Hacking Humans — Episode Summary
“When ‘opportunity’ knocks, don’t answer.”
April 9, 2026 | Hosts: Dave Buettner, Joe Kerrigan, Maria Varmazes

Episode Theme:
Deception, influence, and social engineering in the world of cybercrime. This week, the hosts dig into recent cyber scams involving fake LinkedIn messages, insurance fraud on Mount Everest, and a breakdown of the latest tax season scams. They share personal stories, discuss criminal exploits, and close with a “catch of the day” that highlights suspicious advances within an online Scrabble game.

Opening & Follow-up (00:15–07:00)

• Welcoming Back the Gang:
  The team is reunited after some time apart due to travel and technical issues.

• Listener Mail from Australia (01:11):
  Joe reads a light-hearted email about his backyard chickens and receives tips from an Australian listener.

  • Discussion veers into “chook talk” (Australian term for chicken) and humorous product suggestions like “chicken saddles” to protect hens.

• Anecdote: Meeting Hugh Jackman (04:05):
  Dave shares a highlight from the RSA conference, recalling an interaction with Hugh Jackman.
  Quote:
  “I introduced myself, and then I said, well, either you’re closing your eyes to a situation you do not wish to acknowledge… And he looked back at me and he said, or I’m underestimating the caliber of disaster indicated by the presence of a pool table in my community. And I said, you got trouble, my friend. And he said, right here in River City.” (05:03)

• Australian Linguistics Lesson (05:53):
  Dave passes on a lesson from Jackman on how to fake an Australian accent using the words “rise up light” (i.e., “razor blade”).

Main Stories & Discussions

1. LinkedIn Phishing Campaigns (07:50–14:19)

Story Source: HackRead/Cofense Phishing Defense Center
Presenter: Dave Buettner

• Phishing Tactic:
  Attackers send fake LinkedIn alerts about urgent business opportunities, using visually convincing emails with logos and fonts.
• Modus Operandi:
  • Fake notification links lead to lookalike login pages designed to steal LinkedIn credentials.
  • Domains for phishing sites are newly registered, a major red flag.
  • The scam preys on habits (checking LinkedIn messages), trust in the platform, and urgency (promises of business deals).
• Key Quotes:
  • “You get a fake LinkedIn alert and that sends you to a counterfeit login page…” (08:44)
  • “It doesn’t really rely on any malware. It’s a very quiet sort of exploit. It relies on your habits, your trust, and urgency.” (10:46)
• Hosts’ Take:
  • Joe: Expresses skepticism about LinkedIn’s trustworthiness and jokes about not being enticed by such messages.
  • Maria: Observes that usage and trust in LinkedIn is industry-specific, less prevalent in infosec than in other fields.
• Discussion on LinkedIn Subculture (11:45–13:13):
  • Reference to subreddit “LinkedIn Lunatics.”
  • Social engineering likely tailored to demographics that are actively engaged on platform.

2. Everest Helicopter Insurance Scam (14:19–24:32)

Story Source: The Independent
Presenter: Joe Kerrigan

• Scam Unveiled:
  Everest climbing guides allegedly poisoned climbers with tainted food or medication to induce fake altitude sickness, triggering false emergencies requiring costly helicopter rescues.
• Scope & Tactics:
  • Over 4,700 climbers affected (2022–2025), 300+ fake rescues, $20M in fraudulent insurance billing.
  • Collusion included guides, helicopter firms, and local hospitals.
  • False symptoms induced with massive water intake or baking soda-laced food.
• Key Quotes:
  • “They were essentially faking these medical emergencies in climbers… and [operators] inflated costs by billing each passenger as if they had taken a separate helicopter flight.” (17:58)
• Insurance Fallout:
  • Some insurance carriers are threatening to stop covering Everest expeditions due to rampant fraud.
• Personal Reflection:
  • Joe discusses aspiring to climb Mount Kilimanjaro instead; hosts riff on the morbid topic of Everest’s “landmark” frozen bodies (22:35).
  • “Turn left by Dead John up the hill to…” (22:53 – Maria)

3. Tax Season Scams (26:15–36:20)

Story Sources: Better Business Bureau, Proofpoint
Presenter: Maria Varmazes

• Annual Surge in Scams:
  Tax time brings traditional and evolving scams, including fake IRS calls/emails (before and after April 15th), urgent payment demands, and appeals for verification of sensitive info.
• Highlighted Tactics:
  • Ghost tax preparers: Temporary, fraudulent storefronts promising big refunds but not filing returns.
  • Phishing links purporting to be IRS resources; especially emails prompting users to download an “IRS transcript viewer,” which is really a remote monitoring and management (RMM) tool.
  • “There is no IRS transcript viewer. Don’t download anything…” (35:34–36:15)
• Key Stats:
  • Proofpoint noted ~40% of the 2026 tax scams involve RMM tools enabling attackers to control victims’ computers.
• Advice from Hosts:
  • Only trust contacts you initiate directly with the IRS.
  • IRS will typically communicate by letter first.
  • “Send it in writing and hang up.” (32:14 – Maria’s advice via her mom)
• Personal Anecdotes:
  • Joe: His father, a CPA, easily rebuffs IRS scam calls by demanding written correspondence (33:04).
  • Maria: The slow, letter-based IRS system is a feature, not a bug—it thwarts scammers.

Notable Quotes & Humor

• “I never play these [online] games… because I am 100% certain the other person is cheating.” (44:40 – Joe)
• “You seem like a woman who can really land on her feet with one-word answers.” (43:39 – Dave, reading ScamBot text)
• “Scrabble? Not even Scrabble is sacred.” (44:40 – Maria on scams infiltrating online Scrabble)

Catch of the Day: Scrabble Scam Chat (36:38–46:20)

• Context:
  The team reads a real chatlog posted to Reddit’s r/Scambait subreddit exposing a scammer attempting to lure a Scrabble opponent onto outside chat platforms.
• Pattern:
  Typical romance/seduction scam, with over-familiar questions and requests to move from the game’s chat to external apps (Teams, Signal, Telegram).
• Hosts’ Commentary:
  • They note clear red flags (pushiness to switch platforms, oddly formal phrasing).
  • Banter on the sheer ubiquity of scams—even Scrabble isn’t safe.
  • The dialogue pokes fun at the awkwardness and persistence of scam bots.
• Memorable Moment:
  • Maria invents a tongue-in-cheek scammer email: “SexyCPA696-9420@gmail.” (43:15)

Timestamps for Key Segments

• Australian Chicken & Hugh Jackman Anecdotes: 01:11–06:01
• LinkedIn Phishing Campaign: 07:50–14:19
• Everest Rescue Scam: 14:19–24:32
• Tax Season Scams: 26:15–36:20
• Catch of the Day (Scrabble Bot Romance): 36:38–46:20

Takeaways & Practical Tips

• LinkedIn always be cautious about urgent messages—scrutinize sender details and URLs.
• Don’t trust tax preparers without credentials, and never download files claiming to be “IRS viewers.”
• Insurance scams can hide within complex environments (like Everest expeditions); a web of collusion is always possible.
• Scams can happen anywhere—even in casual, seemingly benign online games.
• When in doubt with official-looking requests: ask for written confirmation and never provide sensitive info over the phone or email.

(For references and more details, see the episode show notes.)