Subscribe
Share
Share
Embed
The Wellness Creator Podcast is your go-to source for expert insights and actionable tips in the evolving world of health, wellness, and spiritual-based business. Join us as we explore proven online growth strategies, chat about current trends, and interview fellow wellness creators who’ve managed to turn passion into profit by helping people live better, healthier lives.
Jeni (00:36)
Hello and welcome to the Wellness Creator Podcast. Today's episode is about some scary things that have been going on online and we want to kind of give you the inside scoop about how to keep yourself safe and your business safe in this age of ultra intense hacking.
Sandy (00:56)
Yeah, we've come across two different stories in the last week, ⁓ which are kind of terrifying. And yeah, I think it's just important to, bring these stories to light so that as you, as wellness creators and entrepreneurs in this space know what is happening out there and take some strides to protect yourself from the hackers.
Jeni (01:19)
Yeah. Yeah.
Sandy (01:21)
Okay, so you wanna start with the meta.
Jeni (01:23)
Yeah, let's talk about Metta. I feel like we talk about Facebook so much on this podcast, it's like, but they're kind of like the behemoth in the industry as an aside. I don't know if you saw this, but I saw a post on X this week that said that Mark Zuckerberg is offering $100 million signing bonuses to poach people from OpenAI to come work at Metta right now. I know $100 million, 100.
Sandy (01:25)
I know I was going say that. I was just going to say that it's always about meta.
Jeni (01:52)
million dollar signing bonus. Just to put that in context, I remember the first presidential campaign I worked on. Like the entire campaign budget was like $200 million for the presidency of the United States of America. like it is just such an obscene, unrelatable amount of money to me that like, yeah, I don't even know.
Sandy (01:54)
I can't.
Holy
Wow.
Yeah.
And
I also heard that OpenAI just got a contract with the US government and defense, the defense department, like a huge like billion dollar something contract. Like, wow, it's moving fast. It's moving fast. So well, we're going to like come down to real life here and we're going to talk about ordinary, regular entrepreneurs and wellness creators like you and I and like our listeners. So I came across this story from a reporter from the Globe and Mail, which is, you guys don't know what Globe and Mail is probably, right?
Jeni (02:20)
Mm-hmm.
Yeah.
No, I was like, what
is this when you sent me the TikTok?
Sandy (02:47)
It's a national paper, paper
in Canada and they do some good reporting and this one lady, her name is Catherine Liesbaum. She did this huge investigative report on the ⁓ black market of meta brokers. And I was like, what is this? And she told the story where she was just in a group chat with some of her friends and somebody in there said, my God, my small business account, Instagram.
has been hacked or I can't access it. I've gone through the front door of Metta. I can't get anywhere. I don't know what to do. I'm beside myself and someone in the group chat said, Oh, you got to talk to Mo. And so this reporter, Catherine was like, who the hell is Mo? Like what's Mo going to do for you? So it turns out that Mo is a broker. And what that means is that Mo is someone who was working
Jeni (03:29)
Yeah, so sketchy.
Sandy (03:46)
with someone on the inside, like colluding with someone on the inside of Facebook who has access to a system which ironically is called oops. And that stands for online operation system. This system inside Metta is supposed to be for employees, consultants and family or friends. So they can use this system to get help with their own accounts. Like it's like an internal account.
saving system or mechanism inside. So Mo and other Meta brokers have an inside source at Meta and they can put a ticket in to this OOP system and get the account reinstated. But of course it costs
Jeni (04:32)
online.
Sandy (04:37)
money. So this mo will say, we can do this, but we need, and, and, um, what Catherine's reporting showed was it was anywhere from 1000 to $6,000 to get this back online. And then it's like cash or crypto suspiciously. And then, you know, mo will work with his insider and get this thing back up and running. And then the person's, know, somewhat happy, but it's like such an abuse of this
number one from Metta's perspective, it is a huge abuse of this system, but I can't blame people because when you run a launch or when you were an influencer or you have any kind of online business and require, and you know, it's just like you can't really run a business without social media or it'd be very unusual. So you're kind of stuck, right? And if this goes down and you go through the proper channels, which means you fill out an online form, you sometimes have to like upload a selfie or a video to show that it's actually you.
Jeni (05:23)
you
Sandy (05:36)
And then you wait and you wait and you wait and you wait and you hear nothing and your business is affected. So I can kind of understand that you might go to a mo and pay whatever to get this like done and quick and expedited.
Jeni (05:50)
Yeah, what I thought was most interesting about this is that Facebook has actually like, Meta has tried to shut this down. Like they are aware this is going on, but they don't know who the moles are in the STEM rate. So they've like filed lawsuits and all these different jurisdictions. And I think that's so, I mean, given how much information this company has about all of us, I think it's a little suspect that they cannot figure out who on the inside is actually doing this.
Sandy (05:58)
Yeah, yeah, yeah. Right.
Yes.
Yeah, yeah.
No, I thought the same. Like it's a little bit ironic. Like you were spent. this Mo, his name is Mohammed Ismail. He's in Toronto, a real guy and met his lawyers are suing him and they've gone to court. And the purpose was to shut this down, but also to find out who on the inside are they working with, right? Or is he working with? And I like,
So they have the time and the energy and the money to send lawyers into the courtroom to fight these brokers, these under black market brokers, but yet they can't fix the, you know, front door meta. Like my Facebook is shut down. Can you tell me why and how do I get it up? They can't fix that, but they will go after the brokers. Like it seems if you fix the, the account problem, you won't have these brokers and these, this, this whole.
under market thing going on, right? Like I think it's crazy.
Jeni (07:12)
Yeah, I mean, I think that, I mean, just from the much smaller experience we have of running our own technology company, I think hackers are generally getting more sophisticated. think systems that once were protective are.
Sandy (07:21)
Mm-hmm.
Jeni (07:32)
not protective things like two factor authentication, which seemed like pretty darn foolproof now can be spoofed easily and are not secure and are like, I just, I just think that like, it's this whack-a-mole game that is always being played. And so, but like what I'm curious about in this instance is, like there must be, you must have to like log into that system, right? Once you're an employee and
Sandy (07:34)
Yeah. Yeah.
Jeni (07:57)
there's got to be somebody that has like more logins or more, you know, rescue attempts than other people.
Sandy (08:02)
Yes. So,
so in the, in the report and I'll, I'll, ⁓ you have to have a, ⁓ subscription to Globe and Mail. So I don't expect all of you to do that, but there is a, like an audio version where she's being interviewed for their podcast. So I'll put that in the show notes. You can go listen because she's got a lot more detail than I'm, I'm sharing here, but she does say, cause she really tried to talk to the insiders at Metta to try to figure out exactly what you're like, who is this? Like what, what is, what is happening?
Jeni (08:10)
Yeah.
Sandy (08:29)
And there was a text message that she read aloud that between one of the brokers, I don't know if it was Mo or somebody else, one of the brokers and one of the insiders and the insider at Inmeta was saying, we got to slow down. Like I've recovered 12 accounts this week and there was an internal like security warning that went off in the system. So I can't do it as, as frequent as this. Right. So, and I know like this opt or not opt oops, a system, which is just so, so funny.
You just like put a ticket in, you know, and and it doesn't you don't know if that's a friend or family of a consultant or whatever It's just like so there you're right. I think there has to be some like frequency or I don't know something but it's you know, they're really abusing the system for their own own profit and it's it's it's really terrible and The frustrating thing that I found for this report and it's not Katherine lays bombs fault, but I was like listening to see like, okay What do we what do we do? What do we what do you suggest like?
Jeni (09:10)
Yeah. Yeah.
Sandy (09:27)
talking to all these people, the people that got hacked or, or, you know, then eventually got their thing reinstated or they're talking to him. What do we do? And she basically said, uh, make good passwords and two factor, two factor, um, authentication. And it was like, Oh, uh, but like there's literally nothing else. She even said that there's this meta, you know, they have meta verified. think it's called you pay for it. And she spoke with people who were paying that. I think it's like,
Jeni (09:52)
Mm-hmm.
you
Sandy (09:57)
It's expensive. It's not like $10 a month. They were paying, um, and did get their account, whatever, for whatever reason, shut down. And it was no help. Like that was, that's why you're, that's why you're, you pay that. You got an inside contact, a person, nope, nothing. So it's, it's just really disgusting. And when she talked to Metta about like, like, why not what we were just saying, like, why not fix the front end problem? Why don't fix the access to the accounts?
Jeni (09:59)
Okay.
Yeah, that's what I've heard also from other entrepreneurs who pay.
Sandy (10:27)
make it easier, give them an answer, bring them back up or whatever. And Meta just doesn't believe that it's necessary to spend the resources on this. Like they're the biggest software or ⁓ social media company in the world. And it just isn't a problem for them. And it's disgusting. It's absolutely disgusting.
Jeni (10:46)
Mm-hmm. Yeah, it is disgusting and I I ⁓ see quite frequently one of their biggest data centers they've ever made that's like near completion where I'm currently staying and like the just the scale of this operation like they are
Like, I don't even know. You think about it, it's like my little app to like stay in touch or it's like what my parent, Boomer parents use or whatever. It's really not. Like, it's really like a powerful utility and like security apparatus for how the world functions now. And the fact that, you know, you can't run your launch or your account gets shut down for whatever reason because...
Sandy (11:13)
Mm-hmm.
Jeni (11:34)
you spoke misinformation or you had a shitty password or whatever, it doesn't matter, like to them, like they're thinking about much bigger things. That's my take on it is like we are like a tiny inconsequential piece of the puzzle that is meta.
Sandy (11:43)
They don't care. Yeah. Yeah.
Yeah, absolutely. I also listened to ⁓ one of our favorite podcast diary of a CEO and Stephen Bartlett, the host, interviewed. ⁓ I can't remember his name, but he's called the Godfather of AI. He's was one of the very, first at Google to work on this, like really interesting story. It's worth a listen. But in there, Stephen asked him what is his biggest fear of the future with AI? Like, should we be worried? And he basically said,
One of the things I fear he had a list, but one of the things is something that you said was that, you know, all these scams and hacks and fishing and so on, like humans are thinking about that and making it happen. He's like, wait till the day comes when AI is thinking about how to scam someone. It's like things that we never even thought of. Like AI is going to be suggesting these things for us. And that is one of his fears. He actually puts his money across multiple banks.
because he's afraid the banks are going down. And he said he particularly likes Canadian banks because they're super, super, you know, nothing's entirely secure, but compared to a lot of other countries, they're well regulated or whatever. So he's got a couple of different Canadian banks and he's English. Anyway, it was really interesting. And it was like, my God, what hack can AI come up with?
Jeni (12:49)
yeah.
yeah, I get it.
Yeah, like I've since, by the way, since our business was like affected by the Silicon Valley Bank fiasco, like I personally have felt the same way. Like I don't trust anything anymore. Like after going through the trauma of that long painful weekend, when was that? Two years ago. So, but yeah, I mean, I get it. Like
Sandy (13:26)
Yeah.
Jeni (13:28)
I think that what is happening now is people are collaborating with AI. The hackers are collaborating to get ideas and assistance in doing this stuff. And I was telling you the other day, which I'll just tell to our listeners too, because maybe they've noticed this. If not, beware, it's coming. What has started to happen to me personally with hacking or like just online harassment is that people or bots or
Shady nefarious beings have signed me up for all of their damn zoom webinars or they've registered me for free products on platforms like gumroad and I get messaged Relentlessly, I get stuff put on my calendar You know not maybe not a daily basis but certainly a weekly basis at this point for things that I want nothing to do with and ⁓ and so like things are getting a little more clever because I think
Google and Apple are getting, they're playing the whack-a-mole game and they've gotten better at filtering, sort of traditional spam. So now the hackers have gotten a little more clever. And I just wanna say, this is such a shame because when you and I started in entrepreneurship, in online entrepreneurship together, cold outreach was a really powerful human way of building a business.
Sandy (14:53)
Yeah.
Jeni (14:56)
And now it's just gotten manipulated to the point where I find it revolting. Like I am completely unwilling to interact with any kind of like cold outreach at this point. Because it's just, they're sending, I don't know, tens of thousands, millions of emails out a day, I don't know, putting calendar requests on millions of calendars. Like the humanity of like a salesperson or an entrepreneur, you know, kind of going out with their like shovel.
Sandy (15:05)
Email, emails are awful, yeah.
Okay.
Jeni (15:24)
to go mining the world of business, like doesn't exist anymore. It's so gross. And yeah, I it.
Sandy (15:27)
Yeah, yeah, yeah, yeah. And the more they try
to personalize it, the more irritated I am because I can see that they scraped a phrase off our website and it's like, that's our, like don't, no. It's just so out of context and my, my whole Hey Marvelous inbox is just full of that. And I just, I don't.
Jeni (15:35)
Yes.
Yes. Yes. Yes.
It's so gross.
Yeah, yeah, but it's all my personal
emails too like everything like I just every day is like a flood of nonsense I have in one in one inbox I have I'm not gonna well, I'll just tell you 24,632 unopened messages because Because I just can't be bothered and so like I think that this raises some interesting
I don't know, just questions about email marketing. One of the things that's most true for me right now is getting a newsletter or a brand email is now the safe thing. It used to be for years and years, the sort of online marketing advice was just use plain text and try to make it look like it's just from your best friend, like when you send out an email to your list. And now I would say that's terrible advice because that's all the scammy stuff.
The stuff that I do read is if it's a creator or brand that I know and has their branding on it and their logos. I'm gonna look at that if I'm interested in what that brand or that creator says. not like any plain text email. If it's not from like one of 20 people, I won't even open it. So yeah.
Sandy (16:55)
Yeah, yeah, I totally agree. Totally agree. Yeah.
Mm-hmm. Yeah.
So that kind of a little bit segues into our next story about Stripe hack. You had a great story that you read about, you know, speaking of money and links and so on. So why don't you tell us that?
Jeni (17:10)
Yes. Yes. Yeah. Yeah.
Yeah.
Yeah. So I've actually heard in the last week, two of these stories from different creators or entrepreneurs that I follow or know personally, and maybe three actually, three in like the last 10 days. But one of them was two of them were about brand partnerships or collaborations. And I think so I think this particularly targets influencers. Like if you have a decent following on social media, on Instagram or TikTok or something like
Sandy (17:23)
Ugh.
Jeni (17:47)
or YouTube, I would be really cautious about brands reaching out because I've just heard now so many stories of like them people impersonating brands reaching out for partnership and sending links or attachments ⁓ about a partnership deal or brand deal or collaboration opportunity. Like, hey, click here to schedule, know, like schedule a meeting. We'd love to collaborate or sponsor you or whatever. And in
every one of these three instances I'm thinking of, that was like a phishing expedition and those people were impersonating those brands as were not represented as of those brands. So you have to be really careful if like someone who says they're part of an agency reaches out, right? And ⁓ then in one case, somebody lost their entire Facebook account. So they need to go to someone like Mo now, but they're heartbroken, right? Because it's like their whole business.
Another person, I don't know if they lost their YouTube, something happened, like their YouTube got hacked and this is their fricking job is being a YouTuber. And then in another instance, it's a creator who somehow this person got access to their payment processor and spent tens of thousands of dollars, I think upwards of 50,000.
dollars charged to their clients through their payment processor. Like they went in, I don't know for sure if it was Stripe or something else. I think based on the context it was probably Stripe, but I don't know, could be PayPal or something else. And they changed the bank account for that, let's just call it Stripe account to go to the hacker's bank and then charge tens of thousands of dollars of their client credit card fees and that went into the hacker's account, right?
Sandy (19:23)
Stripe account.
Jeni (19:35)
So, and then they got locked out of their payment process or let's just say Stripe. So like these kinds of things are absolutely terrifying. And I have noticed the reason why I suspect it's Stripe is that like I've noticed at least in the US, huge increase in security of Stripe accounts. basically everything is two factor all the time. Like if you're going in there multiple times a day, you have to re-log in and two factor. And I know,
So these companies, again, plain whack-a-mole trying to keep up with the increase in sophistication or just number of kind of scams going on, you just have to be really careful. I am to the point now, and this is maybe part of the lesson I wanted to share with the listeners, where I basically will not click a link in an email unless it's from someone I know, and then even still, I'm not sure I would.
⁓ Maybe if it's like a brand email and I'm clicking on a product I want to buy, like maybe. But I just Google or type in the link or copy and paste the link. So it used to be all the vogue before when you would write emails to hide the URL, mask it in the word ⁓ so that it didn't look ugly in the email. I don't believe in that anymore. Make your links ugly. Type out the link.
so that people can retype it and copy and paste it without, you they need to know where you're sending them. Like, this is so effing sketchy.
Sandy (20:58)
Yeah, transparent. Yeah.
Yeah, yeah, absolutely. Yeah.
Yeah, you know, and what's so sad about that story with the perhaps Stripe account hack is that that client, all her, her clients are getting charged this money thinking she's doing it. Like I can't imagine any, anything worse. my God.
Jeni (21:14)
Yeah.
Yeah. Yes, yes, yes, Yes, yes.
I can't either. Like it's terrifying. And so, I mean, I just think, but like I have noticed just a huge uptick in these stories and just among people I know or like have followed for years, like so many people's ⁓ businesses are getting impacted by this kind of scam stuff. So.
I just think it's like a shame because I think we had a nice run there where a lot of us were really trusting and things kind of were honest in online business at least. And now it's not like that anymore. And I would just say like, this is also ⁓ for me an indication to really lean into the creators you already know and trust and the brands you know and trust. Like I'm much more suspicious of new.
Sandy (21:58)
Mm-hmm. Yeah.
Jeni (22:17)
people, new brands, like new creators, which is kind of sad, but I just don't trust anything. Like I've just seen too much. So lesson one, don't click any emails. Don't click anything in an email. Like unless it's from, you can look at the URL and trust the brand. Even if it's like, I just said I won't respond to cold emails, but sometimes there's a reason to like, maybe I want to engage with that agency or that.
Sandy (22:36)
Yeah.
Jeni (22:46)
whoever's doing the outreach, I will not even click their URL, their website from their email signature. I will go and Google their brand or their agency or their company and make sure a person with that name works there. And then if I want to reach out to them, I look at their contact information on that website. I literally will not respond. Yeah.
Sandy (23:11)
Yeah.
Yeah. So I think it's like just changing those habits and being super careful. think it is changing your passwords, having really complicated passwords and then two FA. Like you have to, you have to do that. That's all you can do and just use your brain with, from this like lens of suspicious of everything all the time, which is exhausting, but it's better to do it now than to have to go and tell your clients. Like, I'm sorry you got charged this money. wasn't me. got hacked. Like, ⁓
Jeni (23:27)
Yeah.
Yeah.
Yeah, yeah, no, no, nightmare scenario. And also I will say, so the two-factor authentication that is the text message verification is the one that is now not very secure. So my understanding, at least at this moment in time, is that we should all be using an app that's a two-factor authentication app. The app that I... Yeah, I use Authy, A-U-T-H-Y. I just have been using that for a number of years. And certain...
Sandy (23:41)
What a nightmare.
Google Authenticator.
Jeni (24:11)
that we use in our company required that. Like for many years ago, like you couldn't use your phone number for two factor for some of the more sophisticated tech tools. You had to use a tool like Authy. And I just think like, it's actually really easy to use too. And so I would just also move away. I know a lot of brands or businesses don't give you the option to not use this phone number, but the phone number thing is kind of like doesn't, it's not very secure anymore.
Sandy (24:16)
Mm.
Yeah.
Jeni (24:40)
So if you have a choice, use an Authy app or similar. Yep.
Sandy (24:45)
Well, that's kind of a downer episode, but I do think these stories are important and to protect ourselves. think we have to keep sharing them and talking about them. So hopefully everyone found it helpful, scary, but like, you know, you're now aware.
Jeni (24:52)
Yeah.
Yeah, and I mean, I think like it's really hard to have a secure password at this point because AI can run, you know, the calculations really easily to like try a million things. I think the most important thing is to change it frequently, right? Because like, I don't know about all of you, but I think most of us have some kind of information on the dark web. That's just the way it is. And you don't want that old password that's on the dark web for someone to access or buy to be what you're still using. So like change the damn password.
Sandy (25:08)
bowl. Yeah.
Mm-hmm.
Jeni (25:31)
Just get in a routine or a habit of like at least once a month changing your passwords that you use frequently or that are important. Yep.
Sandy (25:38)
Yeah.
Amazing. Thank you, Jenny.
Jeni (25:42)
Thank you Sandy. Alright folks, we'll see you next time. Stay safe!
Sandy (25:45)
Bye.