Most cyber attacks start with a social engineering attempt and, most often that not, it takes the form of a phishing email.

It’s easy to understand the popularity of this attack vector: phishing campaigns are relatively inexpensive (money- and time-wise), yet successful. Attackers don’t need to create/buy technical exploits that might or might not work – instead, they exploit what they can always count on: users’ emotions, fears, desires, and the fact that, despite knowing better, it only takes a moment of inattention to make a mistake.