Tag

Social Engineering

Learn how attackers use psychological manipulation to trick people into revealing sensitive information or performing unsafe actions. Topics include pretexting, baiting, tailgating, vishing, and real-world social engineering case studies that expose common human vulnerabilities.

posts

Social Engineering Examples

Social Engineering Examples: 7 Real Attacks in 2025

In September 2023, a threat actor called Scattered Spider called MGM Resorts' IT help desk, impersonated an employee they found on LinkedIn, and convinced a technician to reset credentials. The result: an estimated $100 million in losses, a ransomware lockout across casino floors and hotel systems, and weeks of

Carl B. Johnson Sep 21, 2025 7 min read
Social Engineering

How to Spot Social Engineering Before It Costs You

In January 2024, a finance employee at engineering firm Arup wired $25 million to threat actors after joining a video call with what appeared to be the company's CFO and other colleagues. Every person on that call was a deepfake. The attackers never exploited a software vulnerability. They

Carl B. Johnson Sep 21, 2025 7 min read
Employee Cybersecurity Training

Employee Cybersecurity Training: What Actually Works

In May 2024, a single employee at a major healthcare provider clicked a phishing link disguised as a routine benefits update. Within 72 hours, the organization lost access to 14 million patient records and ended up paying a multimillion-dollar ransom. The employee had technically "passed" their annual compliance

Carl B. Johnson Aug 17, 2025 8 min read
Ransomware

How Ransomware Spreads: 7 Attack Vectors in 2025

In February 2024, Change Healthcare — the payment processor handling roughly one-third of all U.S. medical claims — was hit by the ALPHV/BlackCat ransomware group. The result: $872 million in direct costs reported by UnitedHealth Group, months of disrupted pharmacy operations, and the personal health data of over 100 million

Carl B. Johnson Jul 15, 2025 7 min read
Data Breach

What Causes a Data Breach: 7 Root Causes in 2025

In May 2024, Ticketmaster confirmed a breach that exposed the personal data of over 560 million customers. The attack vector? Stolen credentials used to access a third-party cloud database. It wasn't some exotic zero-day exploit. It was a login and password that fell into the wrong hands. If

Carl B. Johnson Jul 15, 2025 7 min read
Cybersecurity Incident Examples

Cybersecurity Incident Examples That Changed Everything

The Breach That Cost Change Healthcare $22 Million in Ransom In February 2024, the ransomware group ALPHV/BlackCat crippled Change Healthcare — a company that processes roughly one-third of all U.S. healthcare claims. The attack disrupted pharmacies, hospitals, and billing systems nationwide for weeks. UnitedHealth Group, Change Healthcare's

Carl B. Johnson Jun 14, 2025 7 min read