Won't Fix

Craig Silverman is an award-winning journalist who has spent more than 15 years researching and reporting on the manipulation of our information environment. He is currently the co-founder of Indicator, a media outlet dedicated to exposing digital deception and teaching digital investigative and OSINT (open-source intelligence) techniques.Prior to launching Indicator, Craig was a national reporter at ProPublica, where he focused on investigating digital platforms and online manipulation. Before that, he served as the media editor for BuzzFeed News, where he pioneered innovative approaches to exposing digital disinformation and media manipulation.Key Episode Takeaways:The Industrialization of Deception: Digital manipulation has shifted from lone actors into a massive, industry backed by venture capital and brutal supply chains, including Southeast Asian "scam compounds" that merge human trafficking with high-tech fraud.The "Manufactured Organic" Loophole: Brands are now using "clipping" and industrial-scale UGC campaigns to generate billions of views through paid creator networks that mimic authentic posts.An Incentive to Cheat: The current digital economy creates a "race to the bottom" where deceptive or violative content often sees higher engagement and lower costs than honest ads.Ad Revenue Cannibalization: By failing to police undisclosed marketing, social platforms are letting a shadow ad economy thrive that actively drains budgets away from their own official, trackable ad businesses.Deterrence Through Public Examples: Instead of trying to automate everything, platforms could flip the script by making high-profile, public examples of agencies that openly brag about their deceptive tactics on social media.Episode Highlights:00:00 Introduction and Background of Craig Silverman01:21 Early Collaboration and Scam Evolution04:27 Indicator Media's Mission and Approach08:29 Undisclosed Marketing and UGC Campaigns13:21 Scale and Enforcement Challenges20:51 Platform Cannibalization and Business Impact28:29 AI Labeling Audit Results34:15 Community-Based Detection and User Skills39:17 Affiliate Marketing Case Study46:48 Systemic Incentive Problems49:13 Conclusion and ResourcesLinks:Craig SilvermanIndicatorRob Leathern

Assaf Kipnis spent years hunting financially motivated bad actors on Meta's e-crime team and in Google's Ads Trust & Safety org.He now runs KTLYST Labs, where he's building the threat intelligence tooling he always wished existed inside big platforms. We get into the practical realities of scam fighting — what's actually changed in the AI era, what hasn't, and why so much of the industry's effort gets aimed at the wrong targets.About the guest: Assaf Kipnis is the founder of KTLYST Labs. Previously: Meta e-crime, Google Ads Trust & Safety, ElevenLabs, LinkedIn threat intel.What We Cover:Why AI isn't reinventing scams — it's just adding a more convincing final layer to playbooks that have existed for years.The asymmetry problem: bad actors run conferences, sell each other tools, and share playbooks on Telegram, while defenders can't share findings across teams at the same company.A case study in what actually works — how changing product, policy, and operations together pushed a misinformation-for-profit ring off the platform in a week.Why "accounts taken down" is a near-useless metric, and the "learned futility" it creates inside big trust & safety orgs.The Swiss cheese model of abuse prevention, and why chasing a single silver-bullet solution keeps companies chasing their tail.Where regulation has teeth (banking) and where it's mostly performative (social media), plus the cross-platform gap no one is addressing.How AI is changing investigative work — compressing a week of open-source research into two hours — and why that makes entry-level talent pipelines a real concern.Episode Highlights:00:00 Intro01:06 Professional Background and Career Journey ‎03:47 AI's Role in Scaling Rather Than Changing Scams ‎07:05 Adversary Collaboration vs. Defender Silos ‎09:02 The Frame Rate Discovery Example ‎10:26 KTLYST Labs and Operationalizing Threat Intelligence ‎12:40 AI's Impact on Investigation Work ‎15:15 Career Entry Points and AI's Impact on Junior Roles ‎20:38 The NextTag Affiliate Program Attack ‎23:00 The Misinformation Campaign Investigation ‎27:52 The Limitations of Location-Based Solutions ‎30:30 The Futility of Single-Solution Thinking ‎33:47 The Reality of Platform Defense Goals ‎34:50 Government Regulation and Enforcement Challenges ‎40:31 The Problem with Takedown Metrics ‎Links:Assaf KipnisKTLYST LabsRob Leathern

Investigative journalist Tom Wright (Project Brazen) joins Rob Leathern to discuss the staggering rise of Benjamin Mauerberger, a South African money launderer who utilized crypto exchanges and high-level political "state capture"; to fund a billionaire lifestyle of super yachts and private jets while evading an international dragnet.Tom shares more about the dark underbelly of a $200 billion global scam industry where industrial-scale "pig-butchering" complexes in Southeast Asia target citizens around the world.Key Episode Takeaways:The "state capture" playbook enables global fugitives: Large-scale money launderers use their wealth to gain political protection, setting national digital policies and even attending cabinet meetings to integrate criminal proceeds into traditional banking systems.Cryptocurrency serves as a high-speed financial superhighway: Modern fraud has moved beyond traditional banking into crypto "piping," allowing scammers to move value across borders with frictionless speed and scale.A "double victimization" cycle defines the scam industry: The global fraud network relies on a brutal labor model where workers are often human trafficking victims lured by legitimate job offers only to be imprisoned and tortured within scam compounds.Economic impact now rivals Fortune 500 revenues: Estimates suggest the US economy loses approximately $200 billion annually to these scams—a figure that exceeds the annual revenues of automotive giants like GM or Ford.Jurisdictional arbitrage creates a "cat and mouse" regulatory game: Criminal entities constantly shift operations to less regulated territories, such as moving from the Seychelles to the Turks and Caicos, to evade tightening anti-money laundering oversight.Reputational "whitewashing": Questionable financial entities attempt to gain mainstream legitimacy by sponsoring world-class athletes or prestigious events to obscure their underlying involvement in global money laundering networks.Episode Highlights:00:00 Intro01:45 The Genesis of Billion Dollar Whale04:47 Evolution from Traditional Fraud to Crypto-Enabled Scams08:13 Mauerberger's Rise and Political Connections10:35 Mauerberger's Flight and Current Status15:48 The Crypto Money Laundering Operation24:40 The Human Cost and Complexity of Scam Operations27:14 Challenges in Reporting and Government Response32:34 The Broader Implications and Future OutlookLinks:Project BrazenBillion Dollar WhaleTom WrightRob Leathern

In this first episode of Won't Fix, Rob Leathern talks to Jason Zoltak.Jason is the founder and CEO of tofu, which is using AI and machine learning to fight fraud and deception in hiring and recruiting.About Won't Fix: In software engineering, “won’t fix” describes a bug by acknowledging the issue but intentionally leaving it unsolved because addressing it is too costly, risky, or not worth the trade-offs.Hear from the practitioners fighting phishing, deepfakes and bots, and learn about the broken systems and misaligned incentives that keep us all vulnerable.Key Episode Takeaways:The Identity Fraud Pivot: tofu shifted from an AI resume screening tool to a fraud detection platform after discovering that remote hiring has enabled a massive surge in sophisticated identity misrepresentation.Near-Universal North Korean Infiltration: Virtually every company hiring for remote technical roles is now a target for North Korean IT workers, with some applicant pipelines reaching 80% fraud rates.The Fragmentation Vulnerability: The lack of a "digital passport" and the break in verification when moving a candidate from LinkedIn to an internal ATS creates a massive security gap for fraudsters to exploit.Shift in Security Ownership: Candidate fraud is transitioning from a Talent Acquisition burden to a CISO priority as companies realize recruiters lack the budget and expertise to fight organized cybercrime.Economic Scalability of Fraud: Fraudsters aren't looking for long-term tenure; they use deepfakes and proxies to "job stack," collecting multiple salaries simultaneously for a few months before being caught.The "Confirmation Bias" Trap: Once a candidate reaches the final interview stages, hiring managers and recruiters are psychologically prone to ignore red flags, making them vulnerable to sophisticated identity theft.2:29 Jason's Background and tofu's Evolution4:09 Discovering Candidate Fraud Through Direct Investigation5:04 Market Response and Business Pivot Decision6:35 Personal Motivation and AI Identity Challenges8:17 Spectrum of Fraud vs. Embellishment in Hiring10:25 Prevalence of North Korean IT Worker Infiltration11:30 Evolution of Fraud Techniques and Identity Theft13:18 Root Causes: Platform Disconnection and Identity Verification15:26 Security vs. Talent Acquisition Budget and Responsibility Issues17:36 LinkedIn Verification Challenges and Behavioral Incentives19:20 Impact of Thin Digital Footprints on Legitimate Candidates21:35 False Positive Management and Digital Footprint Requirements24:16 Interview Process Fraud: Deepfakes and Proxy Detection26:01 Sophisticated Deepfake Case Study and Technical Evidence28:17 Economic Incentives and Scaling Strategies for Fraudsters29:26 Corporate Espionage and Strategic Target Selection32:15 Recruiter Incentive Conflicts and Trust Erosion36:13 Critical Case Study: Final Round Interview Fraud Detection37:28 Government Regulation vs. Private Sector Solutions39:39 Upcoming Product Launches: ATS Reconnaissance and Continuous Monitoring