Cyber Attacks



Cyber attacks are more sophisticated than ever, targeting individuals, families, and businesses alike. In this episode, we uncover the deceptive world of phishing emails, false flags, and advanced cyber threats with cybersecurity expert and former Green Beret, Steve Stratton. From working alongside U.S. Presidents to crafting suspenseful novels like Caribbean Harvest, Steve shares critical insights to help you spot and combat cyber schemes before it's too late. Tune in for actionable strategies, situational awareness tips, and a free weekly action guide to protect what matters most. Don't miss this vital conversation—it could be the key to your digital defense.

---

Listen to the podcast here


Cyber Attacks

Steve Stratton Gives Solutions

Our expert is a Green Beret author and podcaster, Steve Stratton, who served on the White House Communications Agency, supporting the needs of Presidents Ford and Carter, Vice Presidents Rockefeller and Mondale, as well as Secretary of State Henry Kissinger. Steve will disclose unclassified information about cyber threats and tell us about his book entitled, Caribbean Harvest. Steve, welcome to the show. Thanks for being here.

Honored to be here. Thank you.

It's good to have people like you here that are taking your time to share this very vital information with us. It sounds like you've had a very interesting vantage point because you worked with various presidents. Would you like to share a little bit about that?

Steve Stratton's Background And Experiences

It started because I'm crazy, and I volunteer for a lot of things. I was at basic training, supposedly headed to the Ranger Regiment up in Washington State. These guys showed up with longer hair, civilian clothes, started talking about Washington and travel around the world. I thought, "I'll take some of that." Before I know it, I'm nineteen years old. My sponsor's driving me by the Watergate and says, "You know what that is?" I said, "Yeah, it looks like the Watergate." He says, "Don't go there." It was right before Nixon resigned, and you didn't want to go to the Watergate back then. It was a really fun way to learn about the world that I'd only seen through National Geographic. Very blessed in that way.

That's really incredible information. I bet you could tell some stories you're not supposed to tell, right?

Yeah, it's interesting. When I first joined the Secret Service, my boss said, "Sorry, I got to go up to Congress and talk about tape recorders and things." I'm like, I'm in the middle of it now.

You still have a security clearance?

Yeah, I do. Every time I write a book, I've got to send it off to the military and other agencies to get it checked.

That's amazing. I would like to talk a little bit about your book, Caribbean Harvest, which is based on your experiences while being at the White House. Tell us a little about that book.

When I was in the Army and then later on in the National Guard, I spent a lot of time down in South America, Colombia and other places like that. I worked with a lot of other special operations forces from around the world. In this book, which is the fourth in the series, Lance Bear Wolf, my protagonist, finds out that El Chapo from the Sinaloa cartel is looking at Cuba to grow opium. He says he needs to go. His wife says, "If you go, I go." Elle follows him along, and that's how it starts.

In that story, elaborate a little bit about the cyber side of it.

I retired from the cybersecurity space. All my books have elements of cyber. I don't go into real detail telling you how to hack into somebody's database or steal their credit cards, but I always have that element in there. Even prior to AI coming on strong, I always had a data system that they use called Providence. It has those kinds of elements in it that can manipulate and look at lots and lots of data. They're a very cyber-forward team and use it in a very appropriate way, much like the military and three-letter agencies are today.

Could you elaborate a little bit to our audience about what they should be watching for or be aware of?

Cyber Threat Awareness For Individuals And Businesses

From a cyber perspective, the big thing is that the bad guys, we'll call them, are really getting more sophisticated when they send these phishing emails. It used to be that they would send out these broad-spectrum emails that would just go to everybody. I'd look at it and go, That's strange. I don't have a Bank of America account but now, so much information has been stolen that they know what banks you work with. They know your name. They know your address. If we're lucky, they don't know your Social Security number, but they've got your email, probably your phone, which is not hard to find. They are becoming much more targeted.


I just got one. Once again, it was about Bank of America. What they didn't know is that since the data they had acquired was stolen data, I had closed that account. I was able to see that attempt and laugh at it, show it to my wife, and say, "These guys don't even know that I don't have an account anymore." You've got to be very careful because they will send you emails, prompts, and notifications, and they'll hide the fact that when you click on that link, you're not really going to Bank of America. They'll use different fonts, like Russian fonts and other things where an R, like a Romeo R, and an N, November N, are put together, and it looks like an M, like Mary. That M in the middle of Bank of America is really RN and is sending you off to some place, who knows where, but it's not a safe place to be.

The number one thing is when you get something out of the blue that says, "You need to check on this right away. You need to call us right away," that kind of thing. Never click on any links. Don't call those phone numbers. If it's supposed to be from your bank, call your bank directly. I have several times, and they've said, "Nope, that's a scam." Be careful. This is the big thing to watch out for. The other big thing to watch out for is people trying to trick you with scanners when you've got your credit cards out or your wallet, things like that. We could talk about that some more too.

That's very good information that probably most of us don't even think about. One of our previous guests talked about what's called situational awareness, which is a cool concept, being aware of the situation you're in. When you're talking about this stuff, these emails, Ned, are you talking about whether the browser would actually have an address that's different from Bank of America, or would it still appear to be Bank of America?

Exactly. It looks like you're going to click on a good link that goes to the Bank of America help desk or something like that. The safest thing to do is go, "This doesn't make sense, but let me go check with the bank directly." Don't click on that link. Don't open any PDFs, those kinds of things. That'll provide you with the best level of safety.

I'm really glad that you're communicating about this. I'm 74 years old, so a lot of threats are thrown at people my age or even a little younger because they go, "I got this on my phone or I got this on my computer, and I think this is the bank and I got to hurry up and call them." They get trapped a lot. I'm hoping that our audience that sees this will share it with their in-laws or older folks in their family so that they can be aware of this. This is really good, valid information. I had another thought about this also. When you think about this cyber, how would you present that to businesses? Is it the same thing, or would you do it a little differently?

Cyber Threats In Business

Yeah, businesses. If you're a business that's doing a lot of credit card processing, things like that, you're a much better target for me. The bad people have to spend time and money to create the attack. They have to do surveillance and all this kind of stuff. Me, I'm not as good a target as Amazon or somebody like that who's doing a lot of credit card processing.

They will create targeted emails that look like they're coming from the HR staff into the people that work at PayPal or Amazon and things like that. They can get very sophisticated. Luckily, those larger organizations usually have tools that will take apart that email, scan it to make sure that it's clean, sometimes even take it all apart and rewrite it so that they know there's no bad links or anything behind it.

It's still the similar kind of thing. It's social engineering and email phishing. Most of the time at work, you don't get the grandma scam like you and I get. I live in a retirement community, so I know people that have fallen for that via the phone, where they've sent money off or, unfortunately, got scammed. It's taking place electronically online now, too, because, like you said, the bad guys think that we're a bit older, maybe we're a bit less savvy with technology, unlike the young kids and things like that. Got to be careful.

We are not as savvy as the young kids. That's just the state of the deal. I'd like to address one more little concept in this, which is, do you feel that cyber is being used in the false flag concept?

All the time. In the military, we call it information operations. Underneath that is psychological operations, false flag, all kinds of campaigns that can happen, whether it's election interference or the idea that in the military, we talk about the idea that we want to set the stage, get out positive news that we're working with country XYZ and we have a good relationship. We're hoping that they continue on or look toward democratic processes.

On the negative side of that is the information coming out about different people or different institutions, and are they trustworthy? It's a very well-known fact that Iran, North Korea, Russia, and China, they're all trying to make us less favorable, less trusting of the institutions. I believe it pays to be looking at that because a lot of the information we see that seems to be coming from trustworthy sources really isn't. It is these false flags, it is this disinformation campaign that our adversaries throw at us all the time.

Disinformation is a battlefield. Adversaries like Russia, China, Iran, and North Korea constantly launch false flags and psychological operations to undermine trust in institutions. What seems like credible information might just be another weapon in their arsenal.

Makes you wonder a little bit, doesn't it? That's part of my mission with this is to try to get information out like this so people are aware of even that. We're not deceived every day by this really demonic activity.

Absolutely, very much parallel to the days we live in.

Finally, the final question I have is, give me a two-minute recap about your book and how our audience can simply prepare even a little bit more and get peace about these kinds of threats. I want to put this stuff in the action guide as well. Your wisdom has been fantastic to help people. Anything else that you can think of that we can even put in the action guide that they can get for free at the end of the shows would be valuable. Also, I'm going to send everybody in the world to all your books on Amazon and let them get this firsthand from you as an expert.

Thank you. The number one thing I tell people is, don't be afraid of strong passwords. Using numbers, symbols, and letters, if you create a really strong password, like my wife's name is Elle, it's Steve and Elle with some dates, and maybe some hashtags or something like that, I'm never worried that I'll forget my password. Just use the password reset and reset another hard password. I forget passwords. I set such hard passwords, I forget them all the time, but I know I can reset them. Also, make sure, if you can, on your website or in your applications, that you have what we call two-factor authentication.

As I sign in, it says, "Where would you like a text sent? Do you want an email? Do you want a text?" I prefer having things come to my phone because my phone is on my person. If I get a request to reset my password, and I didn't ask for it, somebody else did. Somebody else hacked into the system enough to request to reset the password. But then I get a text on my phone, and I'm looking at it going, "That wasn't me," and I'm able to call the company or whatever. Two-factor authentication is another great thing to do.

The third thing, because I like things in threes, like a stool, that third thing I like is that I look at my credit cards. I look at my bank statement at least once a week, if not more often, just to see if there's something strange. I also have frozen my credit at the credit card of folks like TransUnion and Experian, those kinds of people. It's a little bit of a hassle if I want to open a new credit card. I've got to call them to unfreeze it so they can approve it. Once it's frozen, nobody can open a credit card in your name, that kind of thing. A couple of things that you can do, and we'll put them in the guide so that people can have those for later.

When you say frozen, can those checks they say that are not going to get your credit still get through that pipe, or does that stop them cold?

No, the credit worthiness check is totally separate from the freeze, which keeps people from opening credit in your name.

That's good. I talked to a friend of mine the other day, and I'll let you go here in a second, but he talked about Faraday bags. Are you familiar with that?

Yes. Right behind me, I have some bags from SLNT. When I went overseas with my wife to Italy, we put our phones in the SLNT bags. We also wrapped our credit cards in foil protectors so that somebody couldn't scan our credit cards walking by us. I take various physical and cyber protective measures to just ensure that our money stays ours.

Does that Faraday bag stop signals from coming back and forth? Is that how it works?

Exactly. It's very much like what you see in the movies when they all walk into the secure room and nobody can hear them. It's a similar technology to stop electronic emissions.

That's really cool because I bought one, I probably shouldn't announce this, on Amazon. I bought them for less than $30. You can buy these different sized bags that you can put your laptop in or your phone in. A friend of mine told me if you put it in there, if you're having a conversation, it can't pick it up. Is that right?

Exactly. The problem with the cell phone is it's always pinging, looking for the next cell site. It's looking for the best connection to give you the best service. That's great. How we find bad people is they can send you to a false cell tower, and then we can do things, take over your phone, and things like that. The Faraday bags are really good, especially if you're traveling overseas. We don't have that big of a problem here in the States unless you go to big cities like New York, LA, San Francisco, places like that, Miami. It's a good, cheap alternative.

That's really good. I really appreciate your wisdom and your time. We're, again, going to point everybody to your content. These tips you gave are just very valuable. I hope everybody pays attention to those because this is stuff that we've got to just watch these days and protect our families. Again, safe travels. I look forward to seeing you again.

Thank you.


Important Links