This episode is a personal and confronting reflection on how quickly even a cyberaware professional can lose control of a long-standing Gmail account. What began as a seemingly legitimate brand collaboration unfolded into a carefully orchestrated phishing attack that removed all security measures within seconds. The experience highlights how modern cybercrime blends patience, credibility signals, automation and psychological triggers to bypass even cautious users.
- The phishing grooming process and credibility signals used
• The red flags hidden in plain sight
• What happened in the 60-second account takeover
 • The recovery journey and escalation through professional networks
 • Three essential security measures: 2FA, passkeys and backup codes
This story is not about fear. It is about awareness, practical action and understanding how sophisticated attacks have become. The lesson is simple: five minutes of security setup can prevent four days of stress.
Apps & Tools Mentioned:
1Password, LastPass Authenticator, Coursera, Impact, Google, Gmail, Revolut, Claude, ChatGPT, LinkedIn, Twitter, TeamYouTube
Episode resources and links:
Alex falcon Huerta’s story : https://www.linkedin.com/posts/alexfalconhuerta_fraud-alexfalconhuerta-share-7394786345610682370-s-49/
 https://cyberwardens.com.au partners with the Australian Government to deliver free online security courses with verifiable CPD.
Â
If this episode helped you, the best way to support the show is to leave a review somewhere as it helps more people find us. And if you want to continue the conversation, come find me Heather Smith | Accountant and Storyteller on:
Â
LinkedIn: https://www.linkedin.com/in/HeatherSmithAU/
Accounting Apps newsletter: http://accountingapps.io/
Accounting Apps Mastermind: https://www.facebook.com/groups/XeroMasterMind
YouTube Channel: https://www.youtube.com/ANISEConsulting
X: https://twitter.com/HeatherSmithAU