Tag

Phishing Awareness

Phishing awareness articles teach readers to identify and avoid phishing attacks across email, SMS, voice calls, and social media. Content includes real-world phishing examples, red flags to watch for, reporting procedures, and tips for running phishing simulation campaigns.

posts

Phishing Links

What Is a Phishing Link? How to Spot and Stop Them

In March 2024, a finance employee at a multinational firm in Hong Kong wired $25.6 million to threat actors after joining a video call that appeared to feature the company's CFO. The deepfake was convincing, but the attack started with something far simpler — a phishing link embedded

Carl B. Johnson Dec 09, 2025 7 min read
Group Online Svindel

Group Online Svindel: How Organized Fraud Rings Work

In January 2024, a finance employee at the multinational firm Arup wired $25 million to criminals after a deepfake video call featuring what appeared to be the company's CFO and several colleagues. Every person on that call was fake — AI-generated avatars operated by an organized fraud ring. That

Carl B. Johnson Dec 09, 2025 7 min read
PayPal DocuSign Phishing

PayPal DocuSign Phishing: How This Scam Bypasses Filters

A Legitimate DocuSign Email That Steals Your PayPal Credentials In November 2024, Avanan researchers documented a wave of attacks where threat actors sent phishing emails through DocuSign's actual platform — not spoofed emails, but real DocuSign notifications. The documents inside impersonated PayPal invoices requesting payment authorization for hundreds or

Carl B. Johnson Dec 05, 2025 7 min read
Is It Legit

Removed App: Is It Legit or a Security Risk?

When "Removed" Shows Up and You Start Googling You found an app, a service, or a browser extension labeled "Removed" — or maybe something you installed just vanished and now shows as "removed" in your app list. So you searched "removed is it legit.

Carl B. Johnson Nov 28, 2025 6 min read
Cyber Security

Cyber Security in 2025: What Actually Works Now

The Breach That Changed How I Think About Cyber Security In February 2024, Change Healthcare — one of the largest health payment processors in the United States — was hit by a ransomware attack that disrupted pharmacies, hospitals, and insurance claims across the country for weeks. UnitedHealth Group, its parent company, later

Carl B. Johnson Nov 06, 2025 7 min read
Web Security Best Practices

Web Security Best Practices That Actually Stop Breaches

In January 2023, T-Mobile disclosed that a threat actor exploited an API vulnerability to steal personal data on 37 million customer accounts. Not through some exotic zero-day — through a misconfigured web API that had been leaking data since November 2022. That's two months of silent hemorrhaging before anyone

Carl B. Johnson Oct 26, 2025 8 min read
Cybersecurity Definition

Cybersecurity Definition: What It Actually Means in 2025

In May 2023, Progress Software's MOVEit file transfer tool was exploited by the Cl0p ransomware gang, compromising data from over 2,500 organizations and roughly 67 million individuals. Government agencies, hospitals, universities, Fortune 500 companies — none were spared. If you asked any of those organizations whether they had

Carl B. Johnson Sep 27, 2025 7 min read