TrustedTech Presents The Microsoft Playbook - Modern Phishing

In this episode of The Microsoft Playbook, we delve into the latest and most creative phishing threats.

Joined by Andy Nolan, Director of Strategic Programs at TrustedTech, we unpack real-world phishing scenarios that go far beyond the classic “reset your password” email. From deceptive look-alike domains like rnicrosoft.com, to malicious PDFs to physical attacks involving infected USB drives, this conversation highlights how a single click or plug-in can lead to catastrophic security breaches.

You’ll hear firsthand stories from Andy’s 15+ years in IT and security, including:

• How a simple phishing email led to a massive data exposure in the adult entertainment industry
• How nation-state attacks leveraged human curiosity with physical media
• Why Microsoft Defender’s layered protections are critical in stopping these threats before they escalate

We also cover how Microsoft Defender works behind the scenes, URL detonation, sandboxing, domain reputation checks, USB controls, anomaly detection, and how TrustedTech’s Cloud Security Envisioning Workshop helps organizations identify gaps and strengthen their security posture before attackers do.

Whether you’re an IT leader, security professional, or simply want to understand modern phishing, this episode equips you with the knowledge to recognize real-world threats, protect your organization, and apply expert-backed strategies for improved security.

 

Chapter List

00:13 – Welcome to the Microsoft Playbook: Modern phishing overview

01:05 – How phishing has evolved (AI, deepfakes, and tailored attacks)

01:26 – Real-world phishing breach in the adult entertainment industry

02:46 – Why “low-privilege” users still pose high risk

03:54 – The cascading impact of a single phishing email

05:02 – Full network compromise: what went wrong

05:39 – How Microsoft Defender could have prevented the breach

07:04 – Physical phishing: infected USB drives and human curiosity

08:09 – Nation-state attacks and the Iran centrifuge example

09:22 – Defender protections: USB control, behavior monitoring, anomaly detection

10:54 – Look-alike domains and the rn vs m phishing technique

13:01 – Domain reputation, URL verification, and Defender URL Defense

15:51 – How TrustedTech helps secure environments with Microsoft Defender

17:01 – Closing thoughts and final takeaways

 

#phishing #cybersecurity #phishingawareness #microsoftdefender #cloudsecurity #zerotrust #securityoperations #threatdetection #trustedtech #informationsecurity