Scammers Gonna Scam.
Cybersecurity

Hacking Humans

Scammers Gonna Scam.

Hacking HumansJan 22, 2026

Why It Matters

Understanding these evolving scams is crucial for anyone handling digital communications, as attackers increasingly weaponize trusted platforms and impersonate authorities. The episode’s timely coverage of global enforcement actions and real‑world victim experiences underscores the growing need for heightened awareness and proactive security habits.

Key Takeaways

  • IRS agents rarely initiate contact; verify in person.
  • Avoid gift cards or Bitcoin for tax‑related payments.
  • SendGrid phishing shifted from compromised accounts to rage‑bait tactics.
  • 2FA protects email service providers from credential theft.
  • Rage bait emails exploit political emotions to increase click rates.

Pulse Analysis

The episode opens with light‑hearted banter about chickens and crows before diving into the serious subject of tax‑related scams. Host Dave Bittner shares listener feedback from Tim, an IRS Criminal Investigation special agent, who clarifies how the agency actually contacts taxpayers. Tim emphasizes that the IRS never initiates unsolicited tax payments via gift cards, Bitcoin, or phone calls, and that any in‑person encounter should occur at a public venue such as an IRS office. This correction sets the stage for listeners to distinguish legitimate government outreach from sophisticated social‑engineering attacks.

Tim’s detailed guidance provides a practical verification checklist for anyone approached by an alleged IRS representative. He advises meeting the agent at a neutral location—preferably a local IRS office, U.S. Attorney’s office, or library—and requesting to see official credentials, noting that agents cannot legally share badge photos electronically. The conversation also highlights that criminal‑investigation officers may appear at a taxpayer’s door, but only after documented investigative steps, not as a cold‑call surprise. By reinforcing these protocols, organizations can reduce the risk of falling for impersonation schemes that exploit the public’s fear of tax enforcement.

The second half of the show shifts to a technical deep‑dive on a long‑running SendGrid phishing campaign. Originally, attackers compromised legitimate SendGrid accounts lacking two‑factor authentication, sending fake login pages to harvest more credentials—a cycle dubbed “phishception.” Recent variants have adopted “rage bait” tactics, embedding polarizing political language—such as ICE support notices—to trigger emotional responses and higher click‑through rates. Security experts stress enabling 2FA on all email service providers, monitoring outbound traffic for unauthorized campaigns, and educating users about the dangers of gift‑card or cryptocurrency payments. Understanding this evolution equips businesses to defend against increasingly manipulative social‑engineering attacks.

Episode Description

This week, hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠,⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe share's another chicken update for us, this time from Werner Herzog. Dave’s got a story from a listener named Tim, an IRS Criminal Investigation agent, who explains that real CI agents may contact people unannounced and can verify themselves in person, but if anyone asks for gift cards or crypto, it’s definitely a scam. Maria has the story on how attackers are abusing real SendGrid accounts to send politically charged phishing emails that look legitimate and trick users into handing over their credentials. Joe has two stories this week, the first on Cambodia’s renewed crackdown on massive Southeast Asian scam networks following the arrest and extradition of alleged kingpin Chen Zhi, signaling deeper international cooperation against fraud operations that have stolen billions worldwide, and the second on a Nashville Uber driver who lost $300 after falling for a convincing phone scam that impersonated Uber Support and falsely accused him of drunk driving. Our catch of the day comes from Reddit scams where one scammer gets put through the ringer, twice.

Resources and links to stories:

Cambodia to keep up crackdown on scam centres after arrest of alleged mastermind

Uber driver describes drunk driving scam that cost him $300

SendGrid isn’t emailing you about ICE or BLM. It’s a phishing attack.

Dave Part 1

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Show Notes

Comments

Want to join the conversation?

Loading comments...