Most of us are aware that cyber-criminals have myriad ways to commit email fraud, install malware, seek out privileged access accounts, or obtain confidential information and valuable data. While phishing attacks have a reputation for being poorly written and for being fairly obvious in their attempts to con users, attacks continue to be a problem for most companies, according to a recent security threat report published by intelligent threat protection provider Cloudmark. Ninety-one percent of companies encountered phishing attacks in 2015, with the lion’s share—84 percent—seeing attacks that successfully sneaked past their security defenses, according to a survey of 300 U.S. and UK firms conducted as part of the report. A relatively simple attack—sending a message to the accounting department purportedly from the company CEO—has become quite popular, with 63 percent of companies having encountered it. This eWEEK slide show, which uses industry information from Cloudmark and Agari, examines the most common forms of phishing attacks and offers appropriate countermeasures. Agari builds disruptive, Internet-scale, data-driven security solutions that eliminate email as a channel for cyber-attacks.