–
Here’s the full transcript of our very own cybersecurity specialist, Hank “The Hacker” Fordham, featured as a guest on iHeart’s “Shane Hewitt and the Night Shift“ last January 27, 2025.
[Shane]
All right, so it’s time to dig into those crazy text messages you’re receiving because somebody leaked your stuff online. Holy moly, we’re getting a lot of them. Hank the hacker is here Hank Fordham with X 10 technologies.
“What the hack” on Facebook, you can learn so much about this stuff. So reverse hacking really Hank is kind of what I want to talk about. There are more and more Robin hoods, if you will, in the world that are going after hackers.
But it’s a bit of a cat and mouse game from hacker to hacker. A bit of a pissing match, if you will, about who’s the best. Thanks for being here, but how are you? Well, thank you so much for having me.
[Hank]
I got to start by apologizing for my voice. I’ve been traveling with X 10 technologies. All month here doing presentations.
And I actually spoke about the dark web at Thompson Rivers University privacy and security conference last week. So but you’re exactly right. It’s a constant cat and mouse game between not just the Robin hoods and the good guys, but the bad guys.
And what they’re actually starting to do now is commoditize the ability for launching a phishing attack. So just a really quick example, there was actually a service provider for this called Lab Host, which was taken down in April 2024. And they were offering a service that allowed cyber criminals to rent it for about 250 bucks a month.
And they could send out text messages that basically pretend to be a postage office or a wide range of different kinds of pre-made templates for targets like financial institutions and stuff like that. And it’s led to an increase in texting scams. Well, it has led to an increase in texting scams.
[Shane]
They seem to come out of nowhere. And I think they catch people off guard because every now and then they say something that really kind of hits you. And maybe it’s just a coincidence, Hank.
But, you know, you just haven’t ordered anything from Amazon in a few weeks. But then all of a sudden, you get a text message saying your Amazon package is stuck at DHL. I mean, are these coincidences? Or should we be really, really wary of this stuff?
[Hank]
Well, sometimes it could be a coincidence. Like I got a message today from Marketplace on Facebook and they actually offered to send an e-transfer if I would hold on to an item for them. I got that one. Right.
I immediately approached this thinking I’ll set this up as a demo and I was going to follow through with it. And they actually sent me the 20 dollars to hold the item. So, you know, even in times where we can look at something and we approach it as this is definitely a scam, it might not be.
But the only reason I followed through with that is because I’m a cybersecurity professional. And I usually recommend that people reach out and connect with, you know, a loved one or someone else in their family before following through with that scam, because it’s quite often that you get the e-transfer scam for holding something or a text message with a link saying you have a parcel or something on hold.
[Shane]
Yeah, it is.
The timing is impeccable. The one I received was a 100 dollar item, a fancy coffee pot. And the message was, hey, I’m out of town for four or five days.
I’m happy to pay you now for it. Can you hang on till I’ll be back on Friday? And so that one seemed quite innocent. I’m like, OK, sure.
Here’s the email address to send to. And this is a good example that it’s possible that you might not want to use your normal email address for your interactive transfers. You might want to create a strange one for your email transfers.
So anyway, then I got an email to my personal email that was an alert that an interactive e-transfer had failed. And then he sent me another message on a marketplace and said, hey, I just paid it with my credit card. I can do that at my bank, but I’m not sure it went through.
It looks like they’re having trouble. Let me know if you got it or not. And then I looked at it and the email was not from him.
It was from some other, you know, web address and domain. And it was just all strange. And if you looked at it, it was just a screen capture that was pasted in.
And it said, you know, we’re currently experiencing difficulty. Click here to deposit, you know, kind of like differently. Like, you know, and it’s like, choose a different method.
Yeah. And I was like, okay, that’s a scam crap. And then I did the report thing.
And I actually caught it because now Facebook said I could comment on their transaction. It gave me the permission to comment on this buyer. So I made those comments first.
And then I reported it. And that’s all you can really do. And then I said, I’ve reported to the police and I want nothing to do with your scam.
And then they actually had the nerve to say, doesn’t matter. That won’t stop me. And then blocked me.
Right? Like, they know that there’s nothing stopping them.
[Hank]
There. I think that’s kind of the problem that I’ve noticed in the last few years.
And especially since, you know, when COVID was going by as cyber secure, a cyber security expert, we all kind of noticed that there was this huge increase in cyber crime. And some, some attacks, I always say this, but some of these attacks that five or 10 years ago would have required a lot more technological know how these cyber criminals are able to go out pay, you know, a couple 100 bucks a month and and rent a service that actually pre develops these templates that are make, they basically make fake web pages that copy a bank login, or, like I said, the posted service, and they do the exact same thing you mentioned where you kind of end up getting this weird email that has a screenshot or an image of that e-transfer link. And then an odd attempt to bypass the spam filters and which speaks well to the constant cat and mouse game.
We always try and take one step ahead and they follow close behind. I like to think they follow close behind at least.
[Shane]
I would like to think so.
Tell me about reverse hacking. Tell me some good news here. Hank, tell me that there are hackers that are out there knocking these people off.
Like, tell me that there’s someone fighting back.
[Hank]
This is a sweet spot for me, man. And not just because of the Instagram video you sent me. What a creative way to fight back where this guy got a phishing scam or he got a text message and he was able to send the scammer basically an IP grabbing link where it tricked them into clicking on the image and he got their location.
But I actually have a really fun story. I used to teach cyber security and because it was over or during COVID, we had to do this over Teams or Zoom. So it was me sharing my screen for the most part.
But I was teaching a class one day and actually had a scammer message me on Facebook, through one of my dad’s friends accounts that they had hacked. And they were sending me a message. I’m sure we’ve all or most of us have gotten this one where they’re offering a $50,000 government grant.
And I turned the live class demo into hack the hacker. So we just showed the screen. Well, we basically said to the hacker, I’d be willing to sign up for this grant and sent him a Facebook link.
It looked like a Facebook album link that had all of my information in it. But it was really a phishing link. So he clicked on it and logged in, and we were able to recover the account and return it.
[Shane]
Oh, wow. See, so there is some hope. I mean, it seems like an army against an individual.
But there is some hope in all this a double check of those text messages. Call a friend if they’re reaching out. I got the “Hey, Dad, I got a new number. My phone broke. Message me on WhatsApp”. I mean, you notice it’s like Facebook, it’s WhatsApp.
It’s all the same company that’s allowing this stuff to happen. It’s worth noting. So be careful where you spend your time.
X 10 technologies. You can find them there. What the heck on Facebook to Hank the hacker Hank Fordham.
Thanks for being here, brother. Appreciate the insight.
[Hank]
Hey, thank you so much for having me and feel free to sign up for a dark web scan.
[Shane]
There we go. dark web scan. He keeps wanting me to do a dark web scan.
I think I’m going to take him up on it. We’ll be right back.
—-
Email us to learn more about our cybersecurity solutions or to schedule a Pen Testing session with our cybersecurity specialists.
