Matei

Background I am a cybersecurity professional, a business owner and a hacker at heart. I started my career in cybersecurity in 2020, but I was interested in cybersecurity and involved in the cyber community long before. I’ve had several Penetration Testing, Red Teaming and Application Security roles in the past at a senior level, so I could say that I am fairly experienced. In 2023 I passed the OSCP on my second attempt. Since then, I’ve had several talks at conferences, including DEF CON 33...

In this article we are exploring HTML smuggling (aka drive-by download) to show the impact of phishing attacks.

Recently, we ran several cybersecurity awareness initiatives and phishing simulations. Throughout these projects, we interacted with stakeholders across a wide range of technical backgrounds. A recurring question we encountered was: "What actually happens after someone clicks a malicious link?"—often followed by variations like "What if I click but don’t enter any information?" or "What if I enter fake data?" To proactively address these questions, we decided to launch this series.