cathedral Trail trail
head on Mount Charleston, but Daniel never returned to it.
Red Rock Search and Rescue and the Las Vegas Metro
Police searched for him along with the Air Force's thirty
fourth Weapons Squadron, which is based at Nellis Air Force Base,
along with multiple hikers and folks on ATVs. They used

(23:52):
helicopters to try and find him, but unfortunately. The Families
Go Fundme explained that search and rescue efforts were called
off after officials felt they had exhausted all measures available,
which was approximately a week after he went missing. Rez
is described as being a fair skinned, Hispanic mail five
foot ten, one hundred and eighty five pounds, with brown

(24:13):
eyes and brown or black hair, and you can see
photos of him on our social media this week. On
the day he disappeared, he was possibly wearing a long
sleeved blue shirt and blue jeans. Red Rock Search and
Rescue posted photos of the gear Daniel was using or wearing,
including a blue backpack of wooden hiking stick, a tan

(24:36):
sun hat with a colorful logo of mountains that says
Spring Valley, and a black hooded jacket. He was also
known to be carrying a blue battery operated lantern. If
you have any information about Daniel, please contact the LVMPD
at Missing Persons at lvmpd dot com. Thank you for

(24:57):
listening as always and supporting the show. We really appreciate it,
and we remind you that what happens here happens everywhere.

Speaker 1 (25:25):
Thanks for listening. Visit sinspod dot co, slash subscribe for
exclusive bonus content and to listen ad free. Remember to
like and follow us on Instagram, Facebook, TikTok, and threads
at Sins and Survivors. If you're enjoying the podcast, please
leave us a review on your podcast platform of choice.
You can contact us at questions at Sins and Survivors

(25:47):
dot com.

Speaker 3 (25:49):
If you are someone you know as affected by domestic
violence or needs support, please reach out to local resources
or the National Domestic Violence Hotline. A list of resources
is available on our website, Sins and survi com. Sins
and Survivors, a Las Vegas true crime podcast, is research, written,
and produced by your hosts Sean and John. The information
shared in this podcast is accurate at the time of recording.

(26:11):
If you have questions, concerns, or corrections, please email us.
Links to source material for this episode can be found
on our website Sinsensurvivors dot com.

Speaker 1 (26:20):
The views and opinions expressed in this podcast are solely
those of the podcast creators. Hosts and their guests. All
individuals are innocent until proven guilty. This content does not
constitute legal advice. Listeners are encouraged to consult with legal
professionals for guidance.

All Episodes

Idriss Qibaa - The Stalker Who Sold Fear Online

Episode Transcript

Popular Podcasts

Dateline NBC

Stuff You Should Know

The Bobby Bones Show

.css-15opob5{left:0;position:absolute;top:0.8rem;} All Episodes

.css-14f5ked{margin:0;word-break:break-word;display:-webkit-box;-webkit-box-orient:vertical;box-orient:vertical;-webkit-line-clamp:2;overflow:hidden;}Idriss Qibaa - The Stalker Who Sold Fear Online