Everyone is being targeted by organized crime to separate you from your money. If you’ve been scammed, don’t allow embarrassment to keep you from reporting it. Your story could keep someone else from going through the same thing. Today’s guest is Ryan Kelly. Ryan is a stand-up comedian who hunts scammers with his master’s degree in Homeland Security.“If you’re paying for something and it feels like a weird way to be paying for something, stop. It is.” - Ryan Kelly Click To Tweet
- [0:45] – Ryan shares his background and how he wound up hunting scammers.
- [2:12] – Just a few months ago, Ryan himself was scammed.
- [3:25] – Through social media, Ryan shared his experience and all of the comments showed that an incredible amount of people experienced it as well.
- [6:13] – We do victims an injustice when we describe a hacker as a bored man in a basement and a hoodie. There are incredibly organized scam crime rings.
- [9:07] – Your phone sells a lot of data.
- [10:53] – Ryan shares what he does initially when tracking down a scammer.
- [13:47] – Knowing an IP address can be helpful in knowing a little information, but it’s not exact.
- [15:46] – Some military personnel cannot use fitness trackers or other devices that transmit data.
- [18:08] – Ryan explains how a fan of his social media content recognized the background of a video and found him in person.
- [21:03] – If you possibly feel like you are being targeted as a scam but you are unsure, you can ask a series of questions to see if they are lying.
- [22:16] – Sometimes scammers purposely use bad grammar and spelling to weed out the people who are suspicious.
- [24:37] – Two factor authorization should be a requirement on every login.
- [27:01] – Your information is easy to find. There are ways to take some things down.
- [29:01] – LinkedIn is a great tool, but it can be dangerous as scammers can create a false connection.
- [32:09] – If you’re paying for something and it feels like a weird way to be paying for something, stop.
- [34:51] – If you are looking at investing in something, think about the risk. Can you afford to possibly lose it all?
- [37:36] – Scammers also target people under the pretense of helping them get their money back after a scam.
- [40:25] – Don’t send photos to people you don’t know.
Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.
Links and Resources:
- Podcast Web Page
- Facebook Page
- Easy Prey on Instagram
- Easy Prey on Twitter
- Easy Prey on LinkedIn
- Easy Prey on YouTube
- Easy Prey on Pinterest
- Ryan Kelly on TikTok
- Ryan Kelly on Instagram
- Ryan Kelly Website
Ryan, thank you so much for coming on the Easy Prey Podcast today.
Thanks so much for having me, Chris. I appreciate it. I am stoked to be here.
Awesome. Can you give myself and the audience a little bit of background about who you are and what you do?
Absolutely. My life has been a series of confusing terms. My name is Ryan Kelly. I was born in St. Louis, Missouri. I lived there for 18 years. Then I went to college in Grand Rapids, Michigan, for four years. I studied business and advertising and international relations with a concentration on counter-terror, civil war, and ethnic conflict. You know how those two go naturally together. You'd be surprised actually, weirdly enough, the same marketing strategies that Coke uses, ISIS was using at the time, which turns out was just very effective marketing.
After that, moved out to Los Angeles and was a personal assistant. Then worked in accounting very briefly for Warner Brothers and then started working at Disneyland, because that's what you do when you have these […]. You don spandex, pretend to be a teenager, and be Spider-Man. That's what I did after that. While I was at Disney, they had something called the Disney Aspire program and they paid 100% for education, including my master's degree in Homeland Security, which was awesome.
After that, I started doing pretty well on social media. I created a TikTok. I started going by Youth Pastor Ryan not because I'm a youth pastor. I just look like one. It's unfortunate for everyone involved. After that, I just kept going with social media.
I graduated with my master's degree in 2020. After that I moved back home to Missouri in 2023. It's actually just actually a couple of months ago. When I was moving back home, I got scammed. I was going through a shipping company that set me up with a scammer. They didn't mean to. They were the broker and then after that they took my $712.50. Unfortunately for them, I'm a full-time stand up comedian, so that means I've got a lot of free time, and here we go.
By the end of the day, I had their ID. I had their home address. I had their IP address. I had everything you'd need. I knew which car they drove. I called their local FBI office and I was like, “Hey, can you guys help me out with this?” It's funny because the FBI was like, “Why do you have all this information?” I go, “Crazy, I know.” Then he goes, “Can you explain what happened?” I told him the scam and he goes, “Dude, I just got hit by that same scam, too.” I was like, “No.”
That's a little disheartening when the guys who catch these also got hit by the scam. They ended up getting the company and the broker ended up giving me the money back. I posted about this whole story on social media. At the time, I still didn’t have a pretty good following, but these videos really blew up. It was shocking to me how many people were just like, “Yes, I've been scammed. Same thing. This has happened to me. This is everything.”
What was crazy about it is actually, about a month ago now, I had an ex-military guy. He just got out of the service and reached out to me. He's like, “Hey, man. I got scammed by a car-moving company that doesn't actually do it.” I was like, “I know exactly how to handle this.”
“And I know how you feel.”
Yes, and that's what I told him. I was like, “Dude, this is how I got into this. I got scammed.” I ended up doing a whole bunch of OSINT just trying to figure out what was happening. I ended up finding out that the company's DOT and MS number were not legally allowed to be shipping across state lines.
I was able to see all this and I just kept pulling more data about them. The emails are originating from India, but the home office is quite literally a home office. It's a house in Northern California and I was like, “That's weird.” Unfortunately for them, some of the names matched. I was like, “I have your aliases now. Have fun with that.”
Here's what’s funny about it. I gave this guy all the information. I told him where to report it. I got an email probably three days after posting the video. It’s, “Hey, we've seen your video from the Department of Transportation.” And I'm like, “What?” I almost shat. I hope they're not mad.
It turns out they were like, “Hey, we saw it. We think it's great. Would you mind providing all the data that you have to us? Because even if you submit it to the IC3 form to the FBI, it obviously takes a lot to get through to them.” I was like, “Yeah.”
Now, thankfully, I have a relationship with them where I can help with that type of stuff. But it was just really funny because I was just like, “Oh, I am in so much trouble.” They're like, “Great job.” I was like, “I'm not in trouble.”
It's been quite a ride. It's been really fun, but now I hunt scammers and it's been a ton of fun. I love getting to mess with them. I think there've been some really funny things. Also, there's been a lot of things that have ended up being devastating when you have people come to you and they're like, “Hey, I lost this much money. I lost this. I lost this.”
For me, thankfully, a really cool thing is I've been able to be like, “Don't worry, I have too. It happens to all of us.” It's funny because I have a lot of people that come towards me and they're like, “I must have been so dumb.” I literally had someone, it was probably two weeks ago, that emailed me that has a PhD in psychology that was like, “I got scammed.” I was like, “What were they teaching you?” This is the whole thing. It's just psychology. It was funny because yeah, everyone can be a victim of this.
If you think about it, it's because the scammers are doing this professionally. I think we do a disservice when we talk about hackers as 23-year-old, overweight guys in hoodies in their mom's basement coding in the dark. Maybe that was true at one time, but that's not what's going on anymore.
These are professional organizations doing hacking. These are often professional organizations scamming people. They've got their playbooks. “You’re not scamming enough money out of people.” They've got their quotas. They put you on a PIP if you're not doing a good job. “Hey, performance improvement plan here. If you don't start bringing in more money, we're going to fire you.”
It is weird how professional some of these places are. One of the things that got shut down was a call center out of India that was essentially acting like they were PayPal. I always say this: If you call PayPal and they pick up immediately, it's not PayPal. They don't have that kind of support. Actually, fake PayPal has better customer support than real PayPal.I always say this: If you call PayPal and they pick up immediately, it's not PayPal. They don't have that kind of support. -Ryan Kelly Click To Tweet
It was crazy because I ended up calling them a couple of times because what I saw is I get a whole bunch of people that submit them to me and that's actually been my greatest boon is the community. When I got three that were all the same number for fake PayPal, I was like, “This is a call center. This is a setup.”
You can hear them in the background. They’re having a full call center, like your American Express, like your Visa, like any place that would have a real call center, but it's just built around scamming. They're trying to get into my PC and things like that. If they're willing to reach out and touch me with theirs, I can see what network they're coming in on. It's like, “Gotcha.”
What's funny is it's really hard to get some of those numbers shut down because a lot of it's like VoIP. However, because they were all using the same number to have it come in, I just released that number on social media. They got so many calls that they shut it down. They shut down the number because they couldn't handle it. It's crazy how professional these guys are.
Also for a lot of it, I think we picture them as hackers. Most of them aren't hackers. Most of them don't have great tech knowledge. Granted, the people that set it up tend to, but most people don't. Most of it is social engineering.I think we picture them as hackers. Most of them aren't hackers. Most of them don't have great tech knowledge. Granted, the people that set it up tend to, but most people don't. Most of it is social engineering. -Ryan Kelly Click To Tweet
It's that, “Hey, I can make you feel this way. I can make you think this way. I'm catching you at a bad time. Let's do this.” It's all those things to get people in the mindset of, “This isn't a scam,” and it always is.
It's crazy. Let's talk a little bit about what OSINT is, maybe some of your processes and some of the tools that you use. We may not discuss some of this stuff in specifics. I don't necessarily want to be giving hackers or scammers the exact things that we're doing. But conceptually, let's talk about what some of these things are. For those that don't know, what is OSINT?
OSINT is open source intelligence. If you think about all the stuff that you can Google, all the stuff that you can put together that's just out there, that's it. You can get more intense OSINT if you are able to buy data. That stuff is wild.
If you have access to it, it's very expensive most of the time. Your phone sells way more data than you think. If you want to, you can even craft a narrative to see what IP addresses I can see.
This blew my mind recently. Apparently, our government in the US sells, except for Montana—no idea why, maybe they don't have traffic cameras—the traffic cameras’ live feed. You can go see that. I know a company that has access to that. At first I saw it and I was like, “Oh, you guys have pictures of it and it updates every once in a while?” They're like, “No, we have a live stream.” I was like, “What?”
There's a lot of open source intelligence that you can get access to if you pay the right price or there's a lot that you can do for free. A ton of that is really fun because most people don't understand what they're connecting to when they either open up social media, when they get an app on their phone, and then you're able to pull all these things. It's very fun. It's like a fun puzzle.
Let's talk about, conceptually, someone sends you an email saying, “I've got this great deal. I can ship your car from the East Coast to the West Coast for $712.50. I know you need to move your car. Let's do this thing.” For whatever reason, you think this seems a little off. What are some of the things that you would do to see if it is a scammer and then try to find out more about them?
First things first is if I get the emails—and I have gotten quite a few emails, especially doing social media now; I even get ad emails—I will send them a link and if I'm going after someone else who emails me, like, “I got this scammer. Do you mind taking a peek at them?” I will email them and I will create a victim profile.
I will figure out who they're targeting and then I will figure out what I need to be. Whether that's creating a new email account or using an old email account, AI generating an image, I like to become the perfect victim so they don't think too much about it.
Once I do that, normally they're after some early information, just trying to figure out who you are. If it's a romance scam, they want to see a picture of you. If it's car shipping, they want to see drop off locations. At that point, I want to send them a link. Now I use a very common IP grabber just to see what they are. It brings me a lot of data just to get a good baseline.
If they don't end up clicking the link, you can always do an email header analyzer to see what's going on there and probably pull that data from there. Just their IP address. I love the IP Logger because it does what device they're on, general location, IP address, and local IP. I think that's great.
Also, the IP Logger I use, if you turn on a Smart Logger, it'll use a VPN. But most of the time, you can check if you're like, “This doesn't make any sense,” especially if the times don't match, like our computer time. It is not real.
Now there are definitely times where they've had VPNs and things like that that'll stop an IP Logger from getting an accurate snag, in which case it depends on what you're pulling now.
If you know that they're on a computer, maybe you're not going to use something that pulls GPS data. If they are on a phone, that's always fun because even services that'll push you through their servers—Facebook does it, Instagram does it, Skype I just found out recently did it. Don’t ask why—they'll send you to theirs, so it'll ping their service and that's not helpful.
But if you're able to use a certain program to pull their phone's GPS data, then you're in business, because then it doesn't matter what their IP says they're at or what their internet says. Their phone's GPS will tell you.
Normally, it's like narrowing down the process. You start with the IP Logger, the general information, and you keep digging until you get exactly what you want. From there, it really depends. I've gone in a lot of different directions with it and it's been really fun.
Having run whatismyipaddress.com for probably longer than you've been alive—maybe not quite that long—it's interesting because IP addresses will give you an indication. But everyone has unfortunately seen way too many cop shows, CSI shows, and FBI shows that they're like, “We're pinging the IP address. Wait, they're in the US. Now, now it's down to New York. Now, it's down to this street. Oh, they turned off the computer, but we know it's in this three-block radius.” No, that's not quite how that works.
That's not how it works at all, yeah. I love those, though. It's like we've all seen The Net from the 90s. That's not what's going on there and none of us look like Angelina Jolie, so that's a bummer. It is funny that you mention that because everybody does assume that IP addresses are either this one-stop shop for everything or they tell you nothing. It's like it's somewhere in between.
I think that's funny. That's why I like certain IP Loggers. Just when you're getting their exact time, it doesn't matter if they shut off their phone. I love that. If you've got other data you can pull and you can know what's going on at that location, you can hook up to devices and then follow that device from there.
I love that. I think that's the coolest thing ever. Because then they can turn off their phone. It doesn't matter. I can see their history. I can see where they've been, and I guarantee you, they had it on them when they went home. That's always fun.
People have behaviors that they go to certain places and they do certain things. Routines, I guess.
Yeah, and that's been so interesting to see, figuring out these types of behavior. One of the things I saw in a program that I run is you can set up essentially a fence around to see whose devices are inside a certain area.
You say you set it up like a base in San Diego. Then you also put a fence around the most popular brothel in Tijuana. You're like, “Wow. That's a lot of going back and forth. That's a surprising amount of like, OK, that feels not nationally secure, but all right.” You see a lot of funny things when all of a sudden, you've got access to all this open source data. It's really fun.
There were a number of news stories that have come out over the years, where the US military has had to tell servicemen you can't use fitness tracking apps. You can't use fitness watches because that's feeding data into systems and you track back GPS coordinates. You track back enough soldiers running around a base in a war zone and you know the exact boundaries of that base where the fence lines are because you see where all the soldiers are running.
Yeah. What about the Russian submariner captain? Recently, he was assassinated and it was exactly that. He would go on a run and his data got uploaded. Apparently he would post it because it was a jogging fitness app, and it was either the day before or the day after, the official account from the Ukrainian intelligence agency liked it. It's like, “Oh, my God. Are you kidding?”
When your adversary likes your post talking about your running routine.
Stop running. It’s bad for your health, weirdly enough.
There's a lot of stuff that we do that we just don't think about the fact that it's public and what it really says about us. We post our running routines. We're excited about the fact that, “Hey, I ran 10 miles today,” not with the realization that even if you're just posting a screen picture of your run, your home is probably somewhere on that line. Even if I can't see where you started and stopped, I now know somewhere along the line that is your home. If you post five different routes, there's only going to be one point of overlap.
Yeah, there's only one spot that you come back to. It is funny. We don't think about it regularly. I was doing this, and thankfully this ended hilariously. I was in West Virginia going to a wedding, because occasionally I will just be people's plus-one if they need me to. I've gone to more strangers' weddings than I could even count. I've been invited to over 5000 weddings. It's insane.
I was in West Virginia. I'd just driven out there and I was just sitting and waiting to go to the wedding. I was in my suit and I was sitting outside of CVS just on a live, just talking to people because I was getting ready and taking some time. And somebody found me.
Somebody who was a fan of my content ended up finding where I was because they're like, “Oh, we know where that is.” They didn't say that in the chat, but then they ended up showing up and they knocked on the window. I was like, “Oh, my gosh.”
Thankfully, they were very sweet. They were very nice, but they saw the background of a live video and were able to pull where I was. You just don't think about it, but if that person didn't like me, that would have been bad. That would have been very bad.
I saw someone do the same thing. A little video feed on their LinkedIn account where someone had sent in, “I want to show my kids why it's not safe to be posting stuff online. Can you tell me where I am?” It was like a 30-second video of her in a parking lot. This guy was able to say, “I see a water tower in the distance there. I see a CVS there, and I see a fast food restaurant there. OK, let me run some API searches against geospatial stuff.”
I think she's got a southern accent so where in the South are there a water tower, a CVS, and this particular fast food restaurant all within a kilometer of each other. He was able to narrow it down to a Google street map at some point. She was standing in this grassy area between these two parking spots.
Those GeoGuessr guys.
Yeah, he's one of those GeoGuessr guys.
They're so impressive. It really is something to keep in mind. You're never alone and you are never anonymous anymore.You're never alone and you are never anonymous anymore. -Ryan Kelly Click To Tweet
Now that we've utterly freaked everybody out…
Sorry, guys. My bad.
What are you telling people if they're corresponding with someone? Not how do you identify the individual scammer, but what are the characteristics of the correspondence, the communication, that you would say, “Hey, I think you're talking to a scammer.”
For me, my best thing is I always like to catch them in a lie. I think that that's a good sign. Even if you don't think they're a scammer after that—I mean, they're definitely lying to you—you don't want to continue working with that person.
I normally ping their stuff. I try to find a general location of where they're at. If I'm feeling extra fun, I'll use a program to flip their GPS so that I can know where they're standing currently. Then after that, I will say, “Hey, just curious. Where's your company located? Where do you do business?” and all this stuff. Then they lie. I will send them the information I have and go, “No, you're not.”
I've gotten some fun responses from that. They don't love that. It is funny to me because that's a great way to test if they are just lying to you. For me, doing a simple IP Logger is a great way to start. I feel like anybody can do that. It's just you're putting a link. You’re making them click a link. If you're doing email header analysis, that can get a little more complex, but you can still Google it and figure it out. It is more complex, though.
And unfortunately, not nearly as good as it used to be.
No, it's not. It's not that hard for people to send it to just a Google server and things like that. Unfortunately, it really isn't as good as it used to be, but I have had some luck with it. Honestly, there's a guy that I work with pretty regularly who I don't know how he does it, but he is like the god of figuring out where emails came from.
I'm like, “OK, man, that's cool. That's great. Thanks for the information. I pinged him and it worked, but yours was way cooler.” I think always test if they're lying to you.
Also, bad grammar. I know it sounds weird, but sometimes a lot of scammers will do bad English and bad grammar because they're trying to get people who don't think too much about it. That's actually a strategy that they'll lean into sometimes.
I've heard that. It's like we're trying to weed out the people that are more suspicious. If we use a little bit of bad grammar, the people that are suspicious that we think are really going to challenge us, they're going to see that and they're going to go away. The people that are more forgiving of the bad grammar are our perceived target audience.
What sucks about that is what I've seen is they end up targeting a lot of immigrants, especially in the US. They won't see it that way because that's not their first language. That always bothers me. I'm like, “Really? You're targeting someone—especially when it's refugees—people that are fleeing.” I've gotten that from people where I'm like, “Dude, really?” That drives me crazy. So, bad grammar.
Also, if you're in a company, always look out for Google saying that this is coming from outside your organization. If they're claiming to be in your organization and they're coming from outside, don't trust them. That's a huge thing.
Honestly, good on Google for doing that. I've seen it on Gmail. I've seen it in other things. It's super important. Do not ignore those. Also it says in big, huge letters, “Phishing attempt. Do not do.” Probably don't do that, I would say, yeah.
Then anything that is financial in nature.
Financial and speed.
You and I were talking beforehand and I won't tell the story on the podcast because I don't have permission to tell it. What I was saying was always verify when there's a request to change financial data. Always verify it via a different communication method. If they emailed you, “Can you change my bank account number?” You call them.
If they called you, you email them. If they text messaged you, you email them back. In case they got SIM swapped or their email got compromised, you see them in person. Just never always assume when someone's wanting to change financial information. It's a scam. Trust, but verify.
Absolutely. I think in what you're saying. Two-factor is super important. Have it on everything and also do it regularly yourself. If it doesn't require it, just do it, because you never know when some little close up and looks right.Two-factor is super important. Have it on everything and also do it regularly yourself. -Ryan Kelly Click To Tweet
I've seen people that have started using either Greek or Russian letters on emails that look very normal, but they've just hidden certain letters that are slightly different.
They get a Cyrillic letter that looks almost exactly like it registers that as a domain name. It looks like a commonly used domain name, so you don't think about it.
Yeah, Don't think about it twice. It's like, “Nope, don't do that.” Always run things through. If anybody sends you a link, I always run it through, like, Google transparency checker. Even if I'm running on a different system, I just don't want to take the risk of someone getting a hold of that type of stuff.
Are you a big fan of using VPNs yourself?
Absolutely. I always run a VPN. I feel like it's just a good first step. From what I've been told and what I think makes sense, the best VPNs are the ones you build yourself. I'm not sponsored by any VPN. I honestly think that a lot of VPNs do very similar things. There are some that have cooler features, I will say. I think just having a VPN is a great start to protect yourself. It can't stop you from sending information, but it can help them not be able to trace exactly where you are.I think just having a VPN is a great start to protect yourself. It can't stop you from sending information, but it can help them not be able to trace exactly where you are. -Ryan Kelly Click To Tweet
I also think, and I'm looking into figuring out which company I want to work with for this—you can also do it by yourself; it just takes way more time—is removing your data off the Internet. Whether it be like True People Search or Whitepages. I had a buddy recently who's also a content creator. He's fairly large and he was like, “Hey, man. I just got a call and they confirmed my name and address. What's going on? What happened?”
I checked the number; it’s not real. Then I checked—I was just searching for him and I was like, “Gotcha.” It was through People Finder. It was his name, his phone number, and his address. I was like, “Dude, you’ve got to pull this down now because you are in the public eye.”
For creators, I can't recommend it enough, but honestly for anybody, because people do web scraping, pull any of that data, and then they seem to know you. They seem to be able to confirm you live here. That's great. We're just calling from this company here.
Or it’s, “Hey, we went to the same high school.” I cringe when I see people put I went to high school here. It's like, “OK, now someone comes 20 years later and says, ‘Hey, I'm Bob. We went to high school together.’” I don't remember Bob. Maybe there was a Bob. I don't want to be rude and say, “I don't know who you are.”
You just assume that they're telling the truth and you just don't remember who Bob was. Maybe they even mentioned you used to know someone else there who they figured out because of your connections on social media. Then you're like, “I guess if they know that person also, I must've known who they were.” Then our guard goes down.
The scam is able to just perpetuate itself. It's funny that you mentioned that. I've done that to try to get at Facebook scammers where I have friended people a friend, so that it makes it look better that way, and that's what scammers do.
I also think one of my favorite examples of exactly what you just said is 2012. I was very young at the time, but I was getting preached to by the cyber security director of the NSA.
He was like, “Just to let you know, please don't put where you work on social media. We've got over 300 people that put they work at the NSA on their Facebook.” He was so pissed off. I was like, “I get it, man.” That seems so annoying. Can you imagine working for the government and the NSA? You were like, “Oh, I should put this out there.”
But a lot of scammers do that. They say they work for Microsoft. They say they work for LinkedIn and people just like, “Oh, OK.”
Yeah. The LinkedIn stuff is crazy, too. People don't think of LinkedIn as a social media. I don't know why, because it is. You can pull so much data. It is so impressive and also scary the way people can infiltrate a company.
“Oh, I'm this person and these people work underneath me. They won't question if I become this person.” Plus, if that person is, say, a CEO or someone who has an outward-facing personality, they can just copy different types of text and then find the way that they speak. That's been mind-blowing recently to see that.
CEOs of even small companies, there are photos out there of them. Easy enough to grab it, throw it on the profile, and claim to be the CEO of that company. You look and feel like them. You register a domain name that looks similar to their company name. People don't pay attention.
I've also started getting a lot on LinkedIn. I guess that they're not friend requests, but they're network connections of things. You have your normal, “Hey, I do SEO. I'm a link builder. I have a podcast. I do podcast promotion. I build websites, outsource stuff.” Just the random noise of lead gen people, the […], the low end. “We can help your business by making something really cheap,” and whether they're legit or not, kind of irrelevant. So there’s that noise.
Then there are those people that are posting that they are in the same industry as you. My wife and I both have started to get connection requests. They're always from younger people. My wife always gets them from men. I always get them from women who are like, “Hey, you look like an interesting person with an interesting background. I'd like to connect and get to know you better.”
It's like, “OK, I've never received a legitimate network connection request like this. This seems a little odd,” and they’re, like, you look at their work history. It just seems…
Yeah. I don't know how to say it because no one at that age would have this job. This odd mix of things in their history that you wouldn't think a normal person would have.
Almost mechanical to a degree, and especially the way that they talk. It's funny because, obviously, my background is insane if you look at my job history, but it's almost too far in that direction where you're like, “I think he's real. I just think he might need help.”
It's funny. You do get things like that, especially when they're trying to connect you where it's like, “Oh, I just think you might be nice.” It's like, “That's a scam. That's a romance scam.”
It's a pig-butchering scam. It's a crypto-investment scam. There's something going on there. I can never get the account, never connect with them long enough and have the account stay active long enough to figure out what the angle is. They get taken down pretty quick. They're clearly doing this to lots of people, but I assume it's some crypto pig-butchering scam.
So much crypto. I made a video at one point where it was just like, “This is always my go-to: If you're paying for something and it feels like a weird way to pay for something, stop. It is.” Crypto is a huge one for that.
I've been getting a lot of people in countries where crypto is banned. There are lots of governments that are like, “If you do crypto, we're not helping you.” They're like, “I'm working with this third-party person that's helping me set up an account at Binance.” Or, “I'm using their platform.” Look at the domain name. It was registered last week. Yet they claim to have been in business for 20 years.
I always tell people, “If you've been a victim of a crime, you need to report it to your local law enforcement.” But then it's like, “I can't report them as crypto is illegal here.” These are people that are specifically being targeted because they can't report the crime.
Oh, that's true. I wonder if INTERPOL has an agency for that where they could report it that way.
Because in that case, you almost want something that's bigger that can do it. Because, actually, one of the first scams I worked on was when they reached out to me and they were like, “You do ads for this crypto thing.” It's called Qliathon.com, which it's funny because they use the name.
They don't speak English at all, so I immediately pinged where they were. They were from China. I would make these ads, but it would just be talking mad games about this. It's a lie. It’s a scam. It’s a fake the whole time. They looked great. It's like, “You don't speak English. This isn't fair.”
I would put fake captions after that because they would ask for captions that were like, “And it's great. It does this.” But the entire time, I'm just telling my audience not to fall for this. This is a lie.
Bernie Madoff, I want to say it was like 18%-20% is what he was promising people. When you see anybody promising you over that, you're out of your mind. They will never be able to get you that money. The Qliathon was 6% a day. It was like what?
I think there are two reasons why that works. People are desperate and everybody always has some friend who's made a crazy amount of money in crypto. It's like, “This is just the way that I can get that crazy return.”
I tell you, if you're getting more than a money market account, if you're getting more than 8% annually, you need to question it. There's something strange going on. If you don't understand what you're investing in, you need to work from the assumption of, “Can I afford to lose 100% of my investment?”
Yeah. It feels like people don't realize that it can all go away. It's not like you'll lose some. You'll lose everything. It's funny because we all know that guy that got paid out really big in crypto. The start of a Ponzi scheme always gets paid out. Those guys will always make money because then more gets invested, but once it all collapses, it's gone.The start of a Ponzi scheme always gets paid out. Those guys will always make money because then more gets invested, but once it all collapses, it's gone. -Ryan Kelly Click To Tweet
Then everybody else loses a ridiculous amount of money. I was curious. I want to take a step back. You talked about using IP Logger, one of those tools. How do you trick the person into clicking on the link? IP Logger will give you a couple of different domain names, but to me, it's like this is clearly not a link that anyone should be clicking on themselves. Why would anyone click on this suspicious link? Particularly a scammer. What are you doing to get them to click on the link?
I rename the links. You're right. It always comes from these supersketchy .com, sort of, don't click it. It's pretty much like dontclickthis.com. What I'll do is you can either run it through, if you want to do a simple version, a shortener or you can put it through an email and then you can essentially attach the link to different words. That's been really cool.
Also, if you want to do email for photos and things like that, if you use pixel tracking or Spy pixels, those are always cool. I prefer the logger because it's just so simple and it just works so easy. You just rename it to something that they're looking for because they'll always ask you for something.
Sometimes they won't click on the link. Don't get me wrong, a lot of times that happens, and they'll be like, “I can't click on links or things like that.” It's like, “OK, I can't upload it because the storage on my phone is full. I don't have access to this.” They ask for a driver's license. “I don't drive. I have really bad vision.” You're always messing with them to be able to eventually get them back.
For instance, I was working with some Instagram users; they were Scambusters. What they do is if you've been scammed, they'll get you your money back.
Oh, yeah. Recovery. I know of two legitimate recovery companies and they only work with high net worth individuals who've lost millions of dollars.
Oh, my gosh.
It’s a legitimate company, but it’s like, “Look, the amount of work that we're going to have to put in to even get some of your money back is absurd.” It's going to cost them $100,000 in man hours to get $250,000 back. These are big-enough transactions that they're easy enough to trace and figure out where they're going. If you've lost $4000 on crypto, no one's going to help you recover that.
No, and that's the thing is people don't think that. It's funny because I'll trace all these things back and they are in the same places that the original scam is happening. They're creating a secondary market for themselves. I’m like, “Great business, but you guys are horrible.”
I was pinging them recently because they commented on one of my TikToks. I was like, “Game on.” They were like, “Hey, this person on Instagram can help you if you lost money.” I commented that it's definitely a scam.
But then I reached out on my fake Instagram. I was like, “Oh my gosh. Do you really get my money back?” They're like, “Oh, yeah. We definitely can.” I hit up two of them, pinged them. They're actually down the street from each other, which I think is very funny.
It's the same guy.
Yeah, pretty much.
I get that. Any content that I post that has the word crypto in the transcript, I'm playing a Whac-A-Mole with the comments of, “Hey, So-and-So on Instagram, So-and-So on X, or So-and-So on TikTok, they helped me. I lost so much money. They helped me get it all back and they didn't charge me anything.”
This 100k mentor can bring me this much money. I'm so thankful to insert a tag here. It's like, oh my gosh, those scammers. I'm actually getting ready to make a video on that because I can take the comment and reply to it and go, “No, you can’t.” Then show the evidence I have that they're fraudulent. I think that's fun.
Those guys bother me the most, too, because you're going after people that have already been scammed. That's the thing. When I help people submit or when I help people, many people offer to pay me. I don't accept money. That's not why I'm doing this. You've already lost money. You don't need to be charged more.
If a business wants to do an ad with me, I will do that because then we both mutually benefit. You already lost something. I'm not trying to take money from you. It's not my thing at all.
Anyone who wants you to pay for recovery in advance is a scam. Anyone who says, “I recovered your money. Now just pay me my fee.” It's like, “No, take my fee out of what you recovered and send the difference to me.”
Oh my gosh, you hit on everything. That's across so many different scams. “Oh, we'll give you this money if you pay this. We'll do this if you pay this.” Just take the money out of it and if they won't do that, it's not real.
“Look, you accidentally sent me a whole bunch of money. Just contact your bank and reverse the bank transaction. Piece of cake. Not a problem.”
Easy. It works.
“You accidentally charged too much of my credit card? Just reverse the charge. You refunded me too much? Just reverse the charge. You can do it from your end.”
Before we wrap up here, because I've been monopolizing all sorts of your time today, any parting advice for people?
I think some of the stuff that we talked about earlier. If you haven't seen them in person, do not do this. One of the main things that I get, and I feel like a lot of the time is they target guys specifically. I get probably five to 10 of these a day. Do not send naked pictures to someone you don't know. In fact, honestly, period.
Just don't send pictures like that, period.
Some people get up against it and are like, “You're judging people.” I'm not judging anybody. I know that we're all out here trying to find love and things like that, but also, this is really incredibly dangerous, and they never go away. They are always out and say they downloaded to the cloud. Well, then someone has access to the cloud. Do you trust the person you're sending it to for them not to get hacked because they can. Just don't do it.
That has happened. There are a number of celebrities who have done this that someone has figured out their iCloud password, logged into their iCloud account, and downloaded all their picture history. Neither of those two people intentionally released it or did anything malicious, but someone else was able to find it.
Sometimes they might not even get into your iCloud. They might get into Apple and they might get access through there. I just think that if you don't want everybody in the world to see it, do not take a picture of it. Do not post it.
Unfortunately, it happens so frequently and I get so many dudes that are so stressed out. I'm like, first off, they're threatening to send it. It's always sextortion. They always like to pay us money. That never ends. Never pay them because they will keep asking forever. Report it to your FBI. Report to your local police.
If you're a minor, definitely do that. They're going to take that really seriously. I had a mom reach out to me recently who was like, “My 12-year-old son is going through this right now.” Oh my God. It's just the worst. Don't let yourself become a victim of that.
If you want to show someone yourself naked, be in person. That's the rule. That one always bums me out because I'm just like, “Guys, come on. Don't do that.” It's such a touchy subject. That one's a huge one.
How can people find you on social media?
It's @youthpastorryan at TikTok and YouTube. I'm getting ready to start uploading longer scambuster videos because those are fun, to be honest, especially the calls. My God, I have annoyed them so much.
On Instagram, I'm @ryankellycomedy, and it's youthpastorryan.com if you want links to everything, if you want to come see shows. I am a professional stand-up comedian. That actually is what I do for a living. This is just my weird side hustle, so keep that in mind.
Side hustles are awesome.
Right. They keep it fun. They keep life entertaining.
That they do. We'll make sure to link to all those in the show notes. For the listeners, you don't have to figure out how to spell Youth Pastor Ryan. You don't have to figure out URLs with funny characters. We will insert those for you. That way we can track every click. We won't.
We won't do that. If you guys wouldn't mind clicking on my website, IP Logger, that would be fantastic.
My website's got IP Logger. It was something I did when I was a kid.
Yeah, it was weird.
Ryan, thank you so much for coming on the podcast today.
Chris, thank you so much for having me, and thanks for what you do. I appreciate you getting information out there to people about all this crazy stuff because it's changing by the day.
It is. Thank you very much.