Tag

Credential Theft

Posts exploring how attackers steal usernames, passwords, and authentication tokens through phishing, keylogging, brute force attacks, and credential stuffing. Includes actionable guidance on multi-factor authentication, password managers, and monitoring for compromised credentials.

posts

AI Phishing Attacks

FBI Warns Gmail Users: AI-Driven Phishing Attacks Rise

Earlier this year, the FBI's Internet Crime Complaint Center (IC3) reported that phishing schemes were the most reported cybercrime in 2020, with 241,342 complaints and adjusted losses exceeding $54 million. Now the threat is evolving fast. The FBI warns Gmail users of sophisticated AI-driven phishing attacks that

Carl B. Johnson Aug 24, 2021 7 min read
Gmail Phishing Attacks

Gmail Sophisticated Attacks: FBI Phishing Warnings in 2021

In March 2021, Google disclosed that it blocks more than 100 million phishing emails daily — and Gmail remains the single largest target for sophisticated credential theft campaigns worldwide. The FBI's Internet Crime Complaint Center (IC3) reported that phishing was the number one crime type by victim count in

Carl B. Johnson Aug 24, 2021 7 min read
Phishing

Phishing Attacks in 2021: What Actually Works to Stop Them

36% of All Breaches Start With a Phishing Email The 2021 Verizon Data Breach Investigations Report made something painfully clear: phishing was involved in 36% of all confirmed data breaches — up from 25% the year before. That's not a trend. That's an escalation. And if your

Carl B. Johnson Aug 18, 2021 7 min read
Fake Mail

Fake Mail: How to Spot and Stop Phishing Attacks

91% of Cyberattacks Start With Fake Mail That's not a guess. The Verizon 2021 Data Breach Investigations Report confirmed that phishing was present in 36% of breaches — up from 25% the year before. And when you broaden the lens to include all forms of social engineering delivered through

Carl B. Johnson Aug 18, 2021 7 min read
Vishing

FBI Warning on Vishing and Smishing: What to Do Now

In January 2020, the FBI and CISA issued a joint advisory warning organizations about a wave of vishing attacks targeting remote workers. By mid-2021, the problem has only gotten worse. The FBI's Internet Crime Complaint Center (IC3) reported over 240,000 phishing, vishing, and smishing complaints in 2020

Carl B. Johnson Aug 18, 2021 7 min read
Phishing Scams

What Is a Phishing Scam? Anatomy of the #1 Cyber Threat

In July 2021, a single phishing email gave attackers access to an employee's credentials at a Florida-based managed service provider, ultimately cascading into the massive Kaseya VSA supply-chain ransomware attack that hit over 1,500 businesses worldwide. One email. One click. Billions in damages. If you've

Carl B. Johnson Aug 18, 2021 7 min read
Fake Emails

Fake Emails: How to Spot Them Before They Cost You

In March 2021, the FBI's Internet Crime Complaint Center reported that Business Email Compromise — the sophisticated cousin of fake emails — caused over $1.8 billion in losses during 2020 alone. That made it the costliest category of cybercrime they tracked. Not ransomware. Not credit card fraud. Fake emails

Carl B. Johnson Aug 15, 2021 7 min read
FakeEmail

FakeEmail Attacks: How Spoofed Messages Breach Networks

The FakeEmail That Cost One Company $75 Million In 2020, the FBI's Internet Crime Complaint Center reported that business email compromise — attacks built on fakeemail techniques — generated over $1.8 billion in losses in a single year. That made it the costliest category of cybercrime, beating ransomware by

Carl B. Johnson Aug 15, 2021 7 min read
PayPal Phishing Attacks

PayPal Phishing Attacks: How to Spot and Stop Them

In January 2021, a wave of PayPal phishing attacks hit inboxes so convincingly that even security-savvy professionals did a double take. The emails replicated PayPal's branding pixel-for-pixel, warned of "unusual activity" on the recipient's account, and linked to a login page hosted on a

Carl B. Johnson Aug 15, 2021 7 min read