Fraudology Podcast with Karisse Hendrick

In this episode of Fraudology, Karisse Hendrick welcomes back Ron Zayas, CEO of Ironwall, to discuss the terrifying ways Artificial Intelligence is industrializing fraud. While we often think of AI as a tool for automation, Zayas explains that its true danger lies in its ability to apply human-like logic to stolen data at an unprecedented scale.
The conversation dives deep into the mechanics of modern account takeovers, explaining how AI can "guess" password variations by identifying personal patterns across multiple data breaches. We also explore the hidden risks of biometric security, from the vulnerabilities of centralized facial recognition databases to the high error rates of AI models when identifying people of color.
Key topics covered in this episode include:
Fraud at Scale: How AI moves beyond simple automation to recognize patterns in your passwords and digital behavior to breach accounts across the web.
The Biometric Trap: Why storing your facial recognition or fingerprint data with a bank or organization is a permanent risk, and why local storage on your device is the only safe alternative.
Biometric Bias and Mistakes: The reality of high error rates in facial recognition for people of color and the harrowing story of a woman arrested for a crime in a state she had never visited due to an AI mismatch.
Breaking the Connection: Practical steps to remove your personal information from data brokers and why you should treat your mobile number with the same secrecy as your Social Security number.
The Metadata Threat: How a simple photo of your house or the Grand Canyon can leak your exact IP address and physical location to bad actors through hidden metadata.

In this episode of Fraudology, Karisse Hendrick welcomes back Erin West, prosecutor and founder of Operation Shamrock, for an urgent update on the global "scamdemic" of pig butchering. Erin shares firsthand accounts from her recent investigative trip to Cambodia, providing a chilling look at the industrialized nature of transnational organized crime and the massive scale of the scam compounds operating in the region.
The conversation explores the recent waves of accountability, including the historic U.S. indictment of Cambodian/Chinese kingpin Chen Ji and the subsequent $15 billion forfeiture—a move that has sent ripples of fear through the industry. Erin details the "Super Bowl effect" she witnessed in Sihanoukville, where compounds appeared shuttered for show while operations continued behind locked metal doors and shuttered windows.
We also explore the "hot topics" dominating the fraud landscape today:
The GDP of Fraud: How the scam industry now accounts for an estimated 40% to 60% of Cambodia’s GDP, making total eradication a complex economic and humanitarian challenge.
Industrialized Deception: Why these compounds resemble corporate training rooms—complete with cubbies for personal phones and strict "fine" schedules for victims—proving this is a highly systemized global industry.
The Liability Lever: A look at how platforms like Meta successfully block scam ads in Australia where they face financial liability, while failing to do so in regions where "teeth" in the law are missing.
Building the Coalition: How Erin’s crypto-coalition has grown to 2,400 members, bridging the gap between local law enforcement and federal agencies to ensure victims are no longer turned away.

Additionally, Erin dives into the heartbreaking reality of the "generation's worth of wealth" being stolen from Western countries to fund "mint-colored Rolls Royces" and garish displays of luxury in Phnom Penh. We conclude with a call to action for fraud professionals to "Train the Trainer," using Operation Shamrock’s resources to educate their own communities and break the echo chamber.

In this episode of Fraudology, Karisse Hendrick provides a comprehensive debrief following the Merchant Risk Council (MRC) Vegas conference. Karisse shares her highlights and lowlights from one of the industry's biggest events, cutting through the conference hype to provide practical insights for fraud and payments professionals.
The conversation explores the evolving mechanics of Agentic AI in commerce, detailing how tools like Sardine are now identifying AI agents by monitoring "invisible" behaviors, such as fields being filled without mouse movement. Karisse provides an inside look at why OpenAI recently shelved its "instant checkout" feature, moving away from being a merchant of record to avoid the liability of chargebacks and complex transaction enablement.
We also explore the "hot topics" dominating the fraud landscape today:
The VAMP Threshold "Cliff": How Visa is drastically reducing high-risk merchant ratios from 220 basis points to 150 basis points this April, potentially catching many enterprise merchants off guard.
The Complexity of Agentic Chargebacks: Real-world examples of "authorized" AI purchases where merchants are losing disputes because card brands like Visa do not yet have established "compelling evidence" protocols for AI agents.
The Human Element vs. AI: Why senior fraud leadership cannot be replaced by LLMs, as the critical "domain expertise" required to manage sophisticated fraud is not found in open-source data.

Additionally, Karisse dives into the latest FTC fraud statistics, revealing a staggering 430% increase in fraud since 2020. We break down the $375 million jury verdict against Meta in New Mexico, a historic win for child safety that challenges the long-standing "Section 230" liability shield. Finally, we examine a Reuters study uncovering how Meta's ability to block scam ads depends almost entirely on the financial liability they face in specific countries.

In this episode of Fraudology, host Karisse Hendrick provides a comprehensive debrief following the Merchant Risk Council (MRC) Vegas conference. Karisse shares her highlights and lowlights from one of the industry's biggest events, cutting through the conference hype to provide practical insights for fraud and payments professionals.
The conversation explores the evolving mechanics of Agentic AI in commerce, detailing how tools like Sardine are now identifying AI agents by monitoring "invisible" behaviors, such as fields being filled without mouse movement. Karisse provides an inside look at why OpenAI recently shelved its "instant checkout" feature, moving away from being a merchant of record to avoid the liability of chargebacks and complex transaction enablement.
We also explore the "hot topics" dominating the fraud landscape today:
The VAMP Threshold "Cliff": How Visa is drastically reducing high-risk merchant ratios from 220 basis points to 150 basis points this April, potentially catching many enterprise merchants off guard.
The Complexity of Agentic Chargebacks: Real-world examples of "authorized" AI purchases where merchants are losing disputes because card brands like Visa do not yet have established "compelling evidence" protocols for AI agents.
The Human Element vs. AI: Why senior fraud leadership cannot be replaced by LLMs, as the critical "domain expertise" required to manage sophisticated fraud is not found in open-source data.

In this episode of Fraudology, host Karisse Hendrick is joined by Frank McKenna, Chief Fraud Strategist at PointPredictive and the mind behind Frank on Fraud. Frank shares his latest deep dive into Starkiller, a sophisticated new phishing-as-a-service (PaaS) platform that emerged following the takedown of Tycoon 2FA.
The conversation explores the terrifying mechanics of Attacker-in-the-Middle (AITM) attacks, where fraudsters use "headless browsers" to mirror legitimate login sessions in real-time. Frank provides an inside look at how this tool allows criminals to capture not just credentials, but also two-factor authentication (2FA) codes and session cookies, enabling them to maintain access even after a user logs out.
We also explore the "hot topics" dominating the fraud landscape today:
ATO Without a Login Event: How marketplaces are seeing "good" users perform legitimate actions, only to have their payout information changed moments later within the same session.
The Democratization of Fraud: The professionalization of phishing kits on Telegram, which offer Netflix-style subscriptions and user-friendly dashboards for as little as $300 to $500 a month.
Detection Challenges: Why traditional device intelligence and cybersecurity tools struggle to flag these attacks because the victim is interacting with the real merchant website, not a clone.