Hang tight while we fetch the video data and transcripts. This only takes a moment.
Connecting to YouTube player…
Fetching transcript data…
We’ll display the transcript, summary, and all view options as soon as everything loads.
Next steps
Loading transcript tools…
កម្មវិធីបាឋកថា ក្រោមប្រធានបទ «កសាងសន្តិសុខតាមអ៊ីនធឺណិត៖ ការការពារការបោកប្រាស់តាមអនឡាញនៅកម្ពុជា» | រាជបណ្ឌិត្យសភាកម្ពុជា Royal Academy of Cambodia | YouTubeToText
This content is a summary of a cybersecurity program focused on combating online scams in Cambodia, emphasizing the growing threat of cybercrime and providing practical advice for prevention.
Mind Map
Click to expand
Click to explore the full interactive mind map • Zoom, pan, and navigate
Foreign speech. Foreign speech. Foreign speech.
warmly welcome
Miss Katherine Jones, chief of public
affairs, US Embassy in Cambodia.
Mr. Scott Henboom, cyber crime expert of
us. Dear agency, lady and gentlemen,
dear student, participant, today it is
my great honor to officially open the
important program under the same
building cyber crime protecting against
online scam in Cambodia
held on
hall of royal academy Cambodius.
In this rapidly advancing digital eras,
internet, dig technology and social
medias have become an integral
part of the daily life of Cambodia
people whether in work, education, communication
communication
or even business activity. However,
alongside this significant benefit news
and increasingly serious sit have
emerged particular online scam
in Cambodia. We have continuously
witness report or scam, conduct via
phone call, electronic message, social
media platforms,
fake investment sims,
roman scam and other form of online fra.
This crime has caused self harm to
citizen not only financially but also physically.
physically.
Both international and domestic report
indicate that such a scam do not only
affect individual but also post serious
risk to social security
economic stability and international
disposition of Cambodia.
In recent time, the royal government of
Cambodia under leadership of Sak Mahhat
Prime Minister Hmanad has taken strongly
receive measure to comate online scam operation.
operation.
This include crackdown on hundred of
scam center and arrest of thousand of
suspect and close cooperation with many
foreign country to suppress this crime.
The action clearly demonstrate the
government firm's commitment to protecting
protecting citizen.
citizen.
The program has been organized with the
following optim
to raise public awareness of danger and
various form online scam that are
to share professional insight and
experience from renowned expert Mr. was
caught at the home at the bomb and
former FBI special uh special agent with
over 30 year of experience in
investigating cyber crime and who has
interviewed more than 1,000 scam victim
through present simple yet highly
effectively measured for self protecting
against cyber
to encourage everyone to actively
implement cyber crime measure at home
and it workplace cyber become strong and
human farewell in cyber space.
The Royal Academy Cambodius has a
leading research institution and half of intellectual
intellectual
it cooperate with US embassies in
Cambodia to promote awaren
protection against digital sim. We
firmly believe that through the
knowledge sharing of practic practical
action we have the youth and bill secure
through the digital society for the
Cambodia people.
Finally I would like to express my
sincere credit to Mr. Scott for the sharing
sharing
his virtual experience and extend my
thank to all organizer partner participation
participation
for their strong support and cooperation.
cooperation.
In closing, I wish all disting and
international guests good health,
happiness and great success in all
adventure. Thank you so much for your kind.
So next, please welcome Miss Katherine
MD and she is the counselor for the
public affair of the US embassy in
Dr. Yangpo, Secretary General of the
Royal Academy of Cambodia.
Distinguished guests, ladies and
gentlemen, behalf of the US Embassy in
Pon Pen, I'm so pleased to be a part of
the welcome to all of you today uh as
part of our US speakers program through
the US Embassy in Ponampen. We again are
very grateful to the Royal Academy of
Cambodia for your partnership to host
this important program this morning.
We are proud to have Mr. Scott
Augenbomb, a leading cyber security
expert with decades of experience in
combating online crimes. Dr. Young Po
just discussed with us the importance of
this issue globally and I think we all
have a lot to learn this morning. Mr.
Augenbomb is a cyber crime prevention
expert at Cyber Secure Mindset. He is
also a retired special agent of the
Federal Bureau of Investigation, also
known as the FBI,
with over 30 years of service focused on
cyber crime, computer intrusion
investigations, and other aspects,
including managing a national task force
on cyber and intellectual property programs.
programs.
He is an author and a an excellent
speaker. He has written a book called
The Secret to Cyber Security. And I know
we're all eager to find out what that
secret is. I'm sure that Scott will tell
us about it this morning.
This week, we have invited Mr. Augenbomb
to Cambodia to engage with business
leaders, with law enforcement,
academics, government officials, and
Cambodians who want to know more share
best practices and technical expertise
for how to prevent and disrupt cyber
crime and combating this important issue.
issue.
As cyber threats grow more sophisticated
globally and cross international
borders, it is so essential that we all
work together and really protect
ourselves, our communities, our
businesses, and our families.
I hope that you will enjoy today's
presentation. I wanted again to
emphasize that Mr. Agenbomb is a private
US citizen and that his independent
views and opinions do not represent
those of the US government necessarily.
So we're eager to learn from him. Please
join me in helping to welcome Mr. Scott
Agenbomb who will share his insight and
his practical steps and all build
stronger cyber resilience together. some Akun.
>> Good morning everyone. How are you today?
today?
>> I'm fine.
Do you see the big smile on my face?
>> That is because I am retired from the FBI.
FBI.
I had an amazing 30-year career and it
is such an honor and a privilege to be
here today at the Royal Academy of
Cambodia. Thank you so much for having
me here. I am so excited to be able to
share my experiences with you today with
one goal and that is to arm you with
information to help you protect
yourself, your family and your
businesses from cyber crime. The cyber
crime problem is a huge threat and the
cyber criminals do not care who you are.
They don't care if you live in the
United States or Japan or China or
Cambodia. In the old days, the cyber
criminals were only targeting very
wealthy individuals and they were
targeting large organizations.
But today, they will target anyone
for opportunity.
And I see this all the time. And that's
what I want to share with you today. the
devastation of cyber crime. But this
message isn't here to scare you. But I'm
gonna be honest. I am gonna scare you a
little bit today. But it's only to
change your behavior. It's a message of
hope. It's an message of empowerment.
And it's also a message of cooperation
between the United States government and
our friends in Cambodia. Because one of
the things that I've learned during my
decades with the FBI is it takes a
community to stay safe. Is everyone here
familiar with the FBI?
The FBI, you know, if you watch the
shows on television, they look like
Aboci and Fitch models. In real life,
they look like me. I'm a little too old
to be with the FBI today because I'm 58
years old. I retired when I'm 50. Let me
tell you a little bit about the FBI. It
is the federal law enforcement agency in
the United States responsible for
violations of federal laws. The FBI has
FBI agents all around the world in
different embassies and we are invited
guests and we work very very closely
with our law enforcement partners. I
became an FBI agent when I was 27 years
old. And if you would ask me to describe
the role of the FBI in 1995, which was a
long time ago, it was really, really
easy to explain. There were bad people
who were criminals and they did bad
things which were criminal violations
and they did it to good people just like
us who were the victims. And I worked
together because the FBI, we don't do
our job by ourselves. I worked with
state, local, other foreign law
enforcement agencies and we put bad guys
in jail just like you see in the movies.
What a fun and exciting job for me as a 27year-old
27year-old
with a gun, a badge, a bulletproof vest,
a car with lights and sirens, and I was
having the time of my life because the
harder I worked, the more bad people I
put in jail, and I made a difference in
the community.
But then all of a sudden cyber crime
came around in probably the mid 1990s
and since I was the only agent in the
office who had a home computer in 1997
I became the cyber crime expert for the
FBI in my office. And it wasn't the job
I wanted. I was the young new agent in
the office and it was not the fun and
sexy kind of job that you wanted to work
with in the FBI. Within the FBI, we have
we have women. In my office, we had
eight FBI agents in Syracuse, New York,
and we had two women. One of them was on
the drug task force, which was chasing
down drug dealers, and that was really
cool and really exciting. And then we
had another one who was working white
collar crime and fugitives. Whiteco
collar crime was economic crime which
they bad guys don't put a gun to your
head but they trick you out of your
money. And also working fugitives who
were bad guys who were running away from
law enforcement. Those were both very
very exciting jobs. And within the FBI,
unfortunately, among your peers, you
were judged by the violations that you
worked. And let me just say, cyber was
not the cool, sexy type of job to have
because in the early days, we were
chasing amateurs. We were chasing
thrillsekers. We were chasing kids who
were hacking into the Pentagon. I
remember one day a call from one of our
government partners saying that there
was a college student at one of the
local universities who was trying to
gain unauthorized access to one of the
really sensitive government locations
and they called me up and they told me
to neutralize the threat.
Anyone want to tell me what do you think
means when you say to neutralize a threat?
threat?
See, when you speak for a living and you
want to have a drink of water, you just
ask questions. He said, "Neutralize the
threat." Well, you know, a lot of times
that doesn't mean means take them out.
But we couldn't take, you know, we sat
there and I explained to the kid that
this was going to cause a lot of
problems in his life. Kind of yelled at
him a little bit and I can tell you he
never used a computer again. But that's
what we were dealing with. We were
dealing with thrillsekers. We were
dealing with amateurs.
But cyber crime took a sinister turn in 1999
1999
because we started doing business on the internet.
internet.
And when the bank robbers would rob a
bank, they would rob the bank because
that's where the money was. Today or
starting in the mid 90s, the money was
in online platforms. And what were the
bad guys doing? They were going after
the money. The events of September 11th
changed the FBI forever. It changed the
global uh world forever.
Because the number one priority for most
agencies law globally was preventing
acts of terrorism. The number two
priority was counterintelligence,
foreign governments stealing state
secrets. And the number three priority
for the FBI became cyber crime,
protecting the US infrastructure.
Because today, cyber criminals can just
take out power grids. They can take out
water utilities. So, the threat became
so much more real. In 2002, the FBI
formed the Cyber Division at FBI
headquarters to combat this emerging
threat. And I went to Washington DC. And
there was one term that I would say back
in the early 2000s, and I still say it
to this day. There are no boundaries in cyberspace.
cyberspace.
In the old days when I was a young FBI
agent, crime was a localized problem.
Just like with you all, you know, you
had to worry about someone breaking into
your house, maybe stealing your
motorbike or stealing, you know, your
mother's pocketbook, which happens all
the time, unfortunately, in New York
City. Crime was localized, but now we
start seeing to crime gravitating
online. And all of a sudden, everybody
in the world has one of these. And with
one of these devices, we are all suess.
We are all able to become victimized. In
2006, I was promoted. I became a
supervisor within the FBI's t uh I
managed a squad of FBI agents in
Nashville, Tennessee. And I was
responsible for all federal violations
in one of the states. And in 2006 2007,
it was a really kind of it was still a
sleepy time for the for the cyber threat.
threat.
It really was not taking off.
But then about 2010, we started seeing
Russian organized crime, crime from West
Africa starting to victimize people all
over the world, not just the United
States. Back in the early 2000s, you
know, the United States was the only
real country that was really had
technology. The world has changed so
much in 25 years. And we started
addressing these violations because now
the cyber criminals in foreign countries
were able to go over and start
victimizing citizens and other countries.
countries.
The threat kept changing over time and
you know I had the opportunity to
interview almost a thousand cyber crime
victims. I had the opportunity to sit
down, meet these people face to face,
feel their pain, understand what it was
like to become a victim. And from that,
I was able to go out and develop what I
called the four truths of cyber security.
security.
The first truth is none of my victims
ever expected to be a victim. They did
not think they fit the victim profile.
And every time someone lost their money,
their life savings, or a company had a
data breach, they would all say to me,
"I can't believe this happened to me.
How did this happen to me? Why did this
happen to me?" Does anyone here I want
you to raise your hand. Do you think
you're going to be the victim of a cyber
crime incident in the next week? Is
there anyone here who does? Okay, I need
people to interact with me here. So,
raise your hand if you don't think
Okay, someone Okay, let me get another
show of hands. Is there anyone here who
doesn't use their phone to pay for things?
Do you do we do we all pay cash when we
go to the store? I'm new to Cambodia.
How do we pay for things in Cambodia?
>> Online, right? What do we do? Do we scan things?
things? Right.
Right.
Okay. That's how easy it is. And we're
going to talk about these things
together because now, you know, I was
amazed because I'm the only one who's
paying with cash and I'm the only one
paying a credit card.
I walked in and you know in the United
States every once in a while I see the
foreigners come in and they're fumbling
around trying to pay for it. I'm that
person now because all of a sudden I'm
like sitting here trying to pay cash,
trying to pay credit card and you all
are in so much more of a digital
advanced uh society, I hate to say it,
than we are in the United States. So,
that is the whole thing. And I don't
want you to think about I want you to
think about this because someone's going
to say, "I don't have a lot of money in
my bank account, right? It doesn't
matter to me. The cyber criminals aren't
going to target me."
And that's the behavior we need to
change because the cyber criminals do
not care how much money you have in your
bank account. You know, I would sit here
with my mom who's 91 years old, and my
mother would say to me, "Scott, why do
you keep talking to me about cyber
crime? I don't have a lot of money in my
bank account." And I would say, "Mom,
you know, now I'm the parent and she's
the kid at that age." And I would say, "Mom,
"Mom,
what would you do if all of your money
was gone?" and she's like, "That's very
bad." Okay, so that's how I want you to
think about that in a second and we're
going to walk through some of these
crimes. We're going to walk through
that. But number one, nobody ever
expects to be a victim. The second truth
to cyber crime, and this is in the
United States and globally, when the bad
guys are able to steal your money, or
maybe they're able to trick you into
sending money through social
engineering, which we're going to talk
about. When you report that to local law
enforcement, I hate to say it, the
chances of law enforcement getting your
money back is slim to none.
I had a situation recently where I had a
victim in a cyber crime case was tricked.
tricked.
She got a telephone call and it looked
like it came from her bank and the bank
said that there was a problem with her
bank account that the cyber criminals
were trying to steal her money. But she
felt confident. The telephone with
caller ID said it was her bank, so she
believed it. At that point, they tricked
her into accepting an email from her
bank. Just think about it. What would go
through your mind if you got a call from
your bank saying that there was a
problem? She clicked on a link in an
email and they were able to get access
to her bank account and see how much
money she had. They tricked her. They
tricked her into going to the bank
branch and withdrawing money from her
account. So she voluntarily went to the
bank because she was tricked, took out $50,000
$50,000
in US currency
and they told her it was the bank
security department and this woman was a
very well- educated woman. You know when
you hear about this story you go like
this, how did anyone do something like
this? But they tricked her through
social engineering. She took that money
and she went over and deposited it into
another bank account controlled by a
cyber criminal. She thought she was
putting it into another bank for
safekeeping. By the time every she
figured out it was a scam, she they
tracked the money. The money was
withdrawn from that account and that
money was put into cryptocurrency and
was sent around the world.
One of the most painful things about my
job, and I've done this, you know, I've
been retired, but I'm still an advocate
for victims,
they come to me and they say, "Scott,
can you help me get my money back?"
And we know the answer to that question.
The answer is no. And when you sit here
with someone who is financially
devastated by this, it makes you feel
very, very powerless. And I've dealt
with this during my career.
That's truth number two. The third truth
to cyber security is
putting the bad guys in jail is very,
very challenging because cyber criminals
aren't victimizing people in their own
country. they are doing it in other
countries and that becomes very very
challenging for law enforcement because
we have issues we have jurisdictions.
This is why you the US embassy is here
to work with other foreign governments
and other countries to be able to put
these things together. But it takes
time. Different countries have different
laws. In the United States, very, very
easy for US law enforcement to go to a
large bank and get that banking
information, which I did on numerous
occasions, like in this situation, I
tracked the money down to a bad guy's
bank account in the US. It took a couple
of weeks, but then we were able to track
the money down to a bank account in Australia.
Australia.
And then it took more time because we
had to work with the Australian
authorities. We finally figured that
out. We saw that the money was
transferred to Mumbai and from there it
keeps going and keeps going and keeps
going and the resources just are not
there to put these bad guys in jail. Let
me get you straight. The FBI, the United
States Secret Service, working with our
Cambodian law enforcement partners and
partners around the world are still
arresting people, but it's such a large problem.
problem.
So, what have we learned so far? You
become the victim of cyber crime,
you're not getting your money back.
The chances of putting bad guys in jail
I want to ask you as an audience,
and I never take no for an answer when
the audience doesn't engage in me. How
I I I love uncomfortable silence. I'm
not going to continue my presentation
until somebody answers me. How does it
make you feel?
Yeah, it makes people feel hopeless. It
makes people feel powerless. It makes
people feel depressed. But one of the
things that I've learned, and I learned
this probably in 2016,
I was working with a cyber crime victim.
The victim was looking to invest money.
He went over to Google
and he typed in the search term
investment opportunity.
The number one
hit on Google
was from an individual who claimed to be
an investment advisor. That's why we
have to be very careful when we search
Google. The cyber criminals set up a
phony website
and tricked him into interacting and he
thought he was talking to a real
investment advisor. The investment advisor
advisor
talked to him and
because he went to the website. The
website looked beautiful. The website
showed an office building. It looked
like a legitimate thing. He spoke online
through Zoom to the investment advisor
who seemed like a real nice person and
the investment advisor tricked him into
investing $700,000
into his bank account. Again, you might
say it's not $700,000, but think about
how much money is enough money for it to
hurt family financially.
Okay? because I've seen people lose a
little bit of money, but if that little
bit of money is your life savings, the
cyber criminals don't care. So, we
opened up an investigation and we
tracked the money and we followed the
money and eventually we lost track of
the money in the country of Georgia.
Okay, we have FBI agents in the country
of Georgia, but we don't have any
treaties with the country of Georgia and
but we worked with local law
enforcement. We had great working
relationships and someone from the
Russian Federation was coming down once
a week picking up the money and going
back and the Russian government was not
working with us. So, I had to sit with
the family and I had to explain to the
family that we're not getting their
money back. We're not putting people in
jail. Now, when I joined the FBI,
I joined the FBI to help people. And
here I am. I'm with the family and
they're really upset. And who can blame
them? Who can blame them? Just think
about it. Just think about your family.
If all of a sudden there was no justice,
there was no one to help you, and I'm
sitting in this meeting with them, and
they do not want to take no for an
answer. We deal with this all the time.
They don't want to take no for an
answer. You're the FBI. You should be
able to help us. Don't tell us you can't
help us. What if it was your family? And
you would see the panic in their eye.
And that's when I learned and I had the epiphany
epiphany
which I call the fourth truth to cyber
security because I wanted to put my arm
around the victim and say if your dad
just would have done these couple of
things these couple of steps they
wouldn't have become a victim.
But we can't blame victims.
But now today, I know that if I've
discovered that almost all of my cases
that I worked on, not all of them,
easily could have been prevented if my
endusers were only armed with a couple
of key pieces of information. So, my
last two years of the FBI,
I went out and I did hundreds and
hundreds of presentations. During my
last two years, I knew it was my mission
to go out there and to arm people with
pieces of information
that will pro help protect them. But
I've had a very frustrating journey in
the fact how do I convince people
that they need to do things to stay
safe? And these things that they need to
do, they don't cost money. We're not
talking about today you need to go out
and buy a product. You don't need you
just need to take a couple of steps.
Now, if I had a time machine and I could
go back in time, I could have helped
most of my victims.
But are time machines real?
Can we go back in time? Has anyone
figured out one? Is there one on the
internet? We can't go back in time, but
we can keep ourselves safe. And that's
what I want to really do and spend the
next, you know, couple next half an
hour, 45 minutes talking to you and
explaining to you the steps that you
need to take to keep yourself and to
keep your family safe. And I even wrote
a book about it called The Secret to
Cyber Security, a simple plan to protect
your family and business from cyber
crime. And I'm going to train all of you
today to become investigators.
And because if you can figure out how to
send me a message on my website with
your email address, I will send you a
copy of my book. I've have it in an
audio version and I have it in the PDF
version. And there's a bunch of things
on my platform. So if you go to and I'm
cyber secure mindset
secure
s e cur E
Okay, that's it. That's the clue that
you're getting today. cybersecuritymindset.com
and there's a place to message me. And
if you message me and you tell me you
heard me today when I'm on the my very
long plane ride back to the United
States with internet, it'll give me
something that'll keep me busy to do. So
when we called the book the secret to
cyber security and I wrote it seven
years ago,
I didn't really have a it sounded like a
catchy title, right? Don't you want to
know the secret to cyber security?
And you know when people when I when I
told people about they go what's the
secret? So I I would respond. I go you
have to read it to find the secret. But
today years later I know the secret. The
secret is that most cyber crime easily
could have been prevented if my end
users were only armed with a few key
pieces of information. And in my book I
have 18 different chapters. And after
the chapter, I have key points to avoid
becoming the next victim of a cyber
crime incident. And here's the very
frustrating thing for me. When I go out
and I do talks and I tell people I'm
going to give them the book, not a lot
of people take me up on the opportunity.
You know, I did a presentation one day.
I had 500 people and I gave them access
to it and maybe 30 people took me up out
of 500. And then I said, "What did I do
wrong? How come? How come? What did I do
that I that I couldn't convince them to
do it?" But then I realized I was able
to keep 30 people safe. One of the
things that I learned is we can only
help those who want to help themselves.
So, I gave you the clue, okay? You could
also find me on LinkedIn
and that stuff. I do videos all the time
on how to stay safe without spending
money. But let's go into a couple of
these practical steps
the number one tool in the cyber
criminals tool belt is something called
social engineering.
tricking people into doing something
they normally wouldn't do in order to
take advantage of people. And today
through technology, it's making it so
much easier. When I used to do
presentations about 10 years ago, I
would say email is the number one weapon
of the cyber criminal. It's the tool.
And we get tricked by it because we get
we're not going to get an email that
looks like it's coming from a cyber
criminal. We're going to get an email
from somebody we know. We're going to
get an email from somebody we trust and
they're going to tell us to click on a
link in an email.
In the United States, one of the biggest
scams that we see all the time is you
get an email from Amazon. Everyone here
familiar with the U. what Amazon is in
the United States. It's kind of like
Alibaba. It's, do you know, you get
everything shipped to you. Everyone is using
using
Amazon for everything. So, what do the
cyber criminals do? They have access to
everybody's email. So, imagine for a
second somebody gets an email from
Amazon saying that your package has been
delayed in shipping.
Please click on the link to rectify the
situation. What do you think most people
do when they get that email?
They click on the link or here here's
the other one with a little bit more
pressure. You get an email from Amazon
and it says, "Hey, we we're in receipt.
We just want to let you know that you
just bought a Panasonic big screen
television for $2,700
and you're shipping it to someone else's
house. Talk about panic when you get
that. That's what the bad guys are
doing. And there's so many different
stories about that and they're all in
the book. So you got to read those
stories if you want to hear more about
that type of stuff.
But it's just not alone because so what
do we do? We have to think before we
click. We have to think before we act.
Very important because if you click on
the link in the email, it could steal
the username and password for your
account. And what do you think the bad
guys can do if they get access to your
username and password? they're going to
get access to everything.
But they just use Amazon. They just
don't use emails. Even if you can say
that, you're going to get a text message.
message.
So now, what do you think goes through
my mind if all of a sudden I get a text
message from my American Express card or
my Visa card or my bank account and
says, "Hey, somebody just tried to get
access to your account. Click on the link."
link."
A lot of people click on the link. Now,
they're going to say you, and this is
something that's very big in the United States,
States,
there's a problem with your bank
account. Someone just tried to withdraw
money. Please call this telephone
number. There is no link to call. There
is no link to click. So, what happens?
You call the 1-800 number and it says,
"Please provide us with your credit card
in number,
your CVV," which is your security code
as well as your expiration date. What do
you think the bad guys can do if they
got access information on my bank card?
You think, are they going to put money
in my account?
Of course not. And and here's another
scam that we get all the time. Uh so we
have that we have telephone calls too.
So now in the United States, which is
really, really big, is you're going to
get a call that's going to come look
like it's coming from your local police agency
agency
and they're going to tell you that you
missed jury duty or we have a camera up
and we see that you went through a red
light and if you don't pay the fine,
we're going to send someone to your
house and you're going to go to jail.
That's kind of stressful, wouldn't you
think? I mean, that happened to my
niece. She called me up and I was like,
"It's a scam. It's a scam. Don't do
anything at all." And every once in a
while, it's really funny because the
scammers will call me and engage with
me. And that stuff. So, if you're ever
getting these telephone calls because
they look like they're real. They look
like they're coming from Apple. They
look like they're coming from Google.
They like they're coming from legitimate
people. Someone in authority will not
call you and ask you for your sensitive
information, and they are not going to
ask you for your username and password.
If you ever get one of these calls,
it's most likely a scam. And if you
don't think it's a scam and you're
really concerned, call the local number
for whoever it is that's calling you. So
on my cell phone, I have a list of
telephone numbers.
So if I get something from the bank, I
don't accept it. So that's very, very
important that we do that. Another thing
that we're seeing is social media scams.
We're seeing scams on Facebook and on
Tik Tok and on Instagram.
That is where the cyber criminals are
going. And the big ones that really are
hitting us in the United States and
probably here too are going to be invest scams.
scams.
If it looks too good to be true, it
Today the cyber criminals are on dating platforms.
platforms.
They are and I have a whole chapter on
romance scams in my book where people
are meeting you know it's hard enough to
meet people online but today there's so
many fake profiles
on there and the all the bad guys are
trying to do is trick you. I had a
situation where I had a woman who was a
lawyer who was tricked by a cyber
criminal who she thought was a very
wealthy in businessman over in
Australia. They communicated online.
This is a very woman was divorced very
very well educated. The cyber criminal
played her emotions
for weeks and then said, "Hey, I'm going
to come to the United States and I want
to meet you and I want to be with you."
He kept delaying it. And then he said to
her, "Look, I'm about to get a very,
very large inheritance.
What I'd like to do is have you help me
save on taxes. can we deposit the money
into your bank account and then once you
get that money, can you send it over to
this other account? She loved the guy.
Said, "Of course, I'll do this for you."
So, all of a sudden, a million dollar
goes into her account. She sends that
million dollars to another account and
three days later she learned that it was
a cyber criminal who stole a million
dollar from a law firm and that money
went through her account to another
account. Now, the law firm
tried to pull the money back out of her
account and she had her own money in the
account and then she realized that she
was responsible for 900. She was
responsible for a million dollars. Just
think about that. This person was
looking for love and they don't report
it to law enforcement.
And this is in the book. This is a story
that I dealt with and it's hard for
these victims. They don't want to come
forward with that. So, we have to
realize that social engineering is the
number one tool in the cyber criminals
tool belt. Does anyone want to share
with me what are some other types of
social engineering scams that are going
Come on. I can't be the only one talking
over here. This is the interactive discussion.
Anybody? Come on. Who's going to help?
Who's going to help? Who's going to help
Uh first of all I would like to pay my
respect to uh professor Yinfo, Mr.
Katherine and Mr. Scott. And today I
have a one question I mean as a
Cambodian citizens. Uh one question that really
really
been into my head for
they've been living for my in my head
rentree and I'm been very curious.
>> I hope I can help you. Okay. This is a
lot of pressure you're putting on me here.
here.
I mean
um I've seen in social media especially
Facebook or Instagram they've been like
um posting for charity for donation
seeking attention uh and target most of
the audience to make them feel pity and
they mostly pay through um QR code. >> Okay.
>> Okay.
>> So how can you stop from a
>> That's a great question. Thank you so
much for no for asking that and I'm
going to do my best over here to try to
answer it. There's one thing that I've
realized we cannot control or stop what
the cyber criminals are going to do.
Okay? They are going to continue to do
bad things. What we can control is how
we react to this. So, if you're going to
donate money to charity,
make sure it's a legitimate charity.
Okay? And now, through the use of
artificial intelligence, such as chat GPT,
GPT,
they're going to figure out what I like
to say is a hook, okay? A hook to make
you feel vulnerable.
And everybody uses these types of hooks.
So, you're going to look at something
and it's going to break your heart and
they're not going to ask for a lot of
money, but if they can get a million
people to donate $1, they're going to
take advantage of it. So, charity scams
are very, very big. And if you didn't
mention that, I won't even talk about
that. So, thank you for bringing up
again. When we scan QR codes,
we have to make sure they're going to a
legitimate source. So, okay, you're
going to scan your QR code at a
restaurant. That's really good, but make
sure it's a legitimate thing. In the
United States, this is the scam that
gets pulled up. It's all about for us,
we we don't have mopeds. We all have
cars. are all really expensive and
parking is always very expensive. So
what what does everyone use? They use QR
codes. So what has happened where I is
the cyber criminals go out, they print
their own QR codes for their own bank
account where the legitimate QR code is.
They take their QR code, they slap it
on. So then when you go to pay for
parking, you're putting money into their
account, and by the time you realize
that, that's too late. That's another
form of social engineering. And I know
it kind of sounds hopeless, but I talk
about that. I have a chapter in my book
all about social media safety.
safety.
So, great question and take time if
there's going to be any other questions
or if anyone could come up with a better
question than yours because yours was
awesome. Thank you. Um, yeah, give
yourself a round of applause. That was great.
Okay, so social engineering number one
tool in the cyber criminals tool belt.
And that's what I wish I could have told
my victims beforehand. Before you send
money, before you do it, I hate to say
it, the cyber criminals are throwing so
many different types of scams at us. And
through artificial intelligence, which
is machine learning, they're doing it at
such a quick pace. And that's why we
have to be really careful. There there's
one scam going around the United States
where PE Brad Pitt, who is the famous actor,
actor,
they're using artificial intelligence to
mimic him and he's sending messages to
people on Facebook saying, "Hi, it's
Brad Pitt. I'm in the hospital. Can you
please uh help me?" So, question
everything. I don't know how we're going
to deal with this. And I do a whole
program on the intersection of social
engineering, artificial intelligence
leading to the rise of cyber crime. So
really take care of that.
Today, all the cyber criminals need to
steal from you is one thing to make your
life miserable. And you know what that
thing is? Your username and password.
That's it.
And unfortunately today there are
billions and billions of usernames and
passwords on the dark web because the
bad guys have done a lot of bad things.
There was the Yahoo breach, 3.5 billion
usernames and password. Facebook, who
knows how many usernames and passwords
Facebook has lost. LinkedIn, ticket
master, there's global breaches that
impact all of us. So when these big
breaches occur, what do they tell us to
do? They tell us to change username and
password. But there's one problem today.
The cyber criminals have access to many usernames and passwords. So out of those
usernames and passwords. So out of those billions of usernames and passwords,
billions of usernames and passwords, there are millions of Facebook uh not
there are millions of Facebook uh not Facebook, iPhone users out there. How
Facebook, iPhone users out there. How many people have an iPhone?
many people have an iPhone? Okay. In order to have an iPhone, you
Okay. In order to have an iPhone, you need an iCloud account.
need an iCloud account. How many people are using the same
How many people are using the same password for their email as they are for
password for their email as they are for their iCloud account?
their iCloud account? Don't make eye contact with me. Okay.
Don't make eye contact with me. Okay. All right. No, no, no. That's not good.
All right. No, no, no. That's not good. Because listen, I'm gonna have to come
Because listen, I'm gonna have to come back and do an online. We're gonna I'm
back and do an online. We're gonna I'm gonna have to give everyone here a test
gonna have to give everyone here a test then because here's the deal.
then because here's the deal. What can the bad guys do if and
What can the bad guys do if and Katherine, I'm going to pick on you.
Katherine, I'm going to pick on you. What can the bad guys do if they get
What can the bad guys do if they get access to anyone's iCloud account?
access to anyone's iCloud account? They can
They can they can they have access to everything
they can they have access to everything and they can pretend to be you to other
and they can pretend to be you to other people.
people. >> Well, yeah, that's pretty bad. But
>> Well, yeah, that's pretty bad. But they're also going to get access to all
they're also going to get access to all of your usernames and passwords that you
of your usernames and passwords that you might have stole you might have on your
might have stole you might have on your account.
account. They can get access to your iCloud
They can get access to your iCloud drive. They can get access to your Find
drive. They can get access to your Find My iPhone.
My iPhone. So many of us have Apple Pay. We just
So many of us have Apple Pay. We just see devastating things that happen when
see devastating things that happen when you get access, when the bad guys get
you get access, when the bad guys get access. And for everyone else in the
access. And for everyone else in the room, don't think you're safe because
room, don't think you're safe because you have Android phones. And in order to
you have Android phones. And in order to have an Android phone, have to have a
have an Android phone, have to have a Gmail account. And what do you think
Gmail account. And what do you think happens if the bad guy gets access to
happens if the bad guy gets access to your Gmail account? What's he gonna get?
your Gmail account? What's he gonna get? He's going to get access to every single
He's going to get access to every single thing and it's going to make your life
thing and it's going to make your life miserable. I had a case when I was with
miserable. I had a case when I was with the FBI.
the FBI. I had an individual who had their life
I had an individual who had their life destroyed by a cyber criminal because
destroyed by a cyber criminal because their username and password was on the
their username and password was on the dark web.
dark web. the bad guy was able to log into their
the bad guy was able to log into their Facebook account and take over their
Facebook account and take over their Facebook account and messages out to all
Facebook account and messages out to all of their friends and family saying,
of their friends and family saying, "Hey, I need money." So, that became
"Hey, I need money." So, that became victimized. They also were able to see
victimized. They also were able to see what her email account was. Now, here's
what her email account was. Now, here's the thing. She used the same email
the thing. She used the same email account username and password for
account username and password for Facebook account as she did with her
Facebook account as she did with her email account. When they read her email
email account. When they read her email account, they saw where she banked and
account, they saw where she banked and we were a and they were able to get into
we were a and they were able to get into all of her accounts. We tracked this
all of her accounts. We tracked this cyber criminal down to uh I believe it
cyber criminal down to uh I believe it was Bangladesh.
was Bangladesh. And how did we find this out? This cyber
And how did we find this out? This cyber criminal used a US-based email provider.
criminal used a US-based email provider. He used Gmail.
He used Gmail. We were able to get a search warrant for
We were able to get a search warrant for his account.
his account. Wasn't the smartest cyber criminal in
Wasn't the smartest cyber criminal in the world because in his he was using
the world because in his he was using his personal Gmail account to do cyber
his personal Gmail account to do cyber crime activity.
crime activity. And in his personal Gmail account, he
And in his personal Gmail account, he used the Google Drive to store his
used the Google Drive to store his passport and his mother's passport.
passport and his mother's passport. So, we were able to identify him. And
So, we were able to identify him. And unfortunately, you know, since we didn't
unfortunately, you know, since we didn't have a treaty with that country, it
have a treaty with that country, it became very very challenging. All of
became very very challenging. All of that could have been prevented if that
that could have been prevented if that person didn't use the same password. Now
person didn't use the same password. Now we're going to get into a point where we
we're going to get into a point where we are going to talk about the next thing
are going to talk about the next thing about this and I want to ask you all a
about this and I want to ask you all a question. How many people here have
question. How many people here have heard of two factor authentication?
I need more people to raise their hand. Who hasn't heard of two-factor
Who hasn't heard of two-factor authentication?
authentication? Two-factor authentication is a second
Two-factor authentication is a second form of authentication.
I don't have anything from you, Po. Uh, a two-factor authentication is a second
a two-factor authentication is a second form of authentication. If the bad guys
form of authentication. If the bad guys steal your username and password, it is
steal your username and password, it is game over. They're able to get access to
game over. They're able to get access to everything. Here's the one thing my
everything. Here's the one thing my cyber criminals didn't have.
cyber criminals didn't have. They did not have two factor
They did not have two factor authentication. Every time I deal with a
authentication. Every time I deal with a situation, every time I deal with an
situation, every time I deal with an instance, I'm like, did you have two
instance, I'm like, did you have two factor authentication
factor authentication set up on your username and password?
set up on your username and password? And they said no.
And they said no. And and that's one of the pro and that's
And and that's one of the pro and that's one of the problems that we see going
one of the problems that we see going through things. So what I want to do is
through things. So what I want to do is I want to kind of talk a little bit
I want to kind of talk a little bit because all of this stuff is in the
because all of this stuff is in the book. Okay, this is about having a cyber
book. Okay, this is about having a cyber secure mindset.
secure mindset. It's so important to be able to do it.
It's so important to be able to do it. So, a lot of people go like this to me,
So, a lot of people go like this to me, Scott,
Scott, I want to use the same password for all
I want to use the same password for all of my platforms. I don't want to put two
of my platforms. I don't want to put two factor authentication on my stuff. And
factor authentication on my stuff. And you know what my answer is?
you know what my answer is? Okay,
Okay, listen. I used to say nobody wanted the
listen. I used to say nobody wanted the guy from the government telling you what
guy from the government telling you what to do. And now nobody wants the guy who
to do. And now nobody wants the guy who used to work for the government telling
used to work for the government telling you what to do. But let's go back to the
you what to do. But let's go back to the four truths of cyber security.
four truths of cyber security. Nobody ever expects to be a victim.
Nobody ever expects to be a victim. I don't have anything worth stealing.
I don't have anything worth stealing. Everyone here has something worth
Everyone here has something worth stealing. Number two is the bad guys
stealing. Number two is the bad guys steal your stuff.
steal your stuff. law enforcement is not going to get your
law enforcement is not going to get your stuff back. Number three is putting the
stuff back. Number three is putting the bad guys in jail is very very
bad guys in jail is very very challenging.
challenging. And that's and the cyber crime problem
And that's and the cyber crime problem keeps getting worse. That's very
keeps getting worse. That's very upsetting.
upsetting. But remember the fourth truth. Most
But remember the fourth truth. Most cyber crime incidents can be prevented
cyber crime incidents can be prevented if my endusers were only armed with a
if my endusers were only armed with a couple of key pieces of information. And
couple of key pieces of information. And let's go through these pieces again so
let's go through these pieces again so we know. And we're going to write them
we know. And we're going to write them down because maybe there might be a quiz
down because maybe there might be a quiz on this. Okay? I might ask you when I
on this. Okay? I might ask you when I email you what were the steps that we
email you what were the steps that we have to take. Social engineering number
have to take. Social engineering number one tool in the cyber criminals tool
one tool in the cyber criminals tool belt. It's no longer emails. There's
belt. It's no longer emails. There's emails, there's text messages,
emails, there's text messages, there's telephone calls, there's QR code
there's telephone calls, there's QR code fishing, there's social media account
fishing, there's social media account hijacking. It's never going to come from
hijacking. It's never going to come from a cyber criminal. It's going to look
a cyber criminal. It's going to look like it's coming from somebody you know
like it's coming from somebody you know and somebody you trust. It could be a
and somebody you trust. It could be a charity. It could be a romance scam. It
charity. It could be a romance scam. It could be from a law enforcement officer.
could be from a law enforcement officer. And remember, social engineering is
And remember, social engineering is tricking someone into doing something
tricking someone into doing something you normally wouldn't do. And through
you normally wouldn't do. And through the use of artificial intelligence, it's
the use of artificial intelligence, it's going to look very real. And everyone
going to look very real. And everyone has a phone. And the cyber criminals are
has a phone. And the cyber criminals are attacking people who are my age and
attacking people who are my age and older. and also your age and younger
older. and also your age and younger that's what makes it very very
that's what makes it very very challenging. So remember that number one
challenging. So remember that number one social engineering
social engineering number two
number two we have to make sure that we are not
we have to make sure that we are not using the same password from multiple
using the same password from multiple accounts because if the bad guys steal
accounts because if the bad guys steal one password they're going to get access
one password they're going to get access to a uh to every other password. So,
to a uh to every other password. So, what how do we how do we build out a
what how do we how do we build out a good password for ourselves?
It's chapter seven in the book. See, this is great. I don't even have to talk
this is great. I don't even have to talk about it. Chapter seven in the book. And
about it. Chapter seven in the book. And everyone here will get a copy of the
everyone here will get a copy of the book. But how do you remember all of
book. But how do you remember all of these long passwords? That's chapter six
these long passwords? That's chapter six in the book. Okay? Or we can get a
in the book. Okay? Or we can get a password manager. Now people tell me
password manager. Now people tell me they got really good long passwords, but
they got really good long passwords, but if you are not using two factor
if you are not using two factor authentication,
authentication, you will become a victim. Two-factor
you will become a victim. Two-factor authentication is something else besides
authentication is something else besides a username and uh password. I and that's
a username and uh password. I and that's chapter eight in the book. Okay, we need
chapter eight in the book. Okay, we need to understand two-factor authentication
to understand two-factor authentication and it's usually a random six-digit code
and it's usually a random six-digit code that is either sent to you via a text
that is either sent to you via a text message, email, or an authenticator app.
message, email, or an authenticator app. The authenticator apps are probably the
The authenticator apps are probably the most secure, but they are a little bit
most secure, but they are a little bit more complicated. And let's just assume
more complicated. And let's just assume that you have all done that. You're all
that you have all done that. You're all experts. You have all read my book. you
experts. You have all read my book. you are on your way to keeping yourself,
are on your way to keeping yourself, your family, your co-workers safe. What
your family, your co-workers safe. What do we have to worry about? We have to
do we have to worry about? We have to worry about everyone else in your life
worry about everyone else in your life who isn't doing this. And that's just
who isn't doing this. And that's just about everyone that we're dealing with
about everyone that we're dealing with today. So, my message wasn't here to
today. So, my message wasn't here to scare you. My message was to empower you
scare you. My message was to empower you to say that cyber criminal cyber crime
to say that cyber criminal cyber crime can be prevented. So, what I'd like to
can be prevented. So, what I'd like to do is see if there are any other
do is see if there are any other questions or anything like that. Yeah.
questions or anything like that. Yeah. And and my WhatsApp I'm not getting a
And and my WhatsApp I'm not getting a signal. So, that's it. So, what I want
signal. So, that's it. So, what I want to do is take the next couple of minutes
to do is take the next couple of minutes and make this your presentation on what
and make this your presentation on what do you want to know about and to and for
do you want to know about and to and for any other questions whatsoever. It was
any other questions whatsoever. It was an honor to speak with you today. and
an honor to speak with you today. and let's open up the question and answer
let's open up the question and answer session.
So thank you very much uh Mr. Scottam for your crucial presentation. So let's
for your crucial presentation. So let's open the floor for the question
speaker. Uh first of all I would like to uh pray
Uh first of all I would like to uh pray my attitude and respects to Mr. Yuna and
my attitude and respects to Mr. Yuna and Mr. Scott. They give the best
Mr. Scott. They give the best presentations to us and a good
presentations to us and a good experience to us to prevent us from a
experience to us to prevent us from a cyber scams. Actually I heard what like
cyber scams. Actually I heard what like in your presentation I heard you told us
in your presentation I heard you told us about no boundary in scrap in cyber
about no boundary in scrap in cyber space. Is this a good is good is this a
space. Is this a good is good is this a good press for me because I I saw a lot
good press for me because I I saw a lot of uh a lot of cyers like a lot of crime
of uh a lot of cyers like a lot of crime in online scam or online scam in our
in online scam or online scam in our society and today I would like to share
society and today I would like to share my short story about online scams too. I
my short story about online scams too. I actually I got a notification to my
actually I got a notification to my email accounts and this uh they send it
email accounts and this uh they send it to me but sadly I don't even check my
to me but sadly I don't even check my email. So I I believe everyone in here
email. So I I believe everyone in here also have like this kind of
also have like this kind of notifications too. So the question today
notifications too. So the question today I want to ask you about uh how even you
I want to ask you about uh how even you when we got a notification to our email
when we got a notification to our email even we don't click on it that that we
even we don't click on it that that we still have a chain that we got still our
still have a chain that we got still our account to access our account that we
account to access our account that we still got a chain to to lose like our
still got a chain to to lose like our for that we still lose our
for that we still lose our >> sorry sorry
>> sorry sorry >> that's kind a little bit nervous. Um,
>> that's kind a little bit nervous. Um, still have that did it still have a
still have that did it still have a chain for us to go loop our accounts to
chain for us to go loop our accounts to the cyber criminals?
the cyber criminals? Yes. And you know, we have to be very
Yes. And you know, we have to be very very careful. We cannot control what the
very careful. We cannot control what the cyber criminals are going to do. So
cyber criminals are going to do. So Google is not, you know, if there's a
Google is not, you know, if there's a problem, if you think there's a problem,
problem, if you think there's a problem, if you're going to get an email from
if you're going to get an email from Google saying that your account has been
Google saying that your account has been taken over, click on this link.
taken over, click on this link. Don't click on the link. Log into your
Don't click on the link. Log into your account, okay? Because we can't stop all
account, okay? Because we can't stop all these things from happening. Google does
these things from happening. Google does a good job and and Yahoo and all these
a good job and and Yahoo and all these email accounts do a good job of blocking
email accounts do a good job of blocking it, but we cannot block every bit of
it, but we cannot block every bit of bad. And once we do, you know what
bad. And once we do, you know what they're going to do? They're going to
they're going to do? They're going to hit you up on your telephone because now
hit you up on your telephone because now everybody wants my cell phone number.
everybody wants my cell phone number. Everybody, we can't even keep that safe.
Everybody, we can't even keep that safe. So very important and I think you know
So very important and I think you know like you said there are no boundaries in
like you said there are no boundaries in cyber space. I walk the streets of
cyber space. I walk the streets of Cambodia. I feel very very safe. I want
Cambodia. I feel very very safe. I want to say you have one of the most
to say you have one of the most beautiful airports in the world. I I
beautiful airports in the world. I I have not seen an airport in the United
have not seen an airport in the United States as beautiful and clean as yours.
States as beautiful and clean as yours. But you have to watch out when you're
But you have to watch out when you're going to start scanning QR codes or if
going to start scanning QR codes or if you're going to start getting messages.
you're going to start getting messages. So I hope that answered your question
So I hope that answered your question and if anyone here also in the amount of
and if anyone here also in the amount of time that we have if you contact me
time that we have if you contact me through my website if you have any other
through my website if you have any other questions I answer every question.
questions I answer every question. >> Also Scott to follow up
>> Also Scott to follow up >> to follow up uh is there a risk of being
>> to follow up uh is there a risk of being a a victim if you don't click on the
a a victim if you don't click on the link? So, if you just get the email in
link? So, if you just get the email in your inbox, but you delete it, um, or
your inbox, but you delete it, um, or you don't do anything and it sits there
you don't do anything and it sits there because you don't check your email,
because you don't check your email, could they still access your account?
could they still access your account? >> I never want to say never, but I don't
>> I never want to say never, but I don't wor I do not worry about that. I get
wor I do not worry about that. I get scam I get tons and tons of scam emails.
scam I get tons and tons of scam emails. I also get emails from people
I also get emails from people threatening me. I don't read them, you
threatening me. I don't read them, you know. I just don't it it just I I ignore
know. I just don't it it just I I ignore it. You know, another thing too is just
it. You know, another thing too is just be careful on cyber extortion.
be careful on cyber extortion. Somebody might claim that they have
Somebody might claim that they have access to your iCloud account or your
access to your iCloud account or your iPhone account. Just delete those
iPhone account. Just delete those things. If you happen to deal with a
things. If you happen to deal with a cyber criminal, they want to engage you.
cyber criminal, they want to engage you. They have nothing but time on their
They have nothing but time on their side. That's what we're working with the
side. That's what we're working with the authorities on on the scam compound
authorities on on the scam compound because now we're starting to deal with
because now we're starting to deal with lots of people who are being driven by
lots of people who are being driven by the finances there. But that was a very
the finances there. But that was a very good question. Thank you.
good question. Thank you. >> Yes sir.
>> Yes sir. >> Um thank you so much Scott for your um
>> Um thank you so much Scott for your um wonderful presentation. That is very
wonderful presentation. That is very interesting. Uh just short question. Uh
interesting. Uh just short question. Uh in Cambodia we officially use telegram
in Cambodia we officially use telegram as the official communication channel. I
as the official communication channel. I know United States you use like WhatsApp
know United States you use like WhatsApp that is as the uh channel for
that is as the uh channel for communication but um telegram here you
communication but um telegram here you talk to everyone they are using telegram
talk to everyone they are using telegram and by just connecting with the phone
and by just connecting with the phone number. So phone number we connect with
number. So phone number we connect with the bank account and telegram and
the bank account and telegram and everything just one phone number and
everything just one phone number and like the case of my phone uh every day
like the case of my phone uh every day somebody send message to my telegram
somebody send message to my telegram that hey your telegram is not safe uh
that hey your telegram is not safe uh you need to click on this link in order
you need to click on this link in order to secure your telegram uh so I for for
to secure your telegram uh so I for for for people like me it is okay but
for people like me it is okay but because in telegram I know you're not
because in telegram I know you're not talking about that but in telegram if
talking about that but in telegram if somebody just success on your number uh
somebody just success on your number uh they will send you two message is that
they will send you two message is that you or it's not you. So if you click on
you or it's not you. So if you click on is that you it mean that somebody hack
is that you it mean that somebody hack your telegram but if you are lucky you
your telegram but if you are lucky you click on not you it is okay you are
click on not you it is okay you are safe. So um what what would be uh your
safe. So um what what would be uh your recommendation when I mean on telegram
recommendation when I mean on telegram and on the security because telegram
and on the security because telegram here is is the biggest issue. Okay. So,
here is is the biggest issue. Okay. So, one of the things that I know for a fact
one of the things that I know for a fact that Telegram has two factor
that Telegram has two factor authentication.
authentication. If you do not have two factor
If you do not have two factor authentication
authentication set up on your Telegram and on your
set up on your Telegram and on your WhatsApp, you will become a victim. I
WhatsApp, you will become a victim. I don't use Telegram for one reason. My
don't use Telegram for one reason. My son was the victim of a scam on Telegram
son was the victim of a scam on Telegram because he was in a te a telegram group
because he was in a te a telegram group that was trying to sell these NFTts,
that was trying to sell these NFTts, nonfgeable tokens,
nonfgeable tokens, which I thought was a scam anyway, but
which I thought was a scam anyway, but he wanted to put his own money into it.
he wanted to put his own money into it. And he got a message that he believed
And he got a message that he believed was from the channel administrator
was from the channel administrator saying that it was okay. We're ready to
saying that it was okay. We're ready to sell these NFTts for $200. Here's the
sell these NFTts for $200. Here's the link. So, what do you think my son did?
link. So, what do you think my son did? He clicked on the link and he sent $250
He clicked on the link and he sent $250 to his cyber criminals telegraph account
to his cyber criminals telegraph account and he goes, "Dad, you're the specialist
and he goes, "Dad, you're the specialist in cyber crime. What do I do?"
in cyber crime. What do I do?" And I was like, "Kid, you're out 200
And I was like, "Kid, you're out 200 bucks.
bucks. Sorry, can't help you." I mean, so be
Sorry, can't help you." I mean, so be very very careful on who you're dealing
very very careful on who you're dealing with on those types of situation. I I
with on those types of situation. I I have personally set up a Google number.
have personally set up a Google number. If you find me on social media, you can
If you find me on social media, you can have my Google number. You will never
have my Google number. You will never reach me on my Google number. It will
reach me on my Google number. It will take it. It will turn it into a message.
take it. It will turn it into a message. And if it's real, I'm going to get back
And if it's real, I'm going to get back with you. I'm not giving out my real
with you. I'm not giving out my real telephone number to people who I don't
telephone number to people who I don't know.
So um first of all I would like to pay my high respect to Dr. Yongp uh Mr.
my high respect to Dr. Yongp uh Mr. Katherine M sorry sorry Miss Katherine
Katherine M sorry sorry Miss Katherine Mr. Scott teachers and ladies and
Mr. Scott teachers and ladies and gentlemen good morning um today I got
gentlemen good morning um today I got two questions to ask Mr. Scott that um
two questions to ask Mr. Scott that um the first question if uh if we use a
the first question if uh if we use a long password but I know that we can
long password but I know that we can remember it sometime um we wrote through
remember it sometime um we wrote through the note so um is it safe for uh is it
the note so um is it safe for uh is it safe for us and um the cyber crime can
safe for us and um the cyber crime can access to our account and the second
access to our account and the second question is why are online scam is
question is why are online scam is increasing so fast in recent year um how
increasing so fast in recent year um how to protect the victim from it do we need
to protect the victim from it do we need to create the system to manage all the
to create the system to manage all the cyber crime um as well That's the online
cyber crime um as well That's the online scam. Thank you.
scam. Thank you. >> No, sure. First of all, I want to say to
>> No, sure. First of all, I want to say to everyone, everyone's English is amazing.
everyone, everyone's English is amazing. Okay. You know, in the United States, I
Okay. You know, in the United States, I took six years of Spanish. I can't speak
took six years of Spanish. I can't speak a word of it. Okay? And everyone here is
a word of it. Okay? And everyone here is that uh passwords. I chapter I I use
that uh passwords. I chapter I I use past phrases for my passwords. And what
past phrases for my passwords. And what do I do? I put a special symbol and a
do I do? I put a special symbol and a number in the front. I'll use the same
number in the front. I'll use the same one in everything. But I want you to
one in everything. But I want you to think about this. So I put a special
think about this. So I put a special symbol and a number in the front and
symbol and a number in the front and then I flip it in the back. So let's
then I flip it in the back. So let's just say pound seven
just say pound seven pound front and back. Then I come up
pound front and back. Then I come up with a passphrase. Let's come up with a
with a passphrase. Let's come up with a passphrase for my Tik Tok account.
passphrase for my Tik Tok account. I can't remember my password for Tik
I can't remember my password for Tik Tok,
Tok, but I'm going to take the first letter
but I'm going to take the first letter off of each word and that's going to be
off of each word and that's going to be in my phrase. Maybe I'll use very much
in my phrase. Maybe I'll use very much or I like this and I will write down the
or I like this and I will write down the phrases because all you need to do is
phrases because all you need to do is remember the phrase and then you will
remember the phrase and then you will just type those things in. I write those
just type those things in. I write those down. If you ever find my phrases, it
down. If you ever find my phrases, it means nothing to you. The problem with
means nothing to you. The problem with that is I'm always resetting passwords
that is I'm always resetting passwords because I forget them all the time, you
because I forget them all the time, you know, or I'll forget to write them down.
know, or I'll forget to write them down. But what I want you to do is come up
But what I want you to do is come up with a long passphrase for your five
with a long passphrase for your five most important passwords and just write
most important passwords and just write them down. We need to do that with our
them down. We need to do that with our missionritical
missionritical accounts. And when I give you access to
accounts. And when I give you access to the book, there's a bunch of downloads
the book, there's a bunch of downloads on how to set these up. So, great
on how to set these up. So, great question. Very, very important. But if
question. Very, very important. But if you have a 20 character password and you
you have a 20 character password and you don't have two factor authentication,
don't have two factor authentication, it's really useless. Why is cyber crime
it's really useless. Why is cyber crime getting worse year after year? It's
getting worse year after year? It's because more people are going online
because more people are going online and everything in our life is being
and everything in our life is being we're just not prepared to do
we're just not prepared to do everything. Everyone is building
everything. Everyone is building products with usability in mind not
products with usability in mind not security.
security. When I go to a conference and I speak
When I go to a conference and I speak about two factor authentication maybe 10
about two factor authentication maybe 10 or 15% of the population has two-actor
or 15% of the population has two-actor authentication up. I've been talking
authentication up. I've been talking about that for years. So, how do we get
about that for years. So, how do we get people to take an extra step? Because
people to take an extra step? Because today, if you go home and you talk to
today, if you go home and you talk to your family and you tell them, "Hey, we
your family and you tell them, "Hey, we need to put two factor authentication on
need to put two factor authentication on our bank account." You know what they're
our bank account." You know what they're going to say to you? I don't have a lot
going to say to you? I don't have a lot of money in my account. Why do I need to
of money in my account. Why do I need to do that? But thank you for the question.
do that? But thank you for the question. Do we have time for another one?
Do we have time for another one? >> I think probably uh two more questions.
>> I think probably uh two more questions. >> Two more questions. I hope I get two
>> Two more questions. I hope I get two more questions.
Uh good morning everyone and uh first of all I would like to pay my high respect
all I would like to pay my high respect to Miss Yong and u Miscort am I
to Miss Yong and u Miscort am I pronounce your word correctly? Yes. So
pronounce your word correctly? Yes. So my question is what kind of solution can
my question is what kind of solution can you help young people avoid away from
you help young people avoid away from online schemes?
online schemes? the solution. That's great question.
the solution. That's great question. You know, it's through awareness. It's
You know, it's through awareness. It's through education.
through education. It's through understanding the four
It's through understanding the four truths. It's understanding that we're
truths. It's understanding that we're not going to arrest our way out of this
not going to arrest our way out of this problem. We can't wait for governments
problem. We can't wait for governments to put more regulations. Regulations are
to put more regulations. Regulations are very important but remember the
very important but remember the regulations that we have the cyber
regulations that we have the cyber criminals don't read those regulations.
criminals don't read those regulations. It's taking those basic steps that we
It's taking those basic steps that we talked about today understanding social
talked about today understanding social engineering understanding the scams
engineering understanding the scams having the good passwords using two
having the good passwords using two factor authentication
factor authentication and stopping and slowing down how we do
and stopping and slowing down how we do things. those things that I talked about
things. those things that I talked about today. Nobody has to go out and buy
today. Nobody has to go out and buy anything. We're not saying that you need
anything. We're not saying that you need to buy this or buy a product. I'm not
to buy this or buy a product. I'm not saying you need to buy my book. I'm
saying you need to buy my book. I'm going to give you the copy of the book.
going to give you the copy of the book. So, those are the things and take what
So, those are the things and take what you've learned as you all are esteemed
you've learned as you all are esteemed and you are future leaders. You are the
and you are future leaders. You are the hope for this problem and every little
hope for this problem and every little bit helps. And it's even if it's going
bit helps. And it's even if it's going to start with you reading the chapter
to start with you reading the chapter about how to keep children safe because
about how to keep children safe because there are kids who are very young who
there are kids who are very young who are being victimized.
are being victimized. Very excellent question. Thank you.
Very excellent question. Thank you. >> See want to ask another question but I
>> See want to ask another question but I just want to give the chance to the
just want to give the chance to the other people.
other people. Okay.
Um first of all I would like to pay my respect to professor Yungpa um Miss
respect to professor Yungpa um Miss Karine and also M Scott and I have um a
Karine and also M Scott and I have um a simple question yeah to M Scott um and
simple question yeah to M Scott um and my question is why do online scams still
my question is why do online scams still succeed even when people know they exist
succeed even when people know they exist and what are warning signs do victim
and what are warning signs do victim usually ignore about this thing? Yeah.
usually ignore about this thing? Yeah. Thank you.
Thank you. >> Great question.
I'm going to sit here until my dying day trying to figure out why people still
trying to figure out why people still fall for scams. I've had people be
fall for scams. I've had people be victimized numerous times. I have told
victimized numerous times. I have told my niece in the United States who's a
my niece in the United States who's a teacher, at Thanksgiving, we all get
teacher, at Thanksgiving, we all get together. We all have our food in the
together. We all have our food in the US. We all argue. We all share too many
US. We all argue. We all share too many opinions. And I'm the family member at
opinions. And I'm the family member at Thanksgiving who always goes, "Did you
Thanksgiving who always goes, "Did you put two factor authentication on your
put two factor authentication on your account?" Until her Facebook account got
account?" Until her Facebook account got taken over. And I said to her, "Did you
taken over. And I said to her, "Did you put two factor on it?" And she's like,
put two factor on it?" And she's like, "No." I go, "Didn't you read my book?"
"No." I go, "Didn't you read my book?" Well, I forgot. And it's like I have
Well, I forgot. And it's like I have that conversation with people and that's
that conversation with people and that's why, you know, I'm like, "What what do
why, you know, I'm like, "What what do you want me to do? I can't I can't help
you want me to do? I can't I can't help you. So that becomes such a challenge
you. So that becomes such a challenge and as you all as leaders that is what
and as you all as leaders that is what you need to do and even it's the
you need to do and even it's the personal leadership it's the integrity
personal leadership it's the integrity to help your family. I wish I could
to help your family. I wish I could answer why do people fall for these
answer why do people fall for these scams and the scammers are going into
scams and the scammers are going into it. the tools are available. And like I
it. the tools are available. And like I said, almost all of my victims who had
said, almost all of my victims who had an account compromised
an account compromised and money went out of their bank
and money went out of their bank account, none of them used two factor
account, none of them used two factor authentication. And like I said, that's
authentication. And like I said, that's not a silver bullet because even if you
not a silver bullet because even if you do get two factor authentication, you
do get two factor authentication, you could get tricked by social engineering.
could get tricked by social engineering. And I'm trying to package this. I don't
And I'm trying to package this. I don't know how to sum it up. There's so much I
know how to sum it up. There's so much I could talk about, but I'm trying to come
could talk about, but I'm trying to come up with those five steps that we all
up with those five steps that we all could take today and I hope I was able
could take today and I hope I was able to do that.
>> Any question? Maybe the guys just want >> There is one last question. Sorry.
>> There is one last question. Sorry. >> You don't have to apologize to me. You
>> You don't have to apologize to me. You apologize to Po.
apologize to Po. So uh you said you track someone in in
So uh you said you track someone in in Bangladesh and you're ready to capture
Bangladesh and you're ready to capture the person but you don't have the
the person but you don't have the authority uh because they don't sign a
authority uh because they don't sign a treaty. So how could we convince them to
treaty. So how could we convince them to sign a treaty?
sign a treaty? >> Well that becomes very very challenging
>> Well that becomes very very challenging and and they were going to help us
and and they were going to help us >> now. They were going to help us do this.
>> now. They were going to help us do this. We were working with them. We have great
We were working with them. We have great working relationships. It doesn't matter
working relationships. It doesn't matter if there's a treaty or not a treaty.
if there's a treaty or not a treaty. Sometimes this is the unbelievable work
Sometimes this is the unbelievable work of the state department of the US
of the state department of the US government and the host go countries. We
government and the host go countries. We do great work. So they were going to
do great work. So they were going to handle it themselves and they were going
handle it themselves and they were going to prosecute this guy in Bangladesh. We
to prosecute this guy in Bangladesh. We don't care in the United States as long
don't care in the United States as long as the bad guy goes to justice. But what
as the bad guy goes to justice. But what ended up happening in this situation,
ended up happening in this situation, as luck would have it, a couple of weeks
as luck would have it, a couple of weeks after, so my FBI counterpart who was
after, so my FBI counterpart who was over in Mumbai at the time had
over in Mumbai at the time had relationships with the Bangladesh
relationships with the Bangladesh cyber unit. I didn't know Bangladesh had
cyber unit. I didn't know Bangladesh had a cyber unit. I was excited they had a
a cyber unit. I was excited they had a cyber unit. They were excited to work
cyber unit. They were excited to work with us. And then there was a terrorism
with us. And then there was a terrorism incident by ISIS and that put everything
incident by ISIS and that put everything on hold for about a year or so and then
on hold for about a year or so and then I was able to retire. So that's what
I was able to retire. So that's what makes it challenging on that stuff. But
makes it challenging on that stuff. But when we talk back to this case and the
when we talk back to this case and the victim,
victim, if the victim just would have had two
if the victim just would have had two factor authentication on all of those
factor authentication on all of those accounts, she wouldn't have become a
accounts, she wouldn't have become a victim. So that's my whole thing of
victim. So that's my whole thing of sharing that story from other people's
sharing that story from other people's failures so they don't you and your
failures so they don't you and your family don't have to be the next victim.
family don't have to be the next victim. Excellent question.
>> So ladies and gentlemen, before we conclude, let's give another warm round
conclude, let's give another warm round of applause to our speaker, Mr. Scott
of applause to our speaker, Mr. Scott Oenbum for that crucial presentation.
So ladies and gentlemen, today's session was a powerful reminder that while we
was a powerful reminder that while we cannot avoid the digital threats
cannot avoid the digital threats surrounding us, we also can certainly be
surrounding us, we also can certainly be prepared. So let's start our quote of
prepared. So let's start our quote of our speaker. Be smart, be safe, right?
our speaker. Be smart, be safe, right? So may I take this opportunity to invite
So may I take this opportunity to invite his excellency Yongpo, Secretary General
his excellency Yongpo, Secretary General of the Royal Academy of Cambodia to
of the Royal Academy of Cambodia to present the souvenir to our speaker, Mr.
present the souvenir to our speaker, Mr. Scott Oenbum and Miss Katherine Diab.
So, thank you very much for joining us today And let's have a secured.
Click on any text or timestamp to jump to that moment in the video
Share:
Most transcripts ready in under 5 seconds
One-Click Copy125+ LanguagesSearch ContentJump to Timestamps
Paste YouTube URL
Enter any YouTube video link to get the full transcript
Transcript Extraction Form
Most transcripts ready in under 5 seconds
Get Our Chrome Extension
Get transcripts instantly without leaving YouTube. Install our Chrome extension for one-click access to any video's transcript directly on the watch page.
