In the 17 years since the Payment Card Industry Data Security Standard (PCI-DSS) was created, the payments business and payments security has undergone huge change.

Winkler, a former intelligence analyst with NSA, a social engineer, systems hacker, and scuba diver and author, told Cybereason Chief Security Officer Sam Curry during a CISO Stories podcast that he is passionate about security and trying to rise the tide.

Hijacked webpages are then sold to the highest bidder or repurposed to market fraudulent or impersonated cryptocurrency services.

People think phishing scams are easy to pull off. Some are, but many are complex and worth the attention of security teams.

Cybercrime groups already leverage social engineering tactics to target insiders, gathering information via social media, who enable access unknowingly. This next step, inviting employees to be in on the attack, would seek out more desperate individuals or those with an axe to grind.