fraud

Here’s how deepfake vishing attacks work, and why they can be hard to detect

AI, Biz & IT, Deepfakes, fraud, Security, speech synthesis / DJ Henderson / August 7, 2025

By now, you’ve likely heard of fraudulent calls that use AI to clone the voices of people the call recipient knows. Often, the result is what sounds like a grandchild, CEO, or work colleague you’ve known for years reporting an urgent matter requiring immediate action, saying to wire money, divulge login credentials, or visit a malicious website.

Researchers and government officials have been warning of the threat for years, with the Cybersecurity and Infrastructure Security Agency saying in 2023 that threats from deepfakes and other forms of synthetic media have increased “exponentially.” Last year, Google’s Mandiant security division reported that such attacks are being executed with “uncanny precision, creating for more realistic phishing schemes.”

Anatomy of a deepfake scam call

On Wednesday, security firm Group-IB outlined the basic steps involved in executing these sorts of attacks. The takeaway is that they’re easy to reproduce at scale and can be challenging to detect or repel.

The workflow of a deepfake vishing attack. Credit: Group-IB

The basic steps are:

Collecting voice samples of the person who will be impersonated. Samples as short as three seconds are sometimes adequate. They can come from videos, online meetings, or previous voice calls.

Feeding the samples into AI-based speech-synthesis engines, such as Google’s Tacotron 2, Microsoft’s Vall-E, or services from ElevenLabs and Resemble AI. These engines allow the attacker to use a text-to-speech interface that produces user-chosen words with the voice tone and conversational tics of the person being impersonated. Most services bar such use of deepfakes, but as Consumer Reports found in March, the safeguards these companies have in place to curb the practice could be bypassed with minimal effort.

An optional step is to spoof the number belonging to the person or organization being impersonated. These sorts of techniques have been in use for decades.

Next, attackers initiate the scam call. In some cases, the cloned voice will follow a script. In other more sophisticated attacks, the faked speech is generated in real time, using voice masking or transformation software. The real-time attacks can be more convincing because they allow the attacker to respond to questions a skeptical recipient may ask.

“Although real-time impersonation has been demonstrated by open source projects and commercial APIs, real-time deepfake vishing in-the-wild remains limited,” Group-IB said. “However, given ongoing advancements in processing speed and model efficiency, real-time usage is expected to become more common in the near future.”

Here’s how deepfake vishing attacks work, and why they can be hard to detect Read More »

GOP’s pro-industry crypto bills could financially ruin millions, lawmaker warns

clarity act, Consumer protection, crypto scams, crypto week, Cryptocurrency, Donald Trump, fraud, FTX, genius act, Policy, stablecoins / Kelly Newman / July 15, 2025

Trump’s crypto bills could turn trusted Big Tech companies into the next FTX.

It’s “Crypto Week” in Congress, and experts continue to warn that legislation Donald Trump wants passed quickly could give the president ample opportunities to grift while leaving Americans more vulnerable to scams and financial ruin.

Perhaps most controversial of the bills is the one that’s closest to reaching Trump’s desk, the GENIUS Act, which creates a framework for banks and private companies to issue stablecoins. After passing in the Senate last month, the House of Representatives is hoping to hold a vote as soon as Thursday, insiders told Politico.

Stablecoins are often hyped as a more reliable form of cryptocurrency, considered the “cash of the blockchain” because their value can be pegged to the US dollar, Delicia Hand, Consumer Reports’ senior director monitoring digital marketplaces, told Ars.

But the GENIUS Act doesn’t require stablecoins to be pegged to the dollar, and that’s a problem, critics say. The law’s alleged flaws allow large technology companies to peg their stablecoins to riskier assets that could make both their cryptocurrency tokens and, ultimately, the entire global financial system less stable.

For Americans, the stakes are high. In June, Hand warned that Consumer Reports had “a number of concerns about the GENIUS Act.” Chief among them were “insufficient consumer protections” that Americans expect when conducting financial transactions.

Stablecoin issuers will likely include every major payment app, social media app, and e-commerce platform. There is already interest from Amazon, Meta, PayPal, and Shopify. But unlike companies providing traditional bank services, stablecoin providers will not be required to provide clear dispute-resolution processes, offer deposit insurance, or limit liability for unauthorized transactions on their customers’ accounts.

Additionally, with limited oversight, big tech companies could avoid scrutiny while potentially seizing sensitive financial data for non-bank purposes, pushing competition out of markets, and benefiting from other conflicts of interest from other areas of their businesses. Last month, Congressional researchers highlighting key issues with the GENIUS Act advised that possibly restricting stablecoin regulation to only apply to financial institutions would likely have required big tech firms to divest chunks of their business to prevent them from using stablecoins to illegally dominate the digital payments industry. But Republicans have not yet adopted any recommendations.

Most ominously in light of recent collapses of crypto exchanges like FTX—which made it difficult for customers to recover billions—”the bill does not provide adequate authority to federal and state regulators to ensure consumers have full protection and redemption rights for stablecoin transactions,” Consumer Reports warned. Hand reiterated this concern to Ars as the House mulls the same bill this week.

“I think one major concern that we have is if the bill doesn’t guarantee that consumers can redeem their stablecoins quickly or at all in a crisis, and that’s kind of what is the irony is that at its core, the notion of a stablecoin is that there’s some stability,” Hand said.

Pro-industry crypto bills could financially ruin millions

House Republicans are hoping to pass the bill as is, Politico reported, but some Democrats are putting up a fight that could possibly force changes. Among them is Rep. Maxine Waters (D-Calif.), who penned an op-ed this week, alleging that “Crypto Week” legislation was written “by and for the crypto industry” and “will open the floodgates to massive fraud and financial ruin for millions of American families.”

“All they really do is replicate the same mess that led to past financial crises: They call for few regulations, minimal enforcement, weak consumer protections, and more industry consolidation,” Waters wrote. And “on top of that, these bills have a special, intentional wrinkle that makes them especially dangerous: They would legitimize and legalize the unprecedented crypto corruption by the president of the United States.”

Waters joined critics warning that the GENIUS Act is deeply flawed, with “weak consumer protections” and “no funding provided to regulators to implement the law.” Additionally, the CLARITY Act—which seeks to create a regulatory framework for digital assets and cryptocurrencies to allow for more innovation and will likely come to a House vote on Wednesday before heading to the Senate—”actually creates space for similar schemes” to Sam Bankman-Fried’s stunning fraud that caused FTX’s collapse.

She accused Republicans of rushing the votes on these bills to benefit Trump, whose “shady crypto ventures” have allegedly enriched Trump by $1.2 billion. (The White House has said that Trump has no conflicts of interest, as the crypto ventures are managed by his children.)

Further, “the GENIUS Act opens the floodgates to foreign-controlled crypto that poses serious national security risks, all to appease Trump’s inner circle, which has ties to crypto,” Waters wrote.

Waters has so far submitted amendments that would “block any US president, vice president, members of Congress and their immediate families from promoting or holding crypto” and stop the US from deeming “a foreign country to have a stablecoin regime comparable to that of the US if the current leader of that country has described themselves as a dictator,” CoinTelegraph reported.

Pushback from Democrats may not be enough, as White House crypto advisor Bo Hines seemed to predict on X that the GENIUS Act would be signed into law without much debate this week.

Tim Scott, a chairman of the Senate Committee on Banking, Housing, and Urban Affairs, counted concerns about consumer protections among “myths” he claims to have busted in advocating for the bill. Scott suggested that “simple monthly disclosure” of reserves backing stablecoins and annual statements from the biggest companies issuing stablecoins would be enough to protect consumers from potential losses, should stablecoins be mismanaged.

He also defended not requiring “essential insolvency protections for consumers” by noting that customers will be “explicitly” prioritized above creditors in any insolvency proceedings.

But Waters did not buy that logic, warning that the “Crypto Week” bills becoming law without any amendments will “eventually” trigger the first American crypto financial crisis.

Widespread stablecoin adoption will take time, bank says

If these bills pass without meaningful changes, Hand told Ars that consumers should be wary of stablecoins, no matter what trusted brand is pushing a new token.

In a post detailing risks of allowing big tech companies to “open banks without becoming banks,” Brian Shearer, the director of competition and regulatory policy at the Vanderbilt Policy Accelerator, provided an example.

Imagine if Apple—which “already has quite a bit of power to force adoption of ApplePay”—issues a stablecoin through a competing “payment card” accessed through its popular devices. Apple could possibly lure merchants to adopt the payment form by charging lower fees, and customers “probably wouldn’t revolt because it would be free for them.” Eventually, Apple could be motivated to force all payments through stablecoins, cutting banks entirely out, then potentially raising fees to merchants.

“It’s not a stretch to imagine a scenario where Google, Apple, Amazon, PayPal, Block, and Meta all do something like this and quickly become the largest payment networks and banks in the world,” Shearer wrote. And Hand told Ars that these trusted brands “could kind of imbue some sort of confidence that may be not necessarily yet earned” when rolling out stablecoins.

Bank of America’s head of North American banks research, Ebrahim Poonawala, told Business Insider that “it could take between three to five years to fully build out the infrastructure needed for widespread stablecoin adoption.”

Mastercard’s chief product officer, Jorn Lambert, agreed, telling Bloomberg that stablecoins have a “long road to mainstream payments.” Specifically, Lambert suggested that consumers broadly won’t embrace stablecoins without “a seamless and predictable user experience” and current “friction” causing online checkout hurdles—even for an experienced company like Shopify—”will be difficult to clear in the near-term.”

In the meantime, customers will likely be pushed to embrace stablecoins as being more reliable than other cryptocurrencies. Hand advised that anyone intrigued by stablecoins should proceed cautiously in an environment lacking basic consumer protections, conditions which one nonpartisan, nonprofit coalition, Americans for Financial Reform, suggested could create “an incubator for even more predatory and scammy activity” plaguing the entire crypto industry.

Hand told Ars she is not “anti-digital assets or crypto,” but she recommends that customers “start conservatively” with stablecoin investments. Consider who is advertising the stablecoin, Hand recommended, suggesting that celebrity endorsements should be viewed as red flags without more research. At least to start, treat any stablecoins acquired “more like a prepaid card than a bank account,” using it for certain payments but keeping life savings in less volatile accounts until you learn more about the risks of holding stablecoins.

Possibly most critically, customers should explore companies’ promised resolution processes before investing in stablecoins, Hand said, and fully vet customer support. In China, regulators are already struggling with stablecoin scams, where “a group of semi-informed people is being deceived by ill-intentioned people” luring them into stablecoin deposits that cannot be withdrawn, the South China Morning Post reported.

“Just because something is called a coin or digital dollar doesn’t mean it’s regulated like cash,” Hand said. “Don’t wait until you get in trouble to know what you can expect.”

In this potential future, stablecoin issuers could never really be considered “stable institutions,” Shearer said. Shearer referenced a possible “sci-fi disaster” that could end in bank runs, leading the government to one day bail out tech companies who bungle stablecoin investments but become “too big to fail.”

Hand told Ars that Consumer Reports will work with other consumer advocates and the implementing regulator to try to close any gaps that would leave Americans vulnerable. Those groups would submit comments and feedback to help with rule-making around implementation and monitoring and provide consumer education resources.

However, these steps may not be enough to protect Americans, as the crypto industry continues to be deregulated under self-described “pro-crypto President” Trump.

“Sometimes if something is just fundamentally flawed, I’m not quite sure, particularly in the current regulatory or deregulatory environment, whether any amount of guidance or rulemaking could really fix a flawed framework,” Hand told Ars.

At the same time, Trump’s Justice Department has largely backed off crypto lawsuits and probes, creating an impression of Wild West-like lawlessness where even a proven fraudster like Bankman-Fried dares hope he may be pardoned for misdeeds.

“The CLARITY Act handcuffs the Securities and Exchange Commission, preventing it from proactively protecting people against fraud,” Waters wrote. “Regulators would have to wait until after investors have already been harmed to act—potentially after a company has collapsed and life savings have vanished. We’ve seen this before. FTX collapsed because insiders illegally operated the exchange, controlled customer funds and traded against their own clients. The CLARITY bill does nothing to address that.”

Ashley is a senior policy reporter for Ars Technica, dedicated to tracking social impacts of emerging policies and new technologies. She is a Chicago-based journalist with 20 years of experience.

GOP’s pro-industry crypto bills could financially ruin millions, lawmaker warns Read More »

AT&T rolls out Wireless Account Lock protection to curb the SIM-swap scourge

Biz & IT, fraud, Security, sim swap, wireless carrier / Beth Washington / July 3, 2025

AT&T is rolling out a protection that prevents unauthorized changes to mobile accounts as the carrier attempts to fight a costly form of account hijacking that occurs when a scammer swaps out the SIM card belonging to the account holder.

The technique, known as SIM swapping or port-out fraud, has been a scourge that has vexed wireless carriers and their millions of subscribers for years. An indictment filed last year by federal prosecutors alleged that a single SIM swap scheme netted $400 million in cryptocurrency. The stolen funds belonged to dozens of victims who had used their phones for two-factor authentication to cryptocurrency wallets.

Wireless Account Lock debut

A separate scam from 2022 gave unauthorized access to a T-Mobile management platform that subscription resellers, known as mobile virtual network operators, use to provision services to their customers. The threat actor gained access using a SIM swap of a T-Mobile employee, a phishing attack on another T-Mobile employee, and at least one compromise of an unknown origin.

This class of attack has existed for well over a decade, and it became more commonplace amid the irrational exuberance that drove up the price of bitcoin and other cryptocurrencies. In some cases, scammers impersonate existing account holders who want a new phone number for their account. At other times, they simply bribe the carrier’s employees to make unauthorized changes.

AT&T rolls out Wireless Account Lock protection to curb the SIM-swap scourge Read More »

Even Trump may not be able to save Elon Musk from his old tweets

Donald Trump, elon musk, fraud, Policy, SEC, Securities and Exchange Commission, Twitter, X / Shannon Garcia / April 1, 2025

A loss in the investors’ and SEC’s suits could force Musk to disgorge any ill-gotten gains from the alleged scheme, estimated at $150 million, as well as potential civil penalties.

The SEC and Musk’s X (formerly Twitter) did not respond to Ars’ request to comment. Investors’ lawyers declined to comment on the ongoing litigation.

SEC purge may slow down probes

Under the Biden administration, the SEC alleged that “Musk’s violation resulted in substantial economic harm to investors selling Twitter common stock.” For the lead plaintiffs in the investors’ suit, the Oklahoma Firefighters Pension and Retirement System, the scheme allegedly robbed retirees of gains used to sustain their quality of life at a particularly vulnerable time.

Musk has continued to argue that his alleged $200 million in savings from the scheme was minimal compared to his $44 billion purchase price. But the alleged gains represent about two-thirds of the $290 million price the billionaire paid to support Trump’s election, which won Musk a senior advisor position in the Trump administration, CNBC reported. So it’s seemingly not an insignificant amount of money in the grand scheme.

Likely bending to Musk’s influence, one of Trump’s earliest moves after taking office, CNBC reported, was reversing a 15-year-old policy allowing the SEC director of enforcement to launch probes like the one Musk is currently battling. It allowed the Tesla probe, for example, to be launched just seven days after Musk’s allegedly problematic tweets, the SEC boasted in a 2020 press release.

Now, after Trump’s rule change, investigations must be approved by a vote of SEC commissioners. That will likely slow down probes that the SEC had previously promised years ago would only speed up over time in order to more swiftly protect investors.

SEC expected to reduce corporate fines

For Musk, the SEC has long been a thorn in his side. At least two top officials (1, 2) cited the Tesla settlement as a career highlight, with the agency seeming especially proud of thinking “creatively about appropriate remedies,” the 2020 press release said. Monitoring Musk’s tweets, the SEC said, blocked “potential harm to investors” and put control over Musk’s tweets into the SEC’s hands.

Even Trump may not be able to save Elon Musk from his old tweets Read More »

CEO of AI ad-tech firm pledging “world free of fraud” sentenced for fraud

ad fraud, ad tech, AI fraud, crime, fraud, IPO, kubient, Security, Tech / Beth Washington / March 23, 2025

In May 2024, the website of ad-tech firm Kubient touted that the company was “a perfect blend” of ad veterans and developers, “committed to solving the growing problem of fraud” in digital ads. Like many corporate sites, it also linked old blog posts from its home page, including a May 2022 post on “How to create a world free of fraud: Kubient’s secret sauce.”

These days, Kubient’s website cannot be reached, the team is no more, and CEO Paul Roberts is due to serve one year and one day in prison, having pled guilty Thursday to creating his own small world of fraud. Roberts, according to federal prosecutors, schemed to create $1.3 million in fraudulent revenue statements to bolster Kubient’s initial public offering (IPO) and significantly oversold “KAI,” Kubient’s artificial intelligence tool.

The core of the case is an I-pay-you, you-pay-me gambit that Roberts initiated with an unnamed “Company-1,” according to prosecutors. Kubient and this firm would each bill the other for nearly identical amounts, with Kubient purportedly deploying KAI to find instances of ad fraud in the other company’s ad spend.

Roberts, prosecutors said, “directed Kubient employees to generate fake KAI reports based on made-up metrics and no underlying data at all.” These fake reports helped sell the story to independent auditors and book the synthetic revenue in financial statements, according to Roberts’ indictment.

CEO of AI ad-tech firm pledging “world free of fraud” sentenced for fraud Read More »

Scoop: Origami measuring spoon incites fury after 9 years of Kickstarter delay hell

Crowdfunding, Features, fraud, Kickstarter, Policy, shopify, tiktok / Kelly Newman / March 16, 2025

The curious case of the missing Kickstarter spoons.

An attention-grabbing Kickstarter campaign attempting to reinvent the measuring spoon has turned into a mad, mad, mad, mad world for backers after years of broken promises and thousands of missing spoons.

The mind-boggling design for the measuring spoon first wowed the Internet in 2016 after a video promoting the Kickstarter campaign went viral and spawned widespread media coverage fawning over the unique design.

Known as Polygons, the three-in-one origami measuring spoons have a flat design that can be easily folded into common teaspoon and tablespoon measurements. “Regular spoons are so 3000 BC,” a tagline on the project’s website joked.

For gadget geeks, it’s a neat example of thinking outside of the box, and fans found it appealing to potentially replace a drawer full of spoons with a more futuristic-looking compact tool. Most backers signed up for a single set, paying $8–$12 each, while hundreds wanted up to 25 sets, a handful ordered 50, and just one backer signed up for 100. Delivery was initially promised by 2017, supposedly shipping to anywhere in the world.

But it’s been about nine years since more than 30,000 backers flocked to the Kickstarter campaign—raising more than $1 million and eclipsing Polygons’ $10,000 goal. And not only have more than a third of the backers not received their spoons, but now, after years of updates claiming that the spoons had been shipped, some backers began to wonder if the entire campaign might be a fraud. They could see that Polygons are currently being sold on social media and suspected that the maker might be abusing backers’ funds to chase profits, seemingly without ever seriously intending to fulfill their orders.

One Kickstarter backer, Caskey Hunsader, told Ars that he started doubting if the spoon’s designer—an inventor from India, Rahul Agarwal—was even a real person.

Ars reached out to verify Agarwal’s design background. We confirmed that, yes, Agarwal is a real designer, and, yes, he believes there is a method to the madness when it comes to his Kickstarter campaign, which he said was never intended to be a scam or fraud and is currently shipping spoons to backers. He forecasted that 2025 is likely the year that backers’ wait will finally end.

But as thousands of complaints on the Kickstarter attest, backers have heard that one before. It’s been two years since the last official update was posted, which only promised updates that never came and did not confirm that shipments were back on track. The prior update in 2022 promised that “the time has finally arrived when we begin bulk shipping to everyone!”

Hunsader told Ars that people seem mostly upset because of “bullshit,” which is widely referenced in the comments. And that anger is compounded “by the fact that they are producing, and they are selling this product, so they are operating their business using funds that all these people who were their first backers gave them, and we’re the ones who are not getting the product. I think that’s where the anger comes from.”

“It’s been years now, and [I’ve] watched as you promise good people their products and never deliver,” one commenter wrote. “Wherever you try… to sell [your] products, we will be there reminding them of the empty orders you left here.”

“Where is my item? I am beyond angry,” another fumed.

Those who did receive their spoons often comment on the substantial delays, but reviews are largely positive.

“Holy crap, folks,” a somewhat satisfied backer wrote. “Hell has frozen over. I finally got them (no BS).”

One backer was surprised to get twice as many spoons as expected, referencing an explanation blaming Chinese New Year for one delay and writing, “I can honestly say after 8 years… and an enormous amount of emails, I finally received my pledge. Except… I only ordered 3… and I received 6. I’d be inclined to ship some back to Polygons… bare with me… I’ll return them soon… I appreciate your patience… mebbe after Chinese New Years 2033…”

Agarwal agreed to meet with Ars, show us the spoon, and explain why backers still haven’t gotten their deliveries when the spoon appears widely available to purchase online.

Failing prototypes and unusable cheap knockoffs

As a designer, Agarwal is clearly a perfectionist. He was just a student when he had the idea for Polygons in 2014, winning design awards and garnering interest that encouraged him to find a way to manufacture the spoons. He felt eager to see people using them.

Agarwal told Ars that before he launched the Kickstarter, he had prototypes made in China that were about 85 percent of the quality that he and his collaborators at InventIndia required. Anticipating that the quality would be fully there soon, Agarwal launched the Kickstarter, along with marketing efforts that Agarwal said had to be squashed due to unexpectedly high interest in the spoons.

This is when things started spiraling, as Agarwal had to switch manufacturers five times, with each partner crashing into new walls trying to execute the novel product.

Once the Kickstarter hit a million dollars, though, Agarwal committed to following through on launching the product. Eventually, cheap knockoff versions began appearing online on major retail sites like Walmart and Amazon toward the end of 2024. Because Agarwal has patents and trademarks for his design, he can get the knockoffs taken down, but they proved an important point that Agarwal had learned the hard way: that his design, while appearing simplistic, was incredibly hard to pull off.

Ars handled both a legitimate Polygons spoon and a cheap knockoff. The knockoff was a flimsy, unusable slab of rubber dotted with magnets; the companies aping Agarwal’s idea are seemingly unable to replicate the manufacturing process that Agarwal has spent years perfecting to finally be able to widely ship Polygons today.

On the other hand, Agarwal’s spoon is sturdy, uses food-grade materials, and worked just as well measuring wet and dry ingredients during an Ars test. A silicon hinge connects 19 separate plastic pieces and ensures that magnets neatly snap along indented lines indicating if the measurement is a quarter, half, or whole teaspoon or tablespoon. It took Agarwal two and a half years to finalize the design while working with InventIndia, a leading product development firm in India. Prototyping required making special molds that took a month each to iterate rather than using a 3D-printing shortcut whereby multiple prototypes could be made in a day, which Agarwal said he’d initially anticipated could be possible.

Around the time that the prototyping process concluded, Agarwal noted, COVID hit, and supply chains were disrupted, causing production setbacks. Once production could resume, costs became a factor, as estimates used to set Kickstarter backer awards were based on the early failed Chinese prototype, and the costs of producing a functioning spoon were much higher. Over time, shipping costs also rose.

As Kickstarter funds dwindled, there was no going back, so Agarwal devised a plan to sell the spoons for double the price ($25–$30 a set) by marketing them on social media, explaining this in a note to backers posted on the Polygons site. Those sales would fund ongoing manufacturing, allowing profits to be recycled so that Kickstarter backers could gradually receive shipments dependent on social media sales volumes. Orders from anyone who paid extra for expedited shipping are prioritized.

It’s a math problem at this point, with more funding needed to scale. But Agarwal told Ars that sales on Shopify and TikTok Shop have increased each quarter, most recently selling 30,000 units on TikTok, which allowed Polygons to take out a bigger line of credit to fund more manufacturing. He also brought in a more experienced partner to focus on the business side while he optimizes production.

Agarwal told Ars that he understands trust has been broken with many Kickstarter backers, considering that totally fair. While about 38 percent of backers’ orders still need filling, he predicts that all backers could get their orders within the next six to eight months as Polygons becomes better resourced, but that still depends on social media sales.

Agarwal met Ars after attending a housewares show in Chicago, where he shopped the spoons with retailers who may also help scale the product in the coming years. He anticipates that as the business scales, the cost of the spoons will come back down. And he may even be able to move onto executing other product designs that have been on the backburner as he attempts to work his way out of the Kickstarter corner he backed himself into while obsessing over his first design.

Kickstarter problem goes beyond Polygons

Hunsader told Ars there’s a big difference “in a lie versus bad management,” suggesting that as a business owner who has managed Kickstarter campaigns, he thinks more transparency likely could’ve spared Polygons a lot of angry comments.

“I am not sitting here with a dart board with [Agarwal’s] face on it, being like, when am I going to get my damn spoons?” Hunsader joked. But the campaign’s Kickstarter messaging left many backers feeling like Polygons took backers’ money and ran, Hunsader said.

Unlike people who saw the spoons going viral on social media, Hunsader discovered Polygons just by scrolling on Kickstarter. As a fan of geeky gadgets, he used to regularly support campaigns, but his experience supporting Polygons and monitoring other cases of problematic Kickstarters have made him more hesitant to use the platform without more safeguards for backers.

“It’s not specifically a Polygons problem,” Hunsader told Ars. “The whole Kickstarter thing needs maybe just more protections in place.”

Kickstarter did not respond to Ars’ request to comment. But Kickstarter’s “accountability” policy makes clear that creators “put their reputation at risk” launching campaigns and are ultimately responsible for following through on backer promises. Kickstarter doesn’t issue refunds or guarantee projects, only providing limited support when backers report “suspicious activity.”

Redditors have flagged “shitty” Kickstarter campaigns since 2012, three years after the site’s founding, and the National Association of Attorneys General—which represents US state attorneys general—suggested in 2019 that disgruntled crowdfunding backers were increasingly turning to consumer protection laws to fight alleged fraud.

In 2015, an independent analysis by the University of Pennsylvania estimated that 9 percent of Kickstarter projects didn’t fulfill their rewards. More recently, it appeared that figure had doubled, as Fortune reported last year that an internal Kickstarter estimate put “the amount of revenue that comes from fraudulent projects as high as 18 percent.” A spokesperson disputed that estimate and told Fortune that the platform employs “extensive” measures to detect fraud.

Agarwal told Ars that he thinks it’s uncommon for a campaign to continue fulfilling backer rewards after eight years of setbacks. It would be easier to just shut down and walk away, and Kickstarter likely would not have penalized him for it. While the Kickstarter campaign allowed him to reach his dream of seeing people using his novel measuring spoon in the real world, it’s been bittersweet that the campaign has dragged out so long and kept the spoons out of the hands of his earliest supporters, he told Ars.

Hunsader told Ars that he hopes the Polygons story serves as a “cautionary tale” for both backers and creators who bite off more than they can chew when launching a Kickstarter campaign. He knows that designers like Agarwal can take a reputational hit.

“I don’t want to make somebody who has big dreams not want to dream, but you also, when you’re dealing with things like manufacturing technology, have to be realistic about what is and is not accomplishable,” Hunsader said.

Polygons collaborators at InventIndia told Ars that Agarwal is “dedicated and hard-working,” describing him as “someone deeply committed to delivering a product that meets the highest standards” and whose intentions have “always” been to “ship a perfect product.”

Agarwal’s team connected with Hunsader to schedule his Kickstarter reward shipment on Friday. Hunsader told Ars he doesn’t really care if it takes another nine years. It’s just a spoon, and “there are bigger fish to fry.”

“Listen, I can buy that narrative that he was somebody who got totally overwhelmed but handled it in the worst possible way ever,” Hunsader said.

He plans to continue patiently waiting for his spoons.

This story was updated on March 14 to update information on the Polygons Kickstarter campaign.

Ashley is a senior policy reporter for Ars Technica, dedicated to tracking social impacts of emerging policies and new technologies. She is a Chicago-based journalist with 20 years of experience.

Scoop: Origami measuring spoon incites fury after 9 years of Kickstarter delay hell Read More »

Couple allegedly tricked AI investors into funding wedding, houses

ai startup, Artificial Intelligence, chatbot, fraud, gameon, Identity theft, nfl, on platform, Policy / Mike M. / January 24, 2025

To further the alleged scheme, he “often described non-existent revenue, inflated cash balances,” and “otherwise exaggerated customer relationships,” the US Attorney’s Office said, to convince investors to spend millions. As Beckman’s accomplice, Lau allegedly manipulated documents, including documents allegedly stolen from the venture capital firm that employed her while supposedly hiding her work for GameOn.

The scheme apparently also included forging audits and bank statements, as well as using “the names of at least seven real people—including fake emails and signatures—without their permission to distribute false and fraudulent GameOn financial and business information and documents with the intent to defraud GameOn and its investors,” the US Attorney’s Office said.

At perhaps the furthest extreme, Lau allegedly falsified account statements, including once faking a balance of over $13 million when that account only had $25 in it. The FBI found that GameOn’s revenues never exceeded $1 million in any year, while Beckman allegedly inflated sales to investors, including claiming that sales in one quarter in 2023 got as high as $72 million.

Beckman and Lau allegedly went to great lengths to hide the scheme while diverting investor funds to their personal accounts. While GameOn employees allegedly sometimes went without paychecks, Beckman and Lau allegedly stole funds to buy expensive San Francisco real estate and pay for their wedding in 2023. If convicted, they may be forced to forfeit a $4.2 million house, a Tesla Model X, and other real estate and property purchased with their allegedly ill-gotten gains, the indictment said.

It took about five years for the cracks to begin to show in Beckman’s scheme. Beginning in 2023, Beckman increasingly started facing “questions about specific customers and specific revenue from those customers,” the indictment said. By February 2024, Beckman at last “acknowledged to at least one GameOn consultant” that a flagged audit report “did not contain accurate financial information,” but allegedly, he “attempted to shift blame to others for the inaccuracies.”

Couple allegedly tricked AI investors into funding wedding, houses Read More »

In IT? Need cash? Cybersecurity whistleblowers are earning big payouts.

False Claims Act, fraud, Policy, whistleblowers / Shannon Garcia / December 16, 2024

Matthew Decker is the former chief information officer for Penn State University’s Applied Research Laboratory. As of October, he’s also $250,000 richer.

In his Penn State position, Decker was well placed to see that the university was not implementing all of the cybersecurity controls that were required by its various contracts with NASA and the Department of Defense (DoD). It did not, for instance, use an external cloud services provider that met the DoD’s security guidelines, and it fudged some of the self-submitted “scores” it made to the government about Penn State’s IT security.

So Decker sued the school under the False Claims Act, which lets private individuals bring cases against organizations on behalf of the government if they come across evidence of wrongdoing related to government contracts. In many of these cases, the government later “intervenes” to assist with the case (as it did here), but whether it does so or not, whistleblowers stand to collect a percentage of any fines if they win.

In October, Penn State agreed to a $1.25 million settlement with the government; Decker got $250,000 of the money.

On the regular

This now happens in IT with some regularity. In November, Dell, Dell Federal Systems, and Iron Bow Technologies settled with the government for $4.3 million over claims that they “violated the False Claims Act by submitting and causing the submission of non-competitive bids to the Army and thereby overcharging the Army under the Army Desktop and Mobile Computing 3 (ADMC-3) contract.”

But once again, this wasn’t something the government uncovered on its own; a whistleblower named Brent Lillard, who was an executive at another company in the industry, brought the initial complaint. For his work, Lillard just made $345,000.

In early December, Gen Digital (formerly Symantec) paid a much larger fee—$55.1 million—after losing a trial in 2022. Gen Digital/Symantec was found liable for charging the government higher prices than it charged to companies.

Once again, the issue was brought to light by a whistleblower, Lori Morsell, who oversaw the contract for Gen Digital/Symantec. Morsell’s award has not yet been determined by the court, but given the amount of the payout, it should be substantial.

False Claims Act goes digital

Due to the complexity of investigating—or even finding out about—technical failures and False Claims Act cases from the outside of an organization, the government has increasingly relied on whistleblowers to kick-start these sorts of IT cases.

In IT? Need cash? Cybersecurity whistleblowers are earning big payouts. Read More »

Man sick of crashes sues Intel for allegedly hiding CPU defects

CPU, desktop processors, fraud, intel, Policy, unfair trade / Mike M. / November 7, 2024

“Had Intel disclosed the defect, including through advertising, press releases, the Product packaging, or the initial setup process, Plaintiff and class members would not have purchased a Product, or would have paid substantially less for it,” Vanvalkenburgh’s complaint said.

According to Tom’s Hardware, “Intel’s 13th Generation Raptor Lake processors have a return rate four times higher than that of the previous generation,” and “14th Generation Raptor Lake Refresh chips also have return rates thrice as high as the 12th Generation Alder Lake processors.” But instead of alerting the public to the defects, Vanvalkenburgh’s complaint alleged, Intel continued touting the processors as providing the ultimate desktop experience for serious gamers and people with “the most demanding of multitasking workloads” seeking speed, efficiency, and reliability.

Vanvalkenburgh alleged that Intel misled customers because Intel wanted to protect its brand and seek unjust enrichment. According to his complaint, Intel knows “consumers are willing to pay more for a reliable processor that runs stably, without failing or crashing frequently.” By failing to alert customers to known defects, Intel’s alleged deceptions increased demand for its CPUs, spiking sales into the millions, while its customers paid hundreds for processors and allegedly “sustained an economic injury.”

“Reasonable consumers do not expect that the Products will crash and fail at high rates, or that running the Products will damage the Products themselves,” Vanvalkenburgh’s complaint said, noting that a patch Intel later provided failed to fix the issue.

Vanvalkenburgh is hoping a jury will agree that Intel deceived customers and order an injunction preventing any future misconduct like misleading advertising or failure to disclose defective products.

If the class action is certified, Intel could owe extensive damages, potentially paying hundreds of millions in a loss. Because Vanvalkenburgh alleged that “Intel’s fraudulent concealment was malicious, oppressive, deliberate, intended to defraud” him, he’s seeking “an assessment of punitive damages in an amount sufficient to deter such conduct.” That’s on top of requests for maximum statutory damages for allegedly unfair and deceptive practices and disgorgement for alleged unjust enrichment.

Man sick of crashes sues Intel for allegedly hiding CPU defects Read More »

“Havard”-trained spa owner injected clients with bogus Botox, prosecutors say

botox, counterfeit, fda, fraud, health, Science, skin fillers, spa / Shannon Garcia / November 5, 2024

Mounting evidence

Multiple clients and employees told investigators that Fadanelli also said she is a registered nurse, which is false. Though she is a registered aesthetician, aestheticians are not permitted to administer injections or prescription drugs.

Investigators set up an undercover operation where an agent went in for a consultation, and Fadanelli provided a quote for a $450 Botox treatment. Investigators also obtained videos and images of Fadanelli performing injections. And the evidence points to those injections being counterfeit, prosecutors allege. Sales records from the spa indicate that Fadanelli performed 1,631 “Botox” injections, 95 “Sculptra” injections, and 990 injections of unspecified “filler,” all totaling over $933,000. But sales records from the manufacturers of the brand name drugs failed to turn up any record of Fadanelli or anyone else from her spa ever purchasing legitimate versions of the drugs.

Despite the mounting evidence against her, Fadanelli reportedly stuck to her story, denying that she ever told anyone she was a nurse and denying ever administering any injections. “When agents asked Fadanelli if she would like to retract or modify that claim if she knew there was evidence showing that she was in fact administering such products, she reiterated that she does not administer injections.”

Ars has reached to Fadanelli’s spa for comment and will update this story if we get a response. According to the affidavit, clients who received the allegedly bogus injections complained of bumps, tingling, and poor appearances, but no infections or other adverse health outcomes.

In a press release announcing her arrest, Acting United States Attorney for Massachusetts Joshua Levy said: “For years, Ms. Fadanelli allegedly put unsuspecting patients at risk by representing herself to be a nurse and then administering thousands of illegal, counterfeit injections. … The type of deception alleged here is illegal, reckless, and potentially life-threatening.”

For a charge of illegal importation, Fadanelli faces up to 20 years in prison and a $250,000 fine. For each of two charges of knowingly selling or dispensing a counterfeit drug or counterfeit device, she faces up to 10 years in prison and a fine of $250,000.

“Havard”-trained spa owner injected clients with bogus Botox, prosecutors say Read More »

Spotify criticized for letting fake albums appear on real artist pages

fraud, Policy, Spotify, streaming fraud, Streaming Music / Shannon Garcia / October 15, 2024

Will the real Spotify artist please stand up?

Real bands struggle to remove fake albums from their Spotify pages.

Psych rock band Gong found out about a fake album on their Spotify page while on tour. Credit: via Gong

This fall, thousands of fake albums were added to Spotify, with some appearing on real artist pages, where they’re positioned to lure unsuspecting listeners into streaming by posing as new releases from favorite bands.

An Ars reader flagged the issue after finding a fake album on the Spotify page of an UK psych rock band called Gong. The Gong fan knew that the band had begun touring again after a surprise new release last year, but the “latest release” listed by Spotify wasn’t that album. Instead, at the top of Gong’s page was a fake self-titled album supposedly released in 2024.

The real fan detected the fake instantly, and not just because the generic electronic music sounded nothing like Gong’s experimental sounds. The album’s cover also gave the scheme away, using a generic font and neon stock image that invoked none of the trippy imagery that characterized Gong’s typical album covers.

Ars confirmed with Gong member Dave Sturt that the self-titled item was an obvious fake on Monday. At that time, Sturt said the band was working to get the junk album removed from its page, but as of Tuesday morning, that album remained online, along with hundreds of other albums uploaded by a fake label that former Spotify data “alchemist” Glenn McDonald flagged in a social media post that Spotify seemingly ignored.

Hey @Spotify, you got thousands of junk albums with real artist names from “Ancient Lake Records”, “Beat Street Music” and “Gupta Music” today.

— glenn mcdonald (@glenn_mcdonald) October 11, 2024

On his site, McDonald gathered the junk album data by label, noting that Beat Street Music, which has no web presence but released the fake Gong album, uploaded 240 junk albums on Friday alone. Similarly, Ancient Lake Records uploaded 471 albums on Friday. And Gupta Music added 483 just a few days prior, along with 600 junk albums from Future Jazz Records uploaded between September 30 and October 8.

These junk albums don’t appear to be specifically targeting popular artists, McDonald told Ars. Rather, generic music is uploaded under a wide range of one-word artist names. However, by using that tactic, some of these fake albums appeared on real artist pages, such as Gong, experimental rock band Swans, and English rock bands Asia and Yes. And that oversight is on Spotify, McDonald suggested.

“Given the scale of output and the randomness of the names, my guess is that the owners of this stuff might not even have intended it to end up on existing artist profiles,” McDonald told Ars. “If they just submitted stuff with artist names, not IDs, then it’s the streaming service’s problem to match those names to profiles, and thus the streaming service’s fault for not figuring out that these are not by the real Yes, Asia, Gong, Swans, etc.”

McDonald told Ars that “the labels should have been a pretty obvious clue in this case” that the album uploads weren’t genuine releases.

“If I still worked there, I would also have immediately scoured the input databases for more releases with the same patterns,” McDonald told Ars. “The stuff I found from those few labels might be only a tiny fraction of the crap.”

A spokesperson told Ars that Spotify is investigating the junk albums that McDonald flagged. It may take time for all albums to be removed from artists’ pages.

“We are aware of the issue, have relocated the content in question, and are considering our further options against the providing licensor,” Spotify’s spokesperson said. “When we identify or are alerted to attempts by bad actors to game the system, we take action that may include removing stream counts and withholding royalties. Spotify invests heavily in automated and manual reviews to prevent, detect, and mitigate the impact of bad actors attempting to collect unearned royalties.”

Spotify seems to turn blind eye to fake albums

McDonald helped Spotify crunch streaming data for a decade before leaving the company in March. He documented his experience in his 2024 book You Have Not Yet Heard Your Favourite Song, which discusses how Spotify deals with streaming fraud.

According to McDonald, “streaming music fraud is not, to be brutally honest, the most glamorous or profitable form of villainy” because “streaming rewards accumulate in tiny micro-transactions.” The only way to get rich is to scale the shady streaming by becoming a business—it seems possible due to similarities in thousands of fake album designs that all the labels McDonald flagged could be under one licensor—but even then, “the larger the scale, the easier it is to detect,” McDonald suggested.

“Abuse at any productive scale almost always ends up revealing itself to somebody,” McDonald wrote, noting that “if the money can find you, so can consequences.”

McDonald told Ars that when he worked at Spotify, he “maintained some dashboards to watch for this sort of thing before the releases went live.” But with so much fraud seemingly going undetected now, McDonald guesses that maybe Spotify “didn’t keep those tools running” after he left.

In his book, McDonald noted that this kind of fraud impacting real artists is often detected by fans, like the Gong fan who reached out to Ars. On Reddit, a fan of dubstep artist Cyclops and soul band Maze criticized Spotify for doing nothing about the same batch of fraudulent uploads that McDonald flagged, despite multiple fan reports.

“If dubious junk shows up on real artist pages, people notice,” McDonald wrote.

In his book, McDonald suggested that the odds of profiting from music streaming fraud have seemingly gotten worse because of authorities cracking down on bad actors and streaming services strengthening fraud prevention teams as generative AI makes streaming music fraud easier than ever.

But even with stronger fraud prevention tools, Spotify seemingly does not immediately respond even when junk albums are flagged directly by artists with tens of thousands of monthly listeners, like Gong. And Spotify also does not seem to bother to trace reported fakes the way McDonald might have to rapidly detect even broader patterns of abuse impacting bands with millions of monthly listeners like Yes or Asia.

Spotify currently seems much quicker to act to detect fake listeners—at times removing music by artists who later prove they committed no fraud, Variety reported in April. To deter that threat, the streaming music service recently started charging “distributors $10 for every track that it has detected accruing significant numbers of artificial streams,” Variety reported. Perhaps eventually, Spotify will crack down just as hard on fake albums.

For now, artists can use a form to report when their music is “mixed up with another artist,” a Spotify support page says.

But there’s no obvious way to flag fake albums on the platform. Sturt told Ars that Gong became aware of the issue on their Spotify page in the middle of a US tour, thanks to “wonderful fans.” He said that Spotify should make it easier for bands to report bogus albums, telling Ars, “it’s hard enough in this industry to get our music heard without Spotify allowing this sort of thing to happen.” As Gong prepares for a new release in 2025, the band recommended that fans consult its site for official information rather than trusting Spotify.

Ashley is a senior policy reporter for Ars Technica, dedicated to tracking social impacts of emerging policies and new technologies. She is a Chicago-based journalist with 20 years of experience.

Spotify criticized for letting fake albums appear on real artist pages Read More »

Lab owner pleads guilty to faking COVID test results during pandemic

COVID-19, fraud, health, labelite, pandemic, Science, Testing / DJ Henderson / October 1, 2024

Justice —

Ill-gotten millions bought a Bentley, Lamborghini, Tesla X, and crypto, among other things.

Beth Mole – Oct 1, 2024 9: 13 pm UTC

Enlarge / Residents line up for COVID-19 testing on November 30, 2020 in Chicago.

The co-owner of a Chicago-based lab has pleaded guilty for his role in a COVID testing scam that raked in millions—which he used to buy stocks, cryptocurrency, and several luxury cars while still squirreling away over $6 million in his personal bank account.

Zishan Alvi, 45, of Inverness, Illinois, co-owned LabElite, which federal prosecutors say billed the federal government for COVID-19 tests that were either never performed or were performed with purposefully inadequate components to render them futile. Customers who sought testing from LabElite—sometimes for clearance to travel or have contact with vulnerable people—received either no results or results indicating they were negative for the deadly virus.

The scam, which ran from around February 2021 to about February 2022, made over $83 million total in fraudulent payments from the federal government’s Health Resources and Services Administration (HRSA), which covered the cost of COVID-19 testing for people without insurance during the height of the pandemic. Local media coverage indicated that people who sought testing at LabElite were discouraged from providing health insurance information.

In February 2022, the FBI raided LabElite’s Chicago testing site amid a crackdown on several large-scale fraudulent COVID testing schemes. In March 2023, Alvi was indicted by a federal grand jury on 10 counts of wire fraud and one count of theft of government funds. The indictment sought forfeiture of his ill-gotten riches, which were listed in the indictment.

The list included five vehicles: a 2021 Mercedes-Benz, a 2021 Land Rover Range Rover HSE, a 2021 Lamborghini Urus, A 2021 Bentley, and a 2022 Tesla X. There was also about $810,000 in an E*Trade account, approximately $500,000 in a Fidelity Investments account, and $245,814 in a Coinbase account. Last, there was $6,825,089 in Alvi’s personal bank account.

On Monday, the Department of Justice announced a deal in which Alvi pleaded guilty to one count of wire fraud, taking responsibility for $14 million worth of fraudulent HRSA claims. He now faces up to 20 years in prison and will be sentenced on February 7, 2025.

Lab owner pleads guilty to faking COVID test results during pandemic Read More »