{"id":13873,"date":"2026-03-02T15:29:26","date_gmt":"2026-03-02T09:59:26","guid":{"rendered":"https:\/\/threatcop.com\/blog\/?p=13873"},"modified":"2026-03-02T16:15:08","modified_gmt":"2026-03-02T10:45:08","slug":"fake-cc-spear-phishing","status":"publish","type":"post","link":"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/","title":{"rendered":"Why Fake CC Emails Are the Most Dangerous Form of Spear Phishing"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">A single fake CC line may be the difference between suspicion and successful breach.&nbsp;<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">It all begins with the email that looks completely ordinary.&nbsp;<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">The sender appears to be bona fide. The tone seems appropriate, plus there\u2019s a person you have heard of, even in the CC line: maybe it is your boss, the head of a department, or a person from the finance team.<\/span><\/p><div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 ez-toc-wrap-center counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #414141;color:#414141\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #414141;color:#414141\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/#Spear_Phishing_Where_Psychology_Trumps_Technology\" >Spear Phishing: Where Psychology Trumps Technology&nbsp;<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/#The_Fake_CC_Trick_Abuse_Trust_with_One_Small_Detail\" >The Fake CC Trick: Abuse Trust with One Small Detail<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/#Human_Risk_Exposed_Why_Do_People_Stop_Paying_Attention\" >Human Risk Exposed: Why Do People Stop Paying Attention?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/#How_TSAT_Replicates_Fake_CC\" >How TSAT Replicates Fake CC<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/#Best_Practices_Effectively_Executing_Fake_CC_Simulations\" >Best Practices: Effectively Executing Fake CC Simulations<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/#Conclusion\" >Conclusion<\/a><\/li><\/ul><\/nav><\/div>\n\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">This one detail lowers your defenses. You stop interpreting the message and start assuming it is a legitimate communication.&nbsp;<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">That\u2019s how spear phishing works and precisely why Fake CC simulations in <a href=\"https:\/\/threatcop.com\/threatcop-security-awareness-training\">TSAT <\/a>( Threatcop Security Awareness Training) are such a potent way to surface latent human vulnerabilities.\u00a0<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Spear_Phishing_Where_Psychology_Trumps_Technology\"><\/span><span style=\"color: #000000;\"><b>Spear Phishing: Where Psychology Trumps Technology&nbsp;<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Spear phishing is not about volume; spear phishing is about accuracy. Traditional phishing methods cast a wide net; spear phishing targets specific people with tailored manipulation.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">The attackers research the targets. They imitate internal communication patterns. They include a reference to real projects, colleagues, or recent events.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">When the email appears to come from your boss or at minimum includes him in CC, your cranial process immediately flags it as presumed safe communication.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">According to Verizon\u2019s 2024 Data Breach Investigations Report, targeted <a href=\"https:\/\/threatcop.com\/blog\/types-and-techniques-of-phishing-attacks\/\">phishing attempts<\/a>, spear phishing, and <a href=\"https:\/\/threatcop.com\/blog\/business-email-compromise\/\">business email compromise<\/a> (BEC) all remain among the leading causes of enterprise breaches.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">The issue isn\u2019t technology; it is human psychology.<\/span><\/p>\n\n\n\n<!DOCTYPE html>\n<html lang=\"en\">\n\n<head>\n    <meta charset=\"UTF-8\">\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n    <title>Document<\/title>\n<\/head>\n\n<style>\n    .interestedBtn {\n        width: 70% !important;\n        box-sizing: border-box !important;\n        display: inline-block !important;\n        padding: 11px !important;\n        border: 1px !important;\n        border-color: #ddd !important;\n        margin-top: 10px !important;\n        background-color: #fff !important;\n        background-image: none !important;\n        text-shadow: none !important;\n        color: #000 !important;\n        font-size: 14px !important;\n        line-height: 20px !important;\n        border-radius: 5px !important;\n        margin: 0 !important;\n        cursor: pointer !important;\n    }\n\n\n.formSec .formSecTwo{\n    padding-top: 30px !important;\n}\n\n\n    .tnp-email {\n         width: 70% !important;\n    box-sizing: border-box;\n    padding: 8px 10px;\n    display: inline-block;\n    border: 1px solid #ddd;\n     background: #183e8b;\n    color: #fff !important;\n    font-size: 13px;\n    line-height: 20px;\n    border-radius: 2px;\n    padding-right: 30px;\n    margin-bottom: 0px;\n\n    }\n\n    .formSec {\n        float: left !important;\n        width: 55% !important;\n    }\n\n    .mainBox {\n            background: #183e8b;\n        max-width: 600px !important;\n        margin: 0 auto !important;\n        padding: 20px !important;\n        font-family: Arial, Helvetica, sans-serif !important;\n    }\n\n    .boxDiv {\n        display: flex !important;\n    }\n\n    .boxConsult {\n        float: left !important;\n        width: 45% !important;\n    }\n\n    .formSecTwo {\n        text-align: right !important;\n        width: 100% !important;\n    }\n\n    .formHeading {\n        font-family: Arial, Helvetica, sans-serif;\n        margin-top: 0px;\n        font-weight: 700;\n        line-height: 25px;\n        font-size: 18px !important;\n        margin-bottom: 70px;\n       margin-bottom: 70px !important;\n       color: white !important;\n          margin-top: 0px !important;\n    }\n\n    .fieldHeading {\n        margin: 0 !important;\n        font-size: 13px !important;\n        text-align: left !important;\n        margin: 0px 39px 2px 93px !important;\n        font-weight: 500 !important;\n    }\n\n    .image {\n        max-width: 100% !important;\n        height: auto !important;\n    }\n\n     .email-icon {\n            position: absolute;\n            right: 10px;\n            top:18px;\n            transform: translateY(-50%);\n            pointer-events: none; \/* Make sure the icon doesn't block clicking on the input *\/\n        }\n\n          .email-container{\n             position: relative;\n         \n        }\n       \n\n        .email-icon img{\n                 width: 15px;\n        }\n\n\n         input::placeholder {\n            color:white;\n        }\n\n    @media screen and (max-width: 480px) {\n        .boxDiv {\n            display: block !important;\n            padding: 15px !important;\n         \n        }\n\n        .image{\n            width: 60% !important;\n        }\n        .fieldHeading {\n            text-align: left !important;\n            margin: unset !important;\n        }\n\n        .boxConsult {\n            width: unset !important;\n            float: none !important;\n        }\n\n        .mainBox {\n            border: unset !important;\n        }\n\n        .formSec {\n            float: unset !important;\n            width: 100% !important;\n        }\n\n        .formSecTwo {\n            text-align: center !important;\n        }\n\n        .tnp-email {\n            width: 100% !important;\n        }\n\n        .formHeading {\n            margin-bottom: unset !important;\n        }\n\n         .email-icon {\n            position: absolute;\n            right: 10px;\n            top: 50%;\n            transform: translateY(-50%);\n            pointer-events: none; \/* Make sure the icon doesn't block clicking on the input *\/\n        }\n       \n        .email-container{\n             position: relative;\n        }\n\n    }\n<\/style>\n\n<body>\n\n    <div class=\"mainBox\" box-sizing:=\"\" border-box;=\"\">\n\n        <div class=\"boxDiv\">\n\n            <div class=\"boxConsult\">\n                <div>\n                    <h3 class=\"formHeading\" style=\"margin-top: 0;\">\n                        Book a Free Demo Call with Our People Security Expert<\/h3>\n                <\/div>\n                <img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/vector.svg\" class=\"image\">\n            <\/div>\n\n            <div class=\"formSec\">\n                <div class=\" formSecTwo\">\n                    <div class=\"tnp tnp-subscription-minimal\">\n                        <form action=\"https:\/\/threatcop.com\/thankyou-blog\" method=\"get\" target=\"_blank\">\n                            <div class=\"email-container\" style=\"margin-bottom: 15px;\">\n\n                                <input class=\"tnp-email\" type=\"text\" required=\"\" name=\"FullName\" value=\"\"\n                                    placeholder=\"Full Name\">\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/icon1.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n\n                            <div class=\"email-container\" style=\"margin-bottom: 15px;\">\n                               \n                                <input class=\"tnp-email\" type=\"email\" required=\"\" name=\"email\" value=\"\"\n                                    placeholder=\"Corporate Email Id\">\n                                     <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/icon2.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n\n                            <div class=\"email-container\" style=\"margin-bottom: 15px;\">\n                               \n                                <input class=\"tnp-email\" type=\"text\" required=\"\" name=\"CompanyName\" value=\"\"\n                                    placeholder=\"Company Name\">\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/icon3.svg\" class=\"img-fluid\" \/><\/span>\n\n                            <\/div>\n\n                            <div class=\"email-container\">\n                               \n                                <input class=\"tnp-email\" type=\"number\" required=\"\" name=\"Phone\" value=\"\"\n                                    placeholder=\"Phone No.\"><br>\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/icon4.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n                            <input type=\"hidden\" name=\"BlogForm\" value=\"BlogForm\"><br>\n                            <input class=\"tnp-submit interestedBtn\" name=\"submit\" type=\"submit\"\n                                value=\"SUBMIT\">\n\n                        <\/form>\n                    <\/div>\n                <\/div>\n            <\/div>\n\n        <\/div>\n    <\/div>\n\n<\/body>\n\n<\/html>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"The_Fake_CC_Trick_Abuse_Trust_with_One_Small_Detail\"><\/span><span style=\"color: #000000;\"><b>The Fake CC Trick: Abuse Trust with One Small Detail<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">At first glance, the fake CC strategy seems benign, a normal email with one or two names you\u2019re used to see. But that small detail can completely change the emotional context of the message.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">It takes advantage of something called the CC credibility multiplier. When someone sees a colleague, supervisor, or leadership copied in the CC, they subconsciously disengage.&nbsp; The recipient stops analyzing and begins responding.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Here\u2019s why it works so well:<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><strong>1. Authority Bias<\/strong><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">When a senior leader or manager is CC\u2019d in the email, employees unconsciously make the leap that the email is real, saying to themselves, \u201cIf my boss is copied, it\u2019s valid.\u201d<\/span><\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><strong>2. Social Proof<\/strong><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">When employees see their colleague copied, they assume it\u2019s a safe, validated email because there is more than one person on the email.<\/span><\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><strong>3. Pressure<span style=\"font-weight: 400;\"> <\/span><\/strong><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">The CC in the email creates visibility and pressure to respond. Employees are more likely to respond by thinking it is best to respond quickly so they don&#8217;t seem slow or inattentive.<\/span><\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><strong>4. <span style=\"color: #000000;\">Context Anchoring<\/span><\/strong><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\"> The mind locks focus on who is not CC\u2019d without realizing there may be red flags within the contents of the email.<\/span><\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Human_Risk_Exposed_Why_Do_People_Stop_Paying_Attention\"><\/span><span style=\"color: #000000;\"><b>Human Risk Exposed: Why Do People Stop Paying Attention?<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Most employee awareness programs suggest looking at the email address or hovering over the email links. But within the context of credential phishing attacks, context trumps caution.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Employees who typically check a random email will let their guard down when an email appears to be internal or endorsed.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">In conducted <a href=\"https:\/\/threatcop.com\/phishing-awareness-and-simulation\">phishing simulations<\/a> across industries, analysts have witnessed consistently greater click-through and reply rates when employees believe the email to be from within the company or CC&#8217;d colleagues. An example of fake CC spear phishing demonstrates the following findings:<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><b>Trust bias:<\/b><span style=\"font-weight: 400;\"> Employees trust what feels internal.&nbsp;<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><b>Hierarchy effect:<\/b><span style=\"font-weight: 400;\"> Employee reaction is faster when &#8220;someone senior&#8221; is involved.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><b>Diffusion of responsibility:<\/b><span style=\"font-weight: 400;\"> Employees assume &#8220;someone else will follow up.&#8221;&nbsp;<\/span><\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_TSAT_Replicates_Fake_CC\"><\/span><span style=\"color: #000000;\"><b>How TSAT Replicates Fake CC<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">TSAT takes this real-world attack method and turns it into an easy learning experience. Here is how it happens in practice:<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><b>Realistic set-up<\/b><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">TSAT adds believable &#8220;fake&#8221; CC&#8217;d email recipient(s) that seem like managers, HR employees, or departments, into an existing simulated spear phishing template.<\/span><\/span><\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><span style=\"color: #000000;\"><b>AI-powered Realism<\/b><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Aspects of the email tone, phrasing, and timing are AI-generated to mimic genuine communication patterns.<\/span><\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><b>Behavior Tracking<\/b><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">The simulation tracks how employees reacted once they received the simulated spear phishing email (clicked, replied, reported, ignored).<\/span><\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><b>Risk Scoring<\/b><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">The simulation updates the <a href=\"https:\/\/threatcop.com\/blog\/employee-risk\/\">Employee Vulnerability Score<\/a> (EVS) of each employee, allowing TSAT to identify high-risk employees and departments.<\/span><\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><b>Benchmarking<\/b><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Reports can benchmark engagement and reporting rates across departments, regions, or times.<\/span><\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Best_Practices_Effectively_Executing_Fake_CC_Simulations\"><\/span><span style=\"color: #000000;\"><b>Best Practices: Effectively Executing Fake CC Simulations<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Fake CC simulations can be valuable, but should be approached cautiously. The intention of the simulation is not essentially to &#8220;catch&#8221; employees but to train them.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Here are ways to make it effective:<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><strong>Target High Risk Roles<\/strong><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Target the functions or teams that are typically targeted in real-life phishing:<\/span><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"color: #000000;\"><b>Finance &amp; HR:<\/b><span style=\"font-weight: 400;\"> They handle payments, payroll, and private data.<\/span><\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\"><b>Executives:<\/b><span style=\"font-weight: 400;\"> Their names are recognizable and are easy to spoof in emails because attackers usually spoof people of authority.<\/span><\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\"><b>Procurement &amp; Admin:<\/b><span style=\"font-weight: 400;\"> They are involved with vendors&#8217; invoices and approvals.<\/span><\/span><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><strong>Debrief: A Learning Opportunity<\/strong><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">After each simulation, conduct short debrief sessions of about 10 minutes. Present the employee with the fake email that was used in the simulation, discuss the fake CC technique used in the email, and ways the technique manipulated.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Encourage the employee to understand the ways that the email appeared to be real. Reinforce that the purpose of awareness is not perfection, recognize the potentially fraudulent activity and a solid response. Be mindful that fear kills honest conversations, while empathy nourishes awareness, education, and further vigilance.<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span style=\"color: #000000;\"><b>Reinforce Learning Through TLMS<\/b><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Finally, to reinforce the basics of each simulation, follow up every simulation with actionable education using <a href=\"https:\/\/threatcop.com\/threatcop-learning-management-system\">TLMS<\/a> (Threatcop Learning Management System):<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">For example:<\/span><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400; color: #000000;\">Employees who clicked can be assigned a quick 5-minute micro-course on &#8220;Recognizing internal spoofing.&#8221;<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Employees who reported the email can receive positive reinforcement badges or certificates.<\/span><\/li>\n<\/ul>\n\n\n\n\n<style>\n  .threatcop-banner {\n    background-color: #02022e;\n    border: 2px solid #00bf63;\n    border-radius: 12px;\n    padding: 12px 24px;\n    display: flex;\n    justify-content: space-between;\n    align-items: center;\n    max-width: 1100px;\n    margin: 20px auto;\n    color: #ffffff;\n    font-family: Arial, sans-serif;\n  }\n\n  .threatcop-banner-text {\n    font-size: 18px;\n    font-weight: 500;\n  }\n\n  .threatcop-banner-button {\n    background-color: #00bf63;\n    color: #ffffff;\n    padding: 8px 20px;\n    border-radius: 8px;\n    text-decoration: none;\n    font-weight: 500;\n    white-space: nowrap;\n    transition: 0.2s ease;\n    font-size: 15px;\n  }\n\n  .threatcop-banner-button:hover {\n    opacity: 0.9;\n  }\n\n  @media (max-width: 768px) {\n    .threatcop-banner {\n      flex-direction: column;\n      text-align: center;\n      gap: 10px;\n    }\n  }\n<\/style>\n\n<div class=\"threatcop-banner\">\n  <div class=\"threatcop-banner-text\">\n    Discuss Your Organization\u2019s Human Risk Challenges\n  <\/div>\n  <a href=\"https:\/\/threatcop.com\/contact-us?utm_source=thrm_summerized_blog\" class=\"threatcop-banner-button\">\n    Book a Meeting\n  <\/a>\n<\/div>\n\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Conclusion\"><\/span><span style=\"color: #000000;\"><b>Conclusion<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Fake CC Simulations are insignificant details that have significant power to teach.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">They demonstrate how trusting the very thing that supports the organization to work can be manipulated.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">When employees are taught to stop, question, and verify even the most reasonable emails, you have a true Human Firewall. It is rarely the large attacks that cause the organization trouble; it is the details that everyone looks past.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Train against the subtle tricks that actual attackers are using, and explore TSAT\u2019s Fake CC spear phishing simulations.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A single fake CC line may be the difference between suspicion and successful breach.&nbsp; It all begins with the email that looks completely ordinary.&nbsp; The sender appears to be bona fide. The tone seems appropriate, plus there\u2019s a person you have heard of, even in the CC line: maybe it is your boss, the head [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":13874,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[45],"tags":[],"class_list":["post-13873","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-email-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Fake CC Spear Phishing: How Internal Emails Trick Users<\/title>\n<meta name=\"description\" content=\"Attackers copy managers and colleagues to lower suspicion. Discover how Fake CC phishing simulations train employees against real BEC attacks.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Fake CC Spear Phishing: How Internal Emails Trick Users\" \/>\n<meta property=\"og:description\" content=\"Attackers copy managers and colleagues to lower suspicion. Discover how Fake CC phishing simulations train employees against real BEC attacks.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/\" \/>\n<meta property=\"og:site_name\" content=\"Threatcop\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/\" \/>\n<meta property=\"article:published_time\" content=\"2026-03-02T09:59:26+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-02T10:45:08+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/03\/Why-Fake-CC-Emails-Are-the-Most-Dangerous-Form-of-Spear-Phishing.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1080\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Threatcop\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatcop\" \/>\n<meta name=\"twitter:site\" content=\"@threatcop\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Threatcop\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/fake-cc-spear-phishing\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/fake-cc-spear-phishing\\\/\"},\"author\":{\"name\":\"Threatcop\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/e4db27ffd37219d73fc6b40cc9d45cfa\"},\"headline\":\"Why Fake CC Emails Are the Most Dangerous Form of Spear Phishing\",\"datePublished\":\"2026-03-02T09:59:26+00:00\",\"dateModified\":\"2026-03-02T10:45:08+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/fake-cc-spear-phishing\\\/\"},\"wordCount\":1042,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/fake-cc-spear-phishing\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/Why-Fake-CC-Emails-Are-the-Most-Dangerous-Form-of-Spear-Phishing.jpg\",\"articleSection\":[\"Email Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/fake-cc-spear-phishing\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/fake-cc-spear-phishing\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/fake-cc-spear-phishing\\\/\",\"name\":\"Fake CC Spear Phishing: How Internal Emails Trick Users\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/fake-cc-spear-phishing\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/fake-cc-spear-phishing\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/Why-Fake-CC-Emails-Are-the-Most-Dangerous-Form-of-Spear-Phishing.jpg\",\"datePublished\":\"2026-03-02T09:59:26+00:00\",\"dateModified\":\"2026-03-02T10:45:08+00:00\",\"description\":\"Attackers copy managers and colleagues to lower suspicion. Discover how Fake CC phishing simulations train employees against real BEC attacks.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/fake-cc-spear-phishing\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/fake-cc-spear-phishing\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/fake-cc-spear-phishing\\\/#primaryimage\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/Why-Fake-CC-Emails-Are-the-Most-Dangerous-Form-of-Spear-Phishing.jpg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/Why-Fake-CC-Emails-Are-the-Most-Dangerous-Form-of-Spear-Phishing.jpg\",\"width\":1920,\"height\":1080,\"caption\":\"Why Fake CC Emails Are the Most Dangerous Form of Spear Phishing\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/fake-cc-spear-phishing\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Why Fake CC Emails Are the Most Dangerous Form of Spear Phishing\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"name\":\"Threatcop\",\"description\":\"Cybersecurity Blogs, News, Updates, and Articles\",\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\",\"name\":\"Threatcop\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/threatcop-logo-black-1.png\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/threatcop-logo-black-1.png\",\"width\":432,\"height\":102,\"caption\":\"Threatcop\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/people\\\/Threatcop\\\/100083109892339\\\/\",\"https:\\\/\\\/x.com\\\/threatcop\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/threatcop\\\/\",\"https:\\\/\\\/www.instagram.com\\\/threatcop_official\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/e4db27ffd37219d73fc6b40cc9d45cfa\",\"name\":\"Threatcop\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_1_1696398433.jpeg\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_1_1696398433.jpeg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_1_1696398433.jpeg\",\"caption\":\"Threatcop\"},\"sameAs\":[\"https:\\\/\\\/threatcop.com\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Fake CC Spear Phishing: How Internal Emails Trick Users","description":"Attackers copy managers and colleagues to lower suspicion. Discover how Fake CC phishing simulations train employees against real BEC attacks.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/","og_locale":"en_US","og_type":"article","og_title":"Fake CC Spear Phishing: How Internal Emails Trick Users","og_description":"Attackers copy managers and colleagues to lower suspicion. Discover how Fake CC phishing simulations train employees against real BEC attacks.","og_url":"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/","og_site_name":"Threatcop","article_publisher":"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","article_published_time":"2026-03-02T09:59:26+00:00","article_modified_time":"2026-03-02T10:45:08+00:00","og_image":[{"width":1920,"height":1080,"url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/03\/Why-Fake-CC-Emails-Are-the-Most-Dangerous-Form-of-Spear-Phishing.jpg","type":"image\/jpeg"}],"author":"Threatcop","twitter_card":"summary_large_image","twitter_creator":"@threatcop","twitter_site":"@threatcop","twitter_misc":{"Written by":"Threatcop","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/#article","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/"},"author":{"name":"Threatcop","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/e4db27ffd37219d73fc6b40cc9d45cfa"},"headline":"Why Fake CC Emails Are the Most Dangerous Form of Spear Phishing","datePublished":"2026-03-02T09:59:26+00:00","dateModified":"2026-03-02T10:45:08+00:00","mainEntityOfPage":{"@id":"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/"},"wordCount":1042,"commentCount":0,"publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"image":{"@id":"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/03\/Why-Fake-CC-Emails-Are-the-Most-Dangerous-Form-of-Spear-Phishing.jpg","articleSection":["Email Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/","url":"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/","name":"Fake CC Spear Phishing: How Internal Emails Trick Users","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/#primaryimage"},"image":{"@id":"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/03\/Why-Fake-CC-Emails-Are-the-Most-Dangerous-Form-of-Spear-Phishing.jpg","datePublished":"2026-03-02T09:59:26+00:00","dateModified":"2026-03-02T10:45:08+00:00","description":"Attackers copy managers and colleagues to lower suspicion. Discover how Fake CC phishing simulations train employees against real BEC attacks.","breadcrumb":{"@id":"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/#primaryimage","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/03\/Why-Fake-CC-Emails-Are-the-Most-Dangerous-Form-of-Spear-Phishing.jpg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/03\/Why-Fake-CC-Emails-Are-the-Most-Dangerous-Form-of-Spear-Phishing.jpg","width":1920,"height":1080,"caption":"Why Fake CC Emails Are the Most Dangerous Form of Spear Phishing"},{"@type":"BreadcrumbList","@id":"https:\/\/threatcop.com\/blog\/fake-cc-spear-phishing\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/threatcop.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Why Fake CC Emails Are the Most Dangerous Form of Spear Phishing"}]},{"@type":"WebSite","@id":"https:\/\/threatcop.com\/blog\/#website","url":"https:\/\/threatcop.com\/blog\/","name":"Threatcop","description":"Cybersecurity Blogs, News, Updates, and Articles","publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/threatcop.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/threatcop.com\/blog\/#organization","name":"Threatcop","url":"https:\/\/threatcop.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/06\/threatcop-logo-black-1.png","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/06\/threatcop-logo-black-1.png","width":432,"height":102,"caption":"Threatcop"},"image":{"@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","https:\/\/x.com\/threatcop","https:\/\/www.linkedin.com\/company\/threatcop\/","https:\/\/www.instagram.com\/threatcop_official\/"]},{"@type":"Person","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/e4db27ffd37219d73fc6b40cc9d45cfa","name":"Threatcop","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_1_1696398433.jpeg","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_1_1696398433.jpeg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_1_1696398433.jpeg","caption":"Threatcop"},"sameAs":["https:\/\/threatcop.com"]}]}},"_links":{"self":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/13873","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/comments?post=13873"}],"version-history":[{"count":2,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/13873\/revisions"}],"predecessor-version":[{"id":13877,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/13873\/revisions\/13877"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media\/13874"}],"wp:attachment":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media?parent=13873"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/categories?post=13873"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/tags?post=13873"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}