Tag

Social Engineering

Learn how attackers use psychological manipulation to trick people into revealing sensitive information or performing unsafe actions. Topics include pretexting, baiting, tailgating, vishing, and real-world social engineering case studies that expose common human vulnerabilities.

posts

Phishing Definition

Phishing Definition: What It Really Means in 2024

In January 2024, a finance employee at a multinational firm in Hong Kong wired $25 million to threat actors after a video call with what appeared to be the company's CFO. It was a deepfake. The attack started with a single phishing email. If your phishing definition still

Carl B. Johnson Oct 17, 2024 7 min read
Phishing

Definition of a Phishing Attack: What It Really Looks Like

In March 2024, a finance employee at a Hong Kong-based multinational wired $25.6 million to threat actors after a video call with what appeared to be the company's CFO. It was a deepfake. But the attack started the same way almost every phishing attack starts — with a

Carl B. Johnson Oct 17, 2024 7 min read
Spoofing

Spoofing Attacks: How Hackers Impersonate You

In August 2024, the FBI's Internet Crime Complaint Center warned that business email spoofing remained one of the top reported cybercrime vectors, with Business Email Compromise (BEC) losses exceeding $2.9 billion in 2023 alone. That number doesn't even capture the full picture — because spoofing extends

Carl B. Johnson Oct 07, 2024 7 min read
Spear Phishing

Spear Phishing: Why Targeted Attacks Beat Your Defenses

In January 2024, a finance employee at British engineering firm Arup joined a video call with what appeared to be the company's chief financial officer and several colleagues. Every face on the screen was a deepfake. The attackers had spent weeks researching the company's org chart,

Carl B. Johnson Sep 18, 2024 7 min read
Spoofing

Spoof Attacks: How Hackers Impersonate to Steal

In March 2024, a finance employee at a Hong Kong multinational wired $25.6 million to criminals after a video call with what appeared to be the company's CFO and several colleagues. Every person on that call was a deepfake — a sophisticated spoof that fooled a trained professional

Carl B. Johnson Sep 18, 2024 7 min read
AI Phishing Attacks

FBI Warns Gmail Users of AI-Driven Phishing Attacks

In May 2024, the FBI's Internet Crime Complaint Center (IC3) released its annual report showing over $12.5 billion in cybercrime losses for 2023 — with phishing and spoofing topping the list at nearly 300,000 complaints. Now, the FBI warns Gmail users of sophisticated AI-driven phishing attacks that

Carl B. Johnson Sep 18, 2024 7 min read
Gmail Phishing Attacks

Gmail Sophisticated Attacks: FBI Phishing Warnings for 2024

In May 2024, the FBI's Internet Crime Complaint Center reported that phishing — including sophisticated attacks targeting Gmail users — remained the number one reported cybercrime for the third year running. Over 298,000 phishing complaints landed at IC3 in 2023 alone, and 2024 is tracking even higher. The Gmail

Carl B. Johnson Sep 18, 2024 6 min read
Phishing Email

Phishing Email Tactics in 2024: What Actually Works

In January 2024, a finance employee at a multinational firm in Hong Kong transferred $25.6 million after a video call with what appeared to be the company's CFO and several colleagues. Every person on that call was a deepfake. The attack started, like almost all of them

Carl B. Johnson Sep 18, 2024 8 min read
Phishing

Phishing Attacks in 2024: What Actually Works to Stop Them

In January 2024, a finance employee at engineering firm Arup wired $25 million to criminals after a video call with what appeared to be the company's CFO. Every person on that call was a deepfake. The attack started the same way almost all of them do — with a

Carl B. Johnson Sep 18, 2024 7 min read
Fake Mail

Fake Mail: How to Spot It Before It Costs You

In January 2024, a finance employee at Arup — a multinational engineering firm — joined a video call with what appeared to be the company's CFO and several colleagues. Every person on that call was a deepfake. The employee transferred $25 million to accounts controlled by threat actors. The attack

Carl B. Johnson Sep 18, 2024 7 min read