17 types of phishing attacks and how to spot them

Phishing remains a prevalent cyber threat, evolving to exploit human trust and bypass hardened email infrastructures by mimicking legitimate behavior through techniques such as impersonating trusted vendors and embedding malicious elements in seemingly benign formats like QR codes and calendar invites. Modern attackers leverage AI and automation to increase the volume and realism of phishing attempts, making them hard to detect with traditional filters that lack context and behavioral understanding. The Sublime Security Platform addresses these challenges by employing explainable detection logic, behavioral modeling, and agentic AI to identify and mitigate 17 types of advanced phishing attacks, from credential and business email compromise to image-based and OAuth consent phishing. These sophisticated attacks often blend technical evasion with psychological manipulation, exploiting technical blind spots and human vulnerabilities, which makes continuous analysis and organization-specific detection logic crucial for effective defense.