Tag

Email Security

Comprehensive guides on protecting email accounts and infrastructure from cyber threats. Covers email authentication protocols like SPF, DKIM, and DMARC, encryption best practices, spam filtering, and organizational policies that reduce the risk of email-based attacks.

posts

Phishing Email Detection

How to Recognize a Phishing Email Before You Click

In March 2024, a finance director at a mid-size manufacturer in Ohio wired $2.3 million to a threat actor who impersonated the company's CEO — all because of a single phishing email. The message looked perfect: right logo, right tone, right email signature. It even referenced an actual

Carl B. Johnson Apr 04, 2026 5 min read
Phish Tour

Phish Tour: A Guided Walk Through Modern Attacks

Welcome to the Phish Tour Nobody Asked For In March 2025, a finance employee at a mid-size manufacturing firm received a Microsoft Teams message from someone impersonating the CFO. The message included a link to a SharePoint page that looked flawless. Within 90 seconds, the employee entered their credentials. Within

Carl B. Johnson Jan 18, 2026 7 min read
Phishing Definition

Phishing Definition: What It Really Means in 2026

In May 2025, the FBI's Internet Crime Complaint Center reported that phishing was — for the ninth consecutive year — the most-reported cybercrime category, with over 300,000 complaints in a single year. That number only counts the people who bothered to report it. The real volume is staggering. Yet

Carl B. Johnson Jan 17, 2026 7 min read
Phishing

Definition of a Phishing Attack: What It Really Looks Like

The MGM Breach Started With a Single Phone Call In September 2023, a threat actor called the MGM Resorts help desk, pretended to be an employee, and talked their way into a credential reset. Within hours, the Scattered Spider group had deep access to MGM's systems. The result:

Carl B. Johnson Jan 17, 2026 7 min read
Spoofing

Spoofing Attacks: How They Work and How to Stop Them

A CFO Wired $25 Million Because of a Spoofed Video Call In early 2024, a finance worker at a multinational firm in Hong Kong transferred $25.6 million after joining a video conference call where every other participant — including the company's CFO — was a deepfake. The threat actors

Carl B. Johnson Jan 17, 2026 7 min read
Spear Phishing

Spear Phishing: Why Targeted Attacks Beat Your Defenses

In September 2023, MGM Resorts lost roughly $100 million after a threat actor called Scattered Spider used a spear phishing voice call — a single, well-researched phone call to the company's IT help desk — to compromise the entire organization. The attacker already knew the target employee's name,

Carl B. Johnson Jan 17, 2026 8 min read
AI Phishing Attacks

FBI Warns Gmail Users of AI-Driven Phishing Attacks

In May 2025, the FBI issued a stark warning: sophisticated AI-driven phishing attacks are now targeting Gmail's 2.5 billion users with emails so convincing that even seasoned IT professionals are getting fooled. The FBI warns Gmail users of sophisticated AI-driven phishing attacks that leverage generative AI to

Carl B. Johnson Dec 27, 2025 7 min read
Gmail Phishing Attacks

Gmail Sophisticated Attacks: FBI Phishing Warnings for 2025

The FBI Didn't Issue Gmail Warnings for Fun In late 2024, the FBI's Internet Crime Complaint Center (IC3) flagged a sharp escalation in sophisticated phishing attacks targeting Gmail users — attacks so convincing that even security-savvy professionals were getting fooled. By mid-2025, the bureau doubled down, warning

Carl B. Johnson Dec 27, 2025 7 min read
Phishing

Phishing Attacks in 2025: What Actually Works to Stop Them

In January 2025, a finance employee at a multinational firm in Hong Kong wired $25 million to threat actors after a deepfake video call convinced him his CFO had authorized the transfer. The attack started the same way almost all of them do — with a phishing email. If you'

Carl B. Johnson Dec 27, 2025 7 min read