---
title: "Phishing in the News | DuoCircle"
description: "If You Think Phishing Is Only Your Employer’s Problem Think Again If you work for a company, you probably think about phishing attacks in a distant sort of way."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/phishing-protection/phishing-in-the-news/"
---

Quick Answer

Three phishing stories worth knowing. First, a UK employer (Peebles Media Group) sued an employee for $250,000 after she fell for a CEO fraud scam, despite never having received fraud-spotting training. Second, several major airlines including Southwest and KLM send check-in links over HTTP rather than HTTPS, exposing record locators, passenger names, payment data, passport details, and full boarding passes to interception, per Wandera research. Third, phishing has been documented since 1996 and continues to grow because the supply chain is mature: novices can buy step-by-step tutorials and templates, lookups for SMTP servers and blocklist evasion, and website-cloning services like XDAN CopySite that produce a static mirror of any target domain in seconds.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fphishing-protection%2Fphishing-in-the-news%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Phishing%20in%20the%20News&url=undefined%2Fblog%2Fphishing-protection%2Fphishing-in-the-news%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fphishing-protection%2Fphishing-in-the-news%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fphishing-protection%2Fphishing-in-the-news%2F&title=Phishing%20in%20the%20News "Share on Reddit") [ ](mailto:?subject=Phishing%20in%20the%20News&body=Check out this article: undefined%2Fblog%2Fphishing-protection%2Fphishing-in-the-news%2F "Share via Email") 

![Phishing](https://media.mailhop.org/duocircle/images/2019/02/SPF-record-checker-7658.jpg) 

## If You Think Phishing Is Only Your Employer’s Problem Think Again

If you work for a company, you probably think about phishing attacks in a distant sort of way. In other words, phishing may be a problem, but it’s not your problem, really. It’s your employers’. Right? Wrong.

According to a [recent article](https://blog.knowbe4.com/company-sues-employee-after-she-falls-for-usd-250k-ceo-fraud-scam) on the Phishing education website KnowBe4, an employer in the UK sued an employee for $250K for falling victim to a phishing scam. According to the article, “Patricia Reilly, who was working for the UK Peebles Media Group fell for a CEO Fraud Scam where the criminals sent her emails pretending Mrs. Reilly’s boss.”

She’s being sued because she should have known better. The remarkable thing is the company didn’t provide her any _training on how to spot online fraud_. Maybe Mrs. Reilly ought to countersue her former company for lack of proper training. Or maybe she’ll countersue them for not using [inexpensive and readily-available technology](/) to keep the darn phishing email out of her inbox in the first place.

## Now Just Booking a Vacation Can Get You Hacked

If you fly, then you know that airlines send check-in links by email 24 hours before your flight. What you might not know is that some airlines send links that initiate a connection over HTTP instead of HTTPS. And _that puts you at risk for being hacked_.

According to [an article on security news website Security Week](https://www.securityweek.com/check-links-sent-several-airlines-expose-passenger-data), “check-in links sent to customers by several major airlines from around the world can allow hackers to obtain passengers’ personal information and possibly make changes to their booking.” The airlines found to have been doing this by security firm Wandera include Southwest in the US and KLM in the Netherlands.

According to Wandera VP of Product Michael Covington, the link itself includes a record locator, the origin of the flight and its destination, and, in some cases, the passenger’s name. Theoretically an attacker could intercept a user’s traffic and leverage these credentials to gain access to the targeted user’s online check-in page.

Once at the check-in page, the attacker might have access to other, more personal data, such as

- email address,
- name, gender,
- passport information,
- nationality,
- phone number,
- partial payment card information,
- booking reference,
- flight details (flight number, seating data), and
- even the complete boarding pass.

It may even be possible in some cases for the attacker to make changes to the data provided and print the victim’s boarding pass.

Sill think you don’t need [advanced phishing prevention technology](/advanced-threat-defense)?

[![Phishing](https://media.mailhop.org/duocircle/images/2019/02/spf-record-8679.jpg)](https://media.mailhop.org/duocircle/images/2019/02/spf-record-8679.jpg)

## Looking for a Hobby? How about Phishing.

Would you be surprised to learn that [phishing has been around since 1996](https://www.phishing.org/history-of-phishing)? That’s like year 2 AD in internet time. You’d think after almost a quarter of century phishing would be gone by now. In fact, [just the opposite has happened](https://docs.apwg.org/reports/apwg%5Ftrends%5Freport%5Fq2%5F2018.pdf).

In case you’re wonder why phishing rates continue to rise, check out this list of [resources for the aspiring attacker](https://www.securityweek.com/understand-more-about-phishing-techniques-reduce-your-digital-risk):

### Expert assistance:

Incredibly, there are actually places on the internet novices can go to learn how to phish someone. They can purchase step-by-step tutorials and templates to conduct their own phishing campaigns.

### Spoofing:

Just like there is for phishing, there are resources on spoofing techniques. They include everything from how to create, compromise or find a SMTP server from which to send the spoofed emails, to how to prevent emails from ending up in spam folders or the hosting IP from ending up on blacklists.

### Cloning websites:

For aspiring phishers, a website cloning or mirroring service known as XDAN CopySite makes it easy. All you need to do is enter the domain of the website they want to clone, and within seconds they have a static version of the site, enough to be convincing at first glance.

When someone tells you to try phishing for a hobby, go out and get yourself a rod and reel.

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  Phishing 11m  AI-Generated Phishing Has Eliminated the Typo: Why Traditional Email Filters Are No Longer Enough  Apr 28, 2026 ](/blog/ai-generated-phishing-eliminates-typos-making-traditional-email-filters-ineffective/)[  Phishing 5m  10 Applications of ChatGPT that Hackers Are Already Exploiting  May 3, 2023 ](/blog/phishing-protection/10-applications-of-chatgpt-that-hackers-are-already-exploiting/)[  Phishing 4m  65% of Global Businesses Ill-Equipped to Defend Against Email-Based Cyber-Attacks  Mar 29, 2016 ](/blog/phishing-protection/65-global-businesses-ill-equipped-defend-email-based-cyber-attacks/)[  Phishing 9m  7 Ways to Protect Your Organization from Email-based Ransomware Attacks  Feb 11, 2018 ](/blog/phishing-protection/7-ways-protect-organization-email-based-ransomware-attacks/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Phishing in the News","description":"If You Think Phishing Is Only Your Employer’s Problem Think Again If you work for a company, you probably think about phishing attacks in a distant sort of way.","url":"https://www.duocircle.com/blog/phishing-protection/phishing-in-the-news/","datePublished":"2019-02-26T15:43:12.000Z","dateModified":"2025-06-16T14:21:10.000Z","dateCreated":"2019-02-26T15:43:12.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/phishing-protection/phishing-in-the-news/"},"articleSection":"phishing-protection","keywords":"","wordCount":644,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2019/02/SPF-record-checker-7658.jpg","caption":"Phishing","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"Phishing"},{"@type":"ListItem","position":3,"name":"Phishing in the News","item":"https://www.duocircle.com/blog/phishing-protection/phishing-in-the-news/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"Phishing","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"Phishing in the News","item":"https://www.duocircle.com/blog/phishing-protection/phishing-in-the-news/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Phishing in the News","description":"If You Think Phishing Is Only Your Employer’s Problem Think Again If you work for a company, you probably think about phishing attacks in a distant sort of way.","url":"https://www.duocircle.com/blog/phishing-protection/phishing-in-the-news/","datePublished":"2019-02-26T15:43:12.000Z","dateModified":"2025-06-16T14:21:10.000Z","dateCreated":"2019-02-26T15:43:12.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/phishing-protection/phishing-in-the-news/"},"articleSection":"phishing-protection","keywords":"","wordCount":644,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2019/02/SPF-record-checker-7658.jpg","caption":"Phishing","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```