Computer Security News and Insights
One Phishing Email Cost MGM Resorts $100 Million In September 2023, a single social engineering phone call — preceded by a carefully crafted phishing email reconnaissance campaign — led to the breach that shut down MGM Resorts' operations across Las Vegas. Slot machines went dark. Hotel room keys stopped working. The
In January 2025, a finance employee at a multinational firm in Hong Kong wired $25 million to threat actors after a deepfake video call convinced him his CFO had authorized the transfer. The attack started the same way almost all of them do — with a phishing email. If you'
In May 2025, the FBI's Internet Crime Complaint Center reported that business email compromise — a sophisticated form of fake mail — accounted for over $2.9 billion in adjusted losses in 2023 alone. That number has only grown. I've personally worked cases where a single convincing email
The Phone Call That Cost One Company $23 Million In early 2024, a finance worker at engineering firm Arup was tricked into wiring $25 million to threat actors after a deepfake video call that impersonated senior leadership. That incident made headlines worldwide. But for every deepfake video heist, there are
In January 2024, a finance employee at British engineering firm Arup transferred $25 million to threat actors after joining a video call with what appeared to be the company's CFO and other colleagues — all of them deepfake recreations. The attack started the way most do: with a phishing
Your Old AIM Email Is a Bigger Threat Than You Think In December 2017, AOL officially shut down AIM — AOL Instant Messenger — after two decades as one of the internet's most iconic platforms. But here's what most people missed: the email addresses tied to those accounts
The Email That Cost MGM Resorts $100 Million In September 2023, a single social engineering attack — starting with a phone call but rooted in the same deception principles as phishing emails — led to a breach at MGM Resorts that cost the company over $100 million. The threat actors behind the
Your Employees Are Phish Food — And Threat Actors Know It In March 2025, the FBI's Internet Crime Complaint Center (IC3) released its 2024 annual report showing over $16 billion in reported cybercrime losses — the highest figure ever recorded. Phishing and its variants topped the list of complaint types
In January 2024, a finance employee at engineering firm Arup wired $25 million to criminals after joining a video call with what appeared to be the company's CFO and several colleagues. Every person on that call was a deepfake. The attack started the same way nearly all of
In May 2024, the FBI's Internet Crime Complaint Center reported that business email compromise — a category built almost entirely on fake emails — accounted for over $2.9 billion in adjusted losses in a single year. That figure dwarfed ransomware losses by a factor of nearly 50. And those
