Jack’s Hacks: Volume 10

The Latest in Cybersecurity

Rise of AI-Powered Phishing Scams Targeting Executives 

Phishing scams are getting personal—really personal—and AI is the driving force. We’re talking about sophisticated, hyper-targeted attacks aimed right at executives. Hackers aren’t sending generic “You’ve won a prize!” emails anymore. They’re scraping LinkedIn profiles, news articles, social media and corporate reports to craft messages that feel authentic. If you’re in a leadership role, the chances are high that someone, somewhere, is trying to convince your team they’re you. 

Take eBay, for example. The Financial Times recently reported on the proliferation of fraudulent emails sent to senior employees — phishing attacks where scammers impersonate senior execs with uncanny precision. These aren’t just casual attempts; they’re detailed, researched, and often spot-on with timing. Attackers know about recent deals, job changes or company announcements and use that intel to make requests—like transferring funds or sharing sensitive data—sound plausible. 

Here’s the scary part: AI-generated phishing emails are polished, adaptive and can slip past traditional email filters. Standard cybersecurity tools just aren’t enough anymore. What companies need now is smarter threat detection and better awareness at the human level. That means educating your team to be vigilant and investing in tech that can spot these evolving attacks before they land. 

The bottom line? Cybersecurity is no longer just an IT issue; it’s a leadership issue. Hackers are coming for execs—and they’re armed with AI. Stay sharp, stay secure, and don’t underestimate the sophistication of what’s coming your way. 

Quantum Computing: The Cybersecurity Threat You Can’t Ignore 

Quantum computing is no longer some far-off, sci-fi concept—it’s here, and it’s poised to flip cybersecurity on its head. These machines are insanely powerful, capable of solving complex problems in seconds that would take today’s supercomputers thousands of years. The upside? Quantum could revolutionize industries like healthcare, finance and logistics. The downside? It threatens to break the cryptographic systems that keep our digital lives secure. 

Right now, most encryption relies on math problems that are easy to verify but practically impossible to crack with classical computers. Quantum changes that. Algorithms—used to secure everything from bank accounts to government secrets—could be rendered obsolete once a powerful-enough quantum computer comes online. That’s not just a theoretical risk. Forbes lists quantum computing as one of the top cyber priorities for 2025. And nation-states and cybercriminals are already storing encrypted data, waiting for quantum machines to unlock it in the future. 

So, what can you do about it? First, don’t panic, but don’t sit still, either. Companies need to start integrating post-quantum cryptography—encryption that’s designed to withstand quantum attacks. The National Institute of Standards and Technology (NIST) is already working on new standards, and some forward-thinking organizations are testing quantum-safe protocols. For most businesses, the best move right now is risk assessment: identify what sensitive data is most at risk and create a roadmap to migrate to quantum-resistant security solutions. The future is coming fast—stay ready. 

Cybersecurity Predictions for 2025: AI Threats and Advanced Defenses 

In 2025, cyberattacks are expected to get smarter with the help of artificial intelligence (AI). Hackers may use AI to craft more convincing phishing emails and create malware that adapts to security measures, making threats harder to spot and stop. 

To fight back, cybersecurity experts are also turning to AI. They’re building tools to detect and block attacks faster than ever. Another big focus? Protecting Internet of Things (IoT) devices—everyday gadgets connected to the internet—before hackers turn them into easy targets. 

Jack’s Top Monthly Hacks

For Businesses:

When Backups Fail: Choose Your Own Recovery Adventure 

From my recent dealings with clients, there is a lot of misinformation about how businesses should use backups to ensure their data is protected if a security event occurs.  

With the cloud and backup providers claiming to be ransomware proof, many small businesses are getting a false sense of security when it comes to protecting their data.

I am personally seeing some of the biggest backup solution providers failing to protect their business clients. Yes, backups are ransomware proof – but if your company does not have the proper network configurations in place, this just isn’t the case. Network configurations for backups need to properly segregate at least one copy of your data so that cyber criminals can’t access it – and I’m seeing many instances where this isn’t happening. 

The other major issue I see is that clients think that their data is safe “in the cloud”. Please note that “the cloud” and backups are mutually exclusive. Your backup needs to be outside of the cloud to truly be secure from cyber threats and breaches. 

Post ransomware is the worst time to discover that your backup solution wasn’t what you thought it was. Here’s the difference in outcome:

Having a Properly Configured Backup: You have properly segregated and secure backups. You have about a week of bumpy road, often with critical systems coming online in under 24 hours. The costs range from $10,000 to about $75,000 for the typical SMB.

Not Having a Properly Configured Backup: Your backups are encrypted and often deleted despite the vendor promises. You must either consider paying the ransom and/or rebuilding all of your data from scratch or finding bits and pieces where you can. These costs will generally exceed $250,000 and can go into the millions

For Individuals 

Online Gaming: The Hidden Cyber Risks at Home 

Online gaming isn’t just about fun anymore—it’s become a major cyber risk, and your family could be the target. Gaming accounts are goldmines for hackers, loaded with personal info, payment details and even digital assets. Kids and teens, who often game the most, are prime targets for social engineering attacks, phishing scams and malware. Worse, cybercriminals use compromised accounts to spread attacks further. 

What makes gaming such a soft spot for cybercrime? It’s a perfect storm of weaker passwords, shared accounts and clicks on suspicious links. Hackers are getting smarter, using tricks like fake login pages and in-game messages to steal credentials.  

So, what can you do? Step up your security game by:  

Consider using a VPN: VPNs are good for maintaining your online privacy by obscuring your traffic, ensuring data is truly encrypted point to point, and helping you appear as if you’re browsing from a different location. Using a personal VPN is highly recommended especially when transmitting sensitive data. 

Update VR/AR headset software regularly: VR and AR headsets collect sensitive user data, including biometric information, location data and user preferences. Inadequate security measures or unauthorized access to this data can lead to privacy breaches, identity and credentials theft and social engineering attacks. 

Teach your kids cybersecurity best practices: Build good habits by showing them how to create strong, unique passwords, enable two-factor authentication and how to spot suspicious links.  

Make them aware of online predators: The internet can be a dangerous place, and parents have a responsibility to protect their children. Educate them about risks that come from the digital world like cyberbullying, extortion and malware. Let them know that if they detect suspicious activity, they should report it without feeling shame. 

Gaming can be safe, but only if you take cybersecurity seriously—because it’s not just about protecting a virtual world, it’s about protecting your family’s real world.