In the past few years crimes carried out within the cyber-domain have increased in
sophistication and narrowed to targets providing the greatest return value. (Ghafir & Přenosil,
2015, p. 34) In 2018 alone phishing email attack vectors accounted for 26,379 individuals losing
a total of over forty-eight million dollars. That figure does not account for the crimes which go
unreported. (Internet Crime Complaint Center, 2019) Phishing email attack vectors and other
social engineering attack vectors are among the highest concern for any organizational entity as
it exploits the employee. (Sebescen & Vitak, 2017, p. 2238) Phishing emails have been very
successful in recent years partially due to favorable technical and economic conditions.
(Milletary, 2013, p. 1) Keeping that in mind, it a frightening fact that the presence of malicious
phishing campaigns has steadily continued to increase. Some of these malicious phishing
campaigns have been tied back to nation-state threat actors including Advanced Persistent
Threats (APTs) and malicious e-crime groups. (Verizon, 2016, p. 12) APT actors have been
observed implementing phishing email attack vectors in their campaigns. The effectiveness of
phishing email attack vectors may explain why the most devious cybercrime organizations
choose to employ them.
The full paper can be found here: https://docs.wixstatic.com/ugd/d1b07a_c1dca13dcb15497f8fd19509ff9d9517.pdf