Phishing & social-engineering email

Spear Phishing in 2026 — How Targeted Email Attacks Actually Work

Spear phishing is a phishing attack tailored to one person or a small group, using real internal context — names, projects, supplier relationships — to bypass the suspicion that catches bulk phishing. In 2026 the lures arrive from compromised supplier domains and reference real invoice numbers leaked from prior breaches.

9 min read

Smishing in 2026 — SMS Phishing Attacks and How to Stop Them

Smishing is phishing delivered by SMS or mobile messaging. In 2026 the four dominant pretexts are package-delivery scams, bank-fraud alerts, tax-refund or fine notices, and corporate IT-helpdesk lures. SMS bypasses the email security stack entirely and arrives on a device employees trust more than their laptop.

7 min read

Vishing in 2026 — Voice Phishing Attacks and the Helpdesk Bypass

Vishing is phishing delivered by phone. In 2026 the three dominant variants are helpdesk-bypass calls (impersonating an employee to IT), bank-fraud-team calls (impersonating a bank to the customer), and voice-cloned executive calls (impersonating a CEO to authorise a payment). All three defeat MFA when the target gets talked into reading codes aloud.

8 min read

QR Phishing (Quishing) in 2026 — Why a Camera Is Now an Attack Surface

QR phishing — sometimes called quishing — uses a QR code to deliver a malicious URL that bypasses every email-layer security control because the link never appears as text to scan. The 2026 attack patterns are QR-in-attachment (slipped into PDFs and images), physical QR overlay (stickers placed on parking meters, EV chargers, posters, restaurant menus), and corporate-IT-themed QR (fake MFA-renewal posters in office lifts).

7 min read

Phishing in Slack and Teams — When the Lure Comes From Inside the Chat

Workplace chat platforms — Slack, Microsoft Teams, Google Chat — have become a high-trust channel attackers exploit. The two dominant 2026 patterns are external guest-channel infiltration and compromised-internal-account broadcasts. Both bypass every email security control because the message arrives in a channel users trust by default.

8 min read

Business Email Compromise (BEC) — How to Stop the $50bn Wire-Fraud Pattern in 2026

Business email compromise is a wire-fraud attack where an impersonator — posing as a CEO, CFO, supplier, or M&A counterparty — convinces a finance team to redirect a legitimate payment. The 2026 variant uses prior-mailbox-compromise context plus deepfake voice and routinely defeats organisations that rely on email-only confirmation.

10 min read

Deepfake Voice Phishing in 2026 — When the Voice on the Phone Is Synthetic

Deepfake voice phishing uses AI-synthesised speech to impersonate a real person — most often a CEO, CFO, parent, child, or other high-trust contact. In 2026 a credible voice clone needs three to thirty seconds of source audio and produces real-time conversational responses indistinguishable from the real speaker on a phone line. The only reliable defence is process: a callback protocol or a shared codeword that no AI model can guess.

8 min read

Microsoft 365 Phishing in 2026 — AiTM, Token Theft, and the End of TOTP

Microsoft 365 is the single most-attacked enterprise identity surface in 2026. Modern M365 phishing rarely uses static fake login pages — it uses Adversary-in-the-Middle (AiTM) reverse-proxy kits that relay the real Microsoft login flow in real time, capturing both the password and the session cookie even with TOTP or push-based MFA enabled. Defence is mostly identity-layer, not gateway-layer.

10 min read

OAuth Consent Phishing — How Attackers Steal Mailbox Access Without Stealing Passwords

OAuth consent phishing tricks a user into clicking 'Accept' on a permissions screen for an attacker-controlled third-party app. The grant gives the attacker API-level access — mail.read, files.read, full mailbox — that survives password rotation, MFA re-enrolment, and conditional-access changes. In 2026 it is the most under-recognised credential-bypass technique in the enterprise.

9 min read