---
title: "The Phishing Attack You Knew Was Bound to Happen | Phish Protection"
description: "The Phishing Attack You Knew Was Bound to Happen: When it comes to preventing phishing attacks, companies are often torn between how to spend their security."
image: "https://phishprotection.com/og/blog/the-phishing-attack-you-knew-was-bound-to-happen.png"
canonical: "https://phishprotection.com/blog/the-phishing-attack-you-knew-was-bound-to-happen/"
---

Quick Answer

When it comes to \[preventing phishing\](/) attacks, companies are often torn between how to spend their security dollars. The choice they make is usually between two options: \[employee awareness training\](/products/phishing-awareness-training/) and \*\*email security\*\* hardware/software. The first choice assumes your employees can protect you from phishing attacks if only they can be taught to spot them. The second choice assumes \_there's not enough training in the world for you employees to stop every phishing attack\_ - it's better to leave that to technology.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-phishing-attack-you-knew-was-bound-to-happen%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=The%20Phishing%20Attack%20You%20Knew%20Was%20Bound%20to%20Happen&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-phishing-attack-you-knew-was-bound-to-happen%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-phishing-attack-you-knew-was-bound-to-happen%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-phishing-attack-you-knew-was-bound-to-happen%2F&title=The%20Phishing%20Attack%20You%20Knew%20Was%20Bound%20to%20Happen "Share on Reddit") [ ](mailto:?subject=The%20Phishing%20Attack%20You%20Knew%20Was%20Bound%20to%20Happen&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-phishing-attack-you-knew-was-bound-to-happen%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2020/09/phishing-protection-4071.jpg) 

When it comes to [preventing phishing](/) attacks, companies are often torn between how to spend their security dollars. The choice they make is usually between two options: [employee awareness training](/products/phishing-awareness-training/) and **email security** hardware/software. The first choice assumes your employees can protect you from phishing attacks if only they can be taught to spot them. The second choice assumes _there’s not enough training in the world for you employees to stop every phishing attack_ \- it’s better to leave that to technology.

In a perfect world, companies would just do both as part of a “**defense-in-depth**” strategy. Unfortunately, many companies don’t have the resources for both and are forced to choose one or the other. Which one is more effective? Depends which data you look at. What we do know for sure though is that one of these options is also an **attack vector** now, thanks to some clever hackers.

According to a recent [article](https://www.scmagazine.com/home/security-news/phishing/phishing-campaign-spoofs-security-awareness-training-notifications/) on SC Magazine, “That **anti-phishing training** email your employees just received may, ironically, _actually be_ a phishing email, according to cyber threat analysts who recently uncovered a security awareness-themed online **social engineering** campaign.” I’m not sure I’d use the word ironic here. Maybe terrifying would be more appropriate.

Continuing from the article, experts recently “reported on a _phishing campaign that sends emails purporting to be a notification urging employees to complete their training with cybersecurity awareness company KnowBe4_. Clicking on the embedded links, however, takes email recipients to a **phishing page** designed to steal their Microsoft Outlook credentials and other personal information. The email warns employees that they have only one day left to complete their training before the program expires. _Urgency is often a tool used by social engineers to trick victims into making hasty decisions without thinking about the consequences of their actions_”

This is actually quite clever on the hacker’s part. _Who would expect a notification for **phishing awareness training** to be a phishing email?_ Actually, everybody should. It’s the phishing attack that was bound to happen.

![Phishing protection](https://media.mailhop.org/phishprotection/images/2020/09/phishing-protection-4071.jpg) 

_The attack is not meant to suggest companies should forgo awareness training altogether_. But, it does highlight the fact that companies on a strict budget, who must choose between two alternative solutions to the **phishing problem**, are probably better served by choosing email security technology like that available from [Phish Protection](/).

\_Phish Protection is **cloud-based email security** specifically designed to combat phishin\_g. And because it’s cloud-based it requires no hardware to buy, no software to buy and no maintenance, ever. It also means it works with all major email providers, _sets up in about 10 minutes and costs just pennies per employee per month_. Phish Protection is so inexpensive, you’d be hard pressed to find awareness training at this price.

For cost-conscious companies intent on keeping safe from **phishing attacks**, the choice is easy: Phish Protection. Try it **risk free for 60 days** right now.

## Topics

[ Phishing ](/tags/phishing/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Foundational 5m  0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks  Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[  Foundational 4m  13 Spear Phishing Attacks Examples To Justify Investment For Phishing Prevention Solutions In Your Organization  Aug 1, 2019 ](/blog/13-spear-phishing-attacks-examples-to-justify-investment-for-phishing-prevention-solutions-in-your-organization/)[  Foundational 4m  All 14 centers of Kettering Health were affected by a massive ransomware attack, Major outage in the Ohio medical center  May 23, 2025 ](/blog/14-centers-of-kettering-health-were-affected-by-massive-ransomware-attack-in-ohio-medical-center/)[  Foundational 4m  2021 Phishing Trends You Need To Be Wary Of  Aug 2, 2021 ](/blog/2021-phishing-trends-to-be-wary-of/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"The Phishing Attack You Knew Was Bound to Happen","description":"The Phishing Attack You Knew Was Bound to Happen: When it comes to preventing phishing attacks, companies are often torn between how to spend their security.","url":"https://phishprotection.com/blog/the-phishing-attack-you-knew-was-bound-to-happen/","datePublished":"2020-09-23T10:51:19.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2020-09-23T10:51:19.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/the-phishing-attack-you-knew-was-bound-to-happen/"},"articleSection":"foundational","keywords":"Phishing","wordCount":484,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2020/09/phishing-protection-4071.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"The Phishing Attack You Knew Was Bound to Happen","item":"https://phishprotection.com/blog/the-phishing-attack-you-knew-was-bound-to-happen/"}]}
```