Paul Walsh
@paulwalsh.bsky.social
Most top security firms license my patents for mobile app security. Pioneered zero trust for anti-phishing. Helped to launch @AIM @MetaCert Founder. Co-invented the concept of labeling user accounts on the web at the W3C in 2004. Expert in SMS security.
I just wrote this: "Zero Trust Is Broken at the URL — And That’s Where Most Attacks Begin (Phishing)"
www.linkedin.com/pulse/zero-t...
paul-walsh.medium.com/zero-trust-i...
Lots of people are talking about Zero Trust at #RSAC2025 but not one person has mentioned zero trust for URLs. 🙄
www.linkedin.com/pulse/zero-t...
paul-walsh.medium.com/zero-trust-i...
Lots of people are talking about Zero Trust at #RSAC2025 but not one person has mentioned zero trust for URLs. 🙄
April 29, 2025 at 12:45 PM
I just wrote this: "Zero Trust Is Broken at the URL — And That’s Where Most Attacks Begin (Phishing)"
www.linkedin.com/pulse/zero-t...
paul-walsh.medium.com/zero-trust-i...
Lots of people are talking about Zero Trust at #RSAC2025 but not one person has mentioned zero trust for URLs. 🙄
www.linkedin.com/pulse/zero-t...
paul-walsh.medium.com/zero-trust-i...
Lots of people are talking about Zero Trust at #RSAC2025 but not one person has mentioned zero trust for URLs. 🙄
🎓 Are you brave enough to give it a go? What’s the right answer?
Even the most skilled & experienced security pros fail my tests 99% of the time — so there’s no need to feel afraid or embarrassed. Feel free to share it too — the more awareness, the better
I don’t get much engagement on here so...
Even the most skilled & experienced security pros fail my tests 99% of the time — so there’s no need to feel afraid or embarrassed. Feel free to share it too — the more awareness, the better
I don’t get much engagement on here so...
April 25, 2025 at 12:20 PM
🎓 Are you brave enough to give it a go? What’s the right answer?
Even the most skilled & experienced security pros fail my tests 99% of the time — so there’s no need to feel afraid or embarrassed. Feel free to share it too — the more awareness, the better
I don’t get much engagement on here so...
Even the most skilled & experienced security pros fail my tests 99% of the time — so there’s no need to feel afraid or embarrassed. Feel free to share it too — the more awareness, the better
I don’t get much engagement on here so...
I just received this SMS scam. This one’s from a lazy attacker — strange ID, sloppy text. But don’t let it fool you into thinking they’re all this obvious. Many are highly convincing and look exactly like the real messages you’re expecting — from deliveries to security alerts.
April 23, 2025 at 4:59 PM
I just received this SMS scam. This one’s from a lazy attacker — strange ID, sloppy text. But don’t let it fool you into thinking they’re all this obvious. Many are highly convincing and look exactly like the real messages you’re expecting — from deliveries to security alerts.
SMS phishing isn’t clever — just easy
Criminals test fake messages on their own SIMs
If the link gets through, they send it to you
If it doesn’t, they swap it until it does
This is why traditional security fails
Only trusted link authentication stops smishing before it starts.
Criminals test fake messages on their own SIMs
If the link gets through, they send it to you
If it doesn’t, they swap it until it does
This is why traditional security fails
Only trusted link authentication stops smishing before it starts.
April 10, 2025 at 11:47 PM
SMS phishing isn’t clever — just easy
Criminals test fake messages on their own SIMs
If the link gets through, they send it to you
If it doesn’t, they swap it until it does
This is why traditional security fails
Only trusted link authentication stops smishing before it starts.
Criminals test fake messages on their own SIMs
If the link gets through, they send it to you
If it doesn’t, they swap it until it does
This is why traditional security fails
Only trusted link authentication stops smishing before it starts.
If you know anyone at banks or payment providers in Ireland, I’d appreciate an intro. I’m in touch with the Banking Federation but keen to connect with more of the right people — hoping Ireland can lead the way in stopping SMS fraud.
April 3, 2025 at 11:42 AM
If you know anyone at banks or payment providers in Ireland, I’d appreciate an intro. I’m in touch with the Banking Federation but keen to connect with more of the right people — hoping Ireland can lead the way in stopping SMS fraud.
Thank you, ChatGPT. I made several edits, but the AI handled most of the heavy lifting.
MetaCert has developed a short code specifically for Ireland, where current privacy regulations prevent mobile operators from implementing network-based anti-phishing security.
MetaCert has developed a short code specifically for Ireland, where current privacy regulations prevent mobile operators from implementing network-based anti-phishing security.
April 2, 2025 at 3:41 PM
Thank you, ChatGPT. I made several edits, but the AI handled most of the heavy lifting.
MetaCert has developed a short code specifically for Ireland, where current privacy regulations prevent mobile operators from implementing network-based anti-phishing security.
MetaCert has developed a short code specifically for Ireland, where current privacy regulations prevent mobile operators from implementing network-based anti-phishing security.
I just wrote this: The security industry widely acknowledges smishing as one of today’s most serious cybersecurity threats. So why is it that no legacy vendor offers a network-based solution for mobile operators to protect...
LinkedIn: t.co/XpVg2498Cw
Medium: paul-walsh.medium.com/from-aol-ins...
LinkedIn: t.co/XpVg2498Cw
Medium: paul-walsh.medium.com/from-aol-ins...
April 2, 2025 at 9:59 AM
I just wrote this: The security industry widely acknowledges smishing as one of today’s most serious cybersecurity threats. So why is it that no legacy vendor offers a network-based solution for mobile operators to protect...
LinkedIn: t.co/XpVg2498Cw
Medium: paul-walsh.medium.com/from-aol-ins...
LinkedIn: t.co/XpVg2498Cw
Medium: paul-walsh.medium.com/from-aol-ins...
I made this emoji using ChatGPT — with a transparent background!
It’s wild how fast this is evolving. Tools like this won’t replace great designers — but they will wipe out tedious work and make everyday tasks way faster and easier.
It’s wild how fast this is evolving. Tools like this won’t replace great designers — but they will wipe out tedious work and make everyday tasks way faster and easier.
April 1, 2025 at 1:35 PM
I made this emoji using ChatGPT — with a transparent background!
It’s wild how fast this is evolving. Tools like this won’t replace great designers — but they will wipe out tedious work and make everyday tasks way faster and easier.
It’s wild how fast this is evolving. Tools like this won’t replace great designers — but they will wipe out tedious work and make everyday tasks way faster and easier.
Google is flagging MetaCert’s anti-phishing emails as ‘dangerous’ — the same emails that highlight Google’s failure to detect phishing apps on Google Play. Ironic, but not even slightly funny.
😤
@gmail
😤
@gmail
March 26, 2025 at 3:08 PM
Google is flagging MetaCert’s anti-phishing emails as ‘dangerous’ — the same emails that highlight Google’s failure to detect phishing apps on Google Play. Ironic, but not even slightly funny.
😤
@gmail
😤
@gmail
“A World Without ADHD and Dyslexia"
I just wrote this for Neurodiversity Celebration Week.
#NeurodiversityCelebrationWeek #NeurodiversityWeek #NCW #ThisIsND #ADHD #Dyslexia
cc @NCWeek
LinkedIn: www.linkedin.com/pulse/world-...
Medium: paul-walsh.medium.com/a-world-with...
I just wrote this for Neurodiversity Celebration Week.
#NeurodiversityCelebrationWeek #NeurodiversityWeek #NCW #ThisIsND #ADHD #Dyslexia
cc @NCWeek
LinkedIn: www.linkedin.com/pulse/world-...
Medium: paul-walsh.medium.com/a-world-with...
March 20, 2025 at 2:41 PM
“A World Without ADHD and Dyslexia"
I just wrote this for Neurodiversity Celebration Week.
#NeurodiversityCelebrationWeek #NeurodiversityWeek #NCW #ThisIsND #ADHD #Dyslexia
cc @NCWeek
LinkedIn: www.linkedin.com/pulse/world-...
Medium: paul-walsh.medium.com/a-world-with...
I just wrote this for Neurodiversity Celebration Week.
#NeurodiversityCelebrationWeek #NeurodiversityWeek #NCW #ThisIsND #ADHD #Dyslexia
cc @NCWeek
LinkedIn: www.linkedin.com/pulse/world-...
Medium: paul-walsh.medium.com/a-world-with...
I asked ChatGPT to generate an image for my Dublin tech networking event, and of course, I got lots of white people holding pints of Guinness. At least it didn’t throw in a leprechaun pitching a blockchain idea. Progress. 😂
March 14, 2025 at 1:56 PM
I asked ChatGPT to generate an image for my Dublin tech networking event, and of course, I got lots of white people holding pints of Guinness. At least it didn’t throw in a leprechaun pitching a blockchain idea. Progress. 😂
Phishing attacks like the one the one documented wouldn’t be a problem if companies like Palo Alto Networks adopted a zero trust strategy for web resources like URLs. 🤷
I discuss why this is necessary here: www.linkedin.com/pulse/open-l...
unit42.paloaltonetworks.com/javaghost-cl...
I discuss why this is necessary here: www.linkedin.com/pulse/open-l...
unit42.paloaltonetworks.com/javaghost-cl...
March 8, 2025 at 11:41 AM
Phishing attacks like the one the one documented wouldn’t be a problem if companies like Palo Alto Networks adopted a zero trust strategy for web resources like URLs. 🤷
I discuss why this is necessary here: www.linkedin.com/pulse/open-l...
unit42.paloaltonetworks.com/javaghost-cl...
I discuss why this is necessary here: www.linkedin.com/pulse/open-l...
unit42.paloaltonetworks.com/javaghost-cl...
DHL operates a legitimate website on mydhli[.]com — and we wonder why people fall for phishing URLs and fake websites.
How can the average person tell the difference when even real domains look suspicious?
How can the average person tell the difference when even real domains look suspicious?
February 11, 2025 at 11:45 AM
DHL operates a legitimate website on mydhli[.]com — and we wonder why people fall for phishing URLs and fake websites.
How can the average person tell the difference when even real domains look suspicious?
How can the average person tell the difference when even real domains look suspicious?
Want to know for sure when you’re on the real @eflow_freeflow website? ✅
MetaCert’s new iPhone security app is now live—the first of its kind built on Zero Trust security.
🔗 apps.apple.com/us/app/metac...
Limited offer
50% off annual plan: ZEROTRUST50
40% off monthly plan: TRUST40
MetaCert’s new iPhone security app is now live—the first of its kind built on Zero Trust security.
🔗 apps.apple.com/us/app/metac...
Limited offer
50% off annual plan: ZEROTRUST50
40% off monthly plan: TRUST40
February 5, 2025 at 12:42 PM
Want to know for sure when you’re on the real @eflow_freeflow website? ✅
MetaCert’s new iPhone security app is now live—the first of its kind built on Zero Trust security.
🔗 apps.apple.com/us/app/metac...
Limited offer
50% off annual plan: ZEROTRUST50
40% off monthly plan: TRUST40
MetaCert’s new iPhone security app is now live—the first of its kind built on Zero Trust security.
🔗 apps.apple.com/us/app/metac...
Limited offer
50% off annual plan: ZEROTRUST50
40% off monthly plan: TRUST40
Worried about fake QR codes and dangerous links in SMS, WhatsApp, and mobile email?
Check out this short video demo of MetaCert’s new iPhone security app (no sound). Launching in a week or two, it’s designed to protect you from phishing/fraud in real-time with Zero Trust.
Check out this short video demo of MetaCert’s new iPhone security app (no sound). Launching in a week or two, it’s designed to protect you from phishing/fraud in real-time with Zero Trust.
January 13, 2025 at 10:33 PM
Worried about fake QR codes and dangerous links in SMS, WhatsApp, and mobile email?
Check out this short video demo of MetaCert’s new iPhone security app (no sound). Launching in a week or two, it’s designed to protect you from phishing/fraud in real-time with Zero Trust.
Check out this short video demo of MetaCert’s new iPhone security app (no sound). Launching in a week or two, it’s designed to protect you from phishing/fraud in real-time with Zero Trust.
This morning, I received an SMS with a URL owned by Irish telco Eircom. Would they really send a message with poor grammar and an insecure domain? How can customers trust SMS messages when told to avoid insecure links, bad grammar, and unexpected messages? It’s confusing and unsafe.
January 10, 2025 at 5:03 PM
This morning, I received an SMS with a URL owned by Irish telco Eircom. Would they really send a message with poor grammar and an insecure domain? How can customers trust SMS messages when told to avoid insecure links, bad grammar, and unexpected messages? It’s confusing and unsafe.
MetaCert is soon releasing an iOS security app that verifies the authenticity of web links in SMS, WhatsApp, email, web browsing, and any app that opens links in the native browser. First of a kind.
December 19, 2024 at 12:08 PM
MetaCert is soon releasing an iOS security app that verifies the authenticity of web links in SMS, WhatsApp, email, web browsing, and any app that opens links in the native browser. First of a kind.
In case you were wondering what an American free speech absolutist should be called.
December 6, 2024 at 10:58 AM
In case you were wondering what an American free speech absolutist should be called.
I’ve discovered an incredible business and life coach who specializes in dyslexic thinking and ADHD. Her expertise comes not just from firsthand experience but also from leading significant teams and projects, offering a unique blend of insight and practical guidance tailored for high achievers.
November 26, 2024 at 4:26 PM
I’ve discovered an incredible business and life coach who specializes in dyslexic thinking and ADHD. Her expertise comes not just from firsthand experience but also from leading significant teams and projects, offering a unique blend of insight and practical guidance tailored for high achievers.
In 2024, ‘innovation’ in cybersecurity apparently means selling posters to combat SMS phishing. Crowd Strike and @proofpoint.bsky.social have truly outdone themselves wit this groundbreaking solution. Brain freeze activated. 🥶
www.crowdstrike.com/resources/in...
www.crowdstrike.com/resources/in...
November 14, 2024 at 12:36 PM
In 2024, ‘innovation’ in cybersecurity apparently means selling posters to combat SMS phishing. Crowd Strike and @proofpoint.bsky.social have truly outdone themselves wit this groundbreaking solution. Brain freeze activated. 🥶
www.crowdstrike.com/resources/in...
www.crowdstrike.com/resources/in...
Who’s going to tell the team that this sky is more cloudy than blue. 🤓🎨
April 21, 2023 at 11:26 PM
Who’s going to tell the team that this sky is more cloudy than blue. 🤓🎨
Hello world. It’s great to play with new toys.
April 20, 2023 at 4:39 PM
Hello world. It’s great to play with new toys.