Home.
Social EngineeringHigh

Phishing

Phishing is still the top initial-access vector in many incidents. Resilience requires both technical controls and user-centric defenses.

Back to TechniquesTest Your Skills

How Attackers Use It

Attack Summary

Convincing email, SMS (smishing), or voice call (vishing) that tricks a target into providing credentials, installing malware, or approving a fraudulent transaction.

  • Threat actor builds believable lures using current events or brand impersonation.
  • Victims are directed to spoofed login portals or malicious attachments.
  • Credentials or session tokens are captured in real time.
  • Compromised accounts are reused for business email compromise or lateral attacks.

Defensive Strategy

Defense Summary

DMARC/DKIM/SPF email authentication. Security awareness training. Phishing-resistant MFA (FIDO2). Sandbox email attachment analysis.

  • Enforce DMARC, DKIM, and SPF with strict policy alignment.
  • Adopt phishing-resistant MFA such as passkeys or hardware keys.
  • Train users with continuous simulation and just-in-time coaching.
  • Automate URL/attachment sandboxing and suspicious mailbox rule alerts.

Detection Signals

  • Domain impersonation and lookalike sender patterns.
  • Spikes in login attempts after phishing email delivery windows.
  • Unusual OAuth consent grants and mailbox forwarding rule changes.

Keywords

PhishingPhishing DetectionPhishing PreventionHigh SeveritySocial Engineering SecurityAttack and DefenseThreat DetectionSecurity Hardening

External References

Authoritative references for deeper learning and validation.

Related Techniques

Explore additional techniques with similar risk level.

Cross-Site Scripting (XSS)Man-in-the-Middle (MitM)DNS Cache Poisoning