Phishing attacks are an extremely common attack vector that have been used for many years, and the potential impacts and risk involved are well known to most Internet users. However, it is still a highly relevant attack vector being used in the wild, affecting many victims. How can a security threat continue to have a significant impact, despite the fact that many Internet users know about the risks and potential impact? We dive deeper into several recent phishing scams and provide insights into the modern phishing scam landscape and what makes these campaigns effective — and thus a continuously dangerous security threat.
New research from the Akamai Enterprise Threat Research team shines a spotlight on some of the most prominent phishing campaigns from 2017. Our research shows that despite broad awareness of phishing attack risks, attacks are still a relevant threat. More importantly, we found the attack techniques and elements being used in recent phishing campaigns to be highly effective, highly distributed, and long lived.