Inside The Mind of A Hacker with RedFlags

Our latest cyber security webinar was not your typical cyber security talk.

In this session, hosted by Secon and sponsored by RedFlags, ethical hacker Glenn Wilkinson walked us through a real cyber-attack—step by step. You’ll see how fast an attacker can gain access to sensitive data, and more importantly, how timely, in-the-moment nudges can completely derail that attack before any damage is done.

RedFlags is a behavioural security tool designed to intervene exactly when users need it most. With simple, contextual prompts—think of them as real-time reminders, it helps people make safer decisions in the moment. No long training courses, no extra noise. Just the right nudge at the right time.

Inside the Mind of a Hacker: A Recap.

Our guest speaker, Glenn Wilkinson, is no stranger to the world of hacking. As the CEO of Agger Labs and a seasoned ethical hacker, Glenn has spent years breaking into organisations (legally) to expose their weaknesses before the criminals can. In this session, he didn’t just explain how attackers operate, he showed us live.

A Step-by-Step Breach, From Inbox to Ransomware.

The first half of the webinar followed the anatomy of a modern attack. Glenn demonstrated how a single phishing email, seemingly from a colleague, can be enough to compromise an entire network.

We saw the attack unfold in real time:

• A user receives a legitimate-looking email
• They click on a Word document with a malicious macro
• That click grants the attacker full access to their device
• Internal files, passwords, and even customer data are quietly extracted
• Finally, ransomware is deployed—and the business is brought to a standstill

It was fast. It was quiet. And it all started with just one click.

Now, Let’s Rewind.

Glenn then ran the exact same attack again, but this time, RedFlags was watching.

Instead of blindly clicking through, the user received short, clear nudges like:

• “Are you sure you recognise this sender?”
• “Double check this link, it may be part of a phishing attempt.”
• “This document is in protected view. Are you confident it’s safe?”

These subtle interventions were enough to shift the user’s behaviour. They paused, thought twice, and ultimately avoided the threat altogether.

This is the real power of RedFlags: it helps people take the right action at the right time, no scaremongering, no overwhelm, just smart, simple support.

What Makes Hackers Tick.

Glenn also gave us a deeper look into the modern hacker’s mindset. Today’s attackers aren’t lone wolves in basements, they’re part of organised, well-funded operations.

He explained how:

• Many hackers lease ransomware kits online in “ransomware-as-a-service” models
• Some buy access to already-compromised systems from Initial Access Brokers
• Social engineering, tricking users, is still the easiest and most common entry point
• Cryptocurrency makes it easier than ever to profit and disappear

And while advanced attacks do exist, most of them don’t start with code, they start with human behaviour.

Not a Fear Story, A Control Story.

This webinar wasn’t about spreading fear. It was about showing how preventable attacks are.

With the right tools, your people can be your strongest line of defence. That’s why Secon believes in behavioural security, and why we’re excited about what RedFlags brings to the table.

Traditional training happens once a year. But real decisions happen every day. RedFlags keeps security front of mind without ever being in the way. If you’d like to learn more, get in touch.