Tag

Credential Theft

Posts exploring how attackers steal usernames, passwords, and authentication tokens through phishing, keylogging, brute force attacks, and credential stuffing. Includes actionable guidance on multi-factor authentication, password managers, and monitoring for compromised credentials.

posts

Spoofing Caller

Spoofing Caller Attacks: How Hackers Steal Trust

In March 2022, the FBI warned that threat actors were spoofing caller IDs of financial institutions and government agencies to steal millions from unsuspecting victims. The Bureau's Internet Crime Complaint Center (IC3) received over 18,000 complaints related to spoofing in 2021 alone, with adjusted losses exceeding $82

Carl B. Johnson Sep 04, 2022 6 min read
Phishing Links

What Is a Phishing Link? Anatomy of a Click That Costs Millions

In March 2022, a single employee at Okta clicked a link in what appeared to be a routine IT notification. That one click gave the Lapsus$ threat actor group access to internal systems, ultimately affecting roughly 2.5% of Okta's customer base — hundreds of organizations. The attack didn&

Carl B. Johnson Sep 04, 2022 8 min read
Group Online Svindel

Group Online Svindel: How Organized Fraud Rings Work

A Single Phishing Email Led to a $100 Million Heist Between 2013 and 2015, a Lithuanian man orchestrated one of the most audacious cases of group online svindel ever documented. Evaldas Rimasauskas and his associates impersonated a legitimate Asian hardware manufacturer and tricked both Google and Facebook into wiring over

Carl B. Johnson Sep 04, 2022 7 min read
PayPal DocuSign Phishing

PayPal DocuSign Phishing: How to Spot This Sneaky Scam

A Perfectly Forged Invoice That Almost Worked Last month, a controller at a mid-sized logistics company forwarded me an email she'd almost clicked. It looked like a DocuSign envelope notification for a PayPal invoice — complete with the yellow DocuSign button, a legitimate-looking PayPal logo, and a $3,200

Carl B. Johnson Sep 04, 2022 7 min read
Phishing Attack

Phishing Attack Anatomy: How Breaches Really Start

In March 2022, threat actor group Lapsus$ breached Okta by compromising a single support engineer's laptop — an attack chain that started with social engineering and credential theft. One employee. One set of stolen credentials. And suddenly, a company trusted by thousands of organizations to manage authentication was scrambling

Carl B. Johnson Sep 04, 2022 7 min read
Phishing News

Phishing News: The Attacks Dominating 2022 So Far

In August 2022, Twilio disclosed that a sophisticated phishing campaign had compromised employee credentials and exposed data tied to over 130 organizations — including the encrypted messaging giant Signal. A month earlier, a massive phishing operation dubbed "0ktapus" by researchers at Group-IB had already hit over 130 companies. If

Carl B. Johnson Sep 04, 2022 6 min read
Phishing Scams

Phishing Scams: What Actually Works to Stop Them

In March 2022, the threat actor group Lapsus$ breached Okta, Microsoft, and Samsung — not through some sophisticated zero-day exploit, but through phishing scams and social engineering that tricked employees into handing over credentials. A group reportedly led by teenagers compromised some of the largest technology companies on the planet. If

Carl B. Johnson Sep 04, 2022 7 min read
Spear Phishing

What Is Spear Phishing? The Targeted Attack Behind Big Breaches

In March 2022, the FBI warned that business email compromise — a category dominated by spear phishing — cost victims over $2.4 billion in 2021 alone, making it the most financially damaging cybercrime category in the FBI IC3 Annual Report. That number dwarfs ransomware losses. So what is spear phishing, exactly,

Carl B. Johnson Aug 23, 2022 8 min read
Phishing

Define Phishing: What It Really Looks Like in 2022

In March 2022, threat actors used a single phishing email to breach Okta through a third-party contractor — potentially impacting hundreds of enterprise customers downstream. The attack didn't exploit some exotic zero-day. It exploited a human being who clicked a link. If you're here to define phishing,

Carl B. Johnson Aug 23, 2022 6 min read
Fake Identity Website

Fake Identity Website Threats: How Criminals Steal Data

That Login Page Isn't Real — And Your Employees Can't Tell In March 2022, the FBI warned that cybercriminals were registering domains impersonating well-known businesses at an alarming rate. The scam is straightforward: build a fake identity website that mirrors a legitimate login page, blast phishing emails

Carl B. Johnson Aug 23, 2022 7 min read