AI Spy

Hosted by Anurag Mohapatra

TechnologyInterviews guests

Website RSS feed YouTube

Episodes

Latest episode

Jun 2026

Language

About the show

Join us in the world of financial crime prevention, where we delve into the powerful synergy of Artificial Intelligence and cutting-edge technology. This podcast brings expert insights, no-nonsense discussions, and deep dives into topics like Anti-Money Laundering, Payments Fraud, and more. Hosted casually and informatively, we invite A-listers from the industry to share their experience and learnings.

Listen to episodes

34 recent

June 9, 2026Episode 330 min

Vulnerability Management in the Age of AI

The security community has been sounding alarms about AI infrastructure for two years. BadHost, a critical authentication bypass discovered in May 2026 inside one of the most widely used Python frameworks on the internet, is what that alarm sounds like when it goes off. Dan Fernandez returns to AI Spy to talk about what actually happened, why the official severity rating understates the real risk, and what the broader pattern of 40-plus CVEs against MCP implementations in 2026 alone tells us about how AI infrastructure is being built. This is not a technical deep-dive. It is a practitioner briefing on the vulnerability surface that every organization deploying agentic AI is now sitting on, whether they know it or not. Show NotesDan Fernandez, cybersecurity practitioner and returning AI Spy guest.Dan has spent his career at the intersection of threat intelligence and enterprise security infrastructure. He returns to AI Spy for his second appearance having previously covered AI as an attack tool. This time the conversation flips: AI infrastructure itself is the attack surface.In this episode:Vulnerability management 101 and what fundamentally changed once AI became load-bearing infrastructure inside organisations, not just a layer on top of themWhy BadHost (CVE-2026-48710), a flaw in the Starlette Python framework used by Netflix, Uber, Microsoft and hundreds of thousands of other projects, carries a severity rating that most practitioners consider a polite fictionHow MCP servers aggregate credentials across every service an AI agent is connected to, and why that makes a single compromised server a portfolio-level exposure eventClaude Mythos found over 10,000 vulnerabilities through Project Glasswing and missed this one. What that tells us about where AI-assisted security tooling is strong and where it has genuine blind spots40-plus CVEs against MCP implementations in 2026 alone. Whether BadHost is an outlier or a pattern in how the AI infrastructure layer is being builtWhat a defensible enterprise posture actually looks like for organisations deploying AI agents, AI-generated code, and MCP-connected systems right nowLinks and References: BadHost - CVE-2026-48710 Starlette Host-Header Auth BypassDisclosing the BADHOST Vulnerability in Starlette – OSTIF.orgDan Fernández | LinkedIn

April 6, 2026Episode 231 min

The Other End of the Wire

Most of us in fraud prevention have never spoken to someone who has been inside a scam compound. Ling Li has. A Research Fellow at the University of Melbourne with a decade in law enforcement experience and field roles across the ICRC, UNHCR, and the University of Liverpool's Modern Slavery Research Centre, Ling co-authored SCAM: Inside Southeast Asia's Cybercrime Compounds — one of the most rigorous accounts of how these operations actually work. In this conversation, she traces the 30-year lineage of the industry from Taiwan to Fujian to militarized compounds across Cambodia and Myanmar, unpacks the victim-offender overlap that makes conventional law enforcement responses inadequate, and explains how AI has expanded the operational reach of these networks in three specific ways. She also raises an alarm that the current crackdown is generating a new crisis: thousands of survivors stranded without shelter or repatriation support, being recycled back into the same compounds. Fraud is a human problem. This episode is the evidence.In this episode:How Ling discovered the scam compound world in Cambodia in 2022 while researching bride trafficking — and why almost no international organisations were responding to Chinese victims at that timeThe 30-year arc from 1990s Taiwan phone fraud to Fujian scam towns to today's militarised, multi-continental operations — and why every crackdown relocates rather than eliminates the industryThe victim-offender overlap: four archetypes from pure criminal to fully coerced victim, why the majority fall in between, and what a proportionate law enforcement response looks likeHow AI has changed the operations: real-time multilingual translation, face-swapping that defeats video verification, and automated phishing site regeneration that outruns detectionThe post-crackdown crisis: thousands of survivors sleeping on streets across Southeast Asia, no food, no shelter, no repatriation — and being approached by traffickers offering the cycle againLinks:Ling Li on LinkedIn — LING LI | LinkedInSCAM: Inside Southeast Asia's Cybercrime Compounds, Verso Books — Amazon.com: Scam: Inside Southeast Asia's Cybercrime Compounds: 9781804296905: Franceschini, Ivan, Li, Ling, Bo, Mark: Books

February 11, 2026Episode 123 min

Forensic Cyberpsychology: How AI is changing crime and human behavior

AI is changing more than workflows—it’s changing how we communicate, what we trust, and how criminals manipulate people. In this episode, I’m joined by James McDowell, Executive Director of the Cyber Crime Research Institute (CCRI) and an adjunct professor at American Military University, to unpack forensic cyber psychology: how human behavior shifts online, how “truth” gets distorted (deepfakes, social media personas), and why scam victimization is often about cognitive states and social engineering, not intelligence.We talk through the Eliza Effect (why people humanize chatbots), automation bias (over-trusting systems), and the duality of technology—how the same tools that increase efficiency can also amplify fraud and exploitation. We also dig into revictimization: how shame, underreporting, and social withdrawal can create a cycle that fraudsters intentionally “reload.”References: LinkedIn Profile - James McDowell, PhD | LinkedInAmazon Link - Mind behind the screen - https://a.co/d/09Y9lYVcCRI - Cybercrime Research Institute

December 19, 2025Episode 833 min

Investigating Modern Fraud: A Law Enforcement Perspective

What does financial crime really look like from the law enforcement side?In this episode, Victoria Frosch Bowes joins us to share a frontline view of modern fraud investigations — from her time as a Detective Constable working complex fraud cases, to her current role in securities enforcement.We discuss how Victoria found her way into financial crime, what makes fraud cases uniquely challenging for law enforcement, and why collaboration between police, banks, and technology providers often breaks down in practice.The conversation covers:Why financial crime investigations are more complex than many people realizeLessons from real-world fraud cases, including SIM-swap enabled schemesThe practical challenges law enforcement faces when data, timing, or context is missingWhat banks and technology vendors could do differently to support investigationsHow AI, automation, and crypto are changing fraud — for criminals and investigators alikeWhy fraud prevention can’t stop at detection aloneThis episode is a must-listen for anyone working in fraud, compliance, payments, or financial crime prevention — especially those building systems meant to support investigations downstream.Audio Credit:Music from ⁠⁠⁠⁠#Uppbeat⁠⁠⁠⁠ (free for Creators!)https://uppbeat.io/t/all-good-folks/w...License code: CWFYBYTSKHIO0WBU

December 11, 2025Episode 722 min

The Psychology of Scams

In this episode, Anurag sits down with Whistine Chai to explore the human side of scams. Whistine brings more than 17 years of experience in clinical, forensic, and industrial-organizational psychology, along with extensive field work in Singapore focused on understanding victims and offenders. Her work blends behavioral science and practical investigation, giving her a unique lens on how scams actually unfold in real life.The conversation begins with her path into forensic and behavioral psychology and the early lessons she learned while working on scam cases in Singapore. She shares how rotations and field work shaped her perspective and why being on the ground provides insights that lab research often misses.They speak at length about the behavioral and psychological markers seen in scam victims. Some traits stay stable across time. Others appear only when someone is placed under stress, fatigue, or emotional pressure. Whistine breaks down these drivers in a simple and relatable way.The episode also examines how behavioral insights can be translated into analytics, fraud controls, and early intervention strategies. This is an area both she and Anurag are deeply invested in. The discussion covers what can be operationalized today and what still belongs in the research domain.Finally, Whistine talks about her book, the motivation behind it, and the process of bringing those ideas together for a wider audience.It is a thoughtful conversation that brings psychology, fraud operations, and human insight into one place.A great listen for anyone working in fraud prevention, investigations, cybersecurity, or behavioral science.

November 14, 2025Episode 637 min

The Famous Fraud Guy

In this episode of AI SPY, Anurag sits down with the ever-busy Andrew Austin, a fraud prevention expert whose insights are shaped by years of experience tackling financial crime across institutions.The conversation kicks off with Andrew’s origin story—how he got into the fraud space and why curiosity is a career superpower. From there, they dive deep into:Why AI is both an advantage and a challenge in the fight against fraudHow scammers are adapting faster than ever—sometimes faster than tech teamsLessons learned from real-world investigationsHow fraudsters think, and why threat modeling must evolveAdvice for fraud fighters building detection strategiesWhy signal interpretation (not just signal collection) is the real gameThe episode wraps with a rapid fire round where Andrew shares what he’s reading, tools he’s obsessed with, and a few unfiltered opinions on buzzwords and the future of AI in compliance.Audio Credit: Music from ⁠⁠⁠⁠#Uppbeat⁠⁠⁠⁠ (free for Creators!): ⁠⁠⁠⁠⁠⁠⁠https://uppbeat.io/t/all-good-folks/w...⁠⁠⁠⁠License code: CWFYBYTSKHIO0WBU

September 11, 2025Episode 526 min

The Saturday Fraud Strategist

Founder, CTO, fraud strategist and newsletter author Chen Zamir joins AI SPY to share stories and playbooks that make fraud prevention both practical and approachable. We start with his early experiences in fraud prevention, working at a startup and the surreal experience of identity theft on a dating app. During the discussion we highlight the gaps in trust & safety and how collaboration with fraud teams can reduce risk. Then we dive into highlights from his newsletter: how layered controls combine rules, AI, and human review. We close with Chen’s radar on 2025 fraud trends and a rapid-fire segment where memes meet models.Chen's Newsletter - Newsletter Signup LI — Native[risk]Chen's LinkedIn Profile - Chen Zamir | LinkedInAudio Credit: Music from #Uppbeat (free for Creators!): https://uppbeat.io/t/all-good-folks/w...License code: CWFYBYTSKHIO0WBU

August 15, 202517 min

Breach Resilience: Your voice isn't yours

Voice authentication was once celebrated as the future of secure and frictionless banking. By 2023, nearly 1.9 billion people worldwide were enrolled in voice biometric systems, and banks like HSBC were touting hundreds of millions in fraud losses prevented. But advances in AI-driven deepfakes are eroding that trust fast — North America alone saw a 1,740% spike in deepfake fraud in 2023.In this episode, Anurag Mohapatra speaks with Anis Ahmed, security leader and author of BankInfoSecurity’s “Financial Enterprises Must Shift to Breach Resilience.” Together, they explore why banks were already aware of voice authentication’s vulnerabilities before recent high-profile warnings, how deepfakes are changing the fraud landscape, and why the industry must shift from breach prevention to breach resilience.The conversation covers:The rapid rise of voice authentication in financial services and why it appealed to both customers and banks.Real-world examples of AI-powered voice fraud, from high-value corporate scams to consumer-level attacks.The difference between prevention and resilience, and why “assume breach” is the right mindset.The path forward: layered authentication, AI-based detection, and cryptographic transaction signing.Whether you’re a CISO, fraud prevention leader, or banking executive, this episode will help you rethink authentication strategies in an age where your voice is no longer proof of who you are.Why Financial Enterprises Must Shift to Breach ResilienceAudio Credit:Music from #Uppbeat (free for Creators!): ...License code: CWFYBYTSKHIO0WBU

June 29, 2025Episode 326 min

Chasing Shadows: Inside Scam Psychology with Alex Somervell

When it comes to scam prevention, few founders have a story as personal—and painful—as Alex Somervell. In this episode, we hear how the CEO and co-founder of AskSilver turned a deeply personal experience into a mission: to help banks detect scams through empathy, human understanding, and smarter tech.Alex shares the moment that changed everything—when his father was scammed out of most of his life savings. It wasn’t just a fraud case; it was a wake-up call. From navigating police reports to renegotiating rent, Alex lived through the fallout of a scam firsthand. And it showed him how disconnected many detection systems were from the real experiences of victims.With a background in consumer products and a co-founder he’s worked with since school, Alex set out to build something different. AskSilver is now live with Metro Bank in the UK, analyzing behavior in ways that go beyond rules and scripts.This episode unpacks that journey: from startup pivots to product validation, and what it really takes to innovate in a space where empathy is as critical as AI.Audio Credit:Music from #Uppbeat (free for Creators!): https://uppbeat.io/t/all-good-folks/w...License code: CWFYBYTSKHIO0WBU

March 14, 2025Episode 222 min

OSINT and Financial Crime

In this episode of AI SPY, we sit down with Zara Perumal, CTO and co-founder of Overwatch.io, to explore the evolving landscape of open-source intelligence (OSINT) and dark web monitoring in fighting fraud and financial crime.Zara shares her journey from MIT to Google's Threat Analysis Group and how she co-founded Overwatch to address critical gaps in OSINT tools. We dive deep into how criminals are innovating — from Telegram fraud marketplaces to Fraud-as-a-Service, and how AI can help financial institutions proactively defend against emerging threats.In this episode, we cover:Why Telegram and other platforms are hotbeds for fraud.How criminals expose their methods and tactics while marketing.The role of AI in scaling OSINT and dark web intelligence.The challenges and rewards of founding a cybersecurity startup.How financial institutions can leverage OSINT for proactive fraud prevention.Trends in AI-driven fraud, social engineering, and identity theft.🎧 A must-listen for anyone working in fraud, AML, cybersecurity, or tech.Audio Credit:Music from ⁠⁠⁠⁠#Uppbeat⁠⁠⁠⁠ (free for Creators!): ⁠⁠⁠⁠⁠⁠⁠https://uppbeat.io/t/all-good-folks/w...⁠⁠⁠⁠License code: CWFYBYTSKHIO0WBU