Brett Johnson

Most security programmes are designed by defenders who have never sat on the attacker side of the screen. That gap shows up in the controls that get prioritised, the scenarios that get war-gamed, and the fraud losses that keep arriving through channels the team believed were covered. Closing it takes an honest account of how criminals actually choose their targets, move money, and defeat the layers a bank or retailer has spent years building.

Brett Johnson is a former federal Most Wanted cybercriminal, now a security consultant and keynote speaker who helps organisations see fraud and identity theft from the attacker’s point of view.

Download Profile
Check Availability
Check availability

Check Brett Johnson's availability for your event

Complete the form below to check Brett Johnson's availability. If you prefer, you can also send an email directly to our head office.

How would Brett Johnson deliver their presentation at your event?
Please provide details of your budget for Brett Johnson's speaking fee, including currency.

Full Profile

Why organisations work with Brett Johnson

  • He built ShadowCrew, the forum widely credited as the template for modern darknet marketplaces, and can walk a security team through the attacker logic he once ran at scale.
  • The U.S. Secret Service publicly named him “The Original Internet Godfather” and embedded him in Operation Anglerphish; that cooperation history gives his sessions a provenance no academic or vendor speaker can match.
  • He translates criminal tradecraft into board-level language: why a particular control matters, which fraud type is about to spike, where identity verification actually breaks down.
  • Named advisory and client work spans the FBI, Microsoft, Visa, LexisNexis, and AARP, which means his examples are not theoretical and his audience references are checkable.
  • He is comfortable with the awkward part of his own story, which is what makes him credible to senior security and fraud leaders who have heard every generic “hacker keynote” already.

Biography highlights

  • Co-founder and administrator of ShadowCrew (2002-2004), widely cited as the precursor to modern darknet fraud marketplaces.
  • Convicted of 39 felonies, placed on the US Most Wanted list, escaped federal custody, recaptured and served a federal sentence.
  • U.S. Secret Service confidential informant under Operation Anglerphish, embedded on ScandinavianCarding and CardersMarket.
  • Founder of Anglerphish Security, advising Fortune 500 financial services, retail, and technology firms on fraud and darknet intelligence.
  • Host of The AnglerPhish Podcast on cybercrime, scams, and identity theft.
  • Featured in Kevin Poulsen’s “Kingpin” and covered by The New York Times, NBC, CNN Money, Wired, and Vice.

Biography

ShadowCrew went live in August 2002 and ran for barely more than two years before the Secret Service shut it down. In that window it wrote the operating manual that darknet marketplaces still use. Brett Johnson, under the handle GOllumfun, was one of three co-founders and an administrator on the forum.

After the 2004 takedown he avoided the first wave of arrests, was picked up in 2005 on separate charges, agreed to cooperate with the Secret Service, then continued committing tax fraud while working as an informant. He was placed on the US Most Wanted list, recaptured, sent to federal prison, escaped, recaptured again, and eventually served out a federal sentence.

What separates him from the standard former-hacker speaker is the specificity of what he built. Modern identity theft, account takeover, card-not-present fraud, and organised tax-refund fraud all trace back through methods he helped industrialise. Security and fraud leaders at banks, payment networks, and retailers book him because he can describe, step by step, how an attacker selects a target and defeats controls the defenders thought were working.

He now runs Anglerphish Security and advises named clients including the FBI, Microsoft, Visa, LexisNexis, AARP, and Neustar. His story has been told in Kevin Poulsen’s “Kingpin” and across The New York Times, NBC, CNN Money, Wired, and Vice, which is a useful external check for buyers who want to verify the biography before the contract.

Key speaking topics

  • Cybercrime and the modern fraud economy
  • Identity theft and account takeover
  • Social engineering and phishing
  • Darknet marketplaces and threat intelligence
  • Insider perspectives on financial crime
  • Fraud prevention for banks, payment networks, and retail

Ideal for

  • CISOs, heads of fraud, and heads of financial crime at banks, card networks, and fintechs
  • Retail, e-commerce, and payments leadership teams exposed to card-not-present and account takeover fraud
  • Boards and audit committees seeking an unvarnished attacker-side briefing
  • Government and public-sector programme leaders responsible for benefits, tax, or identity systems

Audience outcomes

  • A clear picture of how organised cybercriminals select targets, test defences, and cash out.
  • Named examples of where existing fraud and identity controls tend to fail in practice.
  • A sharper sense of which internal signals to take seriously and which to stop paying for.
  • Concrete language to brief a board or executive committee on fraud exposure without resorting to vendor slides.

Available for
Speaking Themes

Videos