It's just too good to be true.

Hacking Humans – "It's Just Too Good to Be True"

Podcast: Hacking Humans, N2K Networks
Date: January 8, 2026
Hosts: Dave Bittner, Joe Kerrigan, Maria Varmazes
Theme: Deception, influence, and social engineering in cybercrime

EPISODE OVERVIEW

This episode of Hacking Humans focuses on the latest trends in social engineering, deception, and scams—particularly those preying on people during high-travel seasons, exploiting victims’ emotions, and attempting tax fraud. It mixes serious warnings with lighter moments, including a dive into AI-driven travel scams, a heart-wrenching story of charity exploitation, IRS tax scam tips, and a “Jason Momoa” scammer scambait session.

HIGHLIGHTS & KEY POINTS

1. Celebrations & Lighthearted Updates

[00:45] SANS Institute’s “Difference Maker Award” is presented to Dave, with the team joking about editing and the glamorous reality of podcast production.
- “I've built a career on other people's ability to edit me down, to make me sound like I can string a few words together.” – Dave [01:34]
[02:23] Joe provides a "Chicken update" (the name of the rooster: Diesel) and debates local regulations.
Tone: Warm, humorous, personal anecdotes transition to the core content.

2. Scams & Social Engineering in Holiday Travel

Segment Start: [06:05]

Travel Scam Explosion

[06:11] Maria shares that the US Congress Joint Economic Committee (JEC) and FTC/FBI have warned of a 500-900% increase in reported travel scams in 18 months, especially on booking.com.
The spike is attributed to AI-generated scam listings, “slop” flooding the market.
- “What do you think would be possibly contributing to such a massive increase… I just dropped a giant hint in my phrase.” – Maria [07:12]
- “How does it end with an A, begin with an A, and end with an I?” – Dave [07:22]
- “Yes, yes, yes, it is indeed AI causing all this slop.” – Maria [07:31]

Common Travel Scam Angles

Fake Flight Notifications: Texts pretending a booked flight is canceled, urging victims to call a fake number, leading to data and money theft [08:12].
- “They take your financial information and scam you out of your money.” – Maria [07:53]
Impersonation & Info Leak Risks: Scammers appear to know travelers’ real flight info.
Booking.com and Third-Party Listing Scams: AI-driven fake or vague vacation listings, luring pre-bookers—dangerous for major travel seasons [09:45].
- Joe warns, “These companies need to get this under control or this is going to become a business liability to them.” [10:24]
Vacation Rental Scams: Spoofed or nonexistent vacation properties, increasing payment requests via wire or crypto [11:30].
- “Pay us in wire transfer or cryptocurrency—those are humongous red flags.” – Maria [11:46]

Notable Advice

Use official airline/hotel apps whenever possible
Don’t click links from unknown sources; contact providers directly
If victimized, report to reportfraud.ftc.gov
Memorable quote: "AI is making everything worse. So please be careful." – Maria [12:41]

3. Dangers of Oversharing & Phishing

Segment Start: [12:45]

Posting boarding passes online: Dave recounts a story of a pundit who had their flight canceled by trolls who accessed their info from a shared boarding pass [13:06].
- “Evidently, there's enough information on a boarding pass that people were able to go in and cancel this person's flight.” – Dave [13:19]
- Advice: Stop posting personal travel info or boarding passes on social media [13:33].

4. Charity Crowdfunding Scam Exploiting Sick Children (BBC Investigation)

Segment Start: [14:33]

Disturbing Case Study

The Khalil Story: A video of a sick 7-year-old boy, Khalil, is staged by a film crew—his mother is convinced donations will help his treatment, but only a token is paid while the rest is pocketed.
- “A whistleblower told the BBC that recruiters were told to look for beautiful children between 3 and 9 years old without hair.” – Dave [18:47]
Scam Outline: Emotional, English-language scripts, staged suffering, coordinated GoFundMe campaigns, high production value; parents receive little or nothing, donations misappropriated.
- “It's blood money. And I can't disagree with that.” – Dave quoting a victim mother [19:30]

Wider Impact

Victimizes both desperate families and well-meaning donors
Erodes faith in legitimate charitable appeals
“Part of what breaks my heart about this is that it makes people more cynical about giving to legitimate needs.” – Dave [21:31]

Advice

Donate only to local or reputable national organizations with a proven track record [22:01]
Approach viral charitable appeals with skepticism

5. IRS Tax Scams

Segment Start: [27:09]

Common Tactics & Red Flags

Joe discusses new IRS scam guidance at the start of tax season.
- Big promised paydays or bad advice: False claims about tax refunds or deductions [28:43]
- Demands or threats: IRS impersonators demand immediate payment—sometimes threaten arrest or deportation [30:32]
- “They don't want you in jail… they want you to continue working, and worst comes to worst, they will attach your wages.” – Joe [31:24]
IRS Contact Methods:
- First contact is almost always by postal mail
- IRS doesn’t ask for payment via social media, gift cards, or cryptocurrency [34:49]
- Only goes to irs.gov (never odd links or social media)
- May send emails only with permission, rare exceptions (e.g., criminal investigations) [33:46]
Advice:
- If contacted, remain calm; real IRS representatives are generally professional (Dave shares his own audit story [37:09])
- Don’t trust demands for crypto or wire payments
- When in doubt, consult a tax professional

6. Catch of the Day: The “Jason Momoa” Scammer

Segment Start: [40:53]

The Scambait Conversation

The hosts perform a dramatic reading of an online scammer impersonating actor Jason Momoa, attempting to build rapport and eventually move the conversation to a less traceable app (Zangi).
- “Thank you for your love and unflinching support towards my movie industry...” – “Jason” (scammer) [41:22]
- “Do you have Zangi? I do like us to communicate better in private.” – “Jason” (scammer) [45:31]
Script is filled with awkward, generic compliments and copying ChatGPT-like motivational lines.
- “I'm a fun loving man. Jovial, lovely and passionate. I think of myself as being clever but harmless.” – “Jason” (scammer) [42:53]

Hosts’ Reactions

Maria: “Not exactly the words of a humble person…” [43:47]
Joe: “They keep using the term openness or open and openness. I’m wondering if that’s like some kind of hypnotic thing…” [47:12]
Dave: Entertains the idea that real Jason Momoa should come on the show to talk celebrity impersonation scams

NOTABLE QUOTES

“AI is making everything worse. So please be careful.” – Maria [12:41]
“It’s blood money. And I can't disagree with that.” – Dave [19:30]
“I'm still shocked by the disgusting depths to which these people will go for a buck, you know?” – Joe [19:39]
“Don't lie on a tax form.” – Joe [29:54]
“IRS will not call you with an automated message that threatens, then directs to websites that aren't IRS.gov.” – Joe [36:14]
“Thank you for your love and unflinching support towards my movie industry.” – “Jason” scammer [41:22]
“I think of myself as being clever but harmless. I'm supporting, caring. I own a thesaurus.” – “Jason” scammer [43:06]

TIMESTAMPS FOR MAJOR SEGMENTS

Award & Chicken Updates: 00:45 – 05:07
Travel Scam Alert: 06:05 – 12:43
Boarding Pass Oversharing Story: 12:45 – 14:33
Charity Scam Exposé: 14:33 – 26:06
IRS Tax Scams: 27:09 – 40:36
Catch of the Day – Jason Momoa scam: 40:53 – 48:19

TONE & ATMOSPHERE

The episode blends sobering, sometimes disturbing scam stories with practical advice and genuine camaraderie, interspersed with humor and banter, especially in the “Catch of the Day” segment.

CONCLUDING REMINDERS

Always verify before acting on travel, charity, or tax-related communications.
Use official websites and contacts.
Report scams to the FTC.
Approach emotional appeals—especially for donations—with healthy skepticism.
Don’t overshare travel information online.
“If it’s just too good to be true—it usually is.”

LISTENER TAKEAWAYS

Scams are evolving rapidly with AI, especially around holidays.
Emotional manipulation is at the core of the most damaging scams.
Staying vigilant, skeptical, and verifying sources is your best defense against social engineering.

Hacking Humans – "It's Just Too Good to Be True"

Podcast: Hacking Humans, N2K Networks
Date: January 8, 2026
Hosts: Dave Bittner, Joe Kerrigan, Maria Varmazes
Theme: Deception, influence, and social engineering in cybercrime

EPISODE OVERVIEW

HIGHLIGHTS & KEY POINTS

1. Celebrations & Lighthearted Updates

[00:45] SANS Institute’s “Difference Maker Award” is presented to Dave, with the team joking about editing and the glamorous reality of podcast production.
- “I've built a career on other people's ability to edit me down, to make me sound like I can string a few words together.” – Dave [01:34]
[02:23] Joe provides a "Chicken update" (the name of the rooster: Diesel) and debates local regulations.
Tone: Warm, humorous, personal anecdotes transition to the core content.

2. Scams & Social Engineering in Holiday Travel

Segment Start: [06:05]

Travel Scam Explosion

[06:11] Maria shares that the US Congress Joint Economic Committee (JEC) and FTC/FBI have warned of a 500-900% increase in reported travel scams in 18 months, especially on booking.com.
The spike is attributed to AI-generated scam listings, “slop” flooding the market.
- “What do you think would be possibly contributing to such a massive increase… I just dropped a giant hint in my phrase.” – Maria [07:12]
- “How does it end with an A, begin with an A, and end with an I?” – Dave [07:22]
- “Yes, yes, yes, it is indeed AI causing all this slop.” – Maria [07:31]

Common Travel Scam Angles

Fake Flight Notifications: Texts pretending a booked flight is canceled, urging victims to call a fake number, leading to data and money theft [08:12].
- “They take your financial information and scam you out of your money.” – Maria [07:53]
Impersonation & Info Leak Risks: Scammers appear to know travelers’ real flight info.
Booking.com and Third-Party Listing Scams: AI-driven fake or vague vacation listings, luring pre-bookers—dangerous for major travel seasons [09:45].
- Joe warns, “These companies need to get this under control or this is going to become a business liability to them.” [10:24]
Vacation Rental Scams: Spoofed or nonexistent vacation properties, increasing payment requests via wire or crypto [11:30].
- “Pay us in wire transfer or cryptocurrency—those are humongous red flags.” – Maria [11:46]

Notable Advice

Use official airline/hotel apps whenever possible
Don’t click links from unknown sources; contact providers directly
If victimized, report to reportfraud.ftc.gov
Memorable quote: "AI is making everything worse. So please be careful." – Maria [12:41]

3. Dangers of Oversharing & Phishing

Segment Start: [12:45]

Posting boarding passes online: Dave recounts a story of a pundit who had their flight canceled by trolls who accessed their info from a shared boarding pass [13:06].
- “Evidently, there's enough information on a boarding pass that people were able to go in and cancel this person's flight.” – Dave [13:19]
- Advice: Stop posting personal travel info or boarding passes on social media [13:33].

4. Charity Crowdfunding Scam Exploiting Sick Children (BBC Investigation)

Segment Start: [14:33]

Disturbing Case Study

The Khalil Story: A video of a sick 7-year-old boy, Khalil, is staged by a film crew—his mother is convinced donations will help his treatment, but only a token is paid while the rest is pocketed.
- “A whistleblower told the BBC that recruiters were told to look for beautiful children between 3 and 9 years old without hair.” – Dave [18:47]
Scam Outline: Emotional, English-language scripts, staged suffering, coordinated GoFundMe campaigns, high production value; parents receive little or nothing, donations misappropriated.
- “It's blood money. And I can't disagree with that.” – Dave quoting a victim mother [19:30]

Wider Impact

Victimizes both desperate families and well-meaning donors
Erodes faith in legitimate charitable appeals
“Part of what breaks my heart about this is that it makes people more cynical about giving to legitimate needs.” – Dave [21:31]

Advice

Donate only to local or reputable national organizations with a proven track record [22:01]
Approach viral charitable appeals with skepticism

5. IRS Tax Scams

Segment Start: [27:09]

Common Tactics & Red Flags

Joe discusses new IRS scam guidance at the start of tax season.
- Big promised paydays or bad advice: False claims about tax refunds or deductions [28:43]
- Demands or threats: IRS impersonators demand immediate payment—sometimes threaten arrest or deportation [30:32]
- “They don't want you in jail… they want you to continue working, and worst comes to worst, they will attach your wages.” – Joe [31:24]
IRS Contact Methods:
- First contact is almost always by postal mail
- IRS doesn’t ask for payment via social media, gift cards, or cryptocurrency [34:49]
- Only goes to irs.gov (never odd links or social media)
- May send emails only with permission, rare exceptions (e.g., criminal investigations) [33:46]
Advice:
- If contacted, remain calm; real IRS representatives are generally professional (Dave shares his own audit story [37:09])
- Don’t trust demands for crypto or wire payments
- When in doubt, consult a tax professional

6. Catch of the Day: The “Jason Momoa” Scammer

Segment Start: [40:53]

The Scambait Conversation

The hosts perform a dramatic reading of an online scammer impersonating actor Jason Momoa, attempting to build rapport and eventually move the conversation to a less traceable app (Zangi).
- “Thank you for your love and unflinching support towards my movie industry...” – “Jason” (scammer) [41:22]
- “Do you have Zangi? I do like us to communicate better in private.” – “Jason” (scammer) [45:31]
Script is filled with awkward, generic compliments and copying ChatGPT-like motivational lines.
- “I'm a fun loving man. Jovial, lovely and passionate. I think of myself as being clever but harmless.” – “Jason” (scammer) [42:53]

Hosts’ Reactions

Maria: “Not exactly the words of a humble person…” [43:47]
Joe: “They keep using the term openness or open and openness. I’m wondering if that’s like some kind of hypnotic thing…” [47:12]
Dave: Entertains the idea that real Jason Momoa should come on the show to talk celebrity impersonation scams

NOTABLE QUOTES

“AI is making everything worse. So please be careful.” – Maria [12:41]
“It’s blood money. And I can't disagree with that.” – Dave [19:30]
“I'm still shocked by the disgusting depths to which these people will go for a buck, you know?” – Joe [19:39]
“Don't lie on a tax form.” – Joe [29:54]
“IRS will not call you with an automated message that threatens, then directs to websites that aren't IRS.gov.” – Joe [36:14]
“Thank you for your love and unflinching support towards my movie industry.” – “Jason” scammer [41:22]
“I think of myself as being clever but harmless. I'm supporting, caring. I own a thesaurus.” – “Jason” scammer [43:06]

TIMESTAMPS FOR MAJOR SEGMENTS

Award & Chicken Updates: 00:45 – 05:07
Travel Scam Alert: 06:05 – 12:43
Boarding Pass Oversharing Story: 12:45 – 14:33
Charity Scam Exposé: 14:33 – 26:06
IRS Tax Scams: 27:09 – 40:36
Catch of the Day – Jason Momoa scam: 40:53 – 48:19

TONE & ATMOSPHERE

The episode blends sobering, sometimes disturbing scam stories with practical advice and genuine camaraderie, interspersed with humor and banter, especially in the “Catch of the Day” segment.

CONCLUDING REMINDERS

Always verify before acting on travel, charity, or tax-related communications.
Use official websites and contacts.
Report scams to the FTC.
Approach emotional appeals—especially for donations—with healthy skepticism.
Don’t overshare travel information online.
“If it’s just too good to be true—it usually is.”

LISTENER TAKEAWAYS

Scams are evolving rapidly with AI, especially around holidays.
Emotional manipulation is at the core of the most damaging scams.
Staying vigilant, skeptical, and verifying sources is your best defense against social engineering.

Powered by Wave AI

Summary

Hacking Humans – "It's Just Too Good to Be True"

EPISODE OVERVIEW

HIGHLIGHTS & KEY POINTS

1. Celebrations & Lighthearted Updates

2. Scams & Social Engineering in Holiday Travel

Travel Scam Explosion

Common Travel Scam Angles

Notable Advice

3. Dangers of Oversharing & Phishing

4. Charity Crowdfunding Scam Exploiting Sick Children (BBC Investigation)

Disturbing Case Study

Wider Impact

Advice

5. IRS Tax Scams

Common Tactics & Red Flags

6. Catch of the Day: The “Jason Momoa” Scammer

The Scambait Conversation

Hosts’ Reactions

NOTABLE QUOTES

TIMESTAMPS FOR MAJOR SEGMENTS

TONE & ATMOSPHERE

CONCLUDING REMINDERS

LISTENER TAKEAWAYS

Summary

Hacking Humans – "It's Just Too Good to Be True"

EPISODE OVERVIEW

HIGHLIGHTS & KEY POINTS

1. Celebrations & Lighthearted Updates

2. Scams & Social Engineering in Holiday Travel

Travel Scam Explosion

Common Travel Scam Angles

Notable Advice

3. Dangers of Oversharing & Phishing

4. Charity Crowdfunding Scam Exploiting Sick Children (BBC Investigation)

Disturbing Case Study

Wider Impact

Advice

5. IRS Tax Scams

Common Tactics & Red Flags

6. Catch of the Day: The “Jason Momoa” Scammer

The Scambait Conversation

Hosts’ Reactions

NOTABLE QUOTES

TIMESTAMPS FOR MAJOR SEGMENTS

TONE & ATMOSPHERE

CONCLUDING REMINDERS

LISTENER TAKEAWAYS