13 Phishing attacks blocked in minutes, here’s how we did it.
Posted on September 19, 2025 by Louise Howland
Last week, our cybersecurity team intercepted 13 phishing-related breaches in real-time, locking down compromised accounts within minutes and protecting our clients from serious damage.
What happened?
We saw a sharp rise in phishing attacks targeting our clients. These came in two main forms. In some cases, individuals received targeted phishing emails crafted to trick them into entering their login credentials. In others, a known third-party contact had been compromised, and malicious documents were automatically sent to their Outlook address book.
This second method is particularly dangerous. When an email appears to come from someone familiar, recipients are far less likely to question it, even if the timing or content seems slightly off. These messages are also more likely to bypass spam filters, increasing the risk of a successful breach.
We also believe timing played a role. With many people recently returning from holiday, vigilance tends to drop. Cybercriminals are highly attuned to behavioural patterns and often strike when defences are naturally lower.
How we responded
Because these organisations were protected by our secure+ service, we were able to act immediately. As soon as the breaches were detected, each compromised account was locked out within minutes. This rapid response prevented attackers from escalating their access or causing wider damage.
Without secure+, it’s likely these attackers could have remained undetected inside our clients’ systems for days or even weeks. During that time, they could have exfiltrated sensitive data, installed malware, or used their access to spread the attack across the organisation.
What is secure+?
secure+ is ramsac’s fully managed cybersecurity solution. It offers round-the-clock monitoring, rapid breach detection, and immediate response. The service combines advanced threat protection with expert human oversight, ensuring that if a threat is detected, it is identified and contained within minutes, before it can cause lasting harm.
Lessons to learn
This recent wave of phishing activity highlights the critical importance of a multi-layered security approach. Educating staff through regular security awareness training helps ensure that people can recognise and respond to suspicious emails with confidence. Adopting a zero-trust mindset, where even emails from known senders are approached with caution, is essential. And perhaps most importantly, having real-time monitoring in place allows organisations to detect and respond to threats before they escalate.
Phishing attacks are growing more sophisticated every day. No business is immune, but those that prepare well, train their teams, and invest in continuous protection are far more likely to avoid serious disruption.
Do you need help?
If you’d like to understand how secure+ could strengthen your organisation’s cybersecurity posture, we’re here to help. Contact us to book a free consultation or request a demo today.
Brochure: secure+ from ramsac
secure+ is a proactive cybersecurity monitoring service designed to hunt for signs of malicious activity or potential cyberbreach, ramsac then takes action to prevent damage from being done.
