DoorDash Recent Hacks Highlight the Need for Security Awareness Training

Cyberattacks are back in the headlines, with a string of recent hacks underscoring a hard truth: employees remain the weakest link or the strongest defense in organizational security. Even companies with cutting-edge technology have fallen victim to breaches initiated by something as simple as an unwitting click on a phishing email or a cleverly disguised phone call. This has put a spotlight on the critical importance of security awareness training for staff at all levels. IT and security teams in mid-sized and enterprise organizations - and the managed service providers (MSPs) that support them - are recognizing that technical defenses alone aren’t enough. We need to train our people to be a human firewall against these threats.

The scope of the threat is staggering: Recent studies show that 94% of organizations have experienced phishing attack attempts. On an average day, an estimated 3.4 billion phishing emails are sent worldwide. It’s no wonder that Verizon’s annual breach report consistently finds the majority of data breaches involve some human element - as high as 74% in recent years. In other words, most breaches begin with a person being tricked, whether through phishing, social engineering, or simple human error. Against this backdrop, security awareness training has moved from a “nice-to-have” to an absolute necessity for organizations that want to avoid becoming the next headline.

DoorDash Cyberattack Exposes the Human Element

High-profile incidents in the news have driven home how attackers are exploiting the human factor. In late 2025, for example, food delivery giant DoorDash confirmed a data breach after one of its employees fell victim to a social engineering scam - essentially, the employee was tricked by a malicious impostor. Using the credentials and access they gained from that one employee, the hackers infiltrated internal systems and accessed customer data. This wasn’t an isolated case; it was DoorDash’s third breach in six years, and it echoed a pattern seen in many recent hacks.

Earlier cases have been equally instructive. In 2023, the hacker group Scattered Spider famously impersonated a company’s IT help desk to convince employees to reveal their login passwords and two-factor authentication codes. By posing as trusted support staff, these attackers bypassed technical controls simply by exploiting trust - a classic social engineering tactic. The result was a major breach at a Fortune 500 company, proving that even organizations with strong security technology can be undone by a single persuasive con artist targeting an employee.

What’s the common thread in these incidents? It’s not that firewalls or antivirus failed - it’s that human judgment failed. Cybercriminals know this, which is why phishing and impersonation scams have exploded. One report found that social engineering is the top tactic in breaches, holding steady in prevalence over recent years. Attackers use carefully crafted emails, messages, or calls to prey on human psychology - fear, urgency, curiosity, or authority - to get someone inside the company to click a link, open a file, or divulge information. Once that happens, the door is open for hackers to escalate the attack further.

The consequences of these attacks are devastating. Companies hit by phishing-fueled breaches face financial losses from ransomware payoffs or incident response, legal and regulatory penalties if customer data is exposed, disruption of business operations, and loss of customer trust. In DoorDash’s case, the breach led the company to notify law enforcement and hire external cybersecurity experts, not to mention likely costs of customer notifications and security improvements. DoorDash’s response also revealed a silver lining: the company immediately rolled out additional employee training and awareness measures to help prevent similar incidents in the future. In fact, many organizations only invest in thorough training after suffering a breach - a reactionary approach that savvy teams are eager to replace with a proactive one.

Why Security Awareness Training Is Essential

The lesson from these incidents is clear: while technical defenses (firewalls, email filters, endpoint protection, etc.) are vital, people often make the difference between foiling an attack or falling for one. As a PhishingBox analysis of Verizon’s Data Breach Investigations Report put it, “people - not firewalls - are the new frontline in cybersecurity.” The human element remains the dominant factor in breaches. A secure network can still be breached if an employee is tricked into clicking a malicious link or reusing a compromised password, because social engineering exploits human behavior rather than a software vulnerability. In fact, many modern attacks combine technical and human exploits: for example, a phishing email may steal an employee’s credentials, which the attackers then use to log into systems undetected.

Security awareness training directly addresses this risk by educating and testing employees on how to recognize and respond to threats. The goal isn’t to blame users, but to empower them as the last line of defense. Even a cautious, tech-savvy employee can be momentarily fooled by a well-crafted phishing lure - especially as attackers use AI tools to make phishing emails incredibly convincing and personalized. Training helps employees build the habit of skepticism: to double-check that unexpected “urgent” email from the CEO, to think twice before clicking a link or downloading an attachment, and to report anything suspicious.

Crucially, training isn’t a one-and-done exercise. Continuous reinforcement is needed, because the threat landscape evolves and human memory is fallible. Regular phishing simulation tests and ongoing education ensure that security stays top-of-mind for employees. This is borne out by data: one study found that over 33% of untrained employees will fall for a phishing email test, whereas organizations that implement routine training and phishing simulations see that rate drop dramatically over time. In short, trained employees make fewer mistakes, and when they do spot something phishy, they are more likely to report it through proper channels rather than ignore it.

Phishing Simulations: Practice Makes Prepared

One of the most effective ways to bolster security awareness is through phishing simulation campaigns. In a simulation, the security team (or an automated platform) sends out realistic but harmless phishing emails to employees as a test. The idea is to mimic the tactics used by real attackers - perhaps a fake password reset email, a bogus file share notification, or a disguised message from HR - and see who clicks or responds. Employees who take the bait on a simulated phish can then be alerted immediately that it was a test and shown what signs they missed. This immediate feedback turns the mistake into a teachable moment. As the saying goes, “fail safe”: it’s far better for an employee to slip up on a simulation than on a real attack.

Phishing simulations, when combined with follow-up training, create a powerful learning loop. Here’s what an effective security awareness program typically entails:

• Realistic Phishing Tests: Regularly send simulated phishing emails to employees to identify who is susceptible to clicking links or entering credentials under various pretexts. These simulations should cover different attack scenarios - from generic mass-market phish to highly targeted spear-phishing - to keep employees on their toes.
• Just-In-Time Training: When a user fails a phishing test, deliver a targeted training module or tip on the spot. For example, if Alice clicks a fake “invoice” email, she might immediately see a brief training video explaining how to spot fraudulent invoices. This timely correction helps reinforce learning at the moment it’s most needed. Alternatively, the platform can automatically enroll the user in a longer training course to be completed later.
• Comprehensive Course Content: Use a range of security awareness courses - from general cybersecurity best practices to specific topics like phishing, social engineering, password hygiene, and ransomware. PhishingBox, for instance, provides its own expert- developed courses and offers content from third-party providers covering diverse security topics. A rich library of up-to-date courses means you can tailor training to roles (e.g., developers get secure coding training, finance staff get BEC fraud training) and keep content fresh.
• Continuous Reinforcement: Beyond formal courses, supplement with quick security tips and reminders. PhishingBox allows administrators to send out short security tip emails to employees, which are easy-to-digest pointers that help maintain vigilance day- to-day. These might include tips on spotting spoofed sender addresses or reminders about not plugging in unknown USB drives - little things that build a culture of security awareness.
• Tracking and Analytics: A robust reporting dashboard is key to measure your human risk and improvement over time. You should be able to see phishing test results, track who has completed training, and identify trends. For example, maybe your finance department has a higher click rate on phishing tests - that’s a signal to do extra training or more targeted simulations for that group. PhishingBox provides reporting tools to understand your security posture at a glance, so you can pinpoint where to focus next. Over time, you want to see those phishing click rates go down and reporting rates go up - clear indicators that your human firewall is getting stronger.

By regularly testing and educating users in this way, organizations can significantly reduce the likelihood of a real attack slipping through. Employees learn to pause and scrutinize suspicious messages rather than reflexively trust them. And if an attack does get through, employees are more prepared to respond appropriately (for instance, reporting the phishing email to the security team before it can cause damage).

How PhishingBox Equips Organizations for These Threats

Implementing a comprehensive security awareness program might sound daunting, but platforms like PhishingBox make it much more manageable. PhishingBox is a cloud-based phishing simulation and training platform designed to provide all the tools and content needed to prepare your organization for social engineering threats. Here are some of the ways PhishingBox can help strengthen your defenses:

• Easy Phishing Campaigns: The platform includes an intuitive Phishing Simulator that provides an easy-to-use tool for creating simulated phishing campaigns. You don’t have to be a phishing expert - PhishingBox offers templates and a library of common phishing scenarios to choose from. In just a few clicks, you can set up a fake phishing email blast to test your users, schedule it, and track responses. This makes it feasible to run phishing simulations regularly (e.g. monthly or quarterly) as recommended.
• Built-In Training LMS: PhishingBox comes with a built-in Learning Management System (LMS) to host and deliver security training content. Through the LMS, you can assign courses to users, set due dates, and monitor completion - all within the same platform that runs your phishing tests. The training content library is extensive: PhishingBox provides its own courses and also integrates content from various third- party security training providers, covering phishing, social engineering, compliance topics, and more. This means you can deploy comprehensive training without needing a separate LMS or content vendor.
• Automated Training & Alerts: To streamline the process, PhishingBox supports auto- enrollment and real-time alerts. If an employee fails a phishing simulation, the system can automatically assign a relevant training course or module to that person for completion. This ensures nobody falls through the cracks and turns a teachable moment into action. Additionally, security administrators can receive immediate notifications (via webhooks or email) when someone fails a phishing test. This feature is incredibly useful for MSPs or large enterprises monitoring many employees - it lets the security team quickly follow up with high-risk users or adjust email filters if needed.
• Email Threat Reporting Tools: PhishingBox goes beyond simulations; it also helps with real-world threat response. PhishingBox offers an email add-in tool called KillPhish™ that employees can use to scan their emails for threats and easily report suspicious messages to security teams. This is a practical way to reinforce training - when in doubt, users can get a “second opinion” on an email with one click. Alongside KillPhish, the Security Inbox feature serves as a centralized console for IT/security staff to review and mitigate reported emails (essentially, a lightweight phishing incident management system. By integrating these tools, PhishingBox helps organizations not only train users to recognize phishing, but also handle those threats swiftly when users report them.
• Integrations and API: For larger organizations and MSPs, PhishingBox provides integration capabilities to fit into your existing workflows. It can sync with third-party applications (like directory services, email platforms, or IT ticketing systems) to simplify user management and automate tasks. There’s also a robust API, allowing custom integration into your security operations or reporting dashboards if needed. This flexibility ensures that adopting PhishingBox won’t disrupt your current processes - it will enhance them.
• Scalability for MSPs and Enterprises: PhishingBox’s platform was built with partners in mind, meaning it supports multi-client management and even white-label branding. If you are an MSP providing security services to multiple customer organizations, you can manage all your clients’ phishing training programs from a single PhishingBox portal. The platform’s Partner Program allows MSPs (and consultants or resellers) to offer phishing simulation and training as a value-added service to their clients. Each client’s data remains segregated, but you can oversee all campaigns centrally - a huge efficiency boost. This multi-tenant approach, combined with options to white-label the interface with your own branding, means MSPs can strengthen their customers’ human firewalls while also building their own service revenue. It’s a win-win: MSPs protect their client base (and themselves) from attacks, and clients get enterprise-grade training delivered by a trusted partner.

It’s worth noting that MSPs particularly need to focus on security awareness, both internally and for their clients. Why? MSPs are prime targets for cybercriminals precisely because they hold keys to many client networks. A single MSP breach can cascade into dozens of victim organizations. Threat actors know this, and they often use phishing and credential theft to try to compromise MSPs. By utilizing a platform like PhishingBox, MSPs can ensure their own technicians are well-trained to spot phishing attempts and also easily deploy training across all of their client organizations.

Conclusion: Build a Human Firewall Before the Next Attack

The drumbeat of news about cyberattacks isn’t likely to slow down. Cyber criminals will continue to refine their tactics, whether it’s through more sophisticated phishing emails, AI, clever phone scams, or whatever new twist on social engineering emerges next. Technology alone can’t insulate us from these threats. What will make the difference is an alert, educated workforce that can recognize when something isn’t right and take action to stop it. Every employee - from the CEO to the newest hire - has a role to play in keeping the company safe.

Security awareness training, coupled with regular phishing simulations, is the most effective way to nurture that vigilance. It turns cybersecurity from an abstract IT problem into an everyone problem that each person feels equipped to handle. Over time, you can truly transform your organization’s culture, where questioning a strange request or reporting a suspected phish becomes second nature to all. Companies that invest in this proactive approach see tangible results: fewer infections and breaches, faster response to incidents, and a reduction in costly mistakes.

The good news is that setting up such a program is easier than ever with solutions like PhishingBox. PhishingBox empowers organizations to take proactive, data-driven steps to reduce human risk, build a culture of awareness, and stop human-triggered breaches before they start. With the right training and tools in place, your employees can go from being potential targets to becoming your strongest line of defense. The headlines from recent hacks have delivered their warning; now it’s up to each organization to act on it - by hardening the human element of cybersecurity through education, practice, and the support of platforms like PhishingBox. In doing so, you’ll not only protect your own company, but also contribute to a safer digital ecosystem for everyone. Stay safe, stay vigilant, and never stop training - the security of your business may depend on it.