Articles on cybersecurity awareness cover the foundational knowledge individuals and organizations need to recognize and respond to digital threats. Topics include safe browsing habits, password hygiene, social engineering tactics, and building a security-first culture across teams.
posts
In 2024, MGM Resorts lost an estimated $100 million after a threat actor called a help desk, impersonated an employee, and gained access to internal systems. The initial vector? A social engineering call informed by information harvested through phishing. One phone call. One convincing story. Nine figures in damages. If
In 2023, the FBI's Internet Crime Complaint Center received over 298,000 complaints about phishing — making it the single most reported cybercrime for the fifth consecutive year. Yet when I ask executives what phishing actually is, most give me a vague answer about "fake emails." That&
In 2023, a finance employee at the multinational firm Arup wired $25 million to threat actors after a deepfake video call that spoofed the company's CFO and several colleagues. Every face on the screen was fake. Every voice was synthesized. The employee had no reason to doubt what
A Single Spoofed Email Cost This Company $46.7 Million In 2016, FACC Operations GmbH, an Austrian aerospace parts manufacturer, lost €42 million (roughly $46.7 million USD) after attackers sent a spoofed email impersonating the company's CEO. The finance department wired the money to accounts controlled by
In 2024, the FBI's Internet Crime Complaint Center (IC3) reported that phishing was the most frequently reported cybercrime — again. Over 193,000 complaints were filed for phishing alone, and the real number is far higher since most incidents go unreported. I've spent years watching organizations get
The Fake Mail That Drained $37 Million In 2024, Toyota Boshoku Corporation disclosed a business email compromise attack where a threat actor used fake mail to trick a finance executive into wiring approximately $37 million to a fraudulent bank account. The email looked legitimate. The sender address was nearly identical
The $4.88 Million Email That Looked Completely Normal In 2024, IBM's Cost of a Data Breach Report pegged the average breach cost at $4.88 million — a record high. And phishing remained the most common initial attack vector. I've investigated dozens of these incidents firsthand,
In 2022, a single phishing email sent to a Twilio employee led to the compromise of 163 customer accounts, including high-profile targets like Signal. The attacker didn't exploit a zero-day vulnerability or brute-force a password. They sent a text message that looked like it came from Twilio'
One Invoice, One Email, $47 Million Gone In 2024, Orion Engineering lost $47 million to a single fraudulent wire transfer. The attacker didn't hack a firewall or exploit a zero-day. They compromised a vendor's email account, inserted themselves into an ongoing invoice thread, and changed the
A Single Email Cost This Company $46.7 Million In 2015, Ubiquiti Networks disclosed that threat actors impersonated senior executives and tricked employees into wiring $46.7 million to overseas accounts. The attackers didn't exploit a software vulnerability. They didn't deploy ransomware. They sent emails — carefully
