THEOS Cybernova

Nigel Phair – Cyber Scams in Asia: Victim Blaming, Underreporting, and the Need for Change

Theos CyberNova Season 2 Episode 5

Share episode

Why are cyber scams rapidly increasing across Asia while law enforcement, education, and industry still struggle to keep pace?

In this episode of THEOS Cybernova, Paul Jackson reconnects with Nigel Phair of Monash University to discuss the scam crisis in APAC. They explore why victims are blamed instead of supported, how underreporting skews the true scale of fraud, and what must change in policing. The conversation also delves into the future of cyber talent, the impact of AI on junior roles, and the need for more effective collaboration across government, academia, and industry.

Listen in to uncover why scams are more than just financial crime and how the fight against them must evolve.

Production Credits:

Presented by: Paul Jackson
Studio Engineer & Editor: Roy D'Monte
Executive Producers: Paul Jackson and Ian Carless
Co-produced by: Theos Cyber and W4 Podcast Studio

Paul Jackson:

The Theos Cybernova podcast hosted by Paul Jackson.

Nigel:

Welcome to season two of Theos Cybernova, and in this episode we're revisiting conversations with Nigel Fair. So, nigel, how are you doing these days? I'm great. Thanks, paul, how are you? Yeah, doing all right, thanks, doing all right, and great to be chatting again. I really enjoyed the podcast we had in the first season. And, yeah, you're one of my few guests who isn't tied down with compliance in big companies, so you can shoot from the hip. You can say it as it is right.

Paul Jackson:

Well, it's certainly my preference, Hence why I don't work in big corporate or vendor land.

Nigel:

Well, it's great to have you on the show again, and I'm going to start with a bit of a zinger, because we're going to talk today about cyber scams. Cyber fraud which I know is close to your heart in your research and the work that you do with your partners, et cetera. But the numbers are pretty shocking, and I'll talk about the numbers in a moment. But why is law enforcement still behind the curve in fighting cyber scams? They've been around for a long time, but they're just increasing constantly. Why is it they're just not handling this, tackling it.

Paul Jackson:

I think there's a really simple answer to that, paul, and that's from everyone, from the police commissioner down doesn't understand the impact on society of the dollar losses. They don't understand what needs to be undertaken to do these investigations. Sometimes they're complex and sometimes they're not, and I think we're just still set in this terrestrial crime world where, if they can see it, they can police it. Wow, yeah.

Nigel:

Okay, that's pretty tough words. I mean Just for the audience who don't know us, we're both ex-cops, so we do come from a law enforcement background, and it's a tough one because I sense that modern policing is metrics driven right and a lot of these cyber scams? Of course they're not, because cyber is the internet right, so of course it's not your local scammer, it's your scammer overseas and therefore arrests are unlikely in your local neighbourhood. So your policing metrics of successful arrests aren't going to look good if you just focus on cyber scams right.

Paul Jackson:

Well, I think there's that. I think there's a range of different things. So when you look at technology risk, it's both what I call a horizontal and a vertical. So it's the same crime type and you know, all mature policing agencies have all got cybercrime investigative units now of varying degrees and abilities. But you know, there's still the people that are over there and they're still not fully resourced and they're still not fully brought in.

Paul Jackson:

But when you think back to our policing days, what we used to call computer forensics, you know now you'd probably call it DFIR and broader. That's the horizontal, where every crime type has a digital component to it. You know every crook's got a mobile device, you know, or using social media or using crypto to receive money or a range of other things. So I also don't fully see technology used in the investigation of all crimes to the level it has to. But I still go back to my point and you said it with, if you can see it, I think police ministers, police commissioners, down they look at what's on the front page. They still look at newspapers even though sort of you know subsequent generations don't and they are focused on things like outlaw motorcycle gangs and drugs and other important, super important crime types. And they say to their police you know, get another car out and solve this problem. So they do.

Nigel:

Yeah, interesting comments there. Yeah, interesting comments there. And you know you're right about resources, because you know it's a challenge in our company and in any other company, getting the right resources. You know there's always this talk about a shortage of cyber talent. The reality is, I think it's a shortage of the right cyber talent, because there's cyber talent and there's cyber talent. You know there's ones who are experienced and know what they're doing and also have the mindset to be able to unravel complex in a policing context anyway complex scenarios, right?

Paul Jackson:

Well, without wanting to go off on our first tangent, which we are already yeah.

Paul Jackson:

A couple of minutes in the skills debate is an important one to have and a shocking debate going on at the moment In Australia. The numbers are bandied about between 30,000 and however many tens of thousands more people are there. And you're 100% right there aren't those vacancies. It's just not true, and I think we're telling our particularly our young undergraduates at university the wrong story, because they're going off and doing a Bachelor of Cybersecurity or a Bachelor of IT or a Bachelor of Software engineering or something, thinking that rivers of gold are going to come from and those jobs just aren't there. They're there if you've got genuine experience and long-standing experience and you can command a reasonable salary, though I think salaries will start dropping. Um, that's one thing, but also, you know, I think we need to better quantify what we want in a graduate coming out of university or out of the polytechnic sector or anything, and this is where we need to have a better skills discussion and a better skills debate about saying you know you run a business and you need certain people to do certain things, but universities really aren't.

Paul Jackson:

I don't believe explaining to the job market what you are buying when you have this person who's just done a three-year Bachelor of, et cetera, right. And then I think, coupled with that, cyber. You know, you and I have been probably doing cyber for some of the longest in and around it and it's still really nascent. If I'd done an accounting degree, I'd go and get a job, whether it's with the Big Four or some local accounting firm, maybe go, you've done your bachelor, you don't really know much. We're going to put you through your professional year, we're going to teach you all these things and everything's going to be great. Same with engineering, same with law, et cetera, et cetera. Cyber I don't believe he's good at getting that young person and when I say young I mean young in their career, it doesn't matter their age, yep, yep, and actually bringing them along.

Nigel:

Yeah, this is fascinating stuff, and you're right, we've gone down a rabbit hole, but let's stay in this rabbit hole because it's an interesting segue. Right, and we've also got to bring AI into this equation as well. But before I discuss AI in this context, you're right about a career path, if you like, for cyber juniors, let's call them. They may be young or old, right or junior to the field. The challenge we've got, though, I think, is that accounting and law, the examples you mentioned, engineering they're pretty rigid, they're pretty well defined. They don't change that much, right? Cyber is just constantly evolving and changing, so how do you set a standard approach to developing new talent and getting them to that experience level where they actually become really productive and useful?

Paul Jackson:

Yeah, that is the hard part. So we have frameworks. You have the NICE framework, for example, and you have the other one's gone out of the back of my head. It'll come to me You've got some job-ready frameworks that can be used. But explaining to people the breadth of a career in cyber, I think, is the first thing, because there's technical, heavily deep dive technical careers at one end and at the other end you've got, let's call it, grc and other things where there isn't. It's more project management, for example, and everything in the middle.

Paul Jackson:

And a lot of people say to me do I need to learn? Yeah, I'm put off by getting a career in cyber because I don't know how to code and I don't want to know how to code. And my response normally to that is you don't necessarily need to know how to code, but you need to understand what code does. Yes, and I think that's where people we need to bring people along. This journey of mentorship throughout their career is just explaining some of these principles. And through Monash University, I supervise students doing their integrated workplace learning for a semester and often they'll start off wanting to do something and they'll finish their semester-long placement full-time, thinking their career is going in a completely different area. That is nine times out of ten, and I think it's great because I've had a taste of actually what it is.

Nigel:

Right.

Paul Jackson:

So you know there's lots of graduates being put through. Universities are great, I think. As I said, I think we've got to, as a sector, better explain what industry is buying. But I'm a big fan of the polytechnic side of the house, of being hands-on. You know there's nothing like getting your hands dirty and you know whether it includes coding, whether it includes, you know, provisioning accounts to people, all those sorts of things, how you learn that sort of stuff along the way. But then there's you know there's all sorts of other other careers along the way which I think we need to better promote.

Nigel:

I think you're right. And look, you're in a rare position. You know, working in the university where you've actually done the hard yards, you know you've been in the trenches, et cetera. But a lot of the academia don't understand the real world. If I'm not being too insulting to them, I hope not.

Paul Jackson:

But you're not involving it at all. It's the reality and that would be a good thing if we could get our career academics into industry.

Nigel:

Yeah, but the problem is salaries and stuff like that. It's very hard for somebody who's earning a big salary out in the corporate world to give that up. To become a mentor and a coach to aspiring newcomers yeah, become a mentor and a coach to aspiring newcomers.

Paul Jackson:

Yeah, you know, I see pockets of Europe that do it better, particularly if I just put the Australia hat on about getting sort of your serious industry people with adjunct positions and getting them in the tent in universities. And unfortunately, when I see it in Australia, the motivation is more to. Can we get some money out of you to do a research grant?

Nigel:

Yeah.

Paul Jackson:

Rather than we want to integrate you into this and get your learnings. It's moving past the come and do a guest lecture scenario. Yeah, that's diamond-guessing I get you.

Nigel:

So I've got to get back onto scams, right, but before I do let's We've actually never got onto scams, to be fair. To be fair, we didn't really did we. We just talked about why police weren't really handling it well. But it does lead into this important topic, because you need capacity. If we're going to defeat scammers, right, we need the capabilities and we need collaboration and we need capacity. So it is important to just cover this, and AI is the big elephant in the room, right. So why? I mean? Well, let's start first of all by saying that we had an interesting discussion here in the office at theos, theos cyber about um uh ai taking over junior roles in our, in our line of business. So where most people and I'm talking about cyber rather than investigations, where most people in cyber get experience or start their experiences in the SOC right and SOC analysts we are heading headlong into a world where our SOC analysts are going to be machines.

Nigel:

They're basically going to be AI and you know, with a few more experienced ones to QA and et cetera.

Nigel:

But those experienced ones will want to move up and there will be a CISO. So then who fills that gap? Because then you haven't got the people coming through in the pipeline and I see worrying times a little bit ahead and I see the same in other. You know I'm just highlighting the SOC because it's easier to kind of explain security, where you know ai is going to be taking over those junior level jobs and not feeding the experience and talent that we need to run at the higher level.

Paul Jackson:

Do you agree? I semi agree. I live by the expression of I don't think ai will take over all the roles. I think someone using ai will take over all the roles yes, um, but again playing, so there will definitely be a reduction in head count. That's a, that's a no brain, but you're still going to need someone to manage the ai, and I still prefer using the term machine learning, by the way, rather than ai.

Nigel:

Fair enough, let's not go down that rabbit hole, though. But um, that's season three, isn't it? That's season three, yeah, so uh no, but what I'm saying is that, uh, yes, I agree, you've got to have that person using ai, but they can't just be good at ai, they've also got to have experience, because they've got to understand whether ai is making mistakes or whether they're produced, and that, therefore, is how do you get those people with the experience of ai is taking over the very junior roles? In my opinion, that's that's all I'm saying on that.

Paul Jackson:

Yeah, no, I think there's a number of issues around that. I think higher education is still reticent about the use of AI because it's always seen as someone's going to cheat on their exam. They're going to go to chat GPT and say write me 3,000 words on, you know, endpoint detection or whatever the assignment is, and so there's sort of that a bit of a freight. I think corporates and I was reading an article, some of them are starting to block some of the mainstream LLMs, which means we've been talking about shadow IT for a very, very, very long time. We're just going to end up with shadow AI in the workplace, so that's not going to serve us any good with people learning things because you've got to be playing with this.

Paul Jackson:

And you know, I quite enjoy talking to company directors and, more importantly, to risk and audit committees and one of the questions I ask these people in the committees when they sort of say oh, you know everyone wants to do something AI because it's cool.

Paul Jackson:

And I sort of say to them you know, everyone wants to do something AI, you know because it's cool. And I sort of say to them you know, are you individually playing with these LLNs? Are you just, you know putting in basic things like I'm going away for the weekend, what should I do? In country, you know, city X, and most of them just aren't even just fiddling just to work out what it is, or managing their calendar, or aren't even just fiddly just to work out what it is, or managing their calendar, or doing all these other sorts of things, or, or better, scripting email responses and, and you know, we're at the very root, the very edge of this sort of stuff and I felt like I feel like saying to them how do you propose to be the custodians of your organizations from a non-executive perspective if you're not even having a go yourself and you're making management, are making arbitrary decisions about people in the workplace using some of these tools, and so I fear things aren't looking good.

Nigel:

You're bringing the whole vibe down here, Nigel. But yeah, you know, you're absolutely right.

Nigel:

We haven't even got on the scams yet. No, we well, let's get on the scams now. Okay, let's get back on track. Finally, so you know the reason. This was triggered because when I reached out to you in our last little chat, you know you mentioned that you were heading off to Singapore and to Korea and part of that is to attend an anti-scam whatever it was conference. Right, could you tell us a little more? Firstly, about those conferences, the scam one Sure, sure.

Paul Jackson:

So the Global Anti-Scam Alliance is holding their Singapore, their Asia conference, so I'll be attending that and there's some interesting sessions, interesting people. To give it the gravitas, it's actually sold out in person. It's at Suntec. Suntec holds a lot of people in various rooms and they've opened it up online to people. So kudos to them for getting a whole range of it. It's predominantly an industry sort of audience, so that's all good. So, yeah, it'll be interesting with that. And then the career bit is the Cybersecurity Korea 2025 conference, which is a government-run event, invite-only, which I'm hoping will be quite interesting. I first went to Korea when I was in the police back in 2003 or 2004,. Back when there were streets ahead of us with connectivity and a whole range of other things.

Paul Jackson:

I remember going there and going to a hotel and had two megabits per second Wi-Fi in the hotel and we were at Dial-Up in 2004. Yes, yeah.

Nigel:

You've moved on from Dial-Up now in Australia, right? I think so. Just kidding, yeah, so let's you know. Obviously, the conference in Singapore triggered my interest, where you know, and I thought I'd focus this talk on scams, which I failed to do so far. But what are the sort of common or innovative scams that you've been seeing recently? Because I know you look at this very closely, right?

Paul Jackson:

Yeah, no, absolutely. I like reading a lot of stats and you know we can take stats as they are, which is an important issue to first talking with, because every jurisdiction is sort of now putting out that we've lost this amount of money in scams and I think the first thing to delineate out of that is that figure is never true. That's what the reported amount is. No one in Australia, included Singapore, pretty much every other jurisdiction is guessing how much underreported scams are. So, going back to the why police aren't doing this, the figures are horrendous as it is in how many billions of dollars are lost and yet it's still underreported. If it was any other crime type, if it was, you know we go back to.

Paul Jackson:

I remember my early policing days in the late 80s, you know 90s. Everything was about drugs. Fraud wasn't a thing but drugs. And you know we used to high-five ourselves when we'd sort of seized 10 kilos of cocaine, you know, and that wasn't even a drop in the ocean. And the resourcing that went into drug and addiction, particularly at the border. It still does today, which is great. I applaud the police for that. And there's still a drop in the ocean. But the poor old cyber people, it's talked a big game for them, but they're not getting that resourcing. So until we accurately understand the losses, that's the first thing.

Paul Jackson:

And then we're going to move on from talking about the dollar losses to the whole of sort of societal losses. So someone loses X amount of money. To some people it's their whole life savings. To some people it's the equivalent of a bad day at the races. You know, it all depends where you sit on the curve of wealth and your own risk. Some people falling for a scam, they just go. Yeah, it was a risky decision and I took it because I make risky decisions and sometimes they pay off and sometimes they don't. So we've got to understand more the length and breadth of what it means to people financially, then what it means to them psychologically, because to some people it really is the end of the world and we don't, I think, address that sufficiently nor give the tools and techniques to people to deal with this huge financial loss from a psychological perspective.

Nigel:

Right, I'm going to ask you another question related to the, because the psychological part is really important and I definitely feel for these victims. A lot of people say, oh, you're so stupid, how could you know? I definitely feel for these victims, you know a lot of people say, oh, you're so stupid, you know, how could you fall for that? But that's really insensitive in many ways because these scams are actually very clever and very they, you know they leverage the insecurities of individuals. They learn how to press the right buttons, you know, to get them, you know, on the hook with their scams.

Nigel:

And that's the hard part, really, and you know so I've, obviously, you know ex-Hong Kong police and I, you know I assist clients and friends or whoever you know, to understand how to navigate reporting to police and what the outcomes might be.

Nigel:

And I have to say that I'm often very realistic, uh, with them to say that, look, you know the chances of getting your money back are well, zero, probably zero. Yeah, and you know, yes, uh, going to law enforcement gives some closure and you know it may. But the reality is, are these guys ever going to get arrested? Or, unless it's for insurance reasons or other you know reasons then yeah, you're not going to get much help from law enforcement and I can help navigate that. But the reality is also that law enforcement I don't think are very sensitive to the emotional damage, because very often they want to report it, because they hope they that not so much about getting the money back but getting somebody convicted for this, getting them punished and getting that sense of justice I would say for it. So I guess that's the same sense in Australia, right?

Paul Jackson:

So you raise a really important point. It goes back to the very first question you asked about why isn't law enforcement doing sufficient? With any other crime, you go to the police station and you report the crime. You walk in, go to the front desk and you say this is what's happened to me. My car got stolen, or I got damaged, or my wallet got stolen or whatever happened. You know, I got assaulted, it doesn't matter what it is, and the young constable on duty will take a report.

Paul Jackson:

But we don't do that with any online crime. You're directed to a website, it's very hard to find the website, it's very hard to navigate the website and the website asks you to do certain things. So, firstly, you've just had a really bad online experience and now you're being directed to do something online to report it, and then, on top of that, it's expected that you know what's happened. For a lot of people, all they know is they had some sort of interaction and now they have less money in their bank and something happened in the middle. They may or may not be able to explain it plausibly, and so I just think at every little factor, point that we're not being victim-centric. I 100%, whereas we've learned that with so many other things with domestic violence and sexual assaults and all these other things we've learned to be victim-centric, so it's not like we need to learn this stuff. We've been doing that sort of stuff, yes.

Nigel:

And you're right. There's still a prevailing attitude in my opinion, when you talk to people, that how could they be so dumb to fall for this? And that's hurtful and it's certainly not helping.

Paul Jackson:

The messaging is really another thing to really talk about. Is we victim blame and we victim shame, as you say? It's like how could you have done this? What's wrong with you? And we say things, and we say this in our national education. We say things like, if it seems too good to be true, it probably is.

Nigel:

What does that mean?

Paul Jackson:

Everyone I know that has fallen for a scam didn't think it was too good to be true. That's why they went along with it and so saying to them afterwards if it seems to be good to be true, and then we say things like don't click on links. I click on links all the time. I can send emails with links generally legitimate. But we just can't make these blanket statements saying do not click on links. I send emails with links in them all the time.

Paul Jackson:

I hyperlink all sorts of things through emails right our messaging is is just way out of whack the way we treat people. It's the same. When you know with people within an organization, you'll often hear all the vendors say people are the weakest link. That's why you need to buy my you know insert product here. And until we start slitting that around and celebrate people saying you know what, there's all this technology out there to try and stop this, but you are still the final solution and we celebrate you for that. We're going to give you all the tools and techniques and the support that we can. We're never going to solve this.

Nigel:

No, and you're right, and it's a pressing issue. I just pulled up AI, funnily enough, and asked about statistics on cyber scams in the areas that we focus on anyway with this podcast, such as Hong Kong, singapore, philippines, places like this, and I just saw that Hong Kong is quadrupled in five years, the number of cases and the financial losses to over 5.5 billion Hong Kong dollars. It's shocking numbers, you know, and as I flick through singapore and philippines, it's, it's, it's consistent, right.

Paul Jackson:

They're all rising exponentially singapore is number one for scams in southeast asia, um twice that of its next one, which is malaysia. On, on, and if you know what will you do if you're a cyber criminal and you're into scams? You go to the rich jurisdictions where the people have got the money and they're running businesses.

Nigel:

Yeah, that's the reality.

Paul Jackson:

But where the extension to this goes to Paul, which is why national governments do some stuff but don't do anywhere near enough policing at all. All the arms of government. So we celebrate this, we see it in the news, we see these statistics come out quarterly or annually. We see them in the news, we do press releases, we celebrate it was this X amount loss. I can't believe we celebrate that in any way, shape or form, as though it's a headline figure. Oh, you know, it was one crime reported every seven minutes. Now it's one crime report every five minutes and it's like you know, we're telling people this as though it's a thing you know.

Paul Jackson:

Going back to the AI discussion, we want people online. We want people getting the goodness out of technology. It's where productivity is going to come in society and to me, the best way to get people to become non-technology adopters is for them to suffer one or more scams. Just go. You know what? I'm not going to participate in this. I'm going back to the bank and I'm going to queue up in front of the teller. I'm not going to enjoy social media and be in contact with my friends or family. I'm not going to do all these sorts of things, and that's where I don't think strategically as a nation or nations. We are fully understanding what this means.

Nigel:

Agree as a nation or nations. We are fully understanding what this means. Agree, I think. I think what everybody needs is a little ai bot in the background, isn't it on your laptop or your phone, right, that's uh, monitoring all your websites, your emails, your whatsapps or text messages and saying that one's a scam, that one's, you know, I'm sure there's vendors creating that sort of stuff and there is some cool stuff done.

Paul Jackson:

The the telcos in Australia are blocking hundreds and hundreds of thousands of text messages and calls a month. Sometimes I get a call, so I won't answer my phone unless the caller is in my contacts list. And sometimes you'll get one that will have that little triangle alert saying we think this is a scam call yes, so there's intent and there's things happening. Alert saying we think this is a scam call yes, so there's intent and there's things happening Definitely. Well, let's go. We seem to, particularly in Australia. We seem to have lots of good coordination, which is great, but coordination ain't stopping the scams.

Nigel:

No, you're right. You're right and I think the lack of law enforcement or the lack of effectiveness, I should say, of creating a somewhat vigilante approach right to uh, to cyber scams, I I find it quite intriguing. You know, you see on youtube videos of uh very smart people who basically mess with uh scammers or hack them back, you know, and and embarrass them, etc. Or just waste their time or expose them publicly, whatever it might be uh. Or you know these ai AI bots designed to just represent grannies or elder people. So the banks in Australia are using that. Okay, I saw it originated in the UK. I think one of the banks there started that one off.

Paul Jackson:

Yeah, yeah, one of the big four. I'm not. I think it's Commonwealth Bank. It's been in the media a fair bit actively doing this to soak up the time of the cyber criminals.

Nigel:

Yeah, the theory being the more time that they spend with a bot, the less time they can spend with a real human. And you know well, I mean we have to support initiatives like this because clearly the traditional law enforcement solution isn't working. But you know, I find this quite fascinating and I do enjoy seeing you know I find this quite fascinating and I I do enjoy seeing you know folks who will give up their time to develop these solutions to, um, uh, to hopefully save a few more people from being hit by the scammers, right, yeah, well, you know there's been a discussion in australia for at least 15 years about what they call a cyber reserve, and particularly with defense, you know like so you have your army reserve.

Paul Jackson:

If something happens, they get called up for things. Doing the same thing for cyber. And some people take that extension to this, saying if you're retired and you've got a couple of hours spare on a Tuesday morning, why not occupy a scammer so that those couple of hours isn't being put to productive use by them? Could you ever see the Australian government doing that? They're not.

Nigel:

You know those couple of hours isn't being put to productive use by them. Could you ever see the Australian government doing that?

Paul Jackson:

Probably a bridge too far. But you know, having said that, where I live in Canberra, if you've got dash cam and you see your dash cam, you know you drive along and someone cuts in front of you and runs a red light, you can send that to the police and they'll send a ticket, an enforcement ticket, to that person. So we have vigilante-ism already in other crime types.

Nigel:

Oh, I bet some people really enjoy that they look out for the.

Paul Jackson:

Well, you know, and this is the issue, isn't it? I think that's the real issue is some people might just enjoy it too much and wavering along, baiting people and, you know, stepping over the line, yeah.

Nigel:

Yeah, I could really picture some Aussies driving around endlessly just looking for those moments. Maybe, maybe not, but yeah, it's interesting, isn't it? But you know again, you know we touched on education earlier, but you know, is there any other things you think we could do better in education?

Paul Jackson:

Well, there's no technical silver bullet, firstly. So really it comes back to education. I'm not saying it's all we've got, but it's predominantly what we've got. But as we know from the statistics, it's not working. So we either need to change our education or do more of it, or both.

Nigel:

But, as we were talking earlier and as you mentioned, it's nothing. You know the scams themselves, you know you don't need education to be constantly changing, because the scams don't really change, do they At the core?

Paul Jackson:

The vector is still telephones and text and WhatsApp.

Paul Jackson:

Yes, and I've always been a believer that they're the most trustworthy things, particularly for older citizens that have grown up using a telephone and so that when someone rings and they say they're from the bank, you believe them, because that's what used to happen. Or if you get a WhatsApp message from someone with this great investment opportunity or someone that's just dramatically fallen in love with you, or whatever it might be from a dating side, and so I think that they'll continue to be the vectors because they're the most trustworthy gang around way more trustworthy than email, for example, and people are used to them and it's a low-cost entry for criminals. You know sim boxing and the like. So I just think you know, probably about the main trend that's really starting to come along is some of these criminals are executing faster. So once they get on the hook you know for some of the big pig butchering scams they've got people on the hook for you know weeks and months and stuff. But the other ones, they're executing really quick and getting money out of people really quick.

Nigel:

And I guess the other trend that's continuing to rise is crypto scams, of course, because as crypto gets more of a broad acceptance and more and more punters are investing, then of course the criminals go after the money where the money is right.

Paul Jackson:

Yeah, it's a no-brainer. But interesting, the stats are still holding strong, that people are still paying scam people through traditional wire transfers.

Nigel:

Okay, interesting.

Paul Jackson:

Crypto is still like number four. It hasn't risen. There's been a lot of assumptions that, oh, crypto equals money laundering. It probably does, but the criminals are still making plenty of money from a traditional wire fraud. And I also believe that this goes back to the why the telephone is. It's a trusted method. It's what people understand. They're used to sending money to other people through an app, so I think that's where that comes into it.

Paul Jackson:

But who knows where crypto is going to head? Legitimately, when you've got things like central bank digital currencies. All the reserve and central banks around the world have written policy positions at some end of the we're going to have a look at it till. We're not going to touch it because monetary policy is okay. Blah, blah, blah. Then you've got stable coins which are pegged to, say, a US dollar or another. You know strong fiat, so you know and and there's good reason why we should be looking at those things, particularly sending of money. You know, if you're, you're, if you've got a guest worker from the Pacific Islands picking fruit in Australia and they want to send money back, taking in somewhere between a five to eight percent commission really affects the family back home. So if you can create some sort of stable coin scenario where there's virtually no commission, then we should be investigating that.

Nigel:

Yeah, for sure, and I'm sure it'll be a hot topic at the conference you're going to be attending in Singapore. Because, yeah, no, I certainly from my point of view. You know I do get a lot of inquiries around crypto fraud, crypto scams, you know crypto thefts, etc. And they tend to be larger amounts, as well than perhaps some of the other frauds which are more, you know, number game. You know more victims, more money right With smaller amounts.

Paul Jackson:

Again, like Barry the Wintery, I've thought about creating my own coin. Nigel Coyne's got a ring to it, sir Nigel Coyne. That's right, I'll get online and get the URL for that afterwards.

Nigel:

Yeah, well, we've seen it. We've done with others whose names we won't mention, but, no, it's certainly a very prevalent topic and I'm also next week at a major conference talking about organized crime groups, et cetera, and certainly crypto there remains a very fast-moving and topical subject in this area. So, yeah, I think we've covered quite a lot there and, um, I think these conversations I have with you are really fascinating because we kind of, uh, you know, with our similar backgrounds, etc. We, we would love to see more done against criminals. You know that are, you know, basically hurting people and, uh, you know, ruining livelihoods and and basically cruel, it's a cruel crime and, uh, you know, it's not not enough is being done about it. So, hopefully, over time, though, you know, we can continue going to these conferences and trying to work with law enforcement, our former colleagues, etc. And uh, helping, uh, you know to, to continue the fight, but it's not easy, is it?

Paul Jackson:

no, no, it's not, and we can't arrest our way out of the problem. That's the first thing to tell law enforcement right. You know organized crime are a very good. You know that's why they're serious and organized. They generally don't get caught, whether they're on.

Paul Jackson:

You know ethnic based lines or crime type based lines or whatever it might be, but you know putting sand in their gears. You know whether it's, whether it's an AI bot that keeps these people. You know on on the hook for that. But you know when you're dealing. That's the low level. That's where you've got your yeah, you know your places in, for example, southeast Asia, where there's just people forced to do these things. You know. So we've got lots of pain points so we can hit all the way up to serious and organized crime. And that's one thing I'll give kudos to Australians, particularly my old chopper, australian Federal Police, for getting much better at proceeds of crime. You know you'll see in the news when they do something, there'll be a lorry with three Ferraris on the back that they've seized the house, the crypto, you know the 10 Rolexes, that type of thing. Chucking them in jail is important and investigating these things and restitution is important, but getting the assets is also an area that needs a lot more effort put into it.

Nigel:

Well, good stuff. So you've kind of helped me finish off there on a reasonably positive note, which is not a bad thing. And you know I hope our audience, you know if you've enjoyed listening to this, you know that you'll hit the like or subscribe button on whatever platform you're listening to us on, because you know I think it helps to get these kind of important information out to a broader audience and you know every little bit helps. But you know, nigel, as you know I always conclude these talks by asking about music and you know I've told you the reasons why before. But you know, has there been any improvement in your musical taste since the last time we spoke and what's on your turntable at the moment?

Paul Jackson:

Well, probably not. So it's all about the algorithm, and so you know, I quite like going through phases of 70s disco.

Nigel:

Oh, you're a Bodie M man.

Paul Jackson:

Well, you know, yes, that comes up. The algorithm seems to serve me a lot of hot chocolate. It's a nice beat to it, it's easy to have it on the background, you can shimmer around to, to that type of that type of music brilliant.

Nigel:

Nigel. Thank you so much for giving up time to uh to join us today. Enjoy the conferences you're going to be attending and I look forward to welcoming you back on season three in there sometime in the future, because these talks are fascinating.

Paul Jackson:

Thank you very much and safe travels to you too. The theo cybernova podcast.

People on this episode