Tag

Phishing Awareness

Phishing awareness articles teach readers to identify and avoid phishing attacks across email, SMS, voice calls, and social media. Content includes real-world phishing examples, red flags to watch for, reporting procedures, and tips for running phishing simulation campaigns.

posts

Third Party Risk

Third Party Vendor Cybersecurity Risk: A 2026 Guide

In early 2024, a breach at Change Healthcare — a subsidiary of UnitedHealth Group — crippled pharmacies and hospitals across the United States for weeks. The attack didn't start at a hospital. It started at a third party vendor. A single set of compromised credentials on a system without multi-factor

Carl B. Johnson Jun 24, 2026 5 min read
Phishing Attack Examples

Phishing Attack Examples: 7 Real Scams Still Working

The Email That Cost One Company $121 Million In 2019, a Lithuanian national named Evaldas Rimasauskas pleaded guilty to stealing over $121 million from Google and Facebook using nothing more than fake invoices and spoofed email addresses. No zero-day exploits. No sophisticated malware. Just phishing emails that looked like they

Carl B. Johnson Jun 21, 2026 6 min read
Executive Phishing Attacks

Executive Phishing Attacks: Why the C-Suite Is Target #1

A Single Email Cost This Company $47 Million In 2016, Austrian aerospace firm FACC lost €42 million (roughly $47 million USD) after threat actors impersonated the CEO in a carefully crafted email to the finance department. The employee who wired the money believed they were following a direct executive order.

Carl B. Johnson Jun 17, 2026 6 min read
CEO Fraud Email Scam

CEO Fraud Email Scam: How Attackers Steal Millions

A Single Email Cost This Company $47 Million In 2016, FACC, an Austrian aerospace parts manufacturer, lost €42 million (roughly $47 million USD) after an employee wired funds based on instructions that appeared to come from the CEO. The email was fake. The money vanished into accounts controlled by threat

Carl B. Johnson Jun 16, 2026 6 min read
Cloud Storage Security Risks

Cloud Storage Security Risks Your Team Is Ignoring

A Single Misconfigured S3 Bucket Exposed 540 Million Facebook Records Back in 2019, researchers at UpGuard discovered that two third-party Facebook app developers had left hundreds of millions of user records sitting in publicly accessible Amazon S3 buckets. No hacking required. No sophisticated exploit. Just wide-open cloud storage that anyone

Carl B. Johnson Jun 10, 2026 5 min read
BYOD Security Risks

BYOD Security Risks: What Your Policy Is Missing

In 2023, a single employee's personal phone led to one of the most damaging casino breaches in history. Threat actors used social engineering to compromise MGM Resorts, and the attack vector started with a device the company didn't fully control. The resulting disruption cost MGM over

Carl B. Johnson Jun 08, 2026 5 min read
Spear Phishing

What Is Spear Phishing? The Targeted Attack Behind Major Breaches

A Single Email Cost This Company $100 Million In 2015, Ubiquiti Networks disclosed that threat actors used carefully crafted emails impersonating company executives to trick finance employees into wiring $46.7 million to overseas accounts. The attackers didn't exploit a software vulnerability. They exploited people — with spear phishing.

Carl B. Johnson Jun 07, 2026 5 min read
Spear Phishing

Spear Phishing: Why Targeted Attacks Beat Your Defenses

The Email That Cost One Company $100 Million In 2024, the FBI's Internet Crime Complaint Center reported that business email compromise — a form of spear phishing — accounted for over $2.9 billion in adjusted losses. That wasn't a typo. Billions. And those are just the cases

Carl B. Johnson Jun 07, 2026 5 min read
AI Phishing Attacks

FBI Warns Gmail Users of AI-Driven Phishing Attacks

In late 2024, the FBI issued a stark warning: AI-driven phishing attacks targeting Gmail users had reached a level of sophistication that made them nearly indistinguishable from legitimate communications. We're not talking about the laughably bad "Nigerian prince" emails anymore. These are pixel-perfect replicas of Google

Carl B. Johnson Jun 06, 2026 5 min read