Having tricked CEOs, celebrities, the White House, and cyber criminals - I know how powerful social engineering is.
Now I use my experiences to teach others about the risks.
My story is proof that…
Email has such a major flaw
Someone with no cyber skills could exploit it
Anyone can be ‘hacked’
But I didn’t start with the White House. My spear phishing started at work…
Part 1/5
Part 2/5
First, let’s make email simple.
The email world we all live in can be daunting. But beneath every email is a simple transactional relationship; I call it Ask & Do™
It’s what gives life to email, and it helps us to understand why threats posing at those we trust target us - it’s because they can ‘ask’ us to ‘do’ things scammers can profit from.
Phishing: Why the things we can do are valuable to scammers
Part 3/5
“James is so good at explaining these risks. This is a fantastic resource for all to understand it. Highly Recommended”
— Ciaran Martin, Former/Founding Head of NCSC
Phishing in the wild.
Part 4/5
I create
training that
Uses stories to give more context
Explains relationships visually
(65% of us prefer to learn this way)Is tech-term free
The script might be tech-term free, but I still want to join the dots with previous, current, and future training. So I use labels to connect conventional terms with what’s being described in the story.
Spear phishing: How scammers will bend your payment processes
Part 5/5
At 2 mins 49 seconds, this video is the longest. But I want people to be fully prepared and understand the nature of these attacks. It’s the number 1 money maker in the cybercrime world.
If your Security Training Platform (or Org) wants to use my Email Stories, get in touch.
Catch me at james@thewhole.io or on Linkedin
My blog
Recent Podcast
Security culture legend Perry Carpenter of KnowBe4 invited me to join him for a dive into the pranks, how I made the jump into cyber security, and what I’ve learnt about social engineering along the way.