Email Security Blog

Fresh Phish: The Best Phishing Trips of 2018

The past does not define our future, but it often predicts it. That’s why INKY is the perpetual student. She is in a constant cycle of learning, becoming more powerful with every email she reads and every phish she catches. 2018 was a banner year for INKY literally and figuratively. Our phish fence solution caught tens of thousands of phishing attempts, in some cases hours before they had been flagged by the phishing aggregators. We’ve filleted a few of our favorite 2018 phish for you because as sure as the ocean is blue the attacks of 2018 will return in 2019 repackaged, repurposed, and more conniving than ever. INKY is ready. Are you?


2018 was the year of the link. Many of INKY’s catches were loaded with links to websites for companies whose brands were forged. Of course, those links were merely cover for an attachment or a nefarious call to action.

I’m not a Phish! Why would you think that?

One of my favorites and a big trend in 2018 was the novel “I am not spam/phish/otherwise bad” qualifier that many of the phishing emails contained. I’m secure because I have this security logo, etc., were a firm favorite of the 2018 phishing expeditions.

It’s a Picasso... honest?

Copying a brand logo’s, iconography, fonts, tag lines, etc. is now a staple of the modern phish. It was deployed across hundreds of the examples that INKY caught in her phish fence. Some of intricate the details bely a technical talent that is totally wasted on criminality. INKY weeps for them, but not that much because our engineers are better.

Phish Boss

The boss makes a dollar you make a dime, that’s why they phish on company time. CEO and executive impersonations were up sharply in 2018. This one in multifaceted, and, unlike some of the above flavors, there is live person phishing you on the other end of the line. In 2018 fake CEO’s were really into gift cards, and sadly many of their subordinates fell for it.

So, what is the Phuture?

Unfortunately, we don’t see 2019 being any less exciting than 2018 was. As long as there is email there will be phishing attempts. As long as INKY is installed, there won’t be victims.

Request Demo