Practical research for phishing defense teams
Technical notes, product thinking, and operational guidance for teams that need faster, clearer phishing decisions.
Knowledge base
24 articles
Topics
74
Featured
Why Do Million-Dollar Castles Collapse With a Single Link? (Part 2)
How Lazarus Group used a single PDF to target global banks — and why traditional security tools could not stop it.
phishark intel
> classify: Phishing Case Studies
> confidence: high
> status: indexed
Latest articles
24 articlesPhishing-as-a-Service: The Industrialization of Deception
In 2026, an attacker no longer needs to know how to build a phishing kit. They rent one. Phishing-as-a-Service has turned deception into a supply chain. Here's how the underground economy works, why it changes the threat math, and what defenders should do.
Mobile-First Phishing: Why SMS, WhatsApp, and App Notifications Are the New Inbox
Smartphone users are 40% more likely to click a malicious link than a desktop email user, according to the 2026 Verizon DBIR. Attackers have followed. Here is how mobile-first phishing works in 2026 - smishing, rogue app notifications, and branded chat - and what defenders should do.
Deepfake Phishing: When Voice and Video Lie
In 2026, a cloned CEO voice authorizing a wire transfer or a video of your CFO on a Zoom call is no longer science fiction. Deepfake phishing turns identity verification into a multimedia problem. Here's how the attacks work and what defenders should do.
MFA Is Not a Wall: How Fatigue Bombing and AiTM Bypass 2FA in 2026
Multi-factor authentication is treated as the finish line of identity security. In 2026, MFA fatigue bombing and Adversary-in-the-Middle session cookie theft turn that assumption inside out. Here's how the bypasses work and what defends them.
Why Do Million-Dollar Castles Collapse With a Single Link? (Part 2)
How Lazarus Group used a single PDF to target global banks — and why traditional security tools could not stop it.
Why Do Million-Dollar Castles Collapse With a Single Link? (Part 1)
How Google and Facebook lost $120 million to a single phishing campaign — and what traditional security tools missed.
Quishing: Why QR Code Phishing Is the Backdoor Past Your Email Defenses
QR code phishing (quishing) bypasses email scanners and link previews entirely. Here's how it works in 2026, why it's surging in corporate environments, and how defenders close the last-mile gap.
Why I Started Building PhiShark
Phishing is not new, but it is still not solved. Here is why I decided to build a different kind of phishing protection tool.
Agentic AI Phishing Defense: How Reasoning-Based Analysis Transforms Your Investigation Workflow
Agentic AI doesn't just classify phishing URLs - it investigates them like a human analyst. Here's how reasoning-based defense reshapes the entire phishing investigation workflow.
Phishing Domains: How Attackers Build Them and How AI Detects Them Before They Strike
Phishing domains are the infrastructure behind every successful attack. Learn how attackers register, weaponize, and rotate domains - and how AI-powered analysis catches them early.
Executive and Employee Impersonation Protection: Trends and Defense Strategies in 2026
Executive impersonation and employee spoofing attacks are rising in sophistication. Here's what's changing in 2026 and how AI-powered phishing analysis detects brand and identity fraud.
Phishing Protection in 2026: A Complete Guide to Defending Your Organization
From email gateways to browser-level defense, this guide covers every layer of modern phishing protection and how to build a strategy that actually works against today's threats.
Phishing Detection APIs: How to Integrate Real-Time URL Analysis Into Your Security Stack
Phishing detection APIs let security teams embed AI-powered URL analysis directly into existing workflows. Here's how to evaluate, integrate, and scale a phishing API in your SOC.
Phishing in 2026: The Evolving Threat Landscape and How AI Is Changing the Game
From AI-generated phishing pages to multi-channel attacks, the 2026 threat landscape looks nothing like 2020. Here's what's changed - and how AI-powered defense is leveling the playing field.
What Is an AI Phishing Analyst?
A practical look at AI analyst workflows that explain phishing evidence instead of only returning a risk score.
From Alert to Resolution: The Complete Phishing Investigation Workflow
Walk through an end-to-end phishing investigation - from the moment a suspicious URL is detected to final resolution - and see how AI transforms every step of the process.
Incident Response Dashboard: Your Command Center for Phishing Defense
When phishing alerts pile up, you need a single pane of glass. The PhiShark Dashboard gives SOC teams full visibility into every analysis, every URL, and every threat - in real time.
Behind the 4.9/5 Rating: What Users Say About PhiShark's Browser Extension
The PhiShark Chrome Extension holds a 4.9/5 rating. We break down what users love most - from real-time URL checks to seamless Gmail protection.
Browser-Level Phishing Protection: Why It Beats Email Gateways Alone
Email gateways only protect one channel. Browser-level phishing protection catches malicious links across email, chat, SMS, and social media. Here's why that architecture matters.
Real-Time URL Protection: How PhiShark Extension Keeps You Safe While Browsing
Your browser is the front line of phishing attacks. The PhiShark Chrome Extension puts real-time URL analysis at your fingertips - before you ever click a malicious link.
AI Phishing Analyst vs Human Analyst: The Numbers Don't Lie
A side-by-side comparison of AI and human phishing analysts on speed, accuracy, capacity, consistency, and cost - with data that challenges old assumptions.
From Hours to Seconds: How AI Accelerates Phishing Incident Response
Manual phishing analysis takes 15-30 minutes per URL. AI-powered analysis reduces it to seconds - and that speed changes everything about how SOC teams operate.
The Real Cost of a Single Phishing Attack in 2026
Beyond the breach headline: a data-driven breakdown of what one successful phishing attack actually costs an enterprise in downtime, remediation, and reputational damage.
Agentic AI vs Traditional Phishing Defense: Why Reasoning Changes Everything
Traditional phishing tools stop at risk scores. Agentic AI goes further - it investigates, reasons, and explains. Here's why that difference matters for enterprise security.