#phishing-awareness — Public Fediverse posts

The Silent Breach and the Persistence of Unauthorized Access

938 words, 5 minutes read time.

Once the session token is successfully exfiltrated, the nature of the intrusion shifts from external deception to internal subversion. The attacker does not need to crack passwords or trigger further security alerts, as they are now effectively operating with the digital identity of a trusted employee. Analyzing these incidents, I see that the primary goal is often the establishment of persistence within the target environment, which is achieved through the modification of inbox rules or the creation of clandestine mailbox delegates. By silently forwarding incoming emails to an external address or creating hidden folders for sensitive correspondence, the adversary can monitor ongoing business deals, intercept financial instructions, and identify high-value targets for subsequent business email compromise attacks. This stage of the operation is characterized by extreme patience, as the threat actor avoids loud, disruptive actions in favor of a low-and-slow approach that can remain undetected for months. The tragedy is that the victim often remains entirely unaware of the breach, believing they are still securely authenticated while their environment is being methodically picked apart from the inside.

Challenging the Failure of Traditional Defensive Postures

When considering why these attacks continue to succeed with such alarming frequency, it becomes evident that the industry’s reliance on legacy defensive postures is a failing strategy. Many organizations still treat email security as a static barrier, implementing blacklists and rudimentary heuristic scans that are easily circumvented by adversaries who control their own infrastructure and rotating IP addresses. Furthermore, the human-centric nature of these scams renders technical controls inherently insufficient unless they are paired with a cultural shift toward skeptical verification. It is not enough to deploy an automated solution if the culture within a firm encourages speed over accuracy and ignores the red flags of irregular communication patterns. Consequently, the defense against these campaigns must evolve into a proactive, threat-hunting discipline that monitors for anomalous login locations, unexpected session durations, and unauthorized changes to account configurations. Without this layer of vigilant oversight, the technical barriers essentially act as a screen door, providing the illusion of protection while failing to stop the actual threat.

Implementing Rigorous Verification Protocols in a High-Stakes Environment

The path forward requires a departure from the convenience-first mindset that dominates modern digital work environments. Organizations must adopt hardware-backed authentication methods, such as FIDO2-compliant security keys, which are resistant to the proxy-based interception tactics that currently plague mobile-based push notifications and SMS codes. Additionally, the adoption of strict device posture checks ensures that an attacker cannot simply use a stolen session token from an unauthorized machine or an unrecognized geographic region. Beyond the hardware, there must be a fundamental hardening of organizational processes, such as implementing mandatory out-of-band verification for any request involving financial transfers or the sharing of sensitive credentials. It is a harsh reality that trust is the primary vulnerability in any system, and the most secure posture is one that treats every incoming request as potentially malicious until proven otherwise through independent channels. While this might introduce friction into the workflow, that friction is the necessary price of security in an age where the cost of a single successful breach is often the survival of the entity itself.

Call to Action

The time for passive observation has passed, as the threats currently infiltrating our inboxes are not waiting for an invitation to compromise your organization. You must decide whether to continue relying on outdated defensive protocols that offer only the illusion of safety or to begin the hard work of hardening your infrastructure against the reality of modern adversarial tactics. I urge you to conduct an immediate audit of your current authentication stack and evaluate the necessity of migrating to hardware-backed security keys, as this is the single most effective step you can take to neutralize the threat of proxy-based session hijacking. Furthermore, initiate a comprehensive review of your internal communication policies to ensure that your team is empowered to question anomalies rather than blindly following the path of least resistance. Security is not a product you purchase, but a discipline you practice, and the responsibility to bridge the gap between your existing defenses and the current threat reality rests entirely with you. Do not wait for a compromised session to force your hand, because by the time the impact of a breach is visible, the damage is already absolute.

D. Bryan King

Sources

• CISA: Business Email Compromise (BEC) Resources
• FBI: Business Email Compromise Information
• FIDO Alliance: Defining Phishing-Resistant Authentication
• Microsoft: Analyzing Adversary-in-the-Middle (AiTM) Techniques
• NIST: Digital Identity Guidelines
• CrowdStrike: Phishing and Social Engineering Analysis
• Palo Alto Networks: Business Email Compromise Explained
• SANS Institute: Protecting Against Advanced Email Threats
• Cybereason: BEC Threat Landscape Report
• Check Point: The Evolution of Phishing
• Proofpoint: Understanding BEC Attacks
• Dark Reading: The Mechanics of Session Hijacking
• ZDNet: The New Era of Targeted Phishing
• Wired: Why Modern Phishing is Succeeding
• Trend Micro: BEC Comprehensive Guide
• Recorded Future: BEC Trend Analysis
• Infosecurity Magazine: FIDO2 and Phishing Resistance
• Varonis: Modern Phishing Techniques Deep Dive
• CSO Online: The Mechanics of BEC
• Fortinet: Cybersecurity Glossary on BEC
• SANS: Analyzing MFA Bypass Tactics
• BleepingComputer: Evolution of Phishing Kits
• Secureworks: BEC Defensive Strategies
• CISA: Mitigating Phishing Campaigns
• Mandiant: Evolving Tactics in BEC
• NIST: Phishing Training Resources
• TechTarget: BEC Definition and Prevention
• Elastic: Detecting Phishing Infrastructure
• Rapid7: The Threat of Session Token Theft
• Cloudflare: Understanding FIDO2 Protocol

Disclaimer:

The views and opinions expressed in this post are solely those of the author. The information provided is based on personal research, experience, and understanding of the subject matter at the time of writing. Readers should consult relevant experts or authorities for specific guidance related to their unique situations.

Related Posts

Rate this:

📝 MEDIUM severity: Reddit post links to a Microsoft Forms survey for academic use. No exploitation or vulnerability identified. No action needed, but always verify survey links. https://radar.offseq.com/threat/school-survey-non-paid-nothing-its-free-its-for-my-75bb8903 #OffSeq #SecurityNews #PhishingAwareness

🔐 Cyber Tip: Beware of QR code phishing. They can lead to malicious sites.

Scammers use fake QR codes to hide dangerous links. Verify the source before scanning.

https://zurl.co/mOCuy

#Zevonix #CyberSecurity #PhishingAwareness #PalmCoast

🔐 Cyber Tip: Run phishing simulations to improve employee awareness.

Testing your team in a safe environment helps reduce real world risk. Training people is just as important as securing systems.

https://zurl.co/045z0

#Zevonix #CyberSecurity #PhishingAwareness #PalmCoast

I’ve experienced many phishing campaigns in my career. Lots of long nights supporting incident response teams and SOC operations chasing down the phishing infrastructure to stop the campaign for long-term effect rather than blocking sender names.

Most of the times, we were successful. Phishing campaigns were just another event. Maybe 1-2 clicks, credentials were reset, session tokens were reset, and it was just like any other day.

Today was different. Today I experienced for the first time ever, a phishing campaign that went from initial click to full account takeover and business email compromise in 8 minutes on a scale of thousands of recipients.

A completely scripted, and likely automated phishing campaign, enabled the attacker(s) to successfully compromise in synchronization over 100 user accounts in less than 10 minutes. That’s how long it took before I was able to reach the data dump server as I was getting each indicator ingested for blocking. That’s how fast it took the infrastructure to rotate for a second wave.

I’ve ran this exact playbook a thousand times before as a threat intel analyst with great success. Their automated attack beat me to the punch.

It doesn’t matter how fast your response time is, it doesn’t matter how well your team rehearses their playbooks, or how many table tops you conduct a year; the reality is that automation is making defender’s lives harder, where normal, everyday SOC events become severe incidents.

#PhishingAwareness
#cybersecurity
#infosec
#threatintel
#cyberthreatintelligence
#cti

I’ve experienced many phishing campaigns in my career. Lots of long nights supporting incident response teams and SOC operations chasing down the phishing infrastructure to stop the campaign for long-term effect rather than blocking sender names.

Most of the times, we were successful. Phishing campaigns were just another event. Maybe 1-2 clicks, credentials were reset, session tokens were reset, and it was just like any other day.

Today was different. Today I experienced for the first time ever, a phishing campaign that went from initial click to full account takeover and business email compromise in 8 minutes on a scale of thousands of recipients.

A completely scripted, and likely automated phishing campaign, enabled the attacker(s) to successfully compromise in synchronization over 100 user accounts in less than 10 minutes. That’s how long it took before I was able to reach the data dump server as I was getting each indicator ingested for blocking. That’s how fast it took the infrastructure to rotate for a second wave.

I’ve ran this exact playbook a thousand times before as a threat intel analyst with great success. Their automated attack beat me to the punch.

It doesn’t matter how fast your response time is, it doesn’t matter how well your team rehearses their playbooks, or how many table tops you conduct a year; the reality is that automation is making defender’s lives harder, where normal, everyday SOC events become severe incidents.

#PhishingAwareness
#cybersecurity
#infosec
#threatintel
#cyberthreatintelligence
#cti

Anti-Phishing Solutions: Effectiveness, Limitations & What Really Keeps You Safe

Explore anti-phishing solutions—their effectiveness, limitations, and what truly keeps you safe from phishing attacks in today’s evolving threat landscape.

👉 Read more: https://www.ecsinfotech.com/anti-phishing-solutions-effectiveness-limitations-what-really-keeps-you-safe/

#CyberSecurity #PhishingAwareness #AntiPhishing #InformationSecurity #CyberThreats #DataProtection #SecurityAwareness #ECSInfotech #ECS

👻 Trick or threat?

The scariest tricks don’t happen in haunted houses – they land right in your inbox.

Phishing emails pretend to be real, luring you into fake links or asking for your login details. At mailbox, we block most of these monsters – but some still slip through.

Learn how to spot them and keep your mailbox safe from digital ghosts and data vampires:

🔗 https://mailbox.org/en/blog/phishing-alarm-how-to-spot-fake-mailboxorg-emails/ 🦇

#PhishingAwareness #CyberSecurity #HalloweenSafety #EmailSecurity

👻 Trick or threat?

The scariest tricks don’t happen in haunted houses – they land right in your inbox.

Phishing emails pretend to be real, luring you into fake links or asking for your login details. At mailbox, we block most of these monsters – but some still slip through.

Learn how to spot them and keep your mailbox safe from digital ghosts and data vampires:

🔗 https://mailbox.org/en/blog/phishing-alarm-how-to-spot-fake-mailboxorg-emails/ 🦇

#PhishingAwareness #CyberSecurity #HalloweenSafety #EmailSecurity

🤣
What's your most funniest #CybersecurityAwareness story?!

In honor of #CybersecurityAwarenessMonth we're offering 15% off your entire order with code NCSAM15 (min. $30).

Because your good security habits deserve it!!

Valid until Nov 1.

Shop here: https://buff.ly/L9VgUXq

#AppSecVillage #CyberSecurity #PhishingAwareness #SecureByDesign

🤣
What's your most funniest #CybersecurityAwareness story?!

In honor of #CybersecurityAwarenessMonth we're offering 15% off your entire order with code NCSAM15 (min. $30).

Because your good security habits deserve it!!

Valid until Nov 1.

Shop here: https://buff.ly/L9VgUXq

#AppSecVillage #CyberSecurity #PhishingAwareness #SecureByDesign

A single phishing click shook NPM’s open-source world—compromised packages like chalk and debug hit millions of cloud setups in just two hours. How did the community turn the tide so fast?

https://thedefendopsdiaries.com/enhancing-open-source-security-lessons-from-the-npm-supply-chain-attack/

#npmattack
#supplychainsecurity
#opensource
#phishingawareness
#cybersecurity

Think twice before accepting that Apple calendar invite. Scammers are now using legit-looking iCloud invites to bypass security—and it only takes one click to fall for it. Stay alert and check before you act!

https://thedefendopsdiaries.com/understanding-the-icloud-calendar-phishing-scam/

#icloudphishing
#cybersecurity
#phishingawareness
#emailsecurity
#applephishing

🐌💻 Even a slug can win the cybersecurity race with the right habits:
🔑 Strong passwords & 2FA
📩 Avoiding phishing scams
🛠️ Regular patching
📂 Secure backups
Slow and steady wins — in both racing and cyber defense.

💬 Drop your best cyber hygiene tip below
.
#CyberSecurity #PhishingAwareness #2FA #CyberHygiene #ZeroTrust #InfoSec

🐌💻 Even a slug can win the cybersecurity race with the right habits:
🔑 Strong passwords & 2FA
📩 Avoiding phishing scams
🛠️ Regular patching
📂 Secure backups
Slow and steady wins — in both racing and cyber defense.

💬 Drop your best cyber hygiene tip below
.
#CyberSecurity #PhishingAwareness #2FA #CyberHygiene #ZeroTrust #InfoSec

Can you spot the difference between these URLs? 👀
Scammers use lookalike domains by swapping letters with similar-looking characters (like Cyrillic letters) to trick you into clicking dangerous links.

🛑 Just because it looks like your bank's website doesn't mean it is.
🔍 Always double-check URLs before clicking.
📧 Be cautious with links in emails and messages.

Stay sharp. Stay safe. Stay alert. 🔐
#CyberSecurity #OnlineSafety #ScamAlert #PhishingAwareness #TechTips

🔐 Modern Password Security Threats: Protecting Your Digital Identity 🕵️‍♀️ 🛡️ 🚨

Cybercriminals use sneaky techniques to crack passwords and gain access to accounts. Here are the most common attacks:

⚒️ Brute Force – Tries every possible password
📖 Dictionary Attack – Uses common words & phrases
🌈 Rainbow Table – Cracks password hashes
👀 Shoulder Surfing – Spies on you while typing
⌨️ Keylogging – Records everything you type
🎯 Password Spraying – Tests common passwords on many accounts
🎭 Social Engineering – Tricks you into revealing passwords
🎣 Phishing – Fake emails & websites steal your login
🎟️ Credential Stuffing – Uses leaked passwords from breaches
🕵️ Man-in-the-Middle – Intercepts data over networks

🛡️ Stay Safe! Use strong, unique passwords, enable 2FA, and beware of phishing scams.

Which attack surprised you the most? Let’s discuss in the comments! ⬇️

⚠️ This content is shared strictly for educational and informational purposes only. 📚 All information is provided to help individuals and organizations better protect themselves against security threats. 🔒 The techniques discussed are presented solely to improve awareness and defensive measures, not to facilitate any unauthorized access. ✅

#PasswordSecurity #CyberSecurity #DataProtection #SecureAuthentication #IdentityProtection #InfoSec #PhishingAwareness #CyberDefense #MFA #DigitalSafety

🔐 Modern Password Security Threats: Protecting Your Digital Identity 🕵️‍♀️ 🛡️ 🚨

Cybercriminals use sneaky techniques to crack passwords and gain access to accounts. Here are the most common attacks:

⚒️ Brute Force – Tries every possible password
📖 Dictionary Attack – Uses common words & phrases
🌈 Rainbow Table – Cracks password hashes
👀 Shoulder Surfing – Spies on you while typing
⌨️ Keylogging – Records everything you type
🎯 Password Spraying – Tests common passwords on many accounts
🎭 Social Engineering – Tricks you into revealing passwords
🎣 Phishing – Fake emails & websites steal your login
🎟️ Credential Stuffing – Uses leaked passwords from breaches
🕵️ Man-in-the-Middle – Intercepts data over networks

🛡️ Stay Safe! Use strong, unique passwords, enable 2FA, and beware of phishing scams.

Which attack surprised you the most? Let’s discuss in the comments! ⬇️

⚠️ This content is shared strictly for educational and informational purposes only. 📚 All information is provided to help individuals and organizations better protect themselves against security threats. 🔒 The techniques discussed are presented solely to improve awareness and defensive measures, not to facilitate any unauthorized access. ✅

#PasswordSecurity #CyberSecurity #DataProtection #SecureAuthentication #IdentityProtection #InfoSec #PhishingAwareness #CyberDefense #MFA #DigitalSafety

🚨 New AI-powered vishing campaign alert! Senior U.S. officials are being impersonated via deepfake voice calls & smishing texts to hijack sensitive accounts. The FBI warns: verify contacts, watch for odd messages, enable MFA, & never share codes! Stay vigilant against AI-driven social engineering! 🔐🤖📞 #CyberSecurity #Vishing #AIThreats #FBIAlert #InfoSec #PhishingAwareness #newz

Read more 👉 https://cyberinsider.com/senior-u-s-officials-impersonated-in-ai-powered-vishing-campaign/

🚨 New AI-powered vishing campaign alert! Senior U.S. officials are being impersonated via deepfake voice calls & smishing texts to hijack sensitive accounts. The FBI warns: verify contacts, watch for odd messages, enable MFA, & never share codes! Stay vigilant against AI-driven social engineering! 🔐🤖📞 #CyberSecurity #Vishing #AIThreats #FBIAlert #InfoSec #PhishingAwareness #newz

Read more 👉 https://cyberinsider.com/senior-u-s-officials-impersonated-in-ai-powered-vishing-campaign/

Billions of passwords have been leaked and sold on the dark web, exposing major companies like Marks & Spencer and Harrods to cyberattacks. Weak passwords, lack of two-factor authentication, and phishing scams are key vulnerabilities.

#CyberSecurity #DataBreach #PasswordSafety #2FA #PhishingAwareness #OnlineSafety #DigitalSecurity #CyberAttack #PrivacyMatters #TECHi

Read Full Article Here :- https://www.techi.com/password-leak-protection-best-practices/

Avoid phishing and social engineering by thinking before clicking.
#OPSEC #PhishingAwareness #CyberDefense

Inside the Mind of a Hacker #CyberSecurity #HackerMindset #DigitalDefense #InfoSec #CyberThreats #TTPs #PhishingAwareness #PrivilegeEscalation #NetworkSecurity #MalwareAnalysis #EthicalHacking #OpSec #BlueTeam #RedTeam #CyberIntel #DeadSwitch #CyberGhost #KnowYourEnemy #SilenceIsTactical #FearTheSwitch

http://tomsitcafe.com/2025/04/08/inside-the-mind-of-a-hacker/

Inside the Mind of a Hacker #CyberSecurity #HackerMindset #DigitalDefense #InfoSec #CyberThreats #TTPs #PhishingAwareness #PrivilegeEscalation #NetworkSecurity #MalwareAnalysis #EthicalHacking #OpSec #BlueTeam #RedTeam #CyberIntel #DeadSwitch #CyberGhost #KnowYourEnemy #SilenceIsTactical #FearTheSwitch

http://tomsitcafe.com/2025/04/08/inside-the-mind-of-a-hacker/

Whispers in the Wire: Cybersecurity for Small Businesses in a World of Big Threats #Cybersecurity #SmallBusinessSecurity #DigitalDefense #ITSecurity #OpSec #CyberHygiene #DataProtection #InfoSec #PhishingAwareness #MFA #Backups #PasswordSecurity #OpenSourceSecurity #RansomwareProtection #DeadSwitch #TomsITCafe #PrivacyMatters #ThreatIntel #CyberResistance #SecureByDesign

http://tomsitcafe.com/2025/04/08/whispers-in-the-wire-cybersecurity-for-small-businesses-in-a-world-of-big-threats/

Whispers in the Wire: Cybersecurity for Small Businesses in a World of Big Threats #Cybersecurity #SmallBusinessSecurity #DigitalDefense #ITSecurity #OpSec #CyberHygiene #DataProtection #InfoSec #PhishingAwareness #MFA #Backups #PasswordSecurity #OpenSourceSecurity #RansomwareProtection #DeadSwitch #TomsITCafe #PrivacyMatters #ThreatIntel #CyberResistance #SecureByDesign

http://tomsitcafe.com/2025/04/08/whispers-in-the-wire-cybersecurity-for-small-businesses-in-a-world-of-big-threats/

Would love to hear your thoughts—have you ever had a close call with a phishing scam? Let’s talk about it!

https://www.linkedin.com/pulse/hidden-danger-phishing-why-training-alone-wont-save-you-jack-poller-mahhe

#Cybersecurity #PhishingAwareness #DataProtection #HumanFactor
5/5

Phishing scams are everywhere—protect yourself by learning how to spot them! 🚫💻 Stay ahead of cybercriminals and keep your info safe with these expert tips. #PhishingAwareness #OnlineSecurity #CyberProtection

https://bdking71.wordpress.com/2025/02/18/phishing-frenzy-how-to-spot-and-avoid-online-scams/

📝 The Psychology of Phishing: Why Smart People Fall for Scams

🧠 Exploring how mental exhaustion makes us vulnerable to phishing attacks, with practical tips to protect yourself

🔗 https://techsplicer.com/insights/the-psychology-of-phishing-why-smart-people-fall-for-scams/

#CyberSecurity #MentalHealth #PhishingAwareness #InfoSec #CognitiveFatigue

📝 The Psychology of Phishing: Why Smart People Fall for Scams

🧠 Exploring how mental exhaustion makes us vulnerable to phishing attacks, with practical tips to protect yourself

🔗 https://techsplicer.com/insights/the-psychology-of-phishing-why-smart-people-fall-for-scams/

#CyberSecurity #MentalHealth #PhishingAwareness #InfoSec #CognitiveFatigue

The cybersecurity landscape is evolving rapidly, with emerging trends that every professional should be aware of to stay ahead of threats. As organizations increasingly adopt AI and machine learning, attackers are also leveraging these technologies, leading to an arms race in cyber capabilities.

Key takeaways from recent analyses include the rise of automated phishing attacks and the increased sophistication of ransomware tactics, targeting not just systems but also the supply chain. Furthermore, the shift towards remote work has blurred the lines of traditional perimeter security, emphasizing the need for Zero Trust architectures and robust endpoint protection.

Actionable advice for organizations includes routinely updating threat intelligence systems and training employees on recognizing advanced phishing attempts. Additionally, consider investing in AI-driven security solutions that can adapt to new threats in real-time.

An often-overlooked perspective is the importance of psychological resilience among cybersecurity teams. Encouraging a culture that values mental health can enhance focus and response times during incidents.

How is your organization adapting to these trends? Share your thoughts or best practices in the comments!

#CybersecurityTrends #ZeroTrust #AIinSecurity #PhishingAwareness #RansomwareDefense
Read more: https://steelefortress.com #InfoSec

Don’t get hooked by phishing emails! 🪝 Learn how to spot red flags, verify senders, and stay safe online. 🚨 Protect yourself and your workplace today! #Cybersecurity #PhishingAwareness #EmailSafety

https://bdking71.wordpress.com/2024/12/10/spot-the-red-flags-how-to-identify-and-avoid-phishing-emails-like-a-pro/

Phishing attacks are getting smarter, but you can stay ahead. In the final part of Rachel Rabin’s blog series, find practical advice to spot and stop email threats in Microsoft 365: https://www.pentestpartners.com/security-blog/bec-ware-the-phish-part-3-detect-and-prevent-incidents-in-m365/

Here’s what’s inside:

🔍Understanding how phishing emails bypass existing controls and fine-tune your anti-malware policies.

📊 Configure Defender for Office and Defender for Cloud Apps with customised threat and alert policies to effectively prevent and detect email-based attacks.

⚡ Go beyond default settings—use KQL to identify noisy policies and refine rule scope or sensitivity for better precision.

#PhishingPrevention #EmailSecurity #Microsoft365 #CyberThreats #CyberSecurityTips #StaySecure #PhishingAwareness #M365Security #CyberResilience #SpotThePhish

GoIssue Phishing Tool Strikes GitHub Developers with Bulk Emails
Cybersecurity researchers have recently uncovered a new threat targeting developers on the popular platform. GoIssue Phishing Tool, a malicious tool designed to trick users into revealing sensitive information
#GoIssue #PhishingTool #GitHubDevelopers #CyberSecurity #EmailScam #TechNews #DeveloperAlert #OnlineSafety #PhishingAwareness #SecurityBreach #news
https://cloudhosting.evostrix.eu/goissue-phishing-tool-strikes-github-developers-with-bulk-emails/

In the latest updates from the world of cybersecurity, experts are warning about a new wave of phishing attacks targeting both individuals and businesses. Hackers are getting more sophisticated, using AI to craft emails that look incredibly legitimate.

Don't let your guard down! Here are some quick tips to stay safe:

1. Always verify the senders email address.
2. Look out for spelling or grammatical errors.
3. Never click on suspicious links or attachments.

Stay informed and protect yourself from cyber threats! What steps do you take to secure your online presence? Share your tips below! #Cybersecurity #StaySafeOnline #PhishingAwareness

Stay safe from smishing scams! 🚨 Learn how to protect yourself from text-based phishing attacks with our latest blog post. Don’t let scammers trick you into sharing your info! #CyberSecurity #PhishingAwareness #StaySafe

https://bdking71.wordpress.com/2024/08/27/how-to-protect-yourself-from-the-growing-threat-of-smishing/

This was the last straw. Yet another shitty phishing sim. Be better people.
I'm officially now on IG and Tiktok to call out shitty ethics and training in security @info_bex
https://vm.tiktok.com/ZGeST4Vf7/

#security #securityawareness #infosec #infobex #education #training #dobetter #cybersecurity #cyberprotection #phishing #phishingawareness #phishingemail #cybersecuritytraining #cyber #behaviour

This was the last straw. Yet another shitty phishing sim. Be better people.
I'm officially now on IG and Tiktok to call out shitty ethics and training in security @info_bex
https://vm.tiktok.com/ZGeST4Vf7/

#security #securityawareness #infosec #infobex #education #training #dobetter #cybersecurity #cyberprotection #phishing #phishingawareness #phishingemail #cybersecuritytraining #cyber #behaviour