Over the last three decades, I’ve watched phishing evolve from clumsy scam emails into targeted, convincing attacks that slip past filters and fool smart people on busy days. I’ve seen firms lose money, data, and trust—not because their tech failed, but because one message looked routine, urgent, or familiar. Every real incident reinforces the same lesson: phishing succeeds by exploiting human behavior, not technical gaps. These experiences shaped Phish Coach—training users to recognize real-world attacks because the threats below aren’t hypothetical. They’re the same ones I’ve dealt with in the wild.
December 12 , 2025 - A widespread phishing campaign tracked as Blackforce has been actively targeting organizations by sending credential-stealing emails designed to harvest login information and gain unauthorized access to enterprise accounts.
July 30, 2025 - A new wave of phishing scams in Utah is spoofing the DMV by sending fraudulent emails and texts that trick recipients into clicking malicious links and disclosing personal information.
June 24, 2025 - A convincing phishing email impersonated the Utah State Bar's communications director, targeting legal professionals with a trusted sender and realistic messaging designed to prompt quick action.
May 23, 2025 - A recent FBI alert warns that a sophisticated extortion group known as Luna Moth (Silent Ransom Group) has been using callback phishing and social engineering to trick U.S. law firm employees into granting remote access, steal sensitive data, and then extort firms by threatening to leak the information.
![[interface] image of a digital education platform interface](https://cdn.prod.website-files.com/image-generation-assets/8e884b4b-ec94-4d81-a27b-0a898eecf867.avif)