Phishing is one of the most effective ways hackers can compromise a network. Instead of targeting specific organizations, attackers can indiscriminately blast out phishing emails and wait for users to be tricked into submitting their credentials to a phishing site. There’s no one technical solution that can prevent all phishing attacks from being successful. What’s needed are layers of security structured to prevent phish emails that do make it into an organization, detect phish and prevent users from visiting malicious phishing sites.”]
Source: https://www.darkreading.com/application-security/the-anatomy-of-a-lazy-phish