A collection of concise, expert-backed phishing prevention tips designed for both technical and non-technical audiences. Topics include password hygiene, secure browsing practices, email filtering configurations, and organizational policies that minimize exposure to phishing campaigns.
posts
In March 2021, a massive phishing campaign impersonating Microsoft Office 365 hit over 10,000 mailboxes across the financial services sector in a single week. The emails were nearly flawless — correct logos, legitimate-looking sender domains, and urgent language about password expiration. Dozens of employees handed over their credentials before anyone
In July 2021, a single phishing email gave attackers access to an employee's credentials at a Florida-based managed service provider, ultimately cascading into the massive Kaseya VSA supply-chain ransomware attack that hit over 1,500 businesses worldwide. One email. One click. Billions in damages. If you've
The FBI's Internet Crime Complaint Center reported $4.2 billion in losses from cybercrime in 2020 — and phishing scams were the number one reported attack type, with 241,342 complaints. That's not a typo. Nearly a quarter of a million people filed formal complaints about phishing
In 2023, the FBI's Internet Crime Complaint Center received over 298,000 phishing complaints — more than any other cybercrime category. That number has only grown since. I've spent years helping organizations respond to phishing incidents, and the pattern is almost always the same: someone clicks a
