Trust is one of the most powerful and dangerous currencies that we have. Whether it's a phishing email, a romance scam or a human trafficking operation, the criminals behind it exploit some of the same dynamics; mainly that trust can be earned by playing to our emotions.

This is particularity true when it comes to this episode’s topic; the global crime of "pig butchering". The scam involves luring victims into fake romantic relationships, convincing them to invest in cryptocurrency schemes, and then stealing their money through fake investment platforms. It’s worth to add that the term is a violent term for a violent crime, and that financial grooming might be more fitting description.

This week’s guest, Erin West, spent 26 years as a district attorney, and the last few years she’s been exclusively working on these kinds of scams. She’s been featured in the Wall Street Journal about her work, testified before Congress and started her own non-profit (Operation Shamrock) focusing on educating about and disrupting transnational organised crime.

Erin explains how Chinese organised crime uses high-tech methods, including cryptocurrency, to defraud victims of their life savings, the link to human trafficking, and the surprising scale of it all.

Send us a text

This episode, we’re joined by Ford Merrill, Senior Director of Research and Innovation at SEC Alliance, to discuss the evolution and sophistication of Phishing as a Service (PhaaS).

Merrill shares from his 11 years of experience working on security research in primarily the areas of phishing and DDoS botnets. In the episode, he talks about the shift from Russian to Chinese-speaking operators, who the developers of advanced kits like Darcula and Lighthouse are, and who actually uses them to impersonate brands for financial gain.

Merrill also outlines a complex ecosystem with supporting technologies and roles involving spammers, data brokers, and money launderers. He also shares what thinks needs to be done to respond this problem, and where he sees rays of hope already.

Related resources:

If you haven’t listened to our series on Darcula, a phishing-as-a-service operation targeting victims globally, check out episode 137 and 138 to hear Robby’s interview with mnemonic's security researchers Erlend Leiknes and Harrison Sand about the findings from their technical investigation into the phishing kit platform Magic Cat. And hear how this story progressed as Robby interviews investigative journalist Martin Gundersen from the Norwegian media agency NRK.

Send us a text

We´re back from Summer break! 

To kick things off, we’re excited to have Armin Buescher and Einar Oftedal from RSAC join Robby for a dive into the most talked-about topic at this year’s RSA Conference: the emergence of agentic AI.

Agentic AI, the way they define it, are agents that complete tasks acting on behalf of a user. Unlike the traditional LLM experience, where the agent is relying on human prompts, agentic AI is designed to plan, decide, and act on their own within set goals - instead of waiting for instructions.

During their conversation with Robby, they cover what agentic AI means for different domains within cyber, how it is being utilised, and the challenges of implementing agentic AI.

They also talk about the importance of human oversight, why decision-makers need to stay educated, and the biggest buzzwords when it comes to agentic AI.

Send us a text

In this episode, we’ll explore what quantum computing might mean for the world of security in the future, and the concrete measures the banking sector is taking to prepare for it.

Robby is joined by Ulf Larsson, Security CTO at the SEB Group, a leading financial services group in the Nordics, to discuss the work he’s been doing on the potential impact quantum computing will have on his sector, what it can do with our ability to protect data, and preparing his bank to be quantum safe by 2030.

They discuss the concrete tasks security teams have in front of them already now, how banks are working together to secure the financial eco-system, and the ongoing development within this field by tech companies and consultancies. 

Send us a text

Magic Cat (part 1) with security researchers Erlend Leiknes and Harrison Sand 

Darcula is a phishing-as-a-service operation targeting victims globally. Over the past 1.5 years, mnemonic researchers and an international investigative reporting team have been looking into the technology, operations and individuals connected to this crime group.

In this episode, Robby speaks with mnemonic's Erlend Leiknes and Harrison Sand about the findings from their technical investigation, offering a rare look behind the scenes of this global phishing-as-a-service operation utilising the phishing kit Magic Cat.

The research unveils hundreds of thousands of victims spanning the globe, unique technical insight into the software enabling hundreds of criminal subscribers, and a glimpse into the flashy lifestyle of the operators.

This podcast was recorded in April, but on May 4th, Norwegian media agency NRK, together with French Le Monde and German BR released the first of their multi-part global investigation into the prominent people behind the phishing operation. The investigation brings them to Thailand, where they attempt to confront Darcula, and learn more about the inner workings of the scam central.

Listen to Part 2 to hear how this story progresses as Robby interviews investigative journalist Martin Gundersen from NRK.

- mnemonic's technical blog about Magic Cat: https://www.mnemonic.io/resources/blog/exposing-darcula-a-rare-look-behind-the-scenes-of-a-global-phishing-as-a-service-operation/

- Inside the Scam Network at NRK: https://www.nrk.no/dokumentar/xl/inside-the-scam-network-1.17399135

- The Hunt for Darcula at NRK: https://www.nrk.no/dokumentar/xl/the-hunt-for-darcula-1.17399157 

Send us a text

Magic Cat (part 2) with investigative journalist Martin Gundersen

This is the second part of our series about our investigation into Darcula, a phishing-as-a-service operation targeting victims globally, and the phishing kit platform Magic Cat. Over a period of 1,5 years, mnemonic researchers and an international investigative reporting team from the Norwegian media agency NRK, together with French Le Monde and German BR, looked into the technology, operations and individuals connected to this scam network.

The findings offer a rare look behind the scenes of this global phishing-as-a-service operation utilising Magic Cat. The research unveils hundreds of thousands of victims spanning the globe, unique technical insight into the software enabling hundreds of criminal subscribers, and a glimpse into the flashy lifestyle of the operators.

In this episode, Robby talks with Martin Gundersen from NRK about how they worked on this investigation, and what happened when they traveled to Thailand to confront the people behind the scam network.

If you haven’t listened to Part 1 of this series yet, check out episode 137 to hear Robby’s interview with mnemonic's security researchers Erlend Leiknes and Harrison Sand about the findings from their technical investigation into Magic Cat.

• mnemonic's technical blog about Magic Cat: https://www.mnemonic.io/resources/blog/exposing-darcula-a-rare-look-behind-the-scenes-of-a-global-phishing-as-a-service-operation/
• Inside the Scam Network at NRK: https://www.nrk.no/dokumentar/xl/inside-the-scam-network-1.17399135
• The Hunt for Darcula at NRK: https://www.nrk.no/dokumentar/xl/the-hunt-for-darcula-1.17399157

Send us a text

We are all negotiating, in one way or another, every single day.

In this episode, we’re joined by someone that has not only mastered the skill of negotiation, she’s traveling worldwide doing negotiating training, particularity for technology companies; Tine Anneberg, Founder & CEO of CREOSUM Create Impact – part of the SMARTnership Negotiation Organization.

Tine and Robby talk about the benefits of taking a collaborative approach to negotiations, the value of trust, and why curiosity is the most important thing to bring with you in a negotiation.

Tine also shares what she’s observed to be the biggest pitfalls, how technology and AI is changing her industry, and how she is using her negotiation background to view the current geopolitical climate.

Send us a text

As a manager, there's no getting around the fact that how well people like and trust you matters. According to this week’s guest, Patric J.M. Versteeg – CISO at Viterra, a global agricultural network operating in 39 countries, trust and likability are even more critical in security than in many other fields.

Last year, Patric was named European CISO of the Year. With over two decades of experience in the role, it’s safe to say he knows a thing or two about what makes a strong leader in the world of security.

In this episode, Robby and Patric discuss what makes a great CISO, the importance of “personal leadership,” and the common pitfalls many fall into.

Send us a text

In this episode, Robby speaks with Harry Wetherald, Co-Founder and CEO of the security platform Maze, about the current wave of LLM innovation in security and how to separate real progress from marketing fluff.

Drawing on his experience building security products, Wetherald shares how large language models are changing the way we approach vulnerability management, what to ask vendors about their "AI" claims, and why UX may be just as important as the models themselves.

Send us a text

In this episode of the mnemonic security podcast, Robby speaks with Knut Elde Johansen and Øyvind Bergerud from Storebrand about their transformation from early cloud challenges to established cloud maturity.

They discuss how Storebrand shifted from outsourced IT to building a modern, in-house cloud infrastructure, and how security evolved alongside it. From implementing policy as code to enabling developers through threat modelling, purple teaming, and CNAPP, Knut and Øyvind share hard-earned lessons from building a secure, cloud-native environment. They also explore the changing threat landscape and how Storebrand prepares for attackers who are becoming just as cloud-savvy as defenders.

Send us a text