In-depth coverage of phishing attacks, including spear phishing, whaling, vishing, and smishing campaigns. Posts analyze attack methods, explore recent phishing trends, and provide defensive strategies that help organizations reduce their exposure to credential theft and data breaches.
posts
The Phone Call That Cost MGM Resorts $100 Million In September 2023, a threat actor called MGM Resorts' IT help desk, impersonated an employee they found on LinkedIn, and convinced the technician to reset credentials. That single phone call triggered a ransomware attack that disrupted operations across Las Vegas
In July 2021, the REvil ransomware gang exploited a vulnerability in Kaseya's VSA software and dropped a trojan payload onto the systems of roughly 1,500 businesses worldwide. The attack didn't arrive as an obvious virus. It masqueraded as a legitimate software update — the textbook definition
The FakeEmail That Cost One Company $75 Million In 2020, the FBI's Internet Crime Complaint Center reported that business email compromise — attacks built on fakeemail techniques — generated over $1.8 billion in losses in a single year. That made it the costliest category of cybercrime, beating ransomware by
2021's Phishing Landscape Is Unlike Anything We've Seen Before In March, Microsoft reported that a massive phishing campaign had targeted over 10,000 organizations since January 2021, using sophisticated OAuth token theft to bypass multi-factor authentication. That single campaign should have been a wake-up call. Instead,
In March 2021, the FBI's Internet Crime Complaint Center reported that business email compromise — often launched using a fake mailer or spoofing tool — cost American organizations over $1.8 billion in 2020 alone. That made it the most financially damaging cybercrime category in the entire IC3 report, dwarfing
The Ransomware Epidemic Is Already Here When someone searches for ransomware examples — whether they're typing "2026" or any other year — they're really asking one question: what does a real ransomware attack look like, and how do I stop it from happening to me? I&
The Fake Invoice That Cost a Hospital $28 Million In 2024, Ascension Healthcare disclosed a ransomware attack that disrupted operations at 140 hospitals across 19 states. The initial entry point? An employee opened what appeared to be a routine file. It was trojan horse malware — a malicious payload disguised as
Your Old AIM Email Address Is a Bigger Problem Than You Think In December 2017, AOL officially shut down AIM — AOL Instant Messenger — after 20 years of operation. Millions of users shrugged and moved on. But here's what most people didn't consider: their old AIM email
In 2023, the FBI's Internet Crime Complaint Center received over 298,000 complaints about phishing — making it the most reported cybercrime category for the fifth year running. That's not a number on a slide deck. That's hundreds of thousands of real organizations bleeding money,
In 2023, the FBI's Internet Crime Complaint Center reported that business email compromise — attacks built on fakeemail addresses and spoofed sender identities — accounted for over $2.9 billion in adjusted losses. That made it the single most financially devastating cybercrime category they tracked. Not ransomware. Not cryptojacking. Fake
