Definition
Phishing is a social-engineering attack that uses email (most commonly), SMS, or messaging apps to trick users into revealing credentials, clicking malicious URLs, or downloading malware. Modern phishing is sophisticated: well-crafted impersonations of legitimate services, AI-generated copy, lookalike domains, time-delayed URL weaponization. Defense layers: technical controls (email security with anti-phishing engines, URL click-time analysis, RBI for risky links), user awareness training, and incident response. Symantec Email Security combines multiple anti-phishing engines (URL analysis, sender reputation, content analysis, BEC / impersonation detection) with click-time URL inspection through Web Isolation. See DMARC enforcement for the domain-spoofing defense angle.
Symantec products that implement this
- Symantec Email Security.cloud - Cloud-based email protection with anti-phishing, BEC defense, attachment sandboxing, URL rewriting, impersonation detection, and email continuity.
- Symantec Cloud Secure Web Gateway - Cloud-delivered web security with SSL inspection, URL filtering, sandboxing, content disarm, and CASB integration. The cloud successor to the ProxySG appliance.
Related terms
- BEC (Business Email Compromise) - Email fraud where attackers impersonate executives or trusted partners to authorize fraudulent wire transfers or data disclosure.
- DMARC (Domain-based Message Authentication, Reporting and Conformance) - Email authentication standard that lets domain owners specify how receivers should treat mail that fails SPF or DKIM.
- RBI (Remote Browser Isolation) - Security technique that renders web content in disposable cloud containers; malicious code never reaches the endpoint.
Deep-dives on Phishing
- ProxySG to Cloud SWG migration: a step-by-step engineer's guide - Migrating from on-prem ProxySG appliances to Symantec Cloud SWG (WSS) is the second-most-common Symantec project of 2026. The playbook: poli…
- DMARC enforcement with Symantec Email Security: from p=none to p=reject - Most organizations sit at DMARC p=none for years. Moving to p=quarantine and p=reject is a 6-12 week project - and Symantec Email Security g…