Foundational articles explaining what phishing is, how it evolved, and why it remains one of the most prevalent cyber threats today. Covers the various forms of phishing, common targets, and the impact of successful phishing campaigns on individuals and businesses.
posts
A Single Email Cost Ubiquiti $46.7 Million In 2015, networking giant Ubiquiti Networks disclosed that employees had been tricked into wiring $46.7 million to overseas accounts controlled by attackers. The weapon wasn't malware or a zero-day exploit. It was email. If you've ever asked
In March 2022, Okta confirmed that the Lapsus$ threat actor group had compromised a support engineer's laptop — and the initial access vector was social engineering. A single employee interaction opened the door to a breach that rattled hundreds of downstream customers. If you're asking what is
In March 2021, a massive phishing campaign impersonating Microsoft Office 365 hit over 10,000 mailboxes across the financial services sector in a single week. The emails were nearly flawless — correct logos, legitimate-looking sender domains, and urgent language about password expiration. Dozens of employees handed over their credentials before anyone
In July 2021, a single phishing email gave attackers access to an employee's credentials at a Florida-based managed service provider, ultimately cascading into the massive Kaseya VSA supply-chain ransomware attack that hit over 1,500 businesses worldwide. One email. One click. Billions in damages. If you've
In 2023, the FBI's Internet Crime Complaint Center received over 298,000 phishing complaints — making it the most reported cybercrime for the fifth consecutive year. And those are just the ones people reported. I've spent years helping organizations respond to breaches, and the vast majority start
The Email That Cost One Company $121 Million In 2019, a Lithuanian man was sentenced to five years in prison for phishing Google and Facebook out of over $121 million. He sent fake invoices from a spoofed vendor email address. Employees at two of the most technically sophisticated companies on
In 2023, the FBI's Internet Crime Complaint Center received over 298,000 phishing complaints — making it the most reported cybercrime for the fifth consecutive year. Yet every week, I still talk to business owners who think phishing is just "those obvious Nigerian prince emails." It'
