Phishing Detection in 2024 — Real-Time Relay Attacks, AI-Generated Lures, and What Still Works
FBI IC3 reported $12.5B in 2023 cybercrime losses. EvilProxy and Modlishka now bypass 2FA in real time, and AI-generated emails defeat older filters. Here is what works in 2024.
The FBI’s Internet Crime Complaint Center (IC3) recorded 880,418 cybercrime complaints in 2023, with $12.5 billion in reported losses. Phishing was the single most-reported crime category at 298,878 complaints — and that’s only what was reported. Microsoft, Google Safe Browsing, and APWG independently report that the volume of phishing infrastructure has grown roughly 5x since 2019, with 4–5 million unique phishing URLs detected per quarter.
The attacks have also changed shape. The advice that worked five years ago — “look for typos, hover over links, don’t click attachments from strangers” — still helps, but the most damaging current attacks bypass all three signals. This article walks through the four phishing trends that defeat older detection (Adversary-in-the-Middle, AI-generated lures, quishing, BEC), the data behind each, and the detection methods that still work.
The current scale
FBI IC3’s 2023 report is the most comprehensive U.S. dataset publicly available:
- 880,418 total complaints (down 5% YoY)
- $12.5B total reported losses (up 22% YoY — the loss-per-complaint is rising fast)
- 298,878 phishing complaints — the largest category by count
- 21,489 BEC complaints with $2.95B in losses — averaging $137,000 per incident
APWG’s quarterly reports (the standard global measure) tracked 4-5 million unique phishing sites per quarter through 2024 — about double the 2021 quarterly average. Google Safe Browsing currently warns on roughly 2-3 million phishing URLs at any given moment.
The takeaway: phishing volume has grown faster than security awareness training. The baseline assumption — “I would notice a phishing email” — is becoming statistically less defensible as attacks improve.
Trend 1 — Adversary-in-the-Middle (AiTM) defeats SMS and TOTP
The most consequential change since 2019 is the commoditization of reverse-proxy phishing kits. Three names dominate the public threat reporting:
- EvilProxy — sold as phishing-as-a-service ($150-400 per campaign), targets Microsoft 365, Google Workspace, GitHub
- Modlishka — open-source proof-of-concept that became the template for paid kits
- Evilginx — open-source framework still actively maintained, widely repurposed
How the attack works
The kit hosts a reverse proxy of the real login page (login.microsoftonline.com, accounts.google.com). The phishing email points the victim to the proxy domain. The victim sees what looks like the real login page — because every pixel is forwarded from the real site. They enter their email, password, and TOTP code. The proxy relays everything to the real site and captures the resulting session cookie. The attacker now has an authenticated session and doesn’t need the password again.
Why TOTP doesn’t help: the TOTP code is forwarded to the real site within its 30-second validity window. The 2FA succeeds, the proxy captures the session, the user sees a successful login.
Why hardware keys (FIDO2) do help: WebAuthn binds the cryptographic challenge to the actual domain (an “origin”). The browser refuses to release the key’s signature to a different domain. The phishing proxy domain isn’t login.microsoftonline.com, so the hardware key won’t authenticate.
Microsoft’s 2023 Digital Defense Report documented millions of AiTM attempts against Microsoft 365 accounts. They estimate ~10,000 successful session-cookie thefts per day at peak.
What this means for users
Migrate high-value accounts (email, banking, primary identity) to phishing-resistant 2FA:
- Hardware keys (YubiKey, Google Titan, $50-65) — the strongest, requires physical possession
- Device passkeys (iCloud Keychain, Google Password Manager, 1Password) — same WebAuthn standard, stored in your device’s secure element
Both prevent AiTM attacks in the same way: domain-bound cryptography. SMS and TOTP do not. (See the companion post on 2FA methods compared for the Google study showing hardware keys at 100% effectiveness across attack categories.)
Trend 2 — AI-generated phishing removes the language tell
Older phishing-awareness training emphasized two language signals:
- Spelling and grammar errors — phishing was often written by non-native English speakers, producing telltale typos
- Awkward phrasing — translated boilerplate didn’t sound natural
Both signals have collapsed. LLMs produce grammatically perfect, tonally appropriate English (and any other language) at zero marginal cost. Proofpoint’s 2024 State of the Phish report and APWG’s 2024 trends both note that the median phishing email is now linguistically indistinguishable from a legitimate one.
Personalization at scale
The bigger shift is AI-enabled personalization. Targeted phishing previously required manual research per victim — find the target’s job title, boss’s name, recent project, communication style. AI can scrape LinkedIn, the company website, recent press releases, and public filings, then generate a personalized opener for thousands of targets simultaneously.
Example before-and-after:
- Before (generic): “Dear Customer, your invoice is overdue. Click here to pay.”
- After (AI-personalized): “Hi Sarah, following up on the Q2 vendor onboarding we discussed last Tuesday — accounting flagged that the W-9 update for our payment processor change hasn’t gone through yet. Can you confirm via this portal? CC’ing John Chen since he handles AP.”
The second version is harder to dismiss because it references real-sounding context that actually checks out (you did discuss vendor onboarding, John Chen does handle AP). The attacker built it from your LinkedIn + the company press release + an org-chart inference.
What still works
The structural tells haven’t gone away — AI personalization makes the language perfect, but it can’t fix the underlying mechanics:
- Domain mismatch — sender is [email protected], not [email protected]
- Unusual link destinations — hovering still shows the actual URL
- Out-of-band channels broken — the email asks you to confirm a call or change a number on a portal instead of calling the person back
- Time pressure — “before EOD,” “the boss needs this in 10 minutes,” “audit deadline”
- Unusual asks — anything that breaks normal process (gift cards, wire transfer changes, unfamiliar W-9 portal)
Train detection on structure, not language quality. Language quality is no longer a reliable signal.
Trend 3 — Quishing (QR-code phishing)
Quishing replaces the malicious link with a QR code embedded in the email body as an image. The campaign spiked sharply through late 2023 and 2024, per APWG and Proofpoint quarterly reports. The most common impersonation: Microsoft 365 password reset notices, “your password expires today, scan to renew.”
Why it works
Two specific bypasses:
-
Email security gateway evasion. Most email scanners process URLs in the body text and check them against threat-intel feeds. Many don’t OCR or decode QR codes inside images. The malicious URL slips through.
-
Device-pivot evasion. When the victim scans the QR with their phone, they leave the corporate-managed laptop (with EDR, browser security extensions, DNS filtering) for a personal phone (no enterprise stack, weaker browser warnings, smaller screen that hides URL details). The phishing site loads on the weakest device on the user’s stack.
Detection
- Treat unsolicited QR codes in email as suspicious. Legitimate password resets don’t require a QR. Microsoft itself has confirmed it does not send password-reset notices via QR code.
- If you must scan, preview the URL before opening. Most modern phone cameras show the URL before navigating — don’t tap if the domain isn’t what you expect.
- Pivot back to the trusted device. If the email genuinely needs your action, navigate manually on your laptop to the known service URL (outlook.office.com), don’t follow the QR.
Trend 4 — Business Email Compromise (BEC)
BEC is the highest-dollar-loss phishing category by a large margin. FBI IC3’s 2023 report attributed $2.95B to BEC across 21,489 complaints — more than double the next-highest category.
Mechanism
BEC isn’t typically a single phish. It’s a multi-stage attack:
- Initial compromise — credential phishing or AiTM gets the attacker into a real employee’s email
- Reconnaissance — attacker watches the inbox for weeks, learns vendor relationships, payment patterns, communication style
- Pivot — attacker either sends from the compromised account or sets up a lookalike domain (your-company.com → your.company-inc.com)
- Wire request — invoice with new bank details, “urgent” payment, “the CEO needs this routed quickly”
The attack works because the email genuinely comes from a real account, or from a domain so close to the real one that even careful readers miss it.
Detection signals
The Verizon DBIR and FBI IC3 both highlight the same red flags:
- Any change to wire instructions or banking details — verify by phone, on a known number, before paying
- Pressure to bypass normal process — “skip the controller,” “don’t loop in accounting,” “do not reply to this email, call my new cell”
- Domain micro-changes — your-company.com → your-cornpany.com (rn vs m), -inc.com vs .com
- Out-of-pattern timing — invoice arrives Friday at 4 PM with payment due Monday morning
- CEO/CFO impersonation — the executive emails you directly with an urgent payment request, “I’m in a meeting, can you handle this?”
Process control beats detection
For BEC specifically, organizational process matters more than individual detection skill. Two controls:
-
Dual approval for any wire-instruction change. A second person calls the vendor on the known phone number. The attacker can fool one person; harder to fool two with phone verification.
-
Out-of-band verification of any unusual money request. If the CEO emails you to wire $80,000 to a new vendor, you call the CEO’s actual cell phone and confirm. Yes, it’s awkward; yes, it’s the only thing that consistently catches BEC.
What still works in 2024
After cataloging four bypass techniques, the practical detection stack:
Layer 1 — Phishing-resistant 2FA
Hardware keys or device passkeys for high-value accounts. This blocks AiTM regardless of how convincing the phishing email is. The technical guarantee (domain-bound cryptography) does what training cannot — survive a moment of inattention.
Layer 2 — Structural pattern recognition
Train yourself and your team on:
- Sender domain (not display name) — display name says “Microsoft,” domain says microsoft-secure-portal.com
- Hover-and-check links before clicking
- Lookalike characters — rn/m, l/I, 0/O, paypal-secure.com vs paypal.com
- Unusual asks — gift cards, wire-instruction changes, urgent unfamiliar processes
- Out-of-band verification for anything financial
Layer 3 — Process controls
For organizations: dual approval, phone-verified wire-instruction changes, out-of-pattern flags from accounting. For families: a shared “we don’t share passwords or account info via email or text — we’ll always call” rule.
What doesn’t work anymore
- “Look for spelling errors” — AI-generated phishing has none
- “Trust the sender display name” — easily spoofed
- “SMS 2FA is enough” — bypassed by AiTM
- “It’s from someone I know” — BEC sends from real compromised accounts
- “Email gateway will catch it” — quishing bypasses URL scanning
Bottom line
Phishing in 2024 is more capable than the threat model most people internalized in 2018-2019. The volume is higher (5x more unique phishing URLs per quarter), the language quality is no longer a tell (AI), the 2FA bypass is widely available (EvilProxy, Modlishka), and the highest-loss variant (BEC) attacks process trust rather than individual judgment.
The realistic defense: hardware keys or passkeys on important accounts, structural skepticism on every email, phone verification for anything involving money or access. The advice has gotten simpler, not more complicated — but the floor is higher than it used to be.
For complementary defenses, see the companion posts on 2FA methods compared (Google’s effectiveness data) and family password managers compared (the credential-management foundation that determines whether phishing succeeds).
Books that teach you to think like a phishing target
Most phishing-defense training is rote checklist work. These three books explain the psychology — far more durable than learning specific phish patterns:
Social Engineering (Christopher Hadnagy, 2nd Edition)
Price · $30-45 — definitive social engineering reference
+ Pros
- · Updated 2nd edition covers modern phishing, vishing, and smishing
- · Author runs annual DEF CON SE Capture-the-Flag competitions
- · Frameworks transfer to interview prep and negotiation too
− Cons
- · Dense — 600+ pages, plan reading over 2-3 months
- · Some examples skew toward red-team operators vs blue-team users
The Art of Deception (Kevin Mitnick)
Price · $15-22 — foundational social engineering text
+ Pros
- · Mitnick's first-hand insights from his pre-arrest hacking era
- · Story-driven — easier intro than Hadnagy for new readers
- · Companion 'Art of Intrusion' covers technical follow-throughs
− Cons
- · Some pre-2010 examples feel dated technologically
- · Anecdotal more than systematic — pair with Hadnagy for full coverage
Phishing Dark Waters (Christopher Hadnagy and Michele Fincher)
Price · $20-30 — phishing-specific deep dive
+ Pros
- · Phishing-specific narrowing of Hadnagy's broader SE work
- · Includes specific email red flags + URL deception patterns
- · Companion materials for corporate phishing awareness training
− Cons
- · Some overlap with Social Engineering book — read one or the other
- · Less updated than Hadnagy 2nd edition for 2024 phishing variants
Start with Mitnick’s Art of Deception for the story-driven introduction, then read Hadnagy’s Social Engineering 2nd edition for systematic frameworks. Save Phishing Dark Waters as a phishing-specific reference vs full read.