Tag

What Is Phishing

Foundational articles explaining what phishing is, how it evolved, and why it remains one of the most prevalent cyber threats today. Covers the various forms of phishing, common targets, and the impact of successful phishing campaigns on individuals and businesses.

posts

Phishing

What Is Phishing? A Security Pro's Real-World Guide

A Single Email Cost This Company $121 Million In 2019, a Lithuanian national named Evaldas Rimasauskas pleaded guilty to stealing over $121 million from Google and Facebook. His weapon wasn't malware. It wasn't a zero-day exploit. It was phishing — forged emails impersonating a legitimate hardware vendor,

Carl B. Johnson Jun 29, 2026 6 min read
Phishing

What Is Phishing? A Security Pro's Real-World Guide

A $4.88 Million Problem That Starts With One Email In 2024, the average cost of a data breach hit $4.88 million globally, according to IBM's Cost of a Data Breach Report. The number one initial attack vector? Phishing. Not sophisticated zero-day exploits. Not nation-state hackers tunneling

Carl B. Johnson Jun 18, 2026 5 min read
Phishing Attacks

What Is a Phishing Attack? A Real-World Breakdown

A Single Email Cost This Company $100 Million In 2019, Toyota Boshoku Corporation — a major Toyota parts supplier — lost $37 million after employees wired funds to accounts controlled by attackers who impersonated a business partner via email. Facebook and Google collectively lost over $100 million to a Lithuanian man who

Carl B. Johnson Jun 15, 2026 6 min read
Phishing

What Is Phishing? A Security Pro's Real-World Guide

In 2023, the FBI's Internet Crime Complaint Center received over 298,000 phishing complaints — making it the most reported cybercrime category for the fifth consecutive year. And those are just the ones people actually reported. If you're asking what is phishing, you're asking the

Carl B. Johnson May 30, 2026 6 min read
Phishing

What Is Phishing? A Security Pro's Real-World Guide

The Email That Cost One Company $100 Million In 2019, Toyota Boshoku Corporation lost $37 million in a single business email compromise attack. A threat actor impersonated a senior executive, convinced a finance employee to change wire transfer details, and the money vanished. That attack started with something deceptively simple

Carl B. Johnson May 15, 2026 5 min read
Phishing

What Is Phishing? The Attack Behind 80% of Breaches

In January 2024, a finance employee at a multinational firm in Hong Kong wired $25.6 million to criminals after a video call with what appeared to be the company's CFO. Every person on that call was a deepfake. The attack started with a single phishing email. If

Carl B. Johnson May 10, 2026 5 min read
Phishing

What Is Phishing? The Attack Behind 80% of Breaches

In 2023, a single phishing email gave threat actors access to MGM Resorts' entire IT infrastructure. The attackers impersonated an employee on a help desk call — a technique they refined through information harvested from a phishing campaign. The result was over $100 million in losses and days of operational

Carl B. Johnson Apr 16, 2026 5 min read
Phishing

What Is Phishing? A Security Pro's Real-World Guide

A Single Email Cost This Company $100 Million In 2017, a Lithuanian man tricked Google and Facebook employees into wiring over $100 million to bank accounts he controlled. His weapon wasn't malware. It wasn't a zero-day exploit. It was email. He sent invoices that looked like

Carl B. Johnson Apr 05, 2026 5 min read
Phishing

Definition of a Phishing Attack: What It Really Looks Like

The MGM Breach Started With a Single Phone Call In September 2023, a threat actor called the MGM Resorts help desk, pretended to be an employee, and talked their way into a credential reset. Within hours, the Scattered Spider group had deep access to MGM's systems. The result:

Carl B. Johnson Jan 17, 2026 7 min read
Phishing Attacks

What Is a Phishing Attack? A Real-World Breakdown

In January 2024, a finance employee at engineering firm Arup wired $25 million to criminals after joining a video call with what appeared to be the company's CFO and several colleagues. Every person on that call was a deepfake. The attack started the same way nearly all of

Carl B. Johnson Dec 13, 2025 8 min read