Phishing

Phishing is the fraudulent message, most often email, that starts most breaches. Attackers impersonate a trusted party to trick recipients into revealing credentials, paying money, granting access or installing malware.

Phishing is the use of fraudulent messages, most often email, that impersonate a trusted party to trick recipients into revealing credentials, paying money, granting access or installing malware. It remains the most common starting point of successful breaches, and generative AI has removed its classic tells.

Key facts

The phishing family tree

VariantChannel / techniqueTarget
Mass phishingBulk email, fake brandsAnyone
Spear phishingPersonalized emailA researched individual
WhalingExecutive-grade personalizationExecutives, or staff in their name
Business email compromisePayload-free fraud in email threadsWhoever can move money
QuishingQR codes in email or printMobile users, off the protected device
SmishingSMSEmployees on personal phones
Consent phishingFake OAuth app permission requestsThe account itself, bypassing passwords

How a modern phishing attack lands

The pattern is consistent across variants: a credible sender (spoofed, lookalike or genuinely compromised), a pretext that justifies the ask, pressure (urgency, authority, confidentiality), and an action that looks routine: click, reply, scan, approve. Increasingly the first message is clean smalltalk to build trust before anything malicious appears, and the attack may hop channels (email to SMS to voice) to escape email security entirely.

Defense that survives 2026

Three layers, in order of leverage: behavioral email security that judges sender, relationship and intent rather than just payloads; verification procedures for money, credentials and data requests through a second known channel; and training focused on social engineering levers rather than yesterday's scam formats. MFA everywhere, with the caveat that consent phishing bypasses passwords and MFA by stealing permissions instead.

How Sentaro stops phishing

Sentaro's AI Threat Intelligence Agent evaluates every message across Message, Domain, App and Behavioral Intelligence layers: intent in the text, infrastructure behind the sender, OAuth permission requests, and deviation from each relationship's normal. Built AI-native for the payload-free, AI-written era of phishing, on Google Workspace and Microsoft 365.

FAQ

What is phishing in simple terms?

Fraudulent messages that pretend to be someone you trust to steal credentials, money or access. Email is the main channel, but SMS, QR codes and fake app permission requests are part of the same family.

What are the main types of phishing?

Mass phishing, spear phishing (targeted), whaling (executives), business email compromise (payment fraud), quishing (QR codes), smishing (SMS) and consent phishing (OAuth permissions).

How do I recognize a phishing email?

Check the actual sender address, be suspicious of urgency and unusual requests, and verify payment or credential requests in a second channel. Do not rely on bad grammar; AI-written phishing has none.

What is the most dangerous type of phishing?

By financial damage, business email compromise: payload-free fraud that filters rarely catch and that redirects real payments. By stealth, consent phishing, which survives password changes and MFA.

Does spam filtering stop phishing?

It stops bulk phishing, not targeted attacks. Spear phishing, BEC and consent phishing are designed to pass content filters, which is why behavioral detection is the modern baseline.