My First Million · Episode Brief
We found the top 1% of the internet this week (so you don't have to)
The internet roundup format works best when the items are genuinely weird, and this one has a man who stole $122M from Facebook and Google using fake invoices sitting next to Apple unlocking a $1B app opportunity.
Apple's AlarmKit announcement is the episode's lead item because it represents something specific: a platform company making a deliberate decision to open a capability that it previously kept proprietary. AlarmKit lets third-party apps set persistent background alarms — which sounds technical until you realize that every medication reminder, habit tracker, and productivity app was limited by this constraint. Sam and Shaan's argument is that someone will build a $1 billion app that only became possible because of this one API change.
The McKinsey segment — what exactly did they deliver for $55 million? — is the kind of institutional skepticism that MFM does well. McKinsey's products are difficult to evaluate because the client's willingness to pay is itself part of the product: hiring McKinsey signals seriousness to a board or regulator in ways that are hard to separate from the actual advice quality. The $55M question is a lens for thinking about what consulting actually sells.
Frank Slootman's ice-cold advice is worth finding a clip of separately. Slootman is the CEO who scaled ServiceNow from $100M to $1.5B and then Data Domain before that — he has a reputation for being blunt to the point of discomfort. His advice for founders tends to be about elimination: remove the people who are holding you back, including people you like, because kindness in the short term is cruelty in the long term.
The man who stole $122 million from Facebook and Google using fake invoices is possibly the most purely entertaining segment. The scheme was conceptually simple — create a shell company, send invoices for services Facebook and Google's AP departments had previously paid, collect the money — and it worked for years because large company accounts payable processes run on trust more than verification. ChatGPT's retention curve showing $10B ARR is the episode's most consequential data point.
Key Ideas
- →Apple AlarmKit opens a $1B app opportunity by allowing third-party persistent background alarms — a single API change unlocking an entirely new category
- →McKinsey's $55M fee reveals something about what consulting actually sells: the signal of having hired McKinsey is often as valuable as the advice itself
- →Frank Slootman's frame: kindness in leadership is sometimes cruelty delayed — cutting poor performers fast is better for everyone, including the person being cut
- →The $122M Facebook/Google invoice fraud worked because large company AP departments run on trust, not verification — a structural vulnerability in enterprise finance
- →ChatGPT hitting $10B ARR with a strong retention curve is a signal that AI adoption is demand-driven, not hype-driven
- →Ramp's monopolist pitch deck: positioning as infrastructure rather than software makes the competitive moat argument much stronger to enterprise buyers
Worth Remembering
The man who stole $122M from Facebook and Google using fake invoices — and did it for years before anyone caught it
Apple AlarmKit: a single API announcement that Sam and Shaan immediately turn into a $1B opportunity thesis
The Elon vs. Trump meltdown segment — two people with enormous Twitter followings having a public falling-out
Frank Slootman's ice-cold leadership advice, which lands differently coming from someone who has actually done what he's describing