57: The Bitcoin Heist

Spies, Lies & Cybercrime by Eric O'Neill

Author

Eric ONeill
October 21, 2025

In partnership with

Title Story: An elderly man’s trust is weaponized in “The Crypto ATM Con,” where fear, authority, and a glowing orange machine turn a savings account into digital smoke.

Cybersecurity Breach of the Week: Chinese crime syndicates are behind the flood of fake toll and USPS texts, stealing over a billion dollars by turning your credit card data into iPhones, gift cards, and global profit.

Cybersecurity Tip of the Week: How to spot and stop “toll trolls” — simple steps to block scam texts, secure your cards, and keep your money out of criminal hands.

Appearance of the Week: I joined CNN last week to discuss deepfakes, online scams and how to keep yourself safe online

AI Trend Of the Week: AI brings an iconic hacker to life to provide a PSA about trust and deception.

Spies, Lies, and Cybercrime

Love the Newsletter? Get the bestselling book!

Thanks to all of you, my book, Spies, Lies, and Cybercrime, is an instant national bestseller and an Amazon #1 Bestseller.

  1. f you haven’t already, please buy SPIES, LIES, AND CYBERCRIME. If you already have, thank you, and please consider gifting some to friends and colleagues. It makes a perfect holiday gift for anyone you want to protect from cyber scams.

  2. Leave a 5-star review on Amazon. Reviews are the secret weapon that triggers Amazon’s algorithm to share the book with thousands of new readers who might not otherwise find it — and might otherwise fall prey to an attack.

  3. Please share! Forward this email to your friends and family. Here's an easy-to-post cover graphic, here's a Linkedin post, here's an IG reel and a post.

  4. Want a SIGNED COPY? Get one here.

Now back to our regularly scheduled NEWSLETTER!

—Eric

Title Story

Scamtoberfest Vol. 2: The Bitcoin Heist

Jeremy was eighty-one years old and proud of his independence. He balanced his own checkbook, paid his bills at the kitchen table, and visited the same neighborhood bank every Friday. He’d never fallen for a scam—not once.

One morning his phone rang.

“Mr. Whitmore, this is Daniel Foster from your bank’s fraud department,” said the calm, professional voice on the line. “We’ve detected suspicious activity in your account — possible money laundering tied to drug smuggling.”

Jeremy’s heart kicked hard in his chest. “That can’t be right,” he said.

“I believe you, sir,” the man replied. “You’re not under investigation. But your account is. If we don’t act immediately, federal authorities could freeze your funds. I’m going to help you move your money to a secure government wallet while we clear your name. You just have to follow my instructions.”

It sounded official, urgent, and safe.

The man told Jeremy to go straight to his bank and withdraw his entire savings account, all $18,000. “Don’t mention this call to anyone,” he said. “The branch itself could be compromised. If a teller asks questions, say you’re paying for home renovations.”

Jeremy complied. Fear does that.

He kept the “specialist” on speakerphone the entire time—in the car, in the teller line, all the way back home. When he returned, the man asked him to take a photo of the cash and text it to a number for “verification.”

Jeremy did. Within seconds, the man texted back: “Perfect. Now let’s secure those funds. There’s a Bitcoin ATM inside the QuickMart on Route 7. Drive there now. I’ll stay on the line and guide you.”

The voice never wavered. It was calm. Authoritative. Reassuring.

As Jeremy drove, the man explained that traditional wire transfers were unsafe—that hackers could intercept them. Only cryptocurrency, he said, could guarantee protection.

At the QuickMart, Jeremy found the glowing orange kiosk just where the man said it would be. The “specialist” texted him a QR code and told him to scan it. Jeremy followed each instruction exactly: insert the cash, one stack at a time; scan the code; confirm the amount.

The machine beeped. Transaction Complete.

“Excellent,” the man said. “Your funds are now secure. Stay by your phone for confirmation.”

Then the line went dead.

Jeremy waited an hour. Then two. He called back. The number was disconnected.

He finally phoned his real bank. After a long pause, the woman in the fraud department said gently, “Mr. Whitmore, we don’t have anyone named Daniel Foster. And we would never ask you to use a Bitcoin ATM.”

Jeremy didn’t respond. He didn’t have to. He already knew.

He hadn’t secured his money. He’d handed it away. Every dollar.

The Anatomy of a Modern Scam

Jeremy’s story follows the same pattern that’s sweeping the country:

  • Create urgency and fear. Scammers claim a bank account is linked to criminal activity or under investigation.

  • Control the conversation. They keep victims on the line, feeding instructions and isolating them from anyone who might intervene.

  • Direct to a crypto ATM. The victim withdraws cash, drives to a convenience store or gas station, and deposits it into a machine.

  • Scan the scammer’s QR code. The funds go directly to an anonymous digital wallet where they are gone forever.

In 2024 alone, the FBI received nearly 11,000 complaints involving crypto ATMs, totaling over $246 million in losses. The FTC reports another $65 million lost in just the first half of the year. Most of it lost by older Americans like Jeremy.

How to Avoid the Crypto ATM Trap

  1. No legitimate authority will ask for payment in crypto. If anyone claims to be from your bank, the IRS, or law enforcement and directs you to a Bitcoin ATM, hang up immediately.

  2. Don’t act under pressure. Scammers use fear to make you move fast. Real financial institutions don’t threaten arrest or frozen accounts over the phone.

  3. Confirm the caller. Hang up and call your bank or agency directly using a known, official number. Not one texted or provided during the call.

  4. Don’t scan QR codes from strangers. That “secure wallet” address belongs to the thief.

  5. Report it immediately. If you or someone you know falls victim, file a complaint at IC3.gov (FBI) or ReportFraud.FTC.gov. In some states, like Iowa, you may be entitled to a refund from the ATM operator if you act quickly.

Cybersecurity Breach of the Week

Those Toll Texts Aren’t What They Seem

We’ve all gotten them—the “past-due toll,” “USPS delivery fee,” or “unpaid ticket” texts that pop up like digital gnats. Turns out, they’re not random spam but part of a billion-dollar criminal enterprise run out of China.

Over the past three years, investigators say these scams have siphoned off more than $1 billion by tricking victims into handing over their credit card details. The stolen data is loaded into mobile wallets in Asia, bypassing multi-factor authentication, and then shared with gig workers in the U.S. who buy iPhones, luxury goods, and gift cards. Those goods get shipped to China and resold—laundered clean, one fraudulent purchase at a time.

SIM Farm. Source: Wired Magazine

Behind the flood of fake toll messages are “SIM farms,” warehouses stacked with thousands of SIM cards that can send millions of texts a day. DHS investigators have found these setups across U.S. cities, operated remotely but built locally by gig workers recruited over apps like WeChat. It’s an industrial-scale cyber hustle powered by social engineering and clever tech manipulation—one that shows how a simple text can be the front line of global organized cybercrime.

Cybersecurity Tip of the Week

Don’t Pay the Toll Trolls

  1. Never click payment links in texts or emails. If you think you owe a toll, open the agency’s official website or app directly.

  2. Ignore the “urgency.” Real agencies don’t threaten account suspension over text. Scammers count on panic to override common sense.

  3. Lock down your cards. Use banks that offer virtual or single-use card numbers, and enable alerts for every purchase.

  4. Protect your digital wallet. If a site ever asks for a one-time password (OTP) outside your bank’s app, stop—that’s a theft in progress.

  5. Report and delete. Forward scam texts to 7726 (SPAM) to help carriers block future campaigns.

Are you beginning to see the trends with Scamtoberfest scams? Attackers are using traditional espionage tactics of deception, impersonation and pushing victims into pressure situations that short circuit rational thought. The number one tip I have to avoid these scams is to be aware of them in the first place. Number two? Avoid the pressure situation.

Appearance of the Week

I joined CNN last week to discuss deepfakes, online scams and how to keep yourself safe online. We also discuss how to protect children online from bullying, exploitation and extortion in a connected world.

Spies, Lies, and Cybercrime Gets a Window in Manhattan

I also traveled to New York City last week to sign books at the Barnes & Noble on 5th Avenue in Manhattan. Here are some images from the event, including the window for the book! Cool, right? If you’re in Manhattan, send me pictures of you in front of the window.

Outside the window.

Signing books!

She’s reading about Imposter scams.

Signed by the author 😀 

AI Trend of the Week

A quick word about trust by an AI generated video, made from an AI generated image of a hacker using Sora 2.

The Game is Changing

The internet was supposed to make it easier to build and connect. Somewhere along the way, we lost the plot.

beehiiv is changing that once and for all.

On November 13, they’re unveiling what’s next at their first-ever Winter Release Event. For the people shaping the future of content, community, and media, this is an event you can’t miss.

Praise for Spies, Lies, and Cybercrime!

"O’Neill deftly attests [that] taking proper precautions can limit, if not halt, the damage wrought by unscrupulous cybercriminals. His masterful book serves as an important guide for individuals and companies committed to avoiding an epic misstep." — Booklist

“One breach can sink a business—or a billion-dollar idea.” —Marc Randolph, Co-Founder and First CEO of Netflix

“A chilling and essential wake-up call that reads like a thriller, but every word is terrifyingly real.” –Brad Thor, #1 New York Times bestselling author of Edge of Honor

“An astonishingly up-to-date review of the tools and techniques used by criminal hackers…O’Neill will have you on the edge of your seat.” —Marc Goodman, New York Times bestselling author of Future Crimes

Spies, Lies, and Cybercrime is a must-read that will open your eyes and will change how you think about trust, technology, and the threats we face." --Jenn Donahue, Author: Becoming The Warrior, award-winning Engineer, Keynote Speaker, US Navy Captain (ret), Entrepreneur

Order Spies, Lies, and Cybercrime

I hope you love the book as much as I loved writing it for you! Please leave a review. Great reviews help others find the book.

🎤 Book me to speak at your next event: https://www.bigspeak.com/speakers/eric-oneill

Like What You're Reading?

Don’t miss a newsletter! Subscribe to Spies, Lies & Cybercrime for our top espionage, cybercrime and security stories delivered right to your inbox. Always weekly, never intrusive, totally secure.

Let's make sure my emails land straight in your inbox.

Gmail users: Move this email to your primary inbox

On your phone? Hit the 3 dots at top right corner, click "Move to" then "Primary."

On desktop? Close this email then drag and drop this email into the "Primary" tab near the top left of your screen

Apple mail users: Tap on our email address at the top of this email (next to "From:" on mobile) and click “Add to VIPs”

For everyone else: follow these instructions

Reply

or to participate.