Tag

Phishing Prevention

Delivers actionable advice on recognizing and preventing phishing attacks, including email phishing, spear phishing, smishing, and vishing. Covers detection techniques, employee training approaches, email security tools, and real-world phishing examples to strengthen your defenses.

posts

Define Cyber

Define Cyber: What It Really Means in 2025

A Three-Letter Prefix That Now Governs Trillions of Dollars When the White House released its updated National Cybersecurity Strategy implementation plan in 2024, the word "cyber" appeared over 400 times in a single document. The Pentagon has an entire command built around it — U.S. Cyber Command. The

Carl B. Johnson Sep 27, 2025 6 min read
Phishing Attack Examples

Phishing Attack Examples: 7 Real Breaches That Cost Millions

In March 2025, the FBI's Internet Crime Complaint Center reported that phishing remained the number one reported cybercrime for the fifth consecutive year. That stat alone should tell you everything about where threat actors are focusing their energy. But raw numbers don't teach your employees what

Carl B. Johnson Sep 22, 2025 7 min read
Phishing

What Is Phishing? A Security Pro's Real-World Guide

The Attack That Cost MGM Resorts $100 Million Started With a Phone Call In September 2023, a threat actor called the MGM Resorts IT help desk, impersonated an employee they found on LinkedIn, and talked their way into a password reset. Within hours, the attackers had deployed ransomware across MGM&

Carl B. Johnson Sep 22, 2025 7 min read
Phishing Prevention

How to Avoid Phishing Attacks: A 2025 Survival Guide

In May 2025, the FBI's Internet Crime Complaint Center reported that phishing and its variants remained the number-one reported cybercrime for the fifth consecutive year, with losses tied to business email compromise alone exceeding $2.9 billion annually in recent reports. I've spent over two decades

Carl B. Johnson Sep 22, 2025 7 min read
Business Email Compromise

Business Email Compromise: The $2.9B Threat in 2025

In December 2024, a finance employee at a multinational firm in Hong Kong wired $25 million after a video call with what appeared to be the company's CFO and several colleagues. Every person on that call was a deepfake. The real CFO had never scheduled the meeting. This

Carl B. Johnson Sep 22, 2025 7 min read
Whaling Attacks

Whaling Attack Cybersecurity: How Execs Get Targeted

A Single Email Cost This Company $47 Million In 2016, Austrian aerospace manufacturer FACC lost €42 million (roughly $47 million) after attackers impersonated the CEO via email and convinced a finance employee to transfer funds for a fake acquisition. The CEO and CFO were both fired. The company's

Carl B. Johnson Sep 21, 2025 8 min read
Vishing Scam Awareness

Vishing Scam Awareness: Stop Voice Phishing Attacks

In March 2025, the FBI's Internet Crime Complaint Center reported that Americans lost over $12.5 billion to cybercrime in 2023 alone — and voice-based social engineering was one of the fastest-growing attack vectors. I've personally investigated cases where a single phone call cost an organization six

Carl B. Johnson Sep 21, 2025 6 min read
Social Engineering Attacks

Social Engineering Attacks: What Actually Works in 2025

In February 2025, a finance employee at a Hong Kong multinational wired $25 million to threat actors after a deepfake video call impersonating the company's CFO. That single incident captures the state of social engineering attacks right now: they're sophisticated, they exploit trust instead of technology,

Carl B. Johnson Sep 21, 2025 7 min read