Examines the latest phishing scam tactics targeting individuals and organizations through deceptive emails, websites, and messages. Provides real-world examples, red flags to watch for, and actionable steps to avoid falling victim to phishing attacks.
posts
In July 2021, a single phishing email gave attackers access to an employee's credentials at a Florida-based managed service provider, ultimately cascading into the massive Kaseya VSA supply-chain ransomware attack that hit over 1,500 businesses worldwide. One email. One click. Billions in damages. If you've
The FBI's Internet Crime Complaint Center reported $4.2 billion in losses from cybercrime in 2020 — and phishing scams were the number one reported attack type, with 241,342 complaints. That's not a typo. Nearly a quarter of a million people filed formal complaints about phishing
Your Search for a Phish Setlist Could Land You on a Hacker's Hook Last summer, a colleague of mine — a die-hard Phish fan — searched for a phish setlist from a recent show at Madison Square Garden. He clicked what looked like a legitimate fan site. Within seconds, his
The $4.88 Million Email That Looked Completely Normal In 2024, IBM's Cost of a Data Breach Report pegged the average breach cost at $4.88 million — a record high. And phishing remained the most common initial attack vector. I've investigated dozens of these incidents firsthand,
The $4.88 Million Email That Looked Completely Normal In 2023, a finance employee at a midsize manufacturing firm received an email from what appeared to be the CEO. It referenced a real acquisition the company was working on. It used the CEO's actual email signature. The employee
