Tag

Phishing Awareness

Phishing awareness articles teach readers to identify and avoid phishing attacks across email, SMS, voice calls, and social media. Content includes real-world phishing examples, red flags to watch for, reporting procedures, and tips for running phishing simulation campaigns.

posts

AI Phishing Attacks

Gmail Users Warned About Sophisticated AI-Driven Phishing

In May 2024, a Google security consultant named Sam Mitrovic nearly fell for a phishing call that used a convincing AI-generated voice impersonating Google support. The caller had a legitimate-looking Google phone number, referenced real account activity, and spoke with the polished fluency of a native English speaker. The only

Carl B. Johnson Aug 19, 2024 8 min read
Group Online Svindel

Group Online Svindel: How Organized Fraud Rings Work

In January 2024, a finance worker at a multinational firm in Hong Kong transferred $25.6 million to criminals after a video call with what appeared to be the company's CFO and several colleagues. Every person on that call was a deepfake. The entire operation was coordinated by

Carl B. Johnson Aug 14, 2024 6 min read
PayPal DocuSign Phishing

PayPal DocuSign Phishing: How This Scam Works

Earlier this year, security researchers documented a surge in phishing campaigns that abuse legitimate DocuSign and PayPal infrastructure to deliver convincing attack emails. The twist? These messages aren't spoofed — they're actually sent through real PayPal and DocuSign servers. That's why PayPal DocuSign phishing attacks

Carl B. Johnson Aug 01, 2024 7 min read
Is It Legit

Removed App: Is It Legit or a Security Risk?

Every week, someone on my team flags a new app or service that employees are asking about. "Hey, is this legit?" It's the single most common security question I hear — and for good reason. The FTC reported over $10 billion in consumer fraud losses in 2023,

Carl B. Johnson Jul 23, 2024 6 min read
Spear Phishing

What Is Spear Phishing? The Targeted Attack Behind Major Breaches

In 2023, MGM Resorts lost roughly $100 million after a threat actor called Scattered Spider social-engineered a help desk employee with a single phone call. The attackers had done their homework — they knew the employee's name, role, and enough personal detail to sound legitimate. That's not

Carl B. Johnson Jul 23, 2024 8 min read
Cyber Security Definition

Cyber Security Definition: What It Actually Means in 2024

In March 2024, a Change Healthcare breach exposed the protected health information of tens of millions of Americans and disrupted pharmacy operations nationwide. A single set of stolen credentials — no multi-factor authentication in place — gave a threat actor the keys to one of the largest healthcare payment processors in the

Carl B. Johnson May 13, 2024 6 min read
Cybersecurity Definition

Cybersecurity Definition: What It Really Means in 2024

In March 2024, a ransomware attack on Change Healthcare — one of the largest health payment processors in the U.S. — disrupted claims processing for pharmacies and hospitals nationwide. Patients couldn't fill prescriptions. Providers couldn't get paid. A single breach paralyzed a massive chunk of American healthcare

Carl B. Johnson May 13, 2024 7 min read
Spear Phishing vs Phishing

Spear Phishing vs Phishing: What Actually Gets You Hacked

In January 2024, a finance employee at engineering firm Arup wired $25 million to threat actors after a deepfake video call that impersonated the company's CFO. That attack didn't start with a mass spam blast. It started with a carefully researched, individually targeted spear phishing email.

Carl B. Johnson May 02, 2024 6 min read
Email Phishing Red Flags

Email Phishing Red Flags: 9 Signs You're Being Targeted

In January 2024, a finance employee at a multinational firm in Hong Kong wired $25.6 million to threat actors after a deepfake video call that started with a single phishing email. The attackers spoofed the company's CFO — and the employee never questioned it. That wire transfer began

Carl B. Johnson May 02, 2024 7 min read