When “opportunity” knocks, don’t answer. - Hacking Humans

Summary5 min read

Hacking Humans — Episode Summary
“When ‘opportunity’ knocks, don’t answer.”
April 9, 2026 | Hosts: Dave Buettner, Joe Kerrigan, Maria Varmazes

Episode Theme:
Deception, influence, and social engineering in the world of cybercrime. This week, the hosts dig into recent cyber scams involving fake LinkedIn messages, insurance fraud on Mount Everest, and a breakdown of the latest tax season scams. They share personal stories, discuss criminal exploits, and close with a “catch of the day” that highlights suspicious advances within an online Scrabble game.

Opening & Follow-up (00:15–07:00)

Welcoming Back the Gang:
The team is reunited after some time apart due to travel and technical issues.
Listener Mail from Australia (01:11):
Joe reads a light-hearted email about his backyard chickens and receives tips from an Australian listener.
- Discussion veers into “chook talk” (Australian term for chicken) and humorous product suggestions like “chicken saddles” to protect hens.
Anecdote: Meeting Hugh Jackman (04:05):
Dave shares a highlight from the RSA conference, recalling an interaction with Hugh Jackman.
Quote:
“I introduced myself, and then I said, well, either you’re closing your eyes to a situation you do not wish to acknowledge… And he looked back at me and he said, or I’m underestimating the caliber of disaster indicated by the presence of a pool table in my community. And I said, you got trouble, my friend. And he said, right here in River City.” (05:03)
Australian Linguistics Lesson (05:53):
Dave passes on a lesson from Jackman on how to fake an Australian accent using the words “rise up light” (i.e., “razor blade”).

Main Stories & Discussions

1. LinkedIn Phishing Campaigns (07:50–14:19)

Story Source: HackRead/Cofense Phishing Defense Center
Presenter: Dave Buettner

Phishing Tactic:
Attackers send fake LinkedIn alerts about urgent business opportunities, using visually convincing emails with logos and fonts.
Modus Operandi:
- Fake notification links lead to lookalike login pages designed to steal LinkedIn credentials.
- Domains for phishing sites are newly registered, a major red flag.
- The scam preys on habits (checking LinkedIn messages), trust in the platform, and urgency (promises of business deals).
Key Quotes:
- “You get a fake LinkedIn alert and that sends you to a counterfeit login page…” (08:44)
- “It doesn’t really rely on any malware. It’s a very quiet sort of exploit. It relies on your habits, your trust, and urgency.” (10:46)
Hosts’ Take:
- Joe: Expresses skepticism about LinkedIn’s trustworthiness and jokes about not being enticed by such messages.
- Maria: Observes that usage and trust in LinkedIn is industry-specific, less prevalent in infosec than in other fields.
Discussion on LinkedIn Subculture (11:45–13:13):
- Reference to subreddit “LinkedIn Lunatics.”
- Social engineering likely tailored to demographics that are actively engaged on platform.

2. Everest Helicopter Insurance Scam (14:19–24:32)

Story Source: The Independent
Presenter: Joe Kerrigan

Scam Unveiled:
Everest climbing guides allegedly poisoned climbers with tainted food or medication to induce fake altitude sickness, triggering false emergencies requiring costly helicopter rescues.
Scope & Tactics:
- Over 4,700 climbers affected (2022–2025), 300+ fake rescues, $20M in fraudulent insurance billing.
- Collusion included guides, helicopter firms, and local hospitals.
- False symptoms induced with massive water intake or baking soda-laced food.
Key Quotes:
- “They were essentially faking these medical emergencies in climbers… and [operators] inflated costs by billing each passenger as if they had taken a separate helicopter flight.” (17:58)
Insurance Fallout:
- Some insurance carriers are threatening to stop covering Everest expeditions due to rampant fraud.
Personal Reflection:
- Joe discusses aspiring to climb Mount Kilimanjaro instead; hosts riff on the morbid topic of Everest’s “landmark” frozen bodies (22:35).
- “Turn left by Dead John up the hill to…” (22:53 – Maria)

3. Tax Season Scams (26:15–36:20)

Story Sources: Better Business Bureau, Proofpoint
Presenter: Maria Varmazes

Annual Surge in Scams:
Tax time brings traditional and evolving scams, including fake IRS calls/emails (before and after April 15th), urgent payment demands, and appeals for verification of sensitive info.
Highlighted Tactics:
- Ghost tax preparers: Temporary, fraudulent storefronts promising big refunds but not filing returns.
- Phishing links purporting to be IRS resources; especially emails prompting users to download an “IRS transcript viewer,” which is really a remote monitoring and management (RMM) tool.
- “There is no IRS transcript viewer. Don’t download anything…” (35:34–36:15)
Key Stats:
- Proofpoint noted ~40% of the 2026 tax scams involve RMM tools enabling attackers to control victims’ computers.
Advice from Hosts:
- Only trust contacts you initiate directly with the IRS.
- IRS will typically communicate by letter first.
- “Send it in writing and hang up.” (32:14 – Maria’s advice via her mom)
Personal Anecdotes:
- Joe: His father, a CPA, easily rebuffs IRS scam calls by demanding written correspondence (33:04).
- Maria: The slow, letter-based IRS system is a feature, not a bug—it thwarts scammers.

Notable Quotes & Humor

“I never play these [online] games… because I am 100% certain the other person is cheating.” (44:40 – Joe)
“You seem like a woman who can really land on her feet with one-word answers.” (43:39 – Dave, reading ScamBot text)
“Scrabble? Not even Scrabble is sacred.” (44:40 – Maria on scams infiltrating online Scrabble)

Catch of the Day: Scrabble Scam Chat (36:38–46:20)

Context:
The team reads a real chatlog posted to Reddit’s r/Scambait subreddit exposing a scammer attempting to lure a Scrabble opponent onto outside chat platforms.
Pattern:
Typical romance/seduction scam, with over-familiar questions and requests to move from the game’s chat to external apps (Teams, Signal, Telegram).
Hosts’ Commentary:
- They note clear red flags (pushiness to switch platforms, oddly formal phrasing).
- Banter on the sheer ubiquity of scams—even Scrabble isn’t safe.
- The dialogue pokes fun at the awkwardness and persistence of scam bots.
Memorable Moment:
- Maria invents a tongue-in-cheek scammer email: “SexyCPA696-9420@gmail.” (43:15)

Timestamps for Key Segments

Australian Chicken & Hugh Jackman Anecdotes: 01:11–06:01
LinkedIn Phishing Campaign: 07:50–14:19
Everest Rescue Scam: 14:19–24:32
Tax Season Scams: 26:15–36:20
Catch of the Day (Scrabble Bot Romance): 36:38–46:20

Takeaways & Practical Tips

LinkedIn always be cautious about urgent messages—scrutinize sender details and URLs.
Don’t trust tax preparers without credentials, and never download files claiming to be “IRS viewers.”
Insurance scams can hide within complex environments (like Everest expeditions); a web of collusion is always possible.
Scams can happen anywhere—even in casual, seemingly benign online games.
When in doubt with official-looking requests: ask for written confirmation and never provide sensitive info over the phone or email.

(For references and more details, see the episode show notes.)

Loading summary

Transcript377 lines

[00:02]
A
You're listening to the Cyberwire Network, powered by N2K.
[00:15]
B
Hello, everyone, and welcome to the Hacking Humans podcast, where each week we look behind the social engineering scams, the phishing schemes and criminal exploits that are making headlines and taking a heavy toll on organizations around the world. I'm Dave Buettner and joining me is Joe Kerrigan. Hey, Joe.
[00:29]
C
Hi, Dave.
[00:30]
B
And and our N2K colleague, Maria Vermazes. Maria, hi. We've got some good stories to share this week, but let me just pause for a second and say it's great to have the gang back together again.
[00:47]
A
I just thought I'd throw a little change at you. I just went, ah, no, it's fine.
[00:52]
B
We've had people away, we've had people traveling, we've had, we've had technical issues, we've had all, everything. But we're all together here today, back to normal, and it feels good. So. All right, before we jump into today's stories, we have some follow up here. Joe, what do we got?
[01:11]
C
We got a letter from sue in Australia.
[01:14]
B
Okay.
[01:14]
C
Sue writes, hello, Dave, Joe and Maria. I am not going to do an Australian accent.
[01:20]
B
All right. I have an Australian story when you're done, so go for it.
[01:23]
C
I listen to your Hecking humans podcast on YouTube. Joe, the reason you're chook, which is ozzy for chicken, might be missing feathers on her back is one. The hen is naturally going through a molt, which is what happens with chickens. They will just shed their feathers from time to time. And sue notes that the combs will become lighter in color. They stop laying and they lose feathers. The feathers are easier to pull out. The chook will molt at least once a year. And the other reason is your rooster likes this hen too much. Roosters will have a favorite hen. And when the rooster mounts the hen, he claws the back. The hen's back as he positions hers to. Positions himself to do. To do the business. And then she says, you can put this product on a hen to protect it. And she sent a link to something called chicken saddles, which I had much higher hopes for this. I'm like, you know what I need for a chicken? A giant chicken and then chicken saddle, maybe those chickens, but this is actually like a little bit of chicken armor that goes on the back so that when the rooster mounts the chicken that the hen that he doesn't pull feathers out. So I'll tell you, I was working on the roof of this over the last weekend. I haven't finished the roof, but it doesn't look like the ramshackle redneck solution I had up before.
[02:53]
B
Okay.
[02:53]
C
Now I actually have a peak and rafters going across. I just got to put some on top of it. Anyway, that hen or that rooster was wearing out these hens. He was going at it.
[03:05]
B
So you do have a rooster?
[03:06]
C
Oh, yeah, I have a rooster. His name is Diesel.
[03:08]
B
Oh, all right.
[03:09]
C
Good name for a rooster.
[03:11]
B
Yeah.
[03:12]
C
I also think I mentioned the chicken feeding problem I always have, and sue follows up with that. I use Grandpa bird bird feeder on my chooks and have to vouch that it works very well. The hens have gotten used to using it, but the rooster will take longer to learn how to use it. I have purchased similar products on Amazon, but it does not work as well as the original creators. And then she sent a link to Grandpa's Feeders. So I took a look at Grandpa's Feeders. It looks pretty nice. It's not cheap. It's like 200 bucks. But I think the first thing I'm going to try to do is build some cheap PVC feeders and see if that works. If not, I. I will probably break down and buy the Grandpa's feeder and hope that my chickens will figure it out before they starve to death.
[03:56]
B
Aw.
[03:57]
C
But sue adds, keep up the chook talk. So there's a fan of all the chicken memes.
[04:02]
B
So chook is Australian for chicken.
[04:03]
C
Yes, it is.
[04:05]
B
All right, that's good.
[04:06]
C
My chooks, they're doing well.
[04:08]
B
So speaking of Australians, while I was away.
[04:12]
C
That's right.
[04:13]
B
I met an Australian.
[04:14]
C
You did?
[04:15]
B
Yes, I did.
[04:17]
A
Just this guy.
[04:18]
B
Just this guy.
[04:19]
A
Some dude.
[04:21]
B
I was at the RSA conference and the closing keynote speaker was Hugh Jackman, Australian of note. Some guy. Yeah, really nice guy. They had a little meet and greet after the thing that I was fortunate enough to be invited to, so had a few moments with Mr. Jackman, and we had a nice little exchange. But did you sing Music man songs? I did, yes. Or should I say we did.
[04:50]
C
Excellent.
[04:51]
B
Yay.
[04:53]
C
I hope that's on video somewhere.
[04:55]
B
It's not. But basically what happened was I introduced myself, and then I said, well, either you're closing your eyes to a situation you do not wish to acknowledge. And he looked back at me and he said, or I'm underestimating the caliber of disaster indicated by the presence of a pool table in my community. And I said, you got trouble, my friend. And he said, right here in River City.
[05:14]
C
Awesome.
[05:15]
B
And they then took the picture. Anyway.
[05:17]
A
I love that so much.
[05:18]
B
Yeah, it was great.
[05:19]
A
Without missing a beat, I'm sure, on his part.
[05:22]
B
Oh, it's interesting with all the roles
[05:23]
A
that he's done that he still. Without missing a beat. He just was right on it. That's impressive.
[05:28]
B
Let me tell you, as someone who learned the song Trouble, when you learn the song Trouble, it is hardwired into your brain for the rest of your life.
[05:35]
A
That's amazing.
[05:36]
C
For me, it's hello, Dolly.
[05:38]
B
Yeah. Yeah.
[05:39]
C
I think I counted that show when I was working it in high school. I think I saw close to 100 either. Rehearsals and live shows of hello Dolly. I never want to see hello Dolly again.
[05:51]
B
I've done hello Dolly three times.
[05:53]
C
Have you?
[05:54]
B
So Hugh Jackman, as part of his keynote, he taught the audience how to speak Australian. And so now I'm going to teach you. Ah, excellent.
[06:02]
A
Oh, no way. Oh, geez. Okay, we're going to lose all of our audience in Australia right now. Sorry, Sue.
[06:08]
B
Shall it be Joe or Maria?
[06:11]
C
Pick me.
[06:12]
B
All right, Joe.
[06:13]
A
Okay, Go pick yourself up.
[06:14]
B
So, in your regular American accent, I want you to say these words after me.
[06:21]
C
Okay?
[06:23]
B
Rise.
[06:24]
C
Rise.
[06:24]
B
Up. Up. Light.
[06:27]
C
Light.
[06:28]
B
Say it again. Rise.
[06:29]
C
Rise. Up, Light.
[06:30]
B
Rise. Up, Light. Now say it.
[06:31]
C
Rise up.
[06:31]
B
Lightly. Rise.
[06:32]
A
Up.
[06:32]
C
Rise. Up. Light.
[06:33]
B
What is the tool that a man uses to shave his face?
[06:36]
C
Rise.
[06:37]
B
Up.
[06:37]
C
Light.
[06:41]
A
That's terrible.
[06:46]
C
It's Rise of Light, Dave.
[06:47]
B
Rise of Blade.
[06:48]
A
Rise of Light.
[06:49]
B
Yeah. It is a little more authentic when Hugh said it, but I like it nonetheless. That's good. Yeah. Every attacker counts on one thing. Environments that Trust too much. ThreatLocker closes that gap with default deny at execution. Unknown software blocked. Trusted apps contained with ring fencing. Configurations verified with ThreatLocker DAC so you stay secure and compliant. ThreatLocker delivers the visibility and control CISOs need without adding operational pain, making zero trust real for teams of any size. Stop ransomware at its earliest point. Book a demo@threatlocker.com N2K. All right, let's move on to our stories here. I think I have the honors this week of leading us off here. I have a story from the folks over@hackread.com and actually some research from the Cofence Fishing Defense Center. And this is about a phishing campaign that is going after folks using LinkedIn as the lure, I guess, as the misdirection.
[08:17]
C
I think LinkedIn's just a scam platform now.
[08:21]
B
Well, it is. And in fact, well, there's a story that's breaking as we record this tomorrow about some behind the scenes tracking that LinkedIn has been caught doing so we'll see if that story has any legs or not.
[08:32]
C
Oh, really?
[08:33]
B
We'll see. I'd be shocked, shocked to learn that LinkedIn was doing tracking that they hadn't shared with their users.
[08:42]
C
Let me put on my pearls so I can clutch them.
[08:44]
B
There you go. Anyway, what happens is you get a fake LinkedIn alert, and that sends you to a counterfeit login page that's built to capture your credentials and your account data. So the scam starts with an email, and it looks like a normal LinkedIn notification. It has all of the right logos, all the right fonts, and what it says is that a representative from a reputable company has sent an urgent message about a business opportunity. So right away, Joe. Urgency. Right, Right.
[09:17]
A
Yep.
[09:20]
B
And everything looks legit, but the sender's address doesn't match LinkedIn. And typically they come from domains that were spun up only, you know, moments ago.
[09:32]
C
Yes.
[09:32]
B
So there are domains that have no history, which, of course, is always a red flag that there may be scamming at play. So when the user clicks on a button in the email, instead of going to LinkedIn, it sends them to a fraudulent login page that uses a lookalike address that looks like the words LinkedIn, but it's not. It's close, you know, It's a lookalike
[09:57]
C
LinkedIn with an L. Right. Exactly.
[09:59]
A
Inked in.
[10:00]
B
So the researchers at Cofence say the attackers choose a name that visually resembles LinkedIn, but it's not. So at first glance, it's easy to fall for it. They say that this was set up about two months before the campaign, and they used multiple Internet addresses to stay online. Then, once the user enters their password, the attackers take that information, and then they have access to your LinkedIn account and all the personal data that comes with that. And they're pointing this out in particular because it doesn't really rely on any malware. It's a very quiet sort of exploit. It relies on your habits, your trust and urgency. So your habit of checking for messages from LinkedIn, your trust that you have in LinkedIn as a platform, that's where they'd lose me.
[10:53]
C
Right. They've already lost me with the first requirement, and the second does not make me easier.
[11:00]
B
And urgency, you know that this is.
[11:03]
C
You can't.
[11:04]
B
Here's an offer you can't refuse from someone from a legit company who has some sort of business that they want to do with you.
[11:11]
C
Yeah. I gotta tell you, I would see this and be like, I do not care what somebody who Paid to send me a message on LinkedIn even. You know, if this fooled me, it would fool me into not caring and I would delete the email.
[11:26]
B
Yeah.
[11:27]
C
Oh, look, somebody from LinkedIn has a very urgent message for me. Sure. It's probably another one of those recruiters that wants to offer me a six month contract position at $30 a month.
[11:37]
B
Right.
[11:37]
C
Or an hour, rather.
[11:39]
A
Yeah, $30 a month. I'd pass on that. Yeah,
[11:46]
B
yeah, absolutely. But you got to think, I mean, I have weaned myself off of LinkedIn. I only go there when there's no other alternative and because of the cesspool that it's become. Yeah. And Maria, you pointed out a few weeks ago about one of the Reddit groups that highlights, what's it called, like LinkedIn lunatics.
[12:14]
A
LinkedIn lunatics, yeah, lunatics.
[12:16]
B
There you go.
[12:17]
A
Yeah. I gotta say though, the infosec world is not. I mean, there are certainly people who are very active on LinkedIn, but I compare it to the space world that I also kind of dip my toes in, and that sector is a lot more active on LinkedIn, which I found very, very interesting. Yeah. So I do wonder if there's some of. This is industry specific, that some industries use it a lot more than others and it may have something to do with the age of the cohort. I know a lot of folks in space are kind of old, so I wonder about that, but. Yeah, I know in infosec people go dark for years and that's totally normal, right? Yeah, yeah. My husband has a joke, he's a software engineer that he goes on there for his obligatory once a year just to check, and then he signs off for another year. He just doesn't want to touch it. So.
[13:07]
B
Yeah.
[13:07]
A
Lucky.
[13:08]
B
Did we. I can't remember if we highlighted the LinkedIn translator that we did a couple episodes. Again, it's hard for me to keep track of what I've talked about. Where, so.
[13:19]
A
Well, when you've met Hugh Jackman, it's hard to keep these details. It's okay. It's okay, Dave.
[13:24]
B
It's true. Let me just say for the record, he is dreamy.
[13:30]
A
I bet he is.
[13:32]
C
How tall is he?
[13:33]
B
How tall is he? Yeah, you know, his Wikipedia page says he's six foot two. I'd say he's about six foot.
[13:41]
C
Okay.
[13:41]
B
Yeah, he's tall. And I learned also that Wolverine is canonically supposed to be like 5 foot 3.
[13:49]
A
Yes. Wolverine's supposed to be a short, angry Canadian. It's true.
[13:52]
C
Yeah.
[13:54]
B
So instead they got a tall Australian what are you gonna do?
[13:57]
C
In one of the Deadpool and one scene of the Deadpool and Wolverine thing, they have a short Wolverine.
[14:04]
B
Oh, okay.
[14:04]
C
It's kind of one of the jokes, but.
[14:07]
B
Well, that's probably where it comes from, hopefully.
[14:09]
A
He says bub a lot. Yeah.
[14:13]
B
All right, well, that is my story this week. We'll have a link to that in the show notes. Joe, you're up next. What do you got for us?
[14:20]
C
Well, I got a story that I imagine is not going to be relevant to a lot of our audience or a very small segment, however.
[14:26]
A
That's some good podcasting, Joe, right there.
[14:29]
B
Yeah.
[14:29]
A
You won't care about this story. All right. That's a great story.
[14:32]
C
I'm not saying they won't care. I'm not saying they won't care. I think I picked this story because I'm like, nobody in our podcast audience is going to go climb Mount Everest,
[14:43]
A
but you never know. I bet you we've got some listeners who want to or have done it. I really bet we do.
[14:50]
C
Right?
[14:50]
A
Yeah.
[14:50]
B
Please send us a note if you have, in fact climbed Mount Everest or are itching to do so. Hackinghumans2k.com so this is a story that
[15:00]
C
comes from the Independent, which, by the way, whenever they talk about themselves in their article, they italicize their name, but it's from Amelia Neath and Shweta Sharma, who have written this article. And let me just read the headline. Everest Guides Accused of Poisoning Foreign Climbers to Force fake rescues in $20 million scam. So, you know, you don't climb Mount Everest by yourself.
[15:29]
B
No.
[15:29]
C
Right. Climb.
[15:31]
B
Yeah,
[15:34]
C
there's an industry around this. There's, you know, Sherpas and guides and things like that will actually walk up with you and they'll take you to the base camp or even up to the peak. But the investigators are saying that more than 4,700 climbers have been affected by this scam between 2022 and 2025. So what happens is, when you start climbing, these guys were inducing the effects of altitude sickness by either preparing food for climbers with tons of baking soda in it, which will produce something like, I guess, stomach bends. I don't know. I've never climbed to high altitudes, but it's.
[16:17]
B
I've also never consumed massive amounts of baking soda.
[16:20]
C
Well, I have.
[16:23]
A
What? Okay.
[16:25]
C
I was trying to replicate a Thomas Edison experiment when I was a child.
[16:30]
B
Whoa.
[16:31]
C
It wasn't mass amounts. You never heard that story about Thomas Edison?
[16:35]
B
No.
[16:36]
C
Feeding one of his friends a bunch of baking soda to see if it would make him fly, but it only made him sick.
[16:41]
B
Oh, okay.
[16:42]
C
Yeah.
[16:43]
A
This story is taking us on wild turns.
[16:45]
B
Yeah.
[16:48]
C
So the scam appears to be vast. Police said that more than 300 cases of allegedly fake rescues have been uncovered, and their billing has totaled about $20 million. So what they would do is they'd also. One of the other things they do to physically induce these symptoms is they would give them medication that would make them sick along with large amounts of water. And that's apparently very bad when you're at altitude. So that'll give you.
[17:18]
A
You want to be dehydrated at altitude. That's interesting.
[17:21]
C
I don't know. When I went to Denver, which is about the highest I've ever been. I'm gonna let that stand there. You should have seen Dave. He leaded into the life of the elevation.
[17:34]
A
Elevation, wow.
[17:34]
C
You're gonna say something, aren't you? I'm like, nope.
[17:36]
B
College, right? Yeah.
[17:38]
A
Elevation wise, everybody. All right. Yep.
[17:41]
C
So in Denver, they told us, drink all the water you can drink, right?
[17:46]
A
Yeah. Yeah. Same when Denver or Colorado Springs. For me, my yearly thing I gotta do, I am so constantly dehydrated, it's insane. So. Okay. I can't even imagine Everest being.
[17:59]
C
Yeah, yeah. But they were essentially faking these medical emergencies in climbers. Then the climbers, the trekkers, would report nausea, dizziness, body aches, and they were advised to descend and agree to costly emergency helicopter evacuations. Once a rescue was triggered, the operators inflated costs by billing each passenger as if they had taken a separate helicopter flight. Oh, so the helicopter company was in on it.
[18:27]
A
The.
[18:28]
C
The guides were in on it. The local hospitals were in on it. Because if I give you a bunch of baking soda, you're going to go down. Go down to regular altitude, you're going to belch a couple times, and you're going to feel fine. You're like, I don't need to. To do anything else. But you know what? My trip to the top of Mount Everest is over, so I'm just going home. So it doesn't look like anybody was seriously harmed here, but this is not the first time this happened. Back in 2018, there was a 700 page report from the Kathmandu Post, or actually the Kathmandu Post reported on it, prompting a 700 page report.
[19:08]
A
Okay.
[19:09]
C
Yeah. From the Nepalese government.
[19:13]
B
Wow.
[19:13]
A
All right.
[19:14]
C
Yeah. So the big take here is from insurance fraud, because when you're gonna climb the mountain, you buy insurance. And there are insurance companies who've said, we're not gonna do this anymore. We're not gonna cover Everest summits, you know, summit climbing Everest anymore if this kind of fraud keeps happening. Cause there's no way we can continue to pay these things out. So they've arrested something like 26 people, including people who operate the helicopter companies, people who operate the tour companies, and people who work in the hospitals who also filed fraudulent claims for people that they never saw.
[19:50]
A
Everyone was on the take.
[19:51]
C
So if everyone was on the take, this such was on the widespread scam.
[19:55]
A
Yeah. So I can imagine years ago, somebody was on one of these adventures to climb Mount Everest for whatever reason, and they came back going, I swear it's a conspiracy. I swear. And everyone thought that they were just crazy. And, and that person was right.
[20:11]
C
Right. Now I did a little other researching because I thought to myself, I am never going to climb Mount Everest.
[20:17]
B
Right.
[20:17]
C
But one thing that is still probably within my grasp for the next probably decade or so is climbing Mount Kilimanjaro.
[20:24]
B
Really?
[20:25]
C
Yeah.
[20:27]
B
Give me a sense of comparison. How tall is Kilimanjaro?
[20:30]
C
It's I think 19,000ft above sea level.
[20:33]
B
Wow.
[20:34]
C
Wow. It's a very broad volcanic cone.
[20:37]
B
Okay.
[20:38]
C
And it is essentially like an eight day hike. And you're constantly going up in altitude. But it's not like climbing Mount Everest.
[20:47]
B
Yeah.
[20:49]
C
It's something that is. They say anybody who's never climbed can do this hike can do this. Because as long as you're in good physical condition, you can do it. But they say about one in three people who climb Mount Kilimanjaro get altitude sickness and have to go home.
[21:06]
B
That makes sense.
[21:07]
C
Yeah. So if you're climbing Mount Everest and you know the odds are similar, one in three, or maybe it's because it's Everest, it's one and two. And then your entire party gets sick, gets altitude sickness. Maybe that would raise a red flag for somebody. Why do we all get altitude sickness? That seems very unlikely. And then they. You all go home on one helicopter ride, but they bill for four helicopter rides.
[21:33]
B
Any idea what the bill is? Does the article say, like, how much? What does an emergency rescue cost off of?
[21:40]
A
Can't be cheap.
[21:42]
C
Yeah, I don't know. They say, I guess we could do the math here. They're 4700 into 20 million. So hold on, let me get my calculator.
[21:55]
B
I mean, it's not like you're price shopping, you know, calling around for.
[21:59]
A
Wait, are you a network? I'm not sure about this. Yeah, right, exactly.
[22:03]
C
Each one of these evacuations costs $4,000. 4,200 bucks.
[22:06]
A
Yeah. That's a lot of money. Yep.
[22:09]
C
Yeah, it is.
[22:10]
B
It is. But it seems reasonable to me, given that a trip to Everest is in the tens of thousands of dollars.
[22:19]
C
Yeah. If I spent tens of. If I started feeling altitude sickness on Everest, I'd be willing to pay 4,200 bucks to get home.
[22:25]
B
Yeah.
[22:25]
C
You know, or to get off the mountain.
[22:27]
B
The place is dumb too, isn't it? It's like just like a dumpster, literally. It's covered. It's covered in trash and frozen bodies.
[22:33]
A
And frozen bodies, right. Yeah.
[22:35]
C
That's what I've heard.
[22:36]
B
Were once very motivated people. Right.
[22:38]
A
Yep. Oh, there was a blog post about that years ago that I'm sure is still on the Internet that of. Oh, sorry.
[22:46]
B
Yeah.
[22:47]
A
It talks about all the certain dead bodies that have become landmarks for other climbers. It's gross.
[22:54]
C
Turn left by Dead John up the hill to.
[22:57]
A
I can't imagine. That's just. No, that's a heck of a sky burial, let me tell you.
[23:03]
C
Anyway, sky burial is something else entirely.
[23:07]
A
I know, I know.
[23:08]
C
Much, much more gross.
[23:10]
A
I, I, Yep. I'm trying to not go there, but I did.
[23:13]
C
I will spare our listeners and if anybody else stomach they can look it
[23:17]
A
up, but no, otherwise we're gonna get some complaints about this.
[23:22]
C
Yes, we are.
[23:26]
B
So, Joe, is this like an active thing that you're saving up for or something or. No, no. Okay. It's just an aspirational thing. Maybe someday, maybe someday in your retirement.
[23:37]
C
It probably won't happen actually, because, you know, I'm just not gonna, I don't see myself traveling that much.
[23:43]
B
Yeah.
[23:44]
C
You know, going to Africa. I mean, there are places in Africa I'd like to visit, but you know, they're a lot lower on my list than other places. And having 100,000 chickens, becoming a big time chicken farmer. I'll be the next Frank Perdue.
[24:03]
A
Dream big, Joe.
[24:04]
B
Yeah, see what your neighborhood association has to say about that.
[24:09]
A
The smell.
[24:10]
C
There is no neighborhoods.
[24:12]
B
No, not yet.
[24:13]
C
But you start putting those chickens, I'll
[24:15]
B
tell you, your neighbors are going to team up and make can form one.
[24:18]
A
Yeah, there's this HBO series called the Neighbors. You're going to be on that one, Joe.
[24:24]
B
Yeah. Oh, yeah. No, no, just take a ride down to the Eastern shore and see all of the abandoned chicken hutches on the way. There's plenty of them.
[24:33]
C
Yeah, I know they're. They look abandoned. I don't know that they are abandoned though.
[24:36]
B
Are they? A lot of them are. I mean, yeah. I mean, you know, it comes and goes, farming, all that sort of thing. I think there's like, everything. There's been a lot of consolidation, so it's harder for a family farm to make ends meet these days. All right, well, we will have a link to that story in the show notes. I tell you what, let's take a quick break to hear from our show sponsor. We'll be right back after this. Most environments trust far more than they should, and attackers know it. Threat Locker solves that by enforcing default deny at the point of execution. With ThreatLocker allowlisting, you stop unknown executables cold. With ring fencing, you control how trusted applications behave. And with ThreatLocker DAC defense against configurations, you get real assurance that your environment is free of misconfigurations and clear visibility into whether you meet compliance standards. ThreatLocker is the simplest way to enforce zero trust principles without the operational pain. Its powerful protection that gives CISOs real visibility, real control, and real peace of mind. ThreatLocker makes zero trust attainable even for small security teams. See why thousands of organizations choose ThreatLocker to minimize alert fatigue, stop ransomware at the source, and regain control over their environments. Schedule your demo@threatlocker.com N2K today. And we are back. Maria, you're up. What do you got for us?
[26:15]
A
Oh, somebody had to do it. And April 15th is coming up in the United States. Yep. That means one thing. What's it mean?
[26:23]
C
Taxes.
[26:23]
A
Yeah.
[26:24]
C
Right. So I'm still working on mine.
[26:26]
A
Yeah, same. I haven't gotten mine back from my tax preparer yet, but it's coming.
[26:32]
B
You guys pay taxes?
[26:35]
C
Yes, Dave, and so do you, right?
[26:39]
B
Yeah, actually, I'm pretty vigilant about it.
[26:44]
A
Yeah, I used back when my taxes were not complicated, I was a very early filer. And now I'm one of those people who's down to the last week or so. I don't like it.
[26:52]
C
It's complicated as well.
[26:53]
B
Yeah.
[26:53]
A
Yeah. I'm not a fan. No. But yeah, somebody had to do the obligatory tax season fraud and scam story, and I figured it should be me. Why not me, right? Yeah. So there were. There are actually two articles that I was looking at. One was from a friends at proofpoint, and I'll mention an insight from that in a minute. But the first one was actually from the Better Business Bureau, the bbb, and they have their. Their obligatory tax liturgical calendar. No scam liturgical calendar story about taxes with some interesting. The new wrinkles that they're seeing this year in terms of the scams. So they're scams abound, tax related stuff. Yes, we know the. Some of the scams that we're seeing this year that are sort of noteworthy, not necessarily new, but have the new flavors, I suppose are versions of the scam where someone will be posing as the IRS, the scammer, and they'll tell a person, usually on the phone or by email, that there's a problem with your return and that they will demand immediate verification of personal information. So again, we've heard flavors of this one before, but they're seeing a lot of that. Another version of the scam, the tax related scams that Better Business Bureau is seeing are about people getting a call weeks after the filing deadline. So not pre April 15, but well after, when everyone's not thinking about it anymore, basically. And again posing as the IRS and demanding urgent payment for some sort of tax issue that was found with their file. So that one seems interesting to me because I don't know about you, but after April 15th, I'm like, I'm done. I'm not worrying about it.
[28:29]
C
Yeah, I don't think about it again until January 1st of the next year.
[28:32]
A
Yeah. I just do not want to occupying any more brain space. So if I get a call in mid May, I would, I would probably go, oh, it's, you know, I'm not thinking about the liturgical calendar being tax season anymore. But no, it is, it's, it's tax Pentecost if. I'm sorry. Oh man. All right. That makes me mad about that one.
[28:54]
C
It's going to cost five times as much. Enter cost.
[29:00]
A
Oh, nice. Nice. All right.
[29:02]
C
Yeah, nice.
[29:04]
A
And the Better Business Bureau is also warning taxpayers that deductions will never require enrollment fees. And anyone who claims that you need to pay something to access your tax benefits is absolutely trying to scam you. So please be wary. Another thing that the Better Business Bureau is warning about, something that again, not necessarily new, but we're seeing a lot more of it every year, are ghost tax preparers. So this is not necessarily a scam you're going to get by email. This is like a little, a dinky shop set up at a local like abandoned storefront near you. And it might actually make you think maybe it's legit. Cause it's one of those temporary tax filing businesses. They might say, hey, we're gonna make sure we get you a quick huge refund.
[29:46]
B
And then they just tax version of Spirit Halloween, right?
[29:49]
A
Yes, but those exist though, and they've got the people holding the signs out Front.
[29:55]
B
Speaking of ghosts,
[29:58]
C
it's the same people
[30:00]
B
in the same costumes.
[30:01]
C
I'm going to do your tax. Okay.
[30:07]
A
So yeah, they're fly by night operations and you know, if you file with these folks, they will not do your taxes correctly or at all. And you will be saddled with high fees, so. And screwed out of having your taxes done correctly. So please be careful. I know a lot of people are like, hey, I've got a guy who does my taxes or I'll find somebody. But do some due diligence around who's going to be filing for you if you're going to do it that way. And some of the other tips that the BBB is saying is make sure you are using the actual IRS website when filing your taxes electronically. Oh, I imagine. Yes. Oh, I do love the yearly story of the, like the big post office where they've got the cars lined up on April. Yeah.
[30:50]
C
The newscasters are all standing out there looking at the long line of cars.
[30:53]
A
Yeah. April 14th. It's like the, it's so funny. It's like Super Bowl Sunday for the post office. It's just so fun every year with
[31:02]
B
that story for Procrastinators Anonymous.
[31:04]
A
Yeah. And they interview them like, yeah, I didn't feel like doing my taxes and here I am. You know, like that kind of thing
[31:11]
B
every year sneaks up on me.
[31:12]
A
Yeah. I guess I just gotta get it done. Like every year. That story. It's amazing. Did I just break Joe?
[31:22]
B
Pretty much. Pretty much.
[31:25]
A
You're welcome. So if in doubt, make sure you contact the IRS directly. Don't, don't use any email or phone. Think that comes your way. So yeah. Don't, don't let, don't. They should not be calling you. You call them.
[31:38]
B
Right. No one's ever bound.
[31:40]
A
Yeah, no one. Don't trust an inbound. Exactly right. The IRS is not going to threaten you or demand immediate payment ever. Little asterisk. Except for the situation where a previous follow up email was saying if they've been pursuing you a long time and you're doing something very criminal. But if you're right, that's different. But for, for most of us ordinary folks, they're not going to be doing threatening or demanding immediate payment. And certainly they're not going to ask for any financial details over the phone and only allow funds to be deposited into your personal accounts. Don't let there be an in between saying, hey, I'll hang onto it for you. Don't, don't do that.
[32:15]
C
No thank you.
[32:16]
A
Don't do that. And my best tip is, the one that my mom always taught me was if anyone's threatening you, just yell at them, send it in writing and hang up. Like, tell them to send you a letter. Right, like that. That's send it in writing.
[32:32]
B
I'm imagining that. Forgive me, Maria, but imagining that with a very thick Greek accent.
[32:38]
A
My mom does not have a Greek accent, but my father did. No, yeah, sorry.
[32:42]
B
All right.
[32:45]
A
But yeah, send it in writing is good advice. Just do that and hang up.
[32:51]
C
I gotta inject here. That was my dad's first scam phone call that he got in. You know, when he was older, he got somebody, this is the IRS and you owe us money. And my dad being a CPA was like, all right, well, send me a letter.
[33:05]
A
Yeah. Yes.
[33:07]
C
He says, no, you gotta pay us now. He goes, no. IRS policy is the first thing you do is send the letter. So send the letter and then I'll respond.
[33:13]
A
Yep.
[33:14]
C
And the guy got enraged. And my dad was just like, are you gonna send the letter?
[33:19]
A
Yeah. I remember when I was in my 20s, my family was dealing with some tax issues. They were paying their taxes. It was just some weirdness with the quarterly taxes. And I was sort of amazed at how slow the process was with all this letter sending back and forth. And I was like, mom, it's 20 whatever. Why are we still doing stuff by letter? And it's like, this is why.
[33:43]
C
If you think the IRS is bad, try dealing with the state of Maryland and the treasury there. I have been ignored by these people for an issue I'm trying to get resolved. They just raised the issue to me like late last year and I haven't heard from them in like a month. And I sent a follow up email and they're like, oh, we changed systems. Go here and log in and create a ticket there.
[34:07]
A
Yeah, it's surprisingly. And I actually, I'm going to give credit to the IRS on this. Slowing down is a good thing in this situation.
[34:14]
C
Yeah, I'll agree with that.
[34:16]
A
Yeah. So it's actually kind of great that this whole process, especially being letter based, really does force the whole thing to slow down significantly. So. Yeah. Because I was always like, why are we not doing this by email? It should be easy to resolve. And now I'm going, good thing it's not. So let it be slow. I mentioned earlier that proofpoint also had some findings about tax scams this year. And something I wanted to note from their reporting that I thought was very interesting was about 40% of the 20, 26 tax fraud that they have been tracking this year specifically uses remote monitoring and management tools for fraud, which, you know, remote management and monitoring tools are legitimate, but they are being linked to in phishing emails or spam emails, I should say. And then they essentially will allow for a computer takeover. So one email that they highlighted was supposedly, again, a fake IRS email saying that there was an issue with your tax returns. You need to consult the attached list for details. And the way that you have to consult that attached list is to use the IRS transcript viewer. And it has a big blue button that says access the transcript viewer. And that takes you instead to a remote monitoring and management tool which then allows the attacker to do nasty things to your machine.
[35:33]
B
So just to be clear, I mean, that's a tool that lets someone basically have control of your computer from afar.
[35:40]
A
Yeah. And they're legitimate tools. Like the tools themselves are not malicious, but they are being used in a malicious way. So the reason why scammers really love these is these tools have legitimate it uses. A lot of enterprises will absolutely whitelist these kinds of apps because they are used for good purpose. So these spam emails will fly under the radar. So there is no IRS transcript viewer. Don't download anything, don't do any stuff like that. But I thought that was very interesting that almost half of the scams are now using this kind of thing that at least what proofpoint is seeing. So, yeah, I thought that was interesting. So there's a lot more in their report. We can link it for people, but that was what I wanted to highlight from them.
[36:21]
B
All right. Yeah, for sure. Tis the season and best to be vigilant. Right? All right, well, Joe, Maria, it is time for our catch of the day.
[36:38]
C
Dave, our catch of the Day comes from the Scambait subreddit R. Scambait. This one is titled Guy in the Woods Seduction on Scrabble Part 1. I don't know what this means, Dave.
[36:51]
B
Well, this is gonna be me and Maria.
[36:53]
C
Okay.
[36:53]
A
Oh, boy. This looks like a long one, Dave.
[36:58]
B
Well, Maria, since you're the victim here, feel free to pull the ripcord whenever. Jeez, you feel it's appropriate. So just to set it up for our listeners, it appears as though this conversation is happening through some kind of online Scrabble game. So the Scrabble game has a built in chat.
[37:20]
A
Is nothing safe?
[37:21]
B
Scrabble, right? Really? Yeah, yeah, yeah. So I will start out here and it goes like this. Hello, Charlotte. Thanks for accepting my game request. Hello, I'm Michael and I live in la. Where are you playing from?
[37:41]
A
America.
[37:43]
B
Nice. Another American. What part of the country are you in? I'm in la, as mentioned on the East Coast. Ah, the East Coast. So you're playing Scrabble three hours into your future. How's life on the other side of the country?
[38:00]
C
Point of order. She is playing Scrabble three hours into his future.
[38:05]
B
And what state on the East Coast I've always wanted to visit? Maine.
[38:11]
A
North Carolina. Far away from Maine.
[38:14]
B
Okay, Fair point. The east coast is pretty long. I'll forget the vagueness this time. What part of North Carolina? I've heard it's beautiful there.
[38:25]
A
Wilmington.
[38:27]
B
Good morning from la. Wilmington. Nice. I've heard Wrightsville beach is gorgeous. Have you lived in Wilmington all your life or moved there later?
[38:38]
A
I've lived here for 17 years.
[38:41]
B
Wow. 17 years. So you've basically watched Wilmington grow up. What kept you there all that time? I moved to LA with my late wife 30 years ago when we just got married. So I get having deep roots somewhere. What's your favorite thing about Wilmington?
[39:00]
A
I worked here and my children went to school here.
[39:04]
B
That's really cool. Work, school, family. Sounds like you planted yourselves well. So now that the children are through school, what keeps you busy these days? Besides crushing me at Scrabble, of course.
[39:20]
A
I am not crushing you at Scrabble. Didn't you see the score?
[39:27]
B
I know, but I feel you're letting me win. What keeps you busy these days? You don't stay here much.
[39:34]
A
I don't? I have a life to get to, and I don't play long. You seem to.
[39:39]
B
Oh, you caught me. I do like playing along when the conversation's interesting. But no pressure at all. Whether it's just Scrabble or a little chat, I'm happy to keep it. Whatever works for you. Speaking of having a life to get to, I actually just landed a contract and I'm scrambling to get ready to travel by next weekend. So that's what's been keeping me busy lately. Just squeezing in some Scrabble when I can.
[40:06]
A
Where are you traveling to?
[40:10]
B
I just. I just recently got a contract at Alberta, Canada.
[40:14]
A
At Alberta, Canada.
[40:15]
B
This will be my.
[40:16]
C
Yeah, right. Not in Alberta.
[40:17]
B
This will be my first time handling a contract in Canada. And I'm excited about it because this will be a whole new experience for me and my last job before retirement. And you? What's your job for me, I work as a contractor in the hardwood industry.
[40:43]
A
Excuse me a minute. Excuse me a minute. All right. Okay. I am a cpa, so hardwood industry what do you sell?
[40:57]
B
I should clarify. I'm on the harvesting side, not sales. So I work with logging crews.
[41:05]
C
Oh. He's a lumberjack.
[41:06]
B
Manage forest.
[41:07]
A
He's a lumberjack. And he is. Okay.
[41:10]
B
Make sure the right trees get to the right mills. It's physical, it's outdoors. And it's been a hell of a career. Alberta, Canada, will be my last stop.
[41:21]
A
So retirement after that?
[41:23]
B
Yeah, that's the plan. After Alphabasca, Athabasca.
[41:29]
A
Athabasca.
[41:30]
C
I don't know.
[41:32]
B
After Athabasca, I'm hanging up the boots. It's bittersweet. This work has been my whole life. But I'm ready for what's next. What about you? Ever think about retirement? Or are you a work forever type? Do you mind us talking outside here instead of waiting for turns? It's very slow.
[41:53]
C
Bing. There's the change in platform.
[41:56]
A
Mm.
[41:58]
C
Town in Alberta.
[42:00]
A
Oh. Oh, I see. Okay. I suppose I'll retire someday.
[42:05]
B
I'll bet you've got a good someday vision in your head. I'm still figuring out what retirement even looks like for me. Feels weird. After decades of working, you seem like someone who'd land on her feet no matter what, though. Do you mind us talking outside?
[42:21]
A
I don't mind.
[42:23]
B
All right. Are you on Teams app?
[42:26]
A
Not there. I use that for work.
[42:29]
B
Okay. What platform do you use? I prefer Teams, though. It works perfectly for me. Most especially outside the state.
[42:43]
A
Are those supposed to be actual words?
[42:45]
B
I think one of them is supposed to be signal.
[42:47]
A
Signal. But it's missing. Yeah, Signal.
[42:53]
B
I haven't used any of those apps before. Are you on Google Chat?
[42:58]
A
No, I'm not.
[43:00]
B
All right, give me your telegram address.
[43:05]
A
All right, so all I can see in the in the chat bubble is the word sex, and the rest is black. So use your imagination, folks.
[43:13]
B
Sexy mama. Or something like that.
[43:16]
A
Sexy CPA. 696-9420@gmail. There you go.
[43:20]
B
You know what? We could just pull the ripcord right there.
[43:22]
A
Right, let's pull the ripcord.
[43:23]
C
This is going on long enough.
[43:24]
B
Good. It doesn't really go anywhere else.
[43:27]
C
Yeah, I love the one, the terse responses. That's great. You know, I don't know.
[43:33]
A
You seem like a woman who can really land on her feet with one word answers. Yeah, I've learned a lot about you. Yeah. Great.
[43:39]
B
Yeah. Oh, you're so irresistible. Never met anyone quite like you. From Wilmington Concise and To the Point. Yeah. Oh, my gosh. What do you guys make of this one?
[43:52]
C
It seems, you know, There, there are words grafted onto the pictures here that say like Chatbot.
[43:58]
B
Yeah.
[43:59]
C
And at some point in time it, it seems to think it like maybe the Chatbot thinks Wilmington's a person because it says you watch Wilmington grow up over 17 years.
[44:07]
B
Right.
[44:07]
C
And some place. You know, towns do grow up over time, but longer timescales than 17 years.
[44:14]
B
Right? Yeah. It's odd. It is odd. And yet sort of forced seduction.
[44:20]
A
Right. I am just fascinated that I guess there's enough success trying to get people through a Scrabble app that this is being tried. I never would have suspected that. But I guess they'll fish anywhere. That's. Huh. Scrabble. Not even Scrabble is sacred.
[44:41]
C
I never play these games online because I am 100% certain that the other person is cheating. You know, it's just too easy. I do play Scrabble in person with my wife and I lose just about every single time.
[44:54]
A
Okay.
[44:55]
B
She's got like zither, right?
[44:57]
C
Yeah.
[44:59]
B
Right.
[45:00]
C
And I got four P's and two N's and you know, that's always what happens to me is I get the. The bad draws.
[45:07]
B
Yeah. I can't say I'm a big fan of board games and we have a ton of them in the house, but we never seem to play any of them really. Yeah.
[45:15]
C
I just don't have time to play them. Let's talk about this. Last night, my son in law when he's like, what are we going to do when we're both at. When we're out of school? And I looked at him and said, when does that happen? He just started laughing. But he's like, I like to play some games. I'd like to play some games too. But we play games like the railroad tycoon games, which are really fun.
[45:39]
B
Yeah.
[45:40]
C
Well, you play video games, Dave. I haven't had time to play video games in months. In fact, the last time I played a video game was with Jake and I got motion sickness from playing it. So I'm afraid I might be done. I'm gonna have to try Fortnite again at some point in time and see if it's.
[45:58]
A
You don't have to play games like that. There are so many other video games out there. There too that don't.
[46:03]
B
We are on a. We are on a one way trip to text adventure games, my friends.
[46:07]
C
Yes.
[46:07]
A
Oh yeah. Look up. You see a groove?
[46:13]
C
Yeah.
[46:14]
B
Go west. Get lamp. Yeah.
[46:18]
A
Listen, the old ways are good ways. I'm just saying.
[46:21]
B
Yeah, absolutely. Most environments trust too much and attackers know it. Threatlocker enforces default deny at execution, blocks unknown apps and limits what trusted apps can do. Stop ransomware at the source. Get your demo@threatlocker.com N2K. All right, well, we will have a link to that catch of the day in the Show Notes and that is Hacking Humans brought to you by N2 2K CyberWire. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the Show Notes or send an email to hackinghumans2k.com this episode is produced by Liz Stokes. Our executive producer is Jennifer Iban. We're mixed by Elliot Peltzman and Trey Hester. Peter Kilpie is our publisher. I'm Dave Buettner.
[47:26]
C
I'm Joe Kerrigan.
[47:27]
A
And I'm Maria Vermazes.
[47:29]
B
Thanks for listening.