Phishing continues to be a major source of profit for cyber-criminals, and a big hassle for cyber-defenders.
Why so much phishing? The reason is simple: it’s easy and it works. Attackers don’t have to worry about hacking through a firewall, finding a zero-day exploit, deciphering encryption, or rappelling down an elevator shaft with a set of lockpicks in their teeth. The hardest part is coming up with a good trick email pitch to get people to click on, and a fake site to land on.