What the Hack? Episode 238: The Phone Call that Broke the Bank
Feb 10, 2026
Charlotte Jupp, VP of Customer Success at Outthink who focuses on human risk in cybersecurity, breaks down how a single phone call can topple huge organizations. Short, punchy takes on phone‑based pretexts, SIM swapping, AI‑enabled social engineering, why awareness training fails, and real‑time nudges and dashboards to spot risky behavior.
AI Snips
Chapters
Transcript
Episode notes
Casino Systems Are Financially Critical
- MGM's outage showed casinos operate as continuous, regulated banks with every bet and comp tracked in real time.
- When identity and access systems fail, operations, payments, and guest access can collapse instantly.
SIM Swaps And LinkedIn Recon Nailed Targets
- Attackers used SIM swapping and social engineering to duplicate phones and take control of accounts during their campaign against casinos.
- They researched employees on LinkedIn to target technical staff and reset passwords within minutes.
A Phone Call Can Defeat Zero Trust
- The MGM breach began with a phone call that resembled a routine help-desk request and granted trust that enabled access escalation.
- Even 'zero trust' setups fail when human verification relies on information attackers can mimic.