The post Operation Road Trap: Inside the 79,000-Message Smishing Wave Hitting Drivers Worldwide appeared first on Daily CyberSecurity.

This week on the Lock and Code podcast…

A dreadful thing happens far too often whenever an older adult falls for a scam: They get blamed for it. Not the scammers who lied and cheated their victim out of money. Not law enforcement for failing to recover funds. Not even the Big Tech companies that could have the most important role in protecting people online—and which, it turns out, knowingly bring in revenue every year from fraud.

Instead, it is the older adults themselves whose stories are often shirked aside because of a mix of ageism and denial. Allegedly left behind by technology, only an octogenarian would hand their password over in a phishing scheme, or open an email attachment from a stranger, or send money to a fake charity online. Everyone else, everyone else believes, is too savvy for the same.

The data disagrees.

When Malwarebytes studied this last year, it found that, depending on the type of scam—especially for things like “sextortion”—younger individuals were far more likely to report falling victim. Further, digging into data from the US Federal Trade Commission revealed entirely separate patterns. For example, while Americans between the ages of 80 and 89 reported the highest median loss due to fraud in 2024, they also made up the smallest share of their population to report a loss at all. And in 2025, that same group represented the smallest share of reported identity theft, a crime far more likely to be reported by people between 30 and 39.

Questions about who reports what crimes at what rate are valid to explore, but it’s important to see the big picture: Americans lost at least $15.9 billion to fraud last year. Protecting older adults is actually about protecting everyone, and that’s because modern scams don’t arrive only where people over 70 spend time. They arrive where we all are, which is online. They come through endless text messages, they slide into social media DMs, and they prey on things any of us can be—a widow, a divorcee, or simply a lonely person.

According to Marti DeLiema, Assistant Professor at the University of Minnesota’s School of Social Work, scams and fraud are now the most common form of organized crime globally, rivaling weapons trafficking, drug trafficking, human trafficking, and sex trafficking. In 2024 alone, she said, the FTC estimated that older adults in the US had as much as $81.5 billion stolen from them. And the tools meant to fight back—broad consumer awareness campaigns, embedded warning messages at the point of transaction, the training of bank tellers and retail clerks—are nowhere near keeping pace.

So what actually works? And who, if anyone, is doing the work?

Today, on the Lock and Code podcast with host David Ruiz, we speak with DeLiema about who is really susceptible to financial fraud, why victims often describe a scam as a form of betrayal trauma, and why the companies best positioned to stop scam messages from reaching consumers may be the ones least motivated to do so.

“This is not a technical capability problem at all. This is a conflict of incentives.”

Tune in today to listen to the full conversation.

Show notes and credits:

Intro Music: “Spellbound” by Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 4.0 License
http://creativecommons.org/licenses/by/4.0/
Outro Music: “Good God” by Wowa (unminus.com)

---

Listen up—Malwarebytes doesn’t just talk cybersecurity, we provide it.

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being with our exclusive offer for Malwarebytes Premium Security for Lock and Code listeners.

A federal grand jury has indicted Kwamaine Jerell Ford, a Georgia man accused of running a phishing scam that targeted professional athletes in the NBA and NFL while he was in federal prison.

Prosecutors say the scheme allowed him to gain access to victims’ Apple accounts, steal financial information, and carry out fraudulent transactions.

According to the indictment, the alleged phishing scam involved impersonating both an adult film star and Apple customer support representatives to trick athletes into sharing their login credentials and multi-factor authentication codes. Authorities say the stolen information was then used to access accounts and make unauthorized purchases.

Federal prosecutors also allege that the scheme expanded beyond financial fraud and included coercion and sex trafficking activities involving a female victim. The case is currently being investigated by the Federal Bureau of Investigation (FBI), and Ford has pleaded not guilty to multiple federal charges.

Phishing Scam Allegedly Targeted Professional Athletes

According to federal prosecutors, Kwamaine Jerell Ford, a 34-year-old from Buford, Georgia, has been indicted for orchestrating a phishing scam that targeted professional athletes in the NBA and NFL. The indictment alleges that Ford used deceptive online tactics to gain access to victims’ Apple accounts. Authorities say the phishing scam relied on a two-step social engineering approach designed to trick athletes into sharing their login credentials. First, Ford allegedly created a fake online persona posing as a well-known adult film star. Through this account, he offered to send explicit videos to the targeted athletes. At the same time, he reportedly spoofed legitimate Apple customer support accounts and contacted victims through text messages. The messages asked the athletes to send their usernames, passwords, or multi-factor authentication codes so they could supposedly access the videos. According to investigators, dozens of victims fell for the phishing scam and unknowingly handed over their account credentials.

Access to Accounts Led to Financial Fraud

Once Ford gained access to the victims’ accounts, prosecutors say he obtained their stored credit and debit card information. The indictment alleges that he then used the stolen financial details for personal spending. Authorities believe the phishing scam enabled Ford to carry out thousands of dollars in unauthorized transactions. Investigators say the tactic relied heavily on impersonation and trust manipulation—methods that remain common in modern phishing scams. The case is particularly striking because Ford had previously been convicted of similar crimes. In 2019, in the Northern District of Georgia, he was convicted of computer fraud and aggravated identity theft after carrying out phishing attacks that allowed him to spend nearly $325,000 using stolen financial information belonging to athletes and celebrities. “While serving time for stealing credit card numbers from athletes and celebrities to fund his lifestyle, Ford allegedly engaged in the same conduct again,” said Theodore S. Hertzberg. “Disturbingly, the indictment alleges that Ford went even further and used a fraudulent online persona to traffic a young woman and coerce her to produce hidden camera videos of commercial sex acts with unknowing individuals.”

Allegations of Coercion and Sex Trafficking

Federal authorities say the case escalated beyond a financial phishing scam in 2021. According to the indictment, Ford allegedly used the same fraudulent persona to recruit and manipulate a woman into engaging in commercial sex acts with professional athletes. Prosecutors say Ford promised the victim that the fake film star would help advance her modeling career. Based on those claims, the woman allegedly traveled to meet athletes and participated in encounters arranged by Ford. Authorities say Ford coordinated travel, negotiated payments with the athletes, and took a financial cut from the encounters. Investigators also allege that Ford used additional fake personas to threaten the victim and pressure her into continuing the activity. Some encounters were allegedly filmed without the athletes’ knowledge or consent. FBI officials say the case demonstrates how online fraud schemes can expand into broader criminal activity. “Kwamaine Ford clearly did not learn from his prior conviction for a similar scheme. This time, he allegedly escalated his criminal activity—stealing identities and money while also moving into coercion and sex trafficking,” said Peter Ellis. “The FBI’s dedicated agents remain committed to staying ahead of schemes like this and protecting the public from individuals who exploit and harm others for personal gain.”

Charges and Ongoing Investigation

On March 13, 2026, Ford appeared in federal court and pleaded not guilty to multiple charges, including nine counts of wire fraud, seven counts of computer fraud, one count of access device fraud, four counts of aggravated identity theft, and one count of sex trafficking. A U.S. magistrate judge ordered that he remain in custody without bail while the case proceeds. As with all federal indictments, the charges represent allegations, and Ford is presumed innocent unless proven guilty in court. The investigation is being led by the Federal Bureau of Investigation, with Assistant U.S. Attorneys Bernita B. Malloy and Phyllis Clerk prosecuting the case.

ATM jackpotting, once considered a niche cybercrime technique, has now reached a level where it is drawing the attention of the highest levels of law enforcement. The FBI has added Anibal Alexander Canelon Aguirre, an alleged leader of a global ATM jackpotting operation, to its Ten Most Wanted Fugitives list, highlighting the growing threat posed by cyber-enabled financial crime. The announcement was made by FBI Omaha Special Agent in Charge Eugene Kowel and U.S. Attorney for the District of Nebraska Lesley Woods, who said Aguirre allegedly orchestrated a large-scale ATM jackpotting conspiracy that targeted banks across the United States. Authorities believe the operation generated millions of dollars that ultimately supported Tren de Aragua, a transnational gang designated as a foreign terrorist organization.

ATM Jackpotting at the Center of the Case

At the heart of the investigation is ATM jackpotting, a cyberattack technique in which criminals install ATM malware to force machines to dispense cash without authorization. Instead of physically robbing a bank vault, attackers exploit software vulnerabilities in the ATM system. According to investigators, Aguirre allegedly led teams that traveled across the United States to carry out these attacks. Once the ATM jackpotting malware was installed, cash withdrawals could be triggered on command, allowing crews to quickly empty machines. Law enforcement officials say this was not a series of isolated attacks. The operation allegedly involved a coordinated network where the stolen money moved through complex laundering channels before reaching the criminal organization behind the scheme. [caption id="attachment_110176" align="aligncenter" width="626"] Image Source: FBI[/caption]

Charges Linked to Cybercrime and Financial Fraud

A federal arrest warrant for Aguirre was issued on December 9, 2025, in the U.S. District Court for the District of Nebraska. Prosecutors have charged him with multiple offenses connected to the ATM jackpotting conspiracy, including:

• Conspiracy to commit bank fraud
• Conspiracy to commit bank burglary and damage a protected computer system
• Conspiracy to commit money laundering
• Conspiracy to provide material support to terrorists

The case is being investigated through Joint Task Force Vulcan, working alongside the Computer Crime and Intellectual Property Section (CCIPS) of the U.S. Department of Justice. Officials say the charges reflect the scale and seriousness of the alleged cybercrime network.

Why ATM Jackpotting Is Now a National Security Concern

For years, ATM jackpotting attacks were largely viewed as financial crimes affecting banks and ATM operators. But this case demonstrates how cybercrime techniques can intersect with organized crime and even terrorism financing. Special Agent Eugene Kowel said the alleged ATM jackpotting operation created a “multimillion-dollar revenue stream” that ultimately supported the activities of Tren de Aragua. This development signals an important shift in how authorities view ATM jackpotting malware attacks. What once looked like opportunistic cyber theft is now seen as a tool that organized criminal groups can use to generate funds at scale. The decision to place Aguirre on the FBI Ten Most Wanted list—a list historically reserved for violent offenders—shows how seriously authorities are treating the threat.

First Cyber Fugitive on the FBI’s Most Wanted List

Aguirre’s addition to the list is significant for another reason. He is the first cyber fugitive to appear on the FBI’s Ten Most Wanted Fugitives list since it was created in 1950. The list has included 540 fugitives over the decades, and more than 500 have been captured or located, often with assistance from the public. The FBI believes public awareness could once again play a key role in locating Aguirre. Officials say the suspect should be considered armed and dangerous. He is described as a 49-year-old man with black and gray hair, approximately 5’5” to 5’7” tall, and weighing about 190 pounds. Authorities say he has connections in Venezuela and Mexico and speaks Spanish.

Public Help Could Be Critical

The FBI is offering a reward of up to $1 million for information leading to Aguirre’s arrest. Investigators are urging anyone with information to contact the FBI tip line or submit information online. Beyond the manhunt, the case serves as a reminder that ATM jackpotting attacks are no longer just technical exploits. When cybercrime merges with organized criminal networks, the financial damage can quickly turn into a broader security issue.