Phishing is old news — which is part of why it's so dangerous today.
Many bank employees learned long ago what a phishing email is and how to look out for one. But the threat has evolved, leading some banks to worry about whether their users have grown too confident in their years-old training to face today's attacks.
In recent years, phishers have refined their strategies to make their emails more targeted — and thus, more convincing. Several high-profile data breaches have been attributed to a targeted phishing email opened by someone within the victimized organization.
Banks are consequently taking more interest in using simulated phishing attacks to test their resistance to the real ones, according to the vendors that offer such services. This new interest stems from the realization that phishers might be overcoming traditional defenses.