SysAdmin Weekly - 049 - How do Attackers Use Local LLMs to Phish At Scale?

Ask Claude or ChatGPT to write a phishing email and it politely refuses; pull the right open-weight model onto your own laptop and that refusal layer simply does not exist. Andy brings his InfoSecurity Europe session to the show, and Eric Siron joins to walk through how threat actors run local LLMs on their own hardware to generate targeted spear phishing at scale, in any language, with no internet connection and no guardrails. The guys break down what the attack workflow actually looks like, why these capabilities never disappear once a model is downloaded, and where the real defensive line sits. Spoiler: "spot the typo" awareness training is dead, and verification culture plus strong email authentication is what carries the load now. Chapters: 00:00:00 - Cold Open: Local LLMs and Phishing at Scale 00:01:37 - Welcome Back and InfoSecurity Europe 00:03:55 - News React: Washington Pumps the Brakes on Fable 00:06:46 - News React: NY Ghost Gun Printing Law and Google AI Liability 00:12:07 - Nerd Hour: Camera Gear and Mac Studio Dreams 00:13:27 - Nerd Hour: Building the InfoSec Demo 00:15:55 - Show Plugs and Community Links 00:17:00 - Main Topic: What Local LLMs Actually Are 00:21:23 - The Guardrail Gap: Cloud Refuses, Local Complies 00:26:55 - The Demo: 15 Tailored Spear Phishing Lures in 90 Seconds 00:30:04 - Why These Capabilities Never Go Away 00:32:59 - AI on the Defensive Side 00:39:01 - Voice Cloning, Deepfakes, and SPF for Phones 00:46:20 - The Low-Tech Deepfake Defense 00:47:26 - Why Spot-the-Typo Training Is Dead 00:50:09 - Verification Culture and Email Authentication 00:54:32 - Common Questions: Legality, Detection, and Adoption 01:00:18 - Wrap Up: Stay Safe Out There Resources / Show Notes: Ollama, the easiest way to run open models locally: https://ollama.com Hugging Face, open repository of machine learning models: https://huggingface.co OpenCode, terminal coding agent that runs against local models: https://opencode.ai Evilginx, reverse-proxy phishing framework referenced in the demo: https://github.com/kgretzky/evilginx2 SysAdmin Weekly Episode 024 - On-Prem AI with Ollama (the callback episode, YouTube):    • SysAdmin Weekly - 024 - On-Prem AI with Ol...   SysAdmin Weekly - all show links in one place: https://www.sysadminweekly.com SysAdmin Weekly Newsletter: https://newsletter.sysadminweekly.com SysAdmin Weekly GitHub Discussions: https://github.com/ProjectRunspace/sy... Project Runspace: https://www.projectrunspace.org AndyOnTech: https://www.andyontech.com

SysAdmin Weekly - 050 - How Do You Run a Blameless Incident Postmortem?
▶︎

SysAdmin Weekly - 050 - How Do You Run a Blameless Incident Postmortem?

What's Actually in Our Home Labs (and Why) - SysAdmin Weekly - 051
▶︎

What's Actually in Our Home Labs (and Why) - SysAdmin Weekly - 051

Zig 2026: No-AI Policy, $670K Foundation, Left GitHub & Why Zig Isn’t 1.0 - Andrew Kelley Explains
▶︎

Zig 2026: No-AI Policy, $670K Foundation, Left GitHub & Why Zig Isn’t 1.0 - Andrew Kelley Explains

Don't Hang Up On AI Scammers. Do THIS Instead.
▶︎

Don't Hang Up On AI Scammers. Do THIS Instead.

How to Hide in Plain Sight: Next-Level Digital Privacy | Ivan Banov at BSidesCache 2025
▶︎

How to Hide in Plain Sight: Next-Level Digital Privacy | Ivan Banov at BSidesCache 2025

Peak Microslop
▶︎

Peak Microslop

Their Junior Tech Destroyed This $2000 Gaming Laptop In 60 Seconds!
▶︎

Their Junior Tech Destroyed This $2000 Gaming Laptop In 60 Seconds!

This Hacker Kept Embarrassing the FBI
▶︎

This Hacker Kept Embarrassing the FBI

SysAdmin Weekly - 000 - No! Hyper V is Not Dead!
▶︎

SysAdmin Weekly - 000 - No! Hyper V is Not Dead!

Keynote: After the AI Hype – What’s Real, and What’s Next - Richard Campbell - 2026
▶︎

Keynote: After the AI Hype – What’s Real, and What’s Next - Richard Campbell - 2026

How Rockstar fit an entire city into PlayStation 2 memory
▶︎

How Rockstar fit an entire city into PlayStation 2 memory

Creator of C++: Bell Labs, Negative Overhead Abstraction, Mistakes | Bjarne Stroustrup
▶︎

Creator of C++: Bell Labs, Negative Overhead Abstraction, Mistakes | Bjarne Stroustrup

The Internet Is Dead…And Nobody Cares
▶︎

The Internet Is Dead…And Nobody Cares

S13 E17: Trump’s Reflecting Pool, Redistricting & Soaps: 6/28/26: Last Week Tonight with John Oliver
▶︎

S13 E17: Trump’s Reflecting Pool, Redistricting & Soaps: 6/28/26: Last Week Tonight with John Oliver

Revealing The SPECIAL TECHNIQUE Of A Pakistani Man To EXTRACT GOLD From Used Motherboard Waste
▶︎

Revealing The SPECIAL TECHNIQUE Of A Pakistani Man To EXTRACT GOLD From Used Motherboard Waste

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!
▶︎

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!

Ed Zitron on CNBC: Generative AI Doesn't Work, And Big Tech Is Out Of Hypergrowth Ideas
▶︎

Ed Zitron on CNBC: Generative AI Doesn't Work, And Big Tech Is Out Of Hypergrowth Ideas

Their Company Data Is Trapped On This BitLocker-Encrypted SSD
▶︎

Their Company Data Is Trapped On This BitLocker-Encrypted SSD

Something is jamming GPS over Europe. Here's what we found
▶︎

Something is jamming GPS over Europe. Here's what we found

SysAdmin Weekly - 038 - Making Security Decisions Based on Data, Not Fear
▶︎

SysAdmin Weekly - 038 - Making Security Decisions Based on Data, Not Fear