AI Is Reading Your Emails Before You Do Artwork

SipCyber - Presented by IT Audit Labs

SipCyber: Where Great Coffee Meets Essential Cybersecurity

What happens when a former special education teacher turned Minnesota State Cybersecurity Coordinator sits down with a perfect cup of coffee? You get cybersecurity advice that's actually approachable.

Jen Lotze from IT Audit Labs brings you SipCyber — the podcast that pairs cozy coffee shop discoveries with decaffeinated cybersecurity tips. No jargon. No fear-mongering. Just practical ways to protect yourself, your family, and your organization from digital criminals who want to ruin your perfectly good day.

What You'll Get:

Real-world cybersecurity advice anyone can follow
Coffee shop reviews and community spotlights
Stories from someone who's been in classrooms, boardrooms, and government coordination centers
A mission to make security everyone's job, not just the IT team's

From teaching special needs students to coordinating statewide cyber defense, Jen proves that cybersecurity expertise comes from the most unexpected places. And the best conversations happen over great coffee.

Perfect for: Coffee lovers, small business owners, educators, parents, and anyone who wants to stay safe online without the technical overwhelm. Let's get brewing.

All Episodes

SipCyber - Presented by IT Audit Labs

AI Is Reading Your Emails Before You Do

April 29, 2026 • IT Audit Labs • Season 1 • Episode 29

0:00 | 4:37

AI doesn't just help defenders anymore—attackers are using it to study you before you ever know you're a target.

In this episode of SipCyber, Jen Lotze sits down at Forgotten Star Brewing in Fridley, MN—a former WWII manufacturing facility built on a legacy of doing things right—with a rare seasonal Maibock in hand, and a sharp warning about how AI is quietly transforming phishing attacks into something far more dangerous: emails that look exactly like everything else in your inbox.

Key Topics Covered:

How attackers use AI to map relationships and mimic writing styles inside your organization
Why 91% of successful cyberattacks still start with an email
Advanced email filtering tools (Harmony, Abnormal) and what they actually do
What you can do if you don't have enterprise-level protection at home
The simple habit—verify outside the email—that can stop even sophisticated attacks

This isn't about fear. It's about the one pause that changes everything.

🍺 Featured Spot: Forgotten Star Brewing, Fridley, MN (Formerly a WWII boiler room—and yes, the Maibock is worth the wait.)

Don't let a "normal-looking" email cost you everything. Subscribe for weekly cybersecurity insights delivered from the best local spots across the country—and share this with anyone who uses email at work.

#AIPhishing #CyberSecurity #EmailSecurity #PhishingAttack #InfoSec #SipCyber #AIThreats #CyberAwareness #SocialEngineering #DigitalSafety #EmailHacking #CyberDefense #ForgottenStarBrewing

Jen Lotze 0:04

Hey there, coffee lovers and internet explorers. Welcome back to Zip Cyber. Some buildings don't let you forget what they used to be. The other day I was sitting at Forgotten Star Brewing, and before anything else, you notice it. The scale, the structure. This place used to be the boiler room of a World War II manufacturing facility, a place known for doing things so well it was recognized again and again during the war for excellence in production. And you can still feel that there. Not in a heavy historical way, but more like a quiet expectation that things are done right. Now it's filled with long tables, low conversations, sometimes loud conversations, people settling in instead of rushing through. It's become a place where people gather and actually enjoy being present. I was sitting there with a MyBok beer, a seasonal beer that only shows up once a year, and even then only for a very, very short window. You don't get endless chances with that MyBach beer. If you miss it, you wait another year. And that changes how you approach it. You pay attention a little more, you don't rush past it. You don't assume you'll just come back to it later. And somewhere between the history of Forgotten Star Brewing and that short window in front of me, I kept thinking about something I had watched earlier that day. A cybersecurity firm was showing how attackers are using AI in a much quieter way. Not to break in right away, but to study. In many cases, they get a small foothold, a compromised account, stolen credentials, or access from an earlier phishing attack. Nothing dramatic, just enough to observe. And then AI takes over from there. It can scan emails at scale and start mapping relationships. Look who talks to who, how often. It learns how someone writes, how they ask for things. It even picks up on patterns, how approvals happen within your organization, when requests are sent, what normal looks like inside of a company. So when a malicious miss message finally shows up, it doesn't have a suspicious link. It doesn't look like a scam. It looks like exactly something you've seen before. A routine request, a quick favor sent at the right time, in the right tone, from someone who seems familiar. And that's what makes it dangerous because it doesn't interrupt your day. It blends into it. And when something feels normal, we don't slow down. We respond. We trust it. But today, about 91% of successful cyber attacks start through an email. And in many cases, one click is enough to cause real damage, financial loss, operational disruption, sometimes more than a company can recover from, and they end up closing down. That's why this part isn't optional anymore. If you work at a company, this is where tools like Harmony or Abnormal come in, their advanced email filtering tools. And they can screen emails in real time before they ever reach your inbox, looking at behavior and patterns that don't quite match what normal should be. And yes, they have a lot of AI built in, so they're doing things very quickly. Now those tools don't eliminate risk. Nothing really will, but it reduces it drastically. And right now we need every layer we can get. And if you're in your personal email, you don't have that same level of protection behind the scenes. So this becomes more about you, being a little more aware, a little more willing to pause, because these messages aren't trying to stand out. They're trying to look exactly like everything else. So this is one of those moments where two things matter: the technology that helps filter what we can't see, and the small pause we choose to take. Now, if you're in your personal email, that's where reporting things as spam instead of deleting them makes a huge difference. That alerts your email provider that something looks malicious. If a message feels routine but asks for something slightly out of the ordinary, access, money, a process change, take it out of that moment and verify it another way. Maybe even have someone else look at it. Start a new conversation with who you think is sending it. Call that person based on the number that you know they should be reached at. Check in outside of the email because real requests can handle being confirmed. Fake ones usually can't. I sat at Forgotten Star Brewing longer than I planned to, uh, not so much drinking but working on my laptop and looking out at those smokestacks, finishing something I knew wouldn't be there next week. One built on consistency, one built on a short window, and somewhere between the two a reminder. Not everything that looks normal actually is, and sometimes the smartest move is to slow down just enough to be sure. Thanks for joining me on this trip to Forgotten Star Brewing and for taking a small step to secure your digital life. Until then, stay safe, stay human, and keep sipping.