Won't Fix

Rob Leathern

From the founders of InfoHawk: conversations about AI-driven deception, abuse and scams, and why they’re so hard to stop. In software engineering, “won’t fix” describes a bug by acknowledging the issue but intentionally leaving it unsolved because addressing it is too costly, risky, or not worth the trade-offs. Hear from the practitioners fighting phishing, deepfakes and bots, and learn about the broken systems and misaligned incentives that keep us all vulnerable.

Episodes

  1. 5 DAYS AGO

    Won't Fix Episode 4: With Indicator's Craig Silverman

    Craig Silverman is an award-winning journalist who has spent more than 15 years researching and reporting on the manipulation of our information environment. He is currently the co-founder of Indicator, a media outlet dedicated to exposing digital deception and teaching digital investigative and OSINT (open-source intelligence) techniques. Prior to launching Indicator, Craig was a national reporter at ProPublica, where he focused on investigating digital platforms and online manipulation. Before that, he served as the media editor for BuzzFeed News, where he pioneered innovative approaches to exposing digital disinformation and media manipulation. Key Episode Takeaways: The Industrialization of Deception: Digital manipulation has shifted from lone actors into a massive, industry backed by venture capital and brutal supply chains, including Southeast Asian "scam compounds" that merge human trafficking with high-tech fraud.The "Manufactured Organic" Loophole: Brands are now using "clipping" and industrial-scale UGC campaigns to generate billions of views through paid creator networks that mimic authentic posts.An Incentive to Cheat: The current digital economy creates a "race to the bottom" where deceptive or violative content often sees higher engagement and lower costs than honest ads.Ad Revenue Cannibalization: By failing to police undisclosed marketing, social platforms are letting a shadow ad economy thrive that actively drains budgets away from their own official, trackable ad businesses.Deterrence Through Public Examples: Instead of trying to automate everything, platforms could flip the script by making high-profile, public examples of agencies that openly brag about their deceptive tactics on social media. Episode Highlights: 00:00 Introduction and Background of Craig Silverman 01:21 Early Collaboration and Scam Evolution 04:27 Indicator Media's Mission and Approach 08:29 Undisclosed Marketing and UGC Campaigns 13:21 Scale and Enforcement Challenges 20:51 Platform Cannibalization and Business Impact 28:29 AI Labeling Audit Results 34:15 Community-Based Detection and User Skills 39:17 Affiliate Marketing Case Study 46:48 Systemic Incentive Problems 49:13 Conclusion and Resources Links: Craig Silverman Indicator Rob Leathern

    50 min

  2. 24 APR

    Won't Fix Episode 3: With KTLYST Labs' Assaf Kipnis

    Assaf Kipnis spent years hunting financially motivated bad actors on Meta's e-crime team and in Google's Ads Trust & Safety org. He now runs KTLYST Labs, where he's building the threat intelligence tooling he always wished existed inside big platforms. We get into the practical realities of scam fighting — what's actually changed in the AI era, what hasn't, and why so much of the industry's effort gets aimed at the wrong targets. About the guest: Assaf Kipnis is the founder of KTLYST Labs. Previously: Meta e-crime, Google Ads Trust & Safety, ElevenLabs, LinkedIn threat intel. What We Cover: Why AI isn't reinventing scams — it's just adding a more convincing final layer to playbooks that have existed for years.The asymmetry problem: bad actors run conferences, sell each other tools, and share playbooks on Telegram, while defenders can't share findings across teams at the same company.A case study in what actually works — how changing product, policy, and operations together pushed a misinformation-for-profit ring off the platform in a week.Why "accounts taken down" is a near-useless metric, and the "learned futility" it creates inside big trust & safety orgs.The Swiss cheese model of abuse prevention, and why chasing a single silver-bullet solution keeps companies chasing their tail.Where regulation has teeth (banking) and where it's mostly performative (social media), plus the cross-platform gap no one is addressing.How AI is changing investigative work — compressing a week of open-source research into two hours — and why that makes entry-level talent pipelines a real concern. Episode Highlights: 00:00 Intro 01:06 Professional Background and Career Journey ‎ 03:47 AI's Role in Scaling Rather Than Changing Scams ‎ 07:05 Adversary Collaboration vs. Defender Silos ‎ 09:02 The Frame Rate Discovery Example ‎ 10:26 KTLYST Labs and Operationalizing Threat Intelligence ‎ 12:40 AI's Impact on Investigation Work ‎ 15:15 Career Entry Points and AI's Impact on Junior Roles ‎ 20:38 The NextTag Affiliate Program Attack ‎ 23:00 The Misinformation Campaign Investigation ‎ 27:52 The Limitations of Location-Based Solutions ‎ 30:30 The Futility of Single-Solution Thinking ‎ 33:47 The Reality of Platform Defense Goals ‎ 34:50 Government Regulation and Enforcement Challenges ‎ 40:31 The Problem with Takedown Metrics ‎ Links: Assaf Kipnis KTLYST Labs Rob Leathern

    43 min

  3. 17 APR

    Won't Fix Episode 2: With Project Brazen's Tom Wright

    Investigative journalist Tom Wright (Project Brazen) joins Rob Leathern to discuss the staggering rise of Benjamin Mauerberger, a South African money launderer who utilized crypto exchanges and high-level political "state capture"; to fund a billionaire lifestyle of super yachts and private jets while evading an international dragnet. Tom shares more about the dark underbelly of a $200 billion global scam industry where industrial-scale "pig-butchering" complexes in Southeast Asia target citizens around the world. Key Episode Takeaways: The "state capture" playbook enables global fugitives: Large-scale money launderers use their wealth to gain political protection, setting national digital policies and even attending cabinet meetings to integrate criminal proceeds into traditional banking systems.Cryptocurrency serves as a high-speed financial superhighway: Modern fraud has moved beyond traditional banking into crypto "piping," allowing scammers to move value across borders with frictionless speed and scale.A "double victimization" cycle defines the scam industry: The global fraud network relies on a brutal labor model where workers are often human trafficking victims lured by legitimate job offers only to be imprisoned and tortured within scam compounds.Economic impact now rivals Fortune 500 revenues: Estimates suggest the US economy loses approximately $200 billion annually to these scams—a figure that exceeds the annual revenues of automotive giants like GM or Ford.Jurisdictional arbitrage creates a "cat and mouse" regulatory game: Criminal entities constantly shift operations to less regulated territories, such as moving from the Seychelles to the Turks and Caicos, to evade tightening anti-money laundering oversight.Reputational "whitewashing": Questionable financial entities attempt to gain mainstream legitimacy by sponsoring world-class athletes or prestigious events to obscure their underlying involvement in global money laundering networks. Episode Highlights: 00:00 Intro 01:45 The Genesis of Billion Dollar Whale 04:47 Evolution from Traditional Fraud to Crypto-Enabled Scams 08:13 Mauerberger's Rise and Political Connections 10:35 Mauerberger's Flight and Current Status 15:48 The Crypto Money Laundering Operation 24:40 The Human Cost and Complexity of Scam Operations 27:14 Challenges in Reporting and Government Response 32:34 The Broader Implications and Future Outlook Links: Project BrazenBillion Dollar WhaleTom WrightRob Leathern

    42 min

  4. 7 APR

    Won't Fix Episode 1: With tofu's Jason Zoltak

    In this first episode of Won't Fix, Rob Leathern talks to Jason Zoltak. Jason is the founder and CEO of tofu, which is using AI and machine learning to fight fraud and deception in hiring and recruiting. About Won't Fix: In software engineering, “won’t fix” describes a bug by acknowledging the issue but intentionally leaving it unsolved because addressing it is too costly, risky, or not worth the trade-offs. Hear from the practitioners fighting phishing, deepfakes and bots, and learn about the broken systems and misaligned incentives that keep us all vulnerable. Key Episode Takeaways: The Identity Fraud Pivot: tofu shifted from an AI resume screening tool to a fraud detection platform after discovering that remote hiring has enabled a massive surge in sophisticated identity misrepresentation.Near-Universal North Korean Infiltration: Virtually every company hiring for remote technical roles is now a target for North Korean IT workers, with some applicant pipelines reaching 80% fraud rates.The Fragmentation Vulnerability: The lack of a "digital passport" and the break in verification when moving a candidate from LinkedIn to an internal ATS creates a massive security gap for fraudsters to exploit.Shift in Security Ownership: Candidate fraud is transitioning from a Talent Acquisition burden to a CISO priority as companies realize recruiters lack the budget and expertise to fight organized cybercrime.Economic Scalability of Fraud: Fraudsters aren't looking for long-term tenure; they use deepfakes and proxies to "job stack," collecting multiple salaries simultaneously for a few months before being caught.The "Confirmation Bias" Trap: Once a candidate reaches the final interview stages, hiring managers and recruiters are psychologically prone to ignore red flags, making them vulnerable to sophisticated identity theft. 2:29 Jason's Background and tofu's Evolution 4:09 Discovering Candidate Fraud Through Direct Investigation 5:04 Market Response and Business Pivot Decision 6:35 Personal Motivation and AI Identity Challenges 8:17 Spectrum of Fraud vs. Embellishment in Hiring 10:25 Prevalence of North Korean IT Worker Infiltration 11:30 Evolution of Fraud Techniques and Identity Theft 13:18 Root Causes: Platform Disconnection and Identity Verification 15:26 Security vs. Talent Acquisition Budget and Responsibility Issues 17:36 LinkedIn Verification Challenges and Behavioral Incentives 19:20 Impact of Thin Digital Footprints on Legitimate Candidates 21:35 False Positive Management and Digital Footprint Requirements 24:16 Interview Process Fraud: Deepfakes and Proxy Detection 26:01 Sophisticated Deepfake Case Study and Technical Evidence 28:17 Economic Incentives and Scaling Strategies for Fraudsters 29:26 Corporate Espionage and Strategic Target Selection 32:15 Recruiter Incentive Conflicts and Trust Erosion 36:13 Critical Case Study: Final Round Interview Fraud Detection 37:28 Government Regulation vs. Private Sector Solutions 39:39 Upcoming Product Launches: ATS Reconnaissance and Continuous Monitoring

    42 min
  • 4 Episodes

About

From the founders of InfoHawk: conversations about AI-driven deception, abuse and scams, and why they’re so hard to stop. In software engineering, “won’t fix” describes a bug by acknowledging the issue but intentionally leaving it unsolved because addressing it is too costly, risky, or not worth the trade-offs. Hear from the practitioners fighting phishing, deepfakes and bots, and learn about the broken systems and misaligned incentives that keep us all vulnerable.

Information

  • Creator
    Rob Leathern
  • Years Active
    2k
  • Episodes
    4
  • Rating
    Clean
  • Copyright
    © Copyright 2026 Rob Leathern
  • Show Website
    Won't Fix