1300 002 001
Follow Us  —Fb. /Lk. /X. /Ig.

Glossary

Phishing

A social-engineering attack that tricks users into revealing credentials or executing malicious payloads, usually via email — and the most common initial access vector for data breaches.

Phishing is the social-engineering attack family where an adversary impersonates a trusted party to extract credentials, payment, or code execution from a user. It remains the dominant way attackers get their first foothold in an environment.

Per the IBM Cost of a Data Breach Report 2025, phishing is the most common initial attack vector at 16% of breaches, with an average breach cost of USD 4.8 million. AI tooling has compressed the time and language skill required to craft a convincing phishing message, and the volume reflects that.

The modern variants

  • Credential phishing — fake sign-in pages that capture username and password (and increasingly, the MFA token via AiTM proxies).
  • BEC (Business Email Compromise) — invoice fraud and executive impersonation conducted entirely by email, with no malware to detect.
  • AiTM (Adversary-in-the-Middle) — real-time proxy of a legitimate login session, defeating non-phishing-resistant MFA.
  • Deepfake voice phishing — synthesised audio of a senior executive instructing finance to act.
  • Smishing and quishing — phishing via SMS or QR code.

Layered defences

  • Phishing-resistant MFA (FIDO2 / passkeys) on the accounts that matter.
  • DMARC, DKIM, SPF correctly configured and enforced on the inbound side.
  • Conditional Access policies to block risky sign-ins.
  • Awareness training that’s recurring, not annual.
  • Fast incident response — phishing happens; the defining variable is how quickly it’s contained.

Symsafe delivers all five layers as part of the cybersecurity and Microsoft 365 engagements.

— Related services

← Back to glossary