TOPICS / Phishing

Phishing

Detect, analyze, and defend against phishing and social-engineering attacks.

Phishing is the single most common way real-world breaches begin — attackers impersonate trusted brands or people to steal credentials, plant malware, or hijack sessions. Modern kits even proxy real login pages to defeat one-time-password MFA.

This hub pulls together everything on Ciphers Security for spotting and stopping phishing: hands-on tools to vet suspicious links and email authentication, a daily training game, plain-English definitions, and our latest coverage.

Free tools

URL Checker DMARC / SPF / DKIM Email Header Analyzer IOC Extractor

Practice

🎮 Phish or Legit? →

Latest coverage

Ghostwriter Deploys Prometheus Phishing Lures Against Ukraine Government Entities
Screening Serpens: Iranian APT Fuses AppDomainManager Hijacking with New RATs in 2026 Espionage Campaign
CVE-2026-9082: Critical Drupal SQL Injection Under Attack on Thousands of Sites
Kali365 PhaaS Kit Bypasses Microsoft 365 MFA via Device Code Phishing — FBI Warning
Stolen Gemini API Keys and AI Fraud: How 'Quantum Patriot' Drained Crypto Wallets via Fake QAnon Content
Instructure Removed from ShinyHunters' Leak Site as Canvas Breach Deadline Passes
Costa Rica Joins Have I Been Pwned as the 42nd Government
LummaC2 Infostealer Targets US Critical Infrastructure: CISA-FBI Advisory AA25-141B and DOJ Domain Seizures

Key terms

Phishing Social Engineering Credential Stuffing

Reference databases

Browse the KEV catalog