Tag

Email Security

Comprehensive guides on protecting email accounts and infrastructure from cyber threats. Covers email authentication protocols like SPF, DKIM, and DMARC, encryption best practices, spam filtering, and organizational policies that reduce the risk of email-based attacks.

posts

Phishing Attacks

What Is a Phishing Attack? A Real-World Breakdown

A Single Email Cost This Company $100 Million In 2019, Toyota Boshoku Corporation — a major Toyota parts supplier — lost $37 million after employees wired funds to accounts controlled by attackers who impersonated a business partner via email. Facebook and Google collectively lost over $100 million to a Lithuanian man who

Carl B. Johnson Jun 15, 2026 6 min read
Business Email Compromise

Business Email Compromise: The $2.9B Threat in 2026

One Email Cost This Company $37 Million In 2024, Orion Engineering — a mid-size firm with 200 employees — wired $37 million to what they believed was a trusted overseas supplier. The invoice looked legitimate. The email thread was real. The bank details were the only thing that had changed. By the

Carl B. Johnson Jun 15, 2026 5 min read
Business Email Compromise

Business Email Compromise: The $2.9 Billion Threat

In 2023, the FBI's Internet Crime Complaint Center (IC3) reported that business email compromise caused $2.9 billion in adjusted losses — making it the single most financially devastating cybercrime category they track. Not ransomware. Not credential theft rings. BEC. And that number only reflects what gets reported. I&

Carl B. Johnson Jun 11, 2026 5 min read
PayPal DocuSign Phishing

PayPal DocuSign Phishing: How Attackers Exploit Trust

A Legitimate Invoice From PayPal — That's Also a Scam In late 2024, security researchers at Avanan documented a campaign where threat actors sent real PayPal invoices to victims — not spoofed emails, not lookalike domains, but actual invoices generated through PayPal's own platform. The emails passed every

Carl B. Johnson Jun 09, 2026 5 min read
Spear Phishing

What Is Spear Phishing? The Targeted Attack Behind Major Breaches

A Single Email Cost This Company $100 Million In 2015, Ubiquiti Networks disclosed that threat actors used carefully crafted emails impersonating company executives to trick finance employees into wiring $46.7 million to overseas accounts. The attackers didn't exploit a software vulnerability. They exploited people — with spear phishing.

Carl B. Johnson Jun 07, 2026 5 min read
Spear Phishing

Spear Phishing: Why Targeted Attacks Beat Your Defenses

The Email That Cost One Company $100 Million In 2024, the FBI's Internet Crime Complaint Center reported that business email compromise — a form of spear phishing — accounted for over $2.9 billion in adjusted losses. That wasn't a typo. Billions. And those are just the cases

Carl B. Johnson Jun 07, 2026 5 min read
AI Phishing Attacks

FBI Warns Gmail Users of AI-Driven Phishing Attacks

In late 2024, the FBI issued a stark warning: AI-driven phishing attacks targeting Gmail users had reached a level of sophistication that made them nearly indistinguishable from legitimate communications. We're not talking about the laughably bad "Nigerian prince" emails anymore. These are pixel-perfect replicas of Google

Carl B. Johnson Jun 06, 2026 5 min read
Fake Email

Fake Email: How to Spot, Stop, and Survive One

A Single Fake Email Cost Facebook and Google $100 Million Between 2013 and 2015, a Lithuanian man named Evaldas Rimasauskas sent a series of fake email messages to employees at Facebook and Google. He impersonated a legitimate hardware vendor, attached fraudulent invoices, and directed payments to bank accounts he controlled.

Carl B. Johnson Jun 03, 2026 6 min read
Spear Phishing

Spear Phishing: Why Targeted Attacks Bypass Your Defenses

In January 2024, a finance employee at a multinational engineering firm in Hong Kong wired $25 million to threat actors after a video call with what appeared to be the company's CFO. The call was a deepfake. But the attack started weeks earlier — with a single spear phishing

Carl B. Johnson Jun 02, 2026 5 min read