Easy Prey

Stolen Identity - Stolen Peace

Identity theft gets talked about a lot, but usually in the abstract: freeze your credit, watch your statements, don't click suspicious links. What doesn't get talked about nearly enough is what it actually feels like when someone isn't just using your card number, but is actively living as you. My guest today is Brooklyn Lyons. She's 25, recently married, and by her own admission, had no particular expertise in fraud or cybersecurity before October of 2024. That changed when her car window was smashed in a parking lot, and her work bag, laptop, wallet, driver's license, and everything was gone by morning. What followed wasn't a quick nightmare with a clean ending. It stretched across months, multiple counties, a jail communication system, the dark web, and a wanted fugitive who dyed her hair to look more like the face on a stolen ID. Brooklyn didn't just sit with it. She pulled criminal records, reverse-searched phone numbers, tracked an inmate's transfers across four facilities, identified a suspect on her own, and eventually filed a civil lawsuit without an attorney. We talk about what it feels like when someone is pretending to be you, not just spending your money, but messaging people as you, signing up for accounts as you, building a life in your name. We also get into the specific steps she took to fight back, the tools she wishes she'd known about sooner, and what recovery actually looks like when the case isn't closed, and the person still hasn't been caught. Show Notes: * [1:47] Brooklyn introduces herself as a 25-year-old from Texas with no prior experience in fraud or identity theft. * [2:13] She describes moving to the DFW area after getting married in June 2024 and being aware of the high rate of car break-ins in the region. * [3:32] Her car window is smashed overnight, and her work bag is stolen, containing her laptop, wallet, driver's license, and all her cards. * [4:03] Brooklyn's immediate response is to freeze her credit with all three bureaus and cancel her cards within 10 to 15 minutes. * [4:57] Despite locking everything down, her cards are maxed out, and a police report is filed with little follow-up from law enforcement. * [5:12] A period of quiet follows before a letter arrives around Valentine's Day 2025 claiming she rented a U-Haul and never returned it. * [5:48] Experian alerts her that her driver's license has been found on the dark web, arriving almost simultaneously with the U-Haul letter. * [7:14] While checking USPS Informed Delivery for a wedding invitation, Brooklyn spots a certified letter from a county jail addressed to her with an inmate's name listed beneath hers. * [8:28] She contacts the jail and discovers an inmate had listed her as his girlfriend when booked, requesting she pick up his belongings before a prison transfer. * [9:53] Brooklyn looks up the inmate in the state conviction database and finds a record including identity theft, car burglary, organized crime, and credit card abuse of the elderly. * [11:58] A jail investigator reveals that the inmate's girlfriend had created an account in Brooklyn's name using her driver's license photo, editing her own appearance to match Brooklyn's features. * [14:02] Brooklyn traces the same pattern across multiple county jail facilities the inmate passed through, confirming the woman repeated the identity fraud at each one. * [15:13] A detective confirms the woman has stolen or attempted to use 17 other identities, and that Brooklyn is the only one who has caught on so far. * [16:52] Four police departments become involved, and Brooklyn begins coordinating with investigators across all of them through a shared email thread. * [19:22] Pulling her credit report reveals phone numbers tied to the suspect, leading Brooklyn to discover PayPal accounts, Cash App profiles, and a Facebook page created in her name. * [20:58] Brooklyn uses a PayPal password recovery prompt to identify the first three letters of the suspect's real name. * [22:03] She requests all jail booking documents containing her name from every county involved and receives text message logs from one department. * [22:33] Using a birthday and partial name found in the messages, Brooklyn searches mugshots.com and identifies the suspect herself, later getting vague confirmation from investigators. * [24:38] Chris asks whether the suspect and inmate were in a relationship, and Brooklyn explains they appear to share a child and were trying to manage a custody situation. * [27:57] Brooklyn investigates whether a Verizon phone number was tied to an account in her name and later finds the suspect's real email embedded in her electricity account profile. * [29:27] Brooklyn details changing her driver's license four times throughout the ordeal and suspects the woman is using her information for utility accounts to avoid being found. * [31:02] Two police departments issue arrest warrants for the suspect, but she remains at large and difficult to locate. * [31:33] Brooklyn files a civil lawsuit on her own without an attorney, drafting the paperwork herself and submitting a known address for the suspect. * [32:04] She drafts a settlement agreement requiring the suspect to delete all fraudulent accounts, send proof, and return her physical driver's license, emailing it directly to her. * [33:12] The suspect signs the agreement but does not comply with any of its terms within the deadline Brooklyn set. * [33:37] Brooklyn files a motion to enforce the settlement agreement, which has since been approved by the court. * [36:58] Discussion turns to whether the original car break-in was connected to the couple, with Brooklyn expressing frustration that law enforcement never attempted to link the CVS footage to them. * [38:14] Brooklyn reflects on how the situation became consuming, describing obsessive monitoring of jail systems, court records, and criminal databases at its peak. * [39:18] She shifts toward healthier monitoring habits, including monthly credit pulls, USPS Informed Delivery checks, and identity protection subscriptions like Aura. * [40:33] The emotional toll is discussed, including nightmares, anxiety, therapy, and the strange experience of seeing someone try to physically resemble her. * [43:22] Brooklyn describes seeing light at the end of the tunnel, connecting her recovery to moving out of the area and reclaiming her sense of self. * [46:13] She reflects on pride in handling most of the case herself and finding closure in knowing the suspect is now aware that Brooklyn knows everything. * [48:03] Brooklyn expresses empathy for others who may not have the same access to legal knowledge or law enforcement relationships that helped her navigate the process. * [49:14] Practical tips are shared, including USPS Informed Delivery, e-verify identity freezing, and the IRS identity theft PIN available during tax filing. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes [https://podcasts.apple.com/us/podcast/easy-prey/id1488678905] and leave a nice review. Links and Resources: * Podcast Web Page [https://www.easyprey.com/] * Facebook Page [https://www.facebook.com/EasyPreyPodcast] * whatismyipaddress.com [https://whatismyipaddress.com/] * Easy Prey on Instagram [https://www.instagram.com/easypreypodcast/] * Easy Prey on Twitter [https://twitter.com/easypreypodcast] * Easy Prey on LinkedIn [https://www.linkedin.com/company/easy-prey-podcast/] * Easy Prey on YouTube [https://www.youtube.com/channel/UCCgy_xKrjiXghSgGFEAFdTQ] * Easy Prey on Pinterest [https://www.pinterest.com/easypreypodcast/]

Inside Modern Fraud

Fraud doesn't always announce itself with obvious warning signs. Quite often, it shows up wrapped inside something that feels routine — a purchase you've made before, a link that looks legitimate, a message that arrives at just the wrong moment. Nothing feels suspicious, so your guard stays down. By the time questions start forming, the transaction is already done. My guest today is Iremar Brayner. He's spent more than 15 years working in fraud prevention and risk management across payments, retail, ride-hailing, fintech, and digital marketplaces. In his role at G2A, he leads fraud strategy for one of the world's largest digital entertainment platforms, where speed, approval rates, and loss prevention are constantly pulling against each other. We discuss why scams continue to work despite smarter tools, how "friendly fraud" complicates the picture, and why digital goods create very different risk patterns than traditional retail. We also get into automation, AI-driven decisions, and what it really looks like to manage fraud in real time. Show Notes: * [1:36] Iremar shares how his career in fraud prevention began, moving from bank customer service into reviewing suspicious transactions. * [2:45] He explains why he completed law school but chose not to become a lawyer, and how legal training shaped his understanding of fraud psychology. * [4:10] Fraud is framed as an emotional event, with urgency, financial stress, and excitement often lowering a person's defenses. * [6:16] Digital marketplaces attract fraudsters due to low-cost items and products like gift cards that are easy to cash out. * [7:10] The concept of card testing emerges, where stolen payment details are validated through small purchases. * [8:05] Iremar discusses the rise of friendly fraud, where legitimate customers dispute transactions after receiving goods. * [9:30] Major product launches, such as highly anticipated game releases, create predictable spikes in fraud risk. * [11:05] Marketplace fraud requires managing risk on both sides, verifying sellers while monitoring buyers in real time. * [12:40] He describes G2A's shift away from manual review toward fully automated transaction decisioning. * [14:15] The tension between frictionless customer experience and effective fraud prevention is unpacked. * [16:05] Automation and AI are positioned as essential tools for scaling fraud defenses without overwhelming operations. * [18:10] AI's real impact is discussed: not changing fraud itself, but making attacks faster and more scalable. * [20:05] Iremar explains why human judgment still plays a critical role alongside AI systems. * [21:41] Fraud patterns differ across industries, illustrated through examples from ride-hailing platforms. * [23:10] Abuse of referral and incentive programs reveals how self-referrals became a common fraud tactic. * [24:40] Identity misuse by drivers highlights risks tied to document verification. * [25:50] Face recognition and customer reporting become tools for detecting account misuse. * [27:15] High-value luxury marketplaces introduce entirely different fraud and logistics challenges. * [29:10] Practical consumer advice: buy from reliable sources, review refund policies, and question unrealistic pricing. * [30:05] Seller protection strategies focus on accurate product descriptions and shipment tracking. * [32:05] The most common complaints in marketplaces are items not received and items not as described. * [33:20] Iremar recounts becoming a fraud victim after a fraudulent airline ticket charge. * [35:00] A WhatsApp impersonation attempt using his photo targeted his mother. * [36:10] Verification habits are emphasized as one of the strongest defenses against scams. * [37:40] The risks of social media and account takeover scenarios are discussed. * [39:30] Challenges around encouraging broader adoption of two-factor authentication. * [40:05] Career advice for those interested in fraud prevention as a profession. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes [https://podcasts.apple.com/us/podcast/easy-prey/id1488678905] and leave a nice review. Links and Resources: * Podcast Web Page [https://www.easyprey.com/] * Facebook Page [https://www.facebook.com/EasyPreyPodcast] * whatismyipaddress.com [https://whatismyipaddress.com/] * Easy Prey on Instagram [https://www.instagram.com/easypreypodcast/] * Easy Prey on Twitter [https://twitter.com/easypreypodcast] * Easy Prey on LinkedIn [https://www.linkedin.com/company/easy-prey-podcast/] * Easy Prey on YouTube [https://www.youtube.com/channel/UCCgy_xKrjiXghSgGFEAFdTQ] * Easy Prey on Pinterest [https://www.pinterest.com/easypreypodcast/] * Iremar Brayner - LinkedIn [https://www.linkedin.com/in/iremarbrayner/] * G2A [https://www.g2a.com/]

Money Laundering

Organized crime is often imagined as something violent, chaotic, and obvious. But today, it looks far more polished than that. It operates like a multinational business, spread across borders, built on trust networks, specialization, and efficiency rather than brute force. This episode looks at how modern scams, fraud, and money laundering actually work and why they're so hard to spot before serious damage is done. My guest is Geoff White, an investigative journalist who has spent decades covering organized crime, cybercrime, and financial fraud. His reporting has appeared on BBC News, Sky News, The Sunday Times, and other major outlets, and he is also the creator of The Lazarus Heist, the hit podcast and book series exploring North Korea's global hacking operations. His latest book, Rinsed, examines how technology has transformed the world of money laundering. We talk about how modern criminal networks are structured, why scams now rely on patience and psychology rather than speed, and how money laundering functions as a service industry that quietly supports fraud at scale. The conversation also explores why victims are sometimes unknowingly used to move stolen funds, how urgency is weaponized to override judgment, and why slowing down remains one of the most effective defenses people have. Show Notes: * [01:08] Geoff shares his background and why the organized crime + technology overlap is where he's spent his career. * [02:52] Why longer-form work (books, podcasts) is often the only way to explain complex crimes that don't fit into a quick news segment. * [03:56] Old-school enforcement was violence; modern crime groups often can't use that when partners are anonymous and overseas. * [04:23] The trust networks holding global crime together can be more fragile than people assume. * [05:06] The strange "trust inside crime" dynamic especially in ransomware, where criminals must appear "reliable." * [06:18] Competition today looks more like corporate rivalry than street violence, especially in ransomware affiliate ecosystems. * [07:41] Do these groups evolve from traditional cartels or arise from new tech-native criminals? Geoff says it depends on the region. * [09:58] The skill split of elite coders builds ransomware, while newer recruits use social engineering to get initial access. * [11:34] Money laundering adapts fast with crypto, game currencies, NFTs while the core "service business" model stays the same. * [12:46] The "cost" of laundering: fees can be extreme for newcomers, and lower for experienced players with connections. * [13:53] A disturbing case where victims are daisy-chained to launder money and reinforce the romance-scam illusion. * [15:12] Why money mules are treated as disposable and how many don't realize the seriousness until law enforcement shows up. * [16:48] The tactic of letting victims withdraw a little money to make a platform feel legitimate and why it works so well. * [18:09] Geoff connects today's tactics to classic con mechanics ("putting the mark on the send") and the psychology behind it. * [19:22] Geoff describes seeing an "escalator scam" firsthand: small payouts early, then pressure to pay to "unlock" higher earnings. * [21:51] The scary shift is that scams now look polished and patient, stretching across multiple channels and weeks (or longer). * [23:12] The more we "self-custody" money and identity online, the more security responsibility shifts onto individuals. * [24:32] A major crypto seizure case raises a messy question when seized assets grow in value, who gets the upside? * [28:46] Geoff's practical defense: slow down on anything money-related, create space, and don't let urgency steer decisions. * [31:17] Why today's scammers play the long game of months of relationship-building can lead to life-changing losses. * [34:29] Repeat victimization: recovery scams and fake "investigators" often target people right after they've been hit. * [36:08] "Traceable" doesn't mean "recoverable," why freezing and returning stolen crypto is legally and logistically hard. * [38:44] UK reimbursement changes shift liability between sending and receiving banks but there are tradeoffs and open questions. * [41:28] Geoff reacts to US payment quirks (card taken away, tip written in pen) and why it still surprises outsiders. * [45:11] Closing advice is to learn from other people's stories and run "what would I do?" scenarios before a crisis hits. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes [https://podcasts.apple.com/us/podcast/easy-prey/id1488678905] and leave a nice review. Links and Resources: * Podcast Web Page [https://www.easyprey.com/] * Facebook Page [https://www.facebook.com/EasyPreyPodcast] * whatismyipaddress.com [https://whatismyipaddress.com/] * Easy Prey on Instagram [https://www.instagram.com/easypreypodcast/] * Easy Prey on Twitter [https://twitter.com/easypreypodcast] * Easy Prey on LinkedIn [https://www.linkedin.com/company/easy-prey-podcast/] * Easy Prey on YouTube [https://www.youtube.com/channel/UCCgy_xKrjiXghSgGFEAFdTQ] * Easy Prey on Pinterest [https://www.pinterest.com/easypreypodcast/] * Geoff White [https://geoffwhite.tech/] * Geoff White - LinkedIn [https://www.linkedin.com/in/geoffwhitetech/?originalSubdomain=uk] * Geoff White - Instagram [https://www.instagram.com/geoffwhite247/?hl=en] * Rinsed: From Cartels to Crypto: How the Tech Industry Washes Money for the World's Deadliest Crooks [https://www.amazon.com/Rinsed-Cartels-Crypto-Industry-Deadliest-ebook/dp/B0CPBLXQH6] * The Lazarus Heist [https://www.amazon.com/Lazarus-Heist-Based-Hit-podcast-ebook/dp/B09QLTPPBW] * Crime Dot Com: From Viruses to Vote Rigging, How Hacking Went Global [https://www.amazon.com/Crime-Dot-Com-Viruses-Rigging-ebook/dp/B08DDDTWW3]

Critical Infrastructure Risks

Most cybersecurity conversations focus on stolen data, breached accounts, and attacks that live entirely on screens. This episode looks at a far more consequential threat: what happens when cyberattacks target the physical systems that keep society running. Power, water, transportation, and manufacturing. When those systems fail, the consequences aren't just digital. They're immediate, visible, and sometimes dangerous. My guest is Lesley Carhart, Technical Director of Incident Response at Dragos, a cybersecurity firm focused exclusively on protecting critical infrastructure. Lesley specializes in industrial control systems and operational technology, investigating real-world attacks against power plants, water systems, transportation networks, and industrial facilities built on aging, irreplaceable technology. We talk about why these environments are uniquely vulnerable, how ransomware groups and nation-state actors quietly gain long-term access, and why many compromises go undetected for years. The conversation also explores the limits of traditional cybersecurity thinking, the real-world constraints operators face, and what organizations can realistically do to improve security when failure isn't an option. Show Notes: * [01:30] Lesley Carhart is here and explains what operational technology is and why industrial systems are uniquely vulnerable * [03:40] How decades-old computers still run power plants, water systems, and transportation infrastructure * [06:10] Why industrial environments can't simply patch, upgrade, or shut systems down * [08:25] The mindset shift required when safety and continuity matter more than stopping an intrusion * [10:40] Why air-gapped systems are mostly a myth in modern critical infrastructure * [13:15] How remote access became unavoidable—and one of the biggest risk factors * [16:05] The three main threat categories facing industrial systems: ransomware, insiders, and nation-state actors * [18:45] Why ransomware is especially damaging in power, water, and manufacturing environments * [21:30] How nation-state attackers quietly establish footholds years before taking action * [24:20] Why many industrial compromises go undetected for months—or even years * [27:10] What incident response looks like when you can't just "pull the plug" * [30:05] The most common causes of industrial failures: human error, maintenance issues, and environment * [32:40] A surprising incident that looked like a nation-state attack—but wasn't * [34:55] Why critical infrastructure organizations often feel pressure to pay ransoms * [37:00] Practical starting steps for organizations with aging, mission-critical systems * [39:20] Advice for people interested in industrial cybersecurity and working with legacy technology * [42:10] Why mentorship matters and why Lesley chooses to give back to the field Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes [https://podcasts.apple.com/us/podcast/easy-prey/id1488678905] and leave a nice review. Links and Resources: * Podcast Web Page [https://www.easyprey.com/] * Facebook Page [https://www.facebook.com/EasyPreyPodcast] * whatismyipaddress.com [https://whatismyipaddress.com/] * Easy Prey on Instagram [https://www.instagram.com/easypreypodcast/] * Easy Prey on Twitter [https://twitter.com/easypreypodcast] * Easy Prey on LinkedIn [https://www.linkedin.com/company/easy-prey-podcast/] * Easy Prey on YouTube [https://www.youtube.com/channel/UCCgy_xKrjiXghSgGFEAFdTQ] * Easy Prey on Pinterest [https://www.pinterest.com/easypreypodcast/] * Lesley Carhart [https://tisiphone.net/] * Lesley Carhart - LinkedIn [https://www.linkedin.com/in/lcarhart/?originalSubdomain=au] * Lesley Carhart - Dragos [https://www.dragos.com/lesley-carhart]

Familial Identity Theft

Identity theft is usually framed as an external threat. Hackers, data breaches, anonymous criminals operating somewhere far away. This episode looks at a much harder reality to face: identity theft that happens inside families, often quietly, over many years, and without immediate detection. The damage isn't just financial. It reshapes trust, relationships, and a person's sense of stability long before anyone realizes what's happening. My guest is Axton Betz-Hamilton, an associate professor of financial counseling and planning whose research focuses on familial and child identity theft. Her work is deeply personal. As a teenager, Axton discovered her own credit had been destroyed before she ever had a chance to build it, the result of identity theft that began when she was a child. Years later, she uncovered the truth behind who was responsible and how multiple generations were affected. We talk about how familial identity theft works, why it's so difficult to detect, and what recovery really looks like when the person who caused the harm was someone you trusted. The conversation covers the long road to rebuilding credit, the emotional fallout that often gets overlooked, and the practical steps people can take to protect themselves and their children before damage is done. Show Notes: * [02:15] Axton Betz-Hamilton explains how her parents' identities were stolen in the early 1990s, before consumers had legal protections. * [03:50] Discovering a 10-page credit report at age 19 and realizing her financial life was damaged before it began. * [05:45] What it's like to learn your credit score is in the second percentile nationwide and why that realization changes everything. * [07:10] How early frustration with identity theft shaped Axton's academic path and research focus. * [09:05] The moment evidence surfaced pointing to a family member as the source of the identity theft. * [10:45] Uncovering decades of fraudulent accounts affecting multiple generations within one family. * [12:50] How grief abruptly shifted into investigation after learning the truth about who caused the harm. * [15:20] The long, two-track process of disputing fraudulent credit while slowly rebuilding legitimate credit history. * [17:40] Why some fraudulent accounts had to age off credit reports instead of being removed. * [19:05] How isolation and manipulation can allow familial identity theft to continue undetected for years. * [21:55] Exploring possible motivations behind the theft and how financial behaviors can repeat across generations. * [23:10] The simplest way to detect identity theft is by regularly checking all three credit reports. * [24:30] Why freezing your credit is one of the most effective and underused protection tools. * [26:05] The importance of freezing children's credit to prevent damage that may not surface until adulthood. * [28:00] How modern tools like IRS identity PINs reduce the risk of tax-related identity theft. * [30:15] Using E-Verify freezes to prevent identity theft tied to employment and income. * [33:10] The emotional impact of familial identity theft and why boundaries are often necessary for healing. * [35:00] How family systems fracture when some members believe the victim and others defend the offender. * [36:40] Why mental health support is a critical part of recovery, not an optional one. * [38:00] The Identity Theft Resource Center as a comprehensive support option for victims navigating recovery. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes [https://podcasts.apple.com/us/podcast/easy-prey/id1488678905] and leave a nice review. Links and Resources: * Podcast Web Page [https://www.easyprey.com/] * Facebook Page [https://www.facebook.com/EasyPreyPodcast] * whatismyipaddress.com [https://whatismyipaddress.com/] * Easy Prey on Instagram [https://www.instagram.com/easypreypodcast/] * Easy Prey on Twitter [https://twitter.com/easypreypodcast] * Easy Prey on LinkedIn [https://www.linkedin.com/company/easy-prey-podcast/] * Easy Prey on YouTube [https://www.youtube.com/channel/UCCgy_xKrjiXghSgGFEAFdTQ] * Easy Prey on Pinterest [https://www.pinterest.com/easypreypodcast/] * Axton Betz-Hamilton - South Dakota State University [https://www.sdstate.edu/directory/axton-betz-hamilton] * Axton Betz-Hamilton - LinkedIn [https://www.linkedin.com/in/axton-betz-hamilton-42575112/] * Axton Betz-Hamiliton - Facebook [https://www.facebook.com/DrAxtonBetzHamilton/] * Identity Theft Resource Center [https://www.idtheftcenter.org/] * Annual Credit Report [https://www.annualcreditreport.com/index.action] * IRS - Identity Pin [https://www.irs.gov/identity-theft-fraud-scams/get-an-identity-protection-pin] * E-Verify [https://www.e-verify.gov/]