Phishing

Phishing attack prevention, detection, and email security measures.

10 articles

May 2026

Phishing vs spear phishing 2026 comparison: mass email versus targeted OSINT attack, with deepfake, BEC, and DMARC defenses

CaptainDNS · May 4, 2026

Phishing vs spear phishing: what's the difference in 2026?

Phishing targets the masses, spear phishing targets the person. In 2026, AI, OSINT, and deepfakes blur the line. Full breakdown with real cases and defenses.

March 2026

Table showing 10 subtle email header signals that security gateways fail to detect

CaptainDNS · March 28, 2026

10 email filter gaps: the subtle header signals your gateway misses

Your email gateway blocks 99% of threats. But the 1% that gets through is what matters. Here are the 10 header indicators that most filters ignore.

Diagram showing how an attacker exploits indirect MX routing to spoof an internal domain in Microsoft 365

CaptainDNS · March 28, 2026

Misconfigured Email Routing: Microsoft's Warning on Internal Spoofing (January 2026)

In January 2026, Microsoft revealed that indirect MX configurations allow attackers to spoof internal identities by bypassing SPF, DKIM, and DMARC.

Diagram showing a shortened link hiding a phishing URL behind multiple redirect layers

CaptainDNS · March 25, 2026

URL Shorteners: Why bit.ly, t.ly and Their Peers Have Become Phishing's Weapon of Choice

t.ly, Is.gd, Goo.su: URL shorteners fuel phishing, malware, and security filter evasion. Learn the exploitation techniques and how to verify every link before you click.

February 2026

Phishing statistics and trends 2025-2026: charts showing attack evolution, targeted sectors and new techniques (AI, quishing, MFA bypass)

CaptainDNS · February 16, 2026

Phishing trends 2025-2026: APWG statistics and new techniques

Phishing has evolved: generative AI, malicious QR codes, MFA bypass. Explore the 2025 APWG figures and the techniques redefining the threat landscape in 2026.

The 4 anti-phishing threat intelligence databases: Google Safe Browsing, URLhaus, PhishTank and VirusTotal converging towards a protection shield

CaptainDNS · February 16, 2026

Google Safe Browsing, URLhaus, PhishTank, VirusTotal: how threat intelligence databases work

Every day, your browser queries threat intelligence databases to block malicious URLs. Learn how the 4 main databases work and why combining them is essential.

Alert screen after clicking a phishing link with emergency steps to follow

CaptainDNS · February 15, 2026

Clicked a phishing link: what to do right now?

3.4 billion phishing emails are sent every day. If you clicked a suspicious link, follow these emergency steps to limit the damage and secure your accounts.

Anatomy of a phishing email with annotated warning signs

CaptainDNS · February 15, 2026

How to spot a phishing email in 2026

91% of cyberattacks start with an email. Learn how to spot the warning signs, verify a suspicious link, and protect your inbox with the right protocols.

January 2026

Illustration: Gmail address change with alias and account retention

CaptainDNS · January 6, 2026

Change your Gmail address: an option rolling out at Google

Google documents a long-awaited feature: replace your @gmail.com while keeping your account, emails, and services. Here's how to prepare.

October 2025

AI-Powered Phishing: More Effectiveness and Profitability

CaptainDNS · October 22, 2025

AI-Powered Phishing: What the MDDR 2025 Reveals

AI-automated phishing emails average a click-through rate of roughly 54%. At scale, automation can make these campaigns up to ×50 more profitable. Both figures come from the Microsoft Digital Defense Report 2025 (MDDR 2025).