Read as
Last updated: April 29, 2026
Why this module exists. Email is still the primary initial-access vector in 2026. Verizon DBIR: ~30% of breaches start with phishing. Modern phishing is sophisticated (AI-generated content, MFA-aware), and email-security tools have advanced (sandboxing, behavioural detection, DMARC enforcement).
Why this module exists. Email is still the primary initial-access vector in 2026. Verizon DBIR: ~30% of breaches start with phishing. Modern phishing is sophisticated (AI-generated content, MFA-aware), and email-security tools have advanced (sandboxing, behavioural detection, DMARC enforcement). Defenders who haven’t kept pace have a 2018-grade email defence.
The four phishing variants you’ll see
- Bulk phishing — credential-harvest pages, mass-distributed. AI has made these visually convincing. Detection: known-bad URL lists, sandbox analysis.
- Spear phishing — targeted, often impersonating executives or vendors. Personalised content, fewer spelling errors. Detection: behavioural (sender reputation, header anomalies).
- BEC (Business Email Compromise) — vendor impersonation, often invoice fraud. Plain-text emails, no malicious links — pure social engineering. Detection: vendor-baseline anomaly + human review.
- Account takeover — attacker has compromised an internal mailbox; sending from inside. DMARC won’t help because the email IS legitimate. Detection: behavioural anomaly inside the mailbox.
Want this for your team?
Custom team training + practitioner advisory
Beyond the free academy — we run private workshops, vCISO advisory, and red-team exercises tailored to your stack. For Indian SMBs scaling past their first hire.
Book team training call
Replies in 4 working hrs · India-only · Senior consultants