Can I Be Phished?
The "Can I Be Phished?" podcast helps you learn how to analyze phishing emails by "unboxing" different messages each episode. So you can learn the subtle tricks used by attackers. We also try to have guests on the show to explore different perspectives on phishing and cybersecurity, always with a view to the impacts on businesses and individuals.
info_outline
Ep. 8 - Zoom Zinger
10/25/2021
Ep. 8 - Zoom Zinger
In this episode, I explore a fake Zoom meeting invitation with Jeff Ton, author of Amplify Your Job Search, and Amplify Your Value. We all encounter so many online meetings these days, that a Zoom invitation is a great phishing pretext. Join us as we analyze one that illustrates how this works. Jeff is a former executive who now coaches others to maximize their potential in the IT industry. He shares insights into his experiences and lessons learned that make him a great speaker and author. Jeff can be reached at:
/episode/index/show/clickarmor/id/20923823
info_outline
Ep. 7 - Funny Fedex Phishing Message
06/21/2021
Ep. 7 - Funny Fedex Phishing Message
We take a look at a pretty obvious - you might even say "funny" - phishing email that tries to convince us that we're in for some great surprises from FedEx. Still, there are some good lessons in spotting phishing attacks, followed by some great tips and advice from Pete on marketing and managing money successfully. Whether you are a compliance manager, a CISO or an IT Service provider, you’ve got a communication and marketing challenge. How do you effectively get your message across to employees and end-users? In this episode of Can I Be Phished?, I speak with Pete Matheson, a leading IT business coach and video content creator who knows how to build messaging programs using video. Pete and I also dig into his tips and lessons learned as a Managed Service Provider about using video to do persuasive messaging and to create content that people want to consume. Pete can be reached at: If you'd like to provide us with comments, or make suggestions on specific phishing attacks or scams that you think would be valuable to our audience, please submit a comment on our
/episode/index/show/clickarmor/id/19547402
info_outline
Ep. 6 - Deceitful Delivery
03/22/2021
Ep. 6 - Deceitful Delivery
This episode features Stuart Crawford, a fellow Canadian, now living in Florida. Stuart heads up Ulistic MSP Marketing, which helps service providers market their services to customers. Try the online self-assessment game to get a taste of how fun and effective gamified learning and assessment can be. The Click Armor Phishing Checklist In each episode, we’ll use our basic phishing checklist to analyze a different phishing message, so you can learn the clues about what to look for, to avoid becoming a victim. Here’s the basic Checklist: 1) Gut Feel Garbage 2) Sender Sanity 3) Link Elusiveness 4) Body Believability The best way to use the checklist is to try to disqualify a message with each check. If you haven’t thrown out the message by the time you’re finished step 4, it’s not a guarantee that the message is safe. So, if you still aren’t sure, you should ask for help from an IT support person. Special Guest for Episode #6: Stuart Crawford After analyzing the phising message, Stuart shares how the approach I’m using to show people how to analyze phishing messages can be used by MSPs to market to their customers on security tips and other useful information. Stuart can be reached at Ulistic MSP Marketing via: If you’d like to provide us with comments, or make suggestions on specific phishing attacks or scams that you think would be valuable to our audience, please submit a comment on our
/episode/index/show/clickarmor/id/18421172
info_outline
Ep. 5 - Vexatious Voicemail
03/22/2021
Ep. 5 - Vexatious Voicemail
This episode features my guest Nora Cox, a veteran information security and risk management consultant. Nora and I worked together as Product Managers at security software company Entrust many years ago. Her experience in Chief Risk Officer and Chief Compliance Officer roles makes her a great source of wisdom for businesses looking to develop a security culture. Try the online self-assessment game to get a taste of how fun and effective gamified learning and assessment can be. The Click Armor Phishing Checklist In each episode, we’ll use our basic phishing checklist to analyze a different phishing message, so you can learn the clues about what to look for, to avoid becoming a victim. Here’s the basic Checklist: 1) Gut Feel Garbage 2) Sender Sanity 3) Link Elusiveness 4) Body Believability The best way to use the checklist is to try to disqualify a message with each check. If you haven’t thrown out the message by the time you’re finished step 4, it’s not a guarantee that the message is safe. So, if you still aren’t sure, you should ask for help from an IT support person. Special Guest for Episode #5: Nora Cox After analyzing our phishing message for this episode, Nora helps me unbox a phishing message that pretends to be a voicemail notification with a link to download an audio file. What could go wrong? Nora can be found at: If you’d like to provide us with comments, or make suggestions on specific phishing attacks or scams that you think would be valuable to our audience, please submit a comment on our
/episode/index/show/clickarmor/id/18420995
info_outline
Ep. 4 - Abnormal Administrator
03/22/2021
Ep. 4 - Abnormal Administrator
This episode features my guest Ted Demopoulos, a veteran security consultant and author I’ve known for many years. Ted works in all areas of security, and is very active in helping consultants and entrepreneurs build their companies. Ted helps me unbox a phishing message that appears to be from an email administrator saying that my account needs to be updated. Try the online self-assessment game to get a taste of how fun and effective gamified learning and assessment can be. The Click Armor Phishing Checklist In each episode, we’ll use our basic phishing checklist to analyze a different phishing message, so you can learn the clues about what to look for, to avoid becoming a victim. Here’s the basic Checklist: 1) Gut Feel Garbage 2) Sender Sanity 3) Link Elusiveness 4) Body Believability The best way to use the checklist is to try to disqualify a message with each check. If you haven’t thrown out the message by the time you’re finished step 4, it’s not a guarantee that the message is safe. So, if you still aren’t sure, you should ask for help from an IT support person. Special Guest for Episode #4: Ted Demopoulos After analyzing the phising message, Ted shares his experiences with phishing incidents and his observations on cyber risks. You can learn more about Ted at: If you’d like to provide us with comments, or make suggestions on specific phishing attacks or scams that you think would be valuable to our audience, please submit a comment on our
/episode/index/show/clickarmor/id/18420806
info_outline
COVID CON - Unboxing a phishing message from the World Health Organization
10/23/2020
COVID CON - Unboxing a phishing message from the World Health Organization
Shawn and Scott unbox a message that looks like it is from the WHO, with an offer to provide assistance. So, we get lots of good insights into this kind of cyber attack, and then explore Shawn's experience in ransomware incidents and some great recommendations on cyber insurance. Shawn is reachable at: To comment on this episode, you can go to:
/episode/index/show/clickarmor/id/16524431
info_outline
Ep. 2. Unboxing a phishing message with a service expiry warning
09/02/2020
Ep. 2. Unboxing a phishing message with a service expiry warning
Each week on Can I Be Phished?, we look at a different threat, to show you how to look for suspicious situations. In this episode: - Scott unboxes a phishing message that looks like a warning notice from a bank, saying his online banking service will soon be expiring. - We are assisted by Dave Ockwell-Jenner, VP of Information Security at Arctic Wolf, a managed security service provider (MSSP) - Dave also provides stories about tracking down advanced persistent threats in a corporate network For more info on Dave and Arctic Wolf: Dave Ockwell-Jenner: http://twitter.com/daveoj Arctic Wolf: http://www.arcticwolf.com Remember that October is National Cyber Security Awareness Month, and it's coming up fast (as of the time of this video). Maybe it's time to try something more engaging this year... About Click Armor Click Armor is your go-to resource for gamified cyber security awareness training. It is the first online gamified learning platform designed specifically for cyber security awareness learning and assessment. It's a completely different way to deliver content that people find boring. Maybe it's time to abolish your "Death by Powerpoint" awareness program and try something more engaging... Click Armor's gamified online phishing and social engineering courses are a great way to inject new life into your cyber security awareness program, with its visual, dynamic and interactive learning challenges and simulations. To get a free trial for your organization, and to see how gamification can deliver instant results, visit: https://clickarmor.ca/start-your-free... For more resources on gamification of awareness, you can also visit: https://clickarmor.ca/gamification
/episode/index/show/clickarmor/id/15848948
info_outline
Can I Be Phished? #1 - Unboxing a malicious phishing message that impersonates an amazon email
06/18/2020
Can I Be Phished? #1 - Unboxing a malicious phishing message that impersonates an amazon email
Unboxing an Artificial Amazonian phishing message. Plus, an interview with Adam Crate of Grade A (MSP in Ottawa). Part 1: Unboxing Scott reviews the steps in the Can I Be Phished? phishing checklist, including: 1) Gut feel garbage check; 2) Sender sanity 3) Link elusiveness and 4) Body believability. A simple phishing message that impersonates an Amazon customer service email is analyzed using the checklist. (Video version is available on Youtube in the Click Armor channel.) Part 2: Interview with Adam Crate, VP Business Services at Grade A, an Ottawa-based Managed Service Provider (Starts at 12:33 mark) Adam provides some enlightening details of the impacts of COVID-19 on MSPs and on their small business clients. He also provides some tips for general security, as well as security awareness. Grade A: Visit to try our 3-minute gamified phishing self assessment, and learn more about how Click Armor's gamified learning platform for cybersecurity awareness can revitalize your security awareness training program.
/episode/index/show/clickarmor/id/14870522