October 23, 2025 • 5 mins
# Finn Hack exposes three dangerous cyber scams targeting humanitarian workers, executives, and tech professionals in this eye-opening episode of Swipe Stories. Learn how Russian hackers used fake Zoom links to infiltrate Ukraine aid organizations, how AI-powered romance scams are draining bank accounts through sophisticated investment fraud, and why innocent-looking QR codes might be the biggest security threat of 2025. Essential listening for anyone who values their digital safety, with practical tips to protect yourself from increasingly sophisticated online threats.
Some great Deals https://amzn.to/49SJ3Qs
For more check out http://www.quietplease.ai
This content was created in partnership and with the help of Artificial Intelligence AI
Some great Deals https://amzn.to/49SJ3Qs
For more check out http://www.quietplease.ai
This content was created in partnership and with the help of Artificial Intelligence AI
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:00):
Fin hacks in the stack. Let's unpack the attack. Welcome back,
digital dreamers, crypto crusaders and cyber skeptics to another episode
of swipe stories. Caught in the Khan, I'm your host,
finn hack streaming straight from the neon, data void, hair aglow,
code flowing and binary pulsing like a heartbeat under my skin.
Trust me, you want me in your firewall? Tonight? Tonight
(00:22):
we plunge into three hair raising, pulse spiking true tails,
ripped right from headlines, hashtags and hacker trails. It's not
just folk or it's fact. Every click and swipe can
open the gate to a Khan. Are you ready pull tight?
Cause these scams are shinier than a GPU on overclock,
first up, hook line and scammer. The Ukraine Aid Phantom con.
(00:46):
In October, cybersecurity firm Sentinel One uncovered Phantom Capture, a
phishing campaign targeting Ukraine relief workers from UNICEF Ukraine to
the International Red Cross. It began with emails spoofing the
President's off dropping a seemingly innocent PDF attachment. Victims clicked
thinking they were joining a legit zoom call for urgent
(01:07):
war relief updates, only to land on a perfectly mimiced
Zoom site, demanding a browser check. Surprise. Instead of increasing security,
the check ran a PowerShell command hidden behind a fake
cloud flare capture, opening a direct web socket rat connection
to Russian servers. Instant live control of your laptop. No
James Bond jadgets required. The attackers had spent six months
(01:29):
in prep for a strike that lasted just one day,
then scrubbed all evidence Ninja style. The target your trust,
your device, and your data. The twist, it wasn't just
about stealing documents. It was about quietly gathering information across borders,
going undetected and laying digital trip wires for AID networks.
Codes cracked, cons are whacked. Let's dial up the drama
(01:54):
for scam two corporate catfish AI. Addition, according to NYU
Compliance and Enforcements October, briefing, love and investment scams have
gone AI mega scammers don't just use a fake pick.
They now use deep fake video calls and AI chatbots
that mirror every word, tone, and quirk you ever posted online.
(02:15):
One US executive lured by a charming trader on LinkedIn
turn What's the Workface also wrote a word, a photo
of the left wing light to its face, faced calls
from a face provided by a woman, making the blessing
of deep fake cool songer and even scent flowers, the
creep black pants Alan Pitcher calls, and making a scam
(02:39):
of seventy five workers. That's the last piece of money
we've seen. These scams hook you through sweet talk, pivot
you to crypto investments that look oh so real, live dashboards,
legitimate exchanges, raising the bar from puppy love to pig butchering.
Just when she tried to cash out her supposed five
(02:59):
figure profits. Sorry, there's suddenly a ten percent crypto tax
to pay. The scammers keep asking for more until poof,
they're gone. Your portfolio's empty and your bank's got no
refund for virtual heartbreak codes cracked, cons are whacked. Third
ever scann a QR code at your favorite cafe. Hold
(03:21):
that thought catch Mark I Warrens twenty twenty five is
the era of quishing QR phishing. Last month, tech workers
in San Francisco thought nothing of scanning a QR code
for free coffee. But that QR code led not to
a latte discount, but a perfect clone of their company's
login page, crafted using AI and HTL, smuggling the site,
(03:44):
even fake multi factor authentication, collecting in real time both
password and one time code. Within thirty minutes, attackers had
breached not just those users, but their company's entire cloud
file system, all because QR codes bypass traditional email filters
and make us let down our guard. A little ip
(04:04):
spoofing metaphor for you, imagine your home address spelled out
an invisible ink and only certain people have glasses to
read it. Fishing is just that mischief wrapped in legitimacy,
and the real trick is you can't see the attacker's
trench coat until your data's out the door. Codes cracked,
cons are whacked. So what can you do? Never rush
(04:26):
to click, scan or trust confirm requests by talking yes,
voice or video to the real human, not just their avatar.
Check every QR code, vet evy login page, and remember
if the pitch feels too perfect or just a little
bit off, it probably is Bite me, scammers. This one's
(04:48):
for the good guys. Thanks for tuning in to Swipe
Stories Caught in the con where we turn digital heartbreak
into hacker wisdom. Come back next week for more neon
lit tales of high tech heroics and crafty criminals. And
don't forget to subscribe, because the only thing scarier than
missing an episode is answering your texts without listening to
(05:10):
Finn first. This has been a Quiet Please production. For
more check out Quiet Please dot ai
Fin hacks in the stack. Let's unpack the attack. Welcome back,
digital dreamers, crypto crusaders and cyber skeptics to another episode
of swipe stories. Caught in the Khan, I'm your host,
finn hack streaming straight from the neon, data void, hair aglow,
code flowing and binary pulsing like a heartbeat under my skin.
Trust me, you want me in your firewall? Tonight? Tonight
(00:22):
we plunge into three hair raising, pulse spiking true tails,
ripped right from headlines, hashtags and hacker trails. It's not
just folk or it's fact. Every click and swipe can
open the gate to a Khan. Are you ready pull tight?
Cause these scams are shinier than a GPU on overclock,
first up, hook line and scammer. The Ukraine Aid Phantom con.
(00:46):
In October, cybersecurity firm Sentinel One uncovered Phantom Capture, a
phishing campaign targeting Ukraine relief workers from UNICEF Ukraine to
the International Red Cross. It began with emails spoofing the
President's off dropping a seemingly innocent PDF attachment. Victims clicked
thinking they were joining a legit zoom call for urgent
(01:07):
war relief updates, only to land on a perfectly mimiced
Zoom site, demanding a browser check. Surprise. Instead of increasing security,
the check ran a PowerShell command hidden behind a fake
cloud flare capture, opening a direct web socket rat connection
to Russian servers. Instant live control of your laptop. No
James Bond jadgets required. The attackers had spent six months
(01:29):
in prep for a strike that lasted just one day,
then scrubbed all evidence Ninja style. The target your trust,
your device, and your data. The twist, it wasn't just
about stealing documents. It was about quietly gathering information across borders,
going undetected and laying digital trip wires for AID networks.
Codes cracked, cons are whacked. Let's dial up the drama
(01:54):
for scam two corporate catfish AI. Addition, according to NYU
Compliance and Enforcements October, briefing, love and investment scams have
gone AI mega scammers don't just use a fake pick.
They now use deep fake video calls and AI chatbots
that mirror every word, tone, and quirk you ever posted online.
(02:15):
One US executive lured by a charming trader on LinkedIn
turn What's the Workface also wrote a word, a photo
of the left wing light to its face, faced calls
from a face provided by a woman, making the blessing
of deep fake cool songer and even scent flowers, the
creep black pants Alan Pitcher calls, and making a scam
(02:39):
of seventy five workers. That's the last piece of money
we've seen. These scams hook you through sweet talk, pivot
you to crypto investments that look oh so real, live dashboards,
legitimate exchanges, raising the bar from puppy love to pig butchering.
Just when she tried to cash out her supposed five
(02:59):
figure profits. Sorry, there's suddenly a ten percent crypto tax
to pay. The scammers keep asking for more until poof,
they're gone. Your portfolio's empty and your bank's got no
refund for virtual heartbreak codes cracked, cons are whacked. Third
ever scann a QR code at your favorite cafe. Hold
(03:21):
that thought catch Mark I Warrens twenty twenty five is
the era of quishing QR phishing. Last month, tech workers
in San Francisco thought nothing of scanning a QR code
for free coffee. But that QR code led not to
a latte discount, but a perfect clone of their company's
login page, crafted using AI and HTL, smuggling the site,
(03:44):
even fake multi factor authentication, collecting in real time both
password and one time code. Within thirty minutes, attackers had
breached not just those users, but their company's entire cloud
file system, all because QR codes bypass traditional email filters
and make us let down our guard. A little ip
(04:04):
spoofing metaphor for you, imagine your home address spelled out
an invisible ink and only certain people have glasses to
read it. Fishing is just that mischief wrapped in legitimacy,
and the real trick is you can't see the attacker's
trench coat until your data's out the door. Codes cracked,
cons are whacked. So what can you do? Never rush
(04:26):
to click, scan or trust confirm requests by talking yes,
voice or video to the real human, not just their avatar.
Check every QR code, vet evy login page, and remember
if the pitch feels too perfect or just a little
bit off, it probably is Bite me, scammers. This one's
(04:48):
for the good guys. Thanks for tuning in to Swipe
Stories Caught in the con where we turn digital heartbreak
into hacker wisdom. Come back next week for more neon
lit tales of high tech heroics and crafty criminals. And
don't forget to subscribe, because the only thing scarier than
missing an episode is answering your texts without listening to
(05:10):
Finn first. This has been a Quiet Please production. For
more check out Quiet Please dot ai
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!