Book a demo
login

Our Blogs

blogshero

I’ve spent my career teaching people how to avoid phishing. I’ve written books and articles on the subject. I’ve stood on stages across the world explaining how these scams work. I even had the privilege of speaking alongside cybersecurity legend Kevin Mitnick.
If anyone should be immune to phishing, you’d think it would be me. But that one day, many years ago, I clicked.

The Email That Hooked Me

It happened right after I had published an article on vigilance in email security. The very next day, an email showed up in my inbox that looked like it came from my then, CEO. It thanked me for my contributions but said the company was “making adjustments” that would result in a reduction in my pay. Attached was a spreadsheet with “the new numbers.”

In that moment, years of experience didn’t matter. The message hit me in the gut, my livelihood. I clicked the link before I even thought about red flags.

Luckily, it was a fake phishing test, not a real attack. But that click changed how I think about training forever.

What I Realized About Traditional Security Training

If I, a person who teaches this stuff, can get emotionally hooked, anyone can. And that’s the problem with the way most companies approach security awareness.

Phishing simulations are often designed as “gotcha” moments. If you click, you’re forced into training. If you don’t, you’re left alone. That means only the unlucky ones learn something. Everyone else learns nothing, or worse, they start seeing every email as a threat, replacing confidence with fear.

A Better Way: The Security Dojo

That experience inspired me to think differently. In martial arts, you don’t wait for a real fight to learn your moves. You train in the dojo, a safe space to make mistakes, build skills, and gain confidence.

That’s what we built with ClipTraining’s Security Dojo: a place for consistent, positive, real-world training where everyone participates, not just those who click. Every simulation becomes practice. Every mistake becomes progress.

Why It Matters

Phishing isn’t about catching “the careless ones.” It’s about recognizing that everyone is vulnerable under the right circumstances. That day taught me humility, and it’s the foundation of how we built ClipShield, a security awareness program rooted in empathy, consistency, and growth.

Because I didn’t almost fall for phishing. I did.
And that’s exactly why smarter, safer, and stronger training matters.

Find out more about ClipShield.

Scroll to Top