'%3e%3cpath%20d='M248.027%20159.993C292.176%20159.993%20328.105%20124.1%20328.105%2079.996C328.105%2035.892%20292.191%200%20248.027%200C203.863%200%20167.95%2035.892%20167.95%2079.996C167.949%20124.101%20203.878%20159.993%20248.027%20159.993ZM213.969%2045.973C223.069%2036.882%20235.155%2031.873%20248.027%2031.873C260.899%2031.873%20272.986%2036.882%20282.086%2045.973C291.186%2055.064%20296.2%2067.154%20296.2%2079.997C296.2%2092.84%20291.186%20104.93%20282.086%20114.021C272.986%20123.112%20260.899%20128.12%20248.027%20128.12C235.155%20128.12%20223.069%20123.111%20213.969%20114.021C204.869%20104.93%20199.871%2092.84%20199.871%2079.997C199.871%2067.154%20204.884%2055.063%20213.969%2045.973Z'%20fill='%23EE4323'/%3e%3cpath%20d='M150.16%200L57.6821%20159.993H94.5381L187%200H150.16Z'%20fill='%23EE4323'/%3e%3cpath%20d='M92.478%200L0%20159.993H36.856L129.334%200H92.478Z'%20fill='%23EE4323'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_296_834'%3e%3crect%20width='328.105'%20height='159.993'%20fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
Push Security Launches Phishing Detection Evasion Techniques Matrix to Help Security Teams Pinpoint Detection Gaps
August 06, 2025
New open source framework maps the latest generation of real-world phishing techniques, revealing how attackers bypass identity providers and evade traditional defenses
LAS VEGAS, BLACK HAT, USA – Aug. 6, 2025 – (Booth #2057) Push Security, a leader in browser-based detection and response, today published its Phishing Detection Evasion Techniques matrix, offering a new view into the way that modern phishing attacks function, and how they’re being used to evade classic detection controls.
Modern phishing attacks are routinely bypassing traditional email and network-based phishing defenses. Attackers are using alternative delivery methods (such as IM platforms, social media, and malicious ads), camouflaging phishing links by abusing legitimate apps and services, and using bot protection, obfuscation, and runtime anti-analysis features, making them resistant to automated analysis.
“Handling phishing the same way we did 10 or 15 years ago just isn’t an option anymore,” said Jacques Louw, chief product officer at Push Security. “This resource gives defenders a clearer picture of how sophisticated attackers are actually operating in the wild — and how traditional security controls are being outmaneuvered."
The Phishing Detection Evasion Techniques matrix builds on Push Security’s earlier SaaS Attacks Matrix, continuing the company’s mission to help security teams visualize and counter real-world identity threats across the modern attack surface.
Key features of the matrix include:
- Mapped TTPs across every phase of the phishing lifecycle, including target reconnaissance, lure crafting, link camouflage, anti-analysis, and MFA bypass.
- Real-world examples of how attackers use these techniques in the wild.
- Designed to be used and operationalized by security teams as part of phishing controls testing.
This new framework arrives at a time when phishing attacks are becoming more targeted, evasive, and damaging, especially as enterprises shift to identity-based security models. In fact, phishing was the initial source of compromise in as many as 37% of all breaches in the 2025 Verizon Data Breach Investigations Report dataset, accounting for more than any other single access vector. It is also estimated that phishing attacks cost businesses nearly $4.76 million per breach driven largely by compromised credentials, lost productivity, incident response costs, and downstream damage to applications and data.
The Phishing Detection Evasion Techniques Matrix is now available on GitHub. For more details about the matrix check out the Push Security blog post or visit the team this week at Black Hat USA, booth #2057.
About Push Security
Push Security is the secure enterprise browser extension for security teams. Founded by red team and blue team experts, Push combines high-fidelity browser telemetry, real-time control, and autonomous agents to stop advanced attacks, secure AI usage, harden identities, and prevent data loss — all from your users’ existing browsers, no migration required. Push is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit https://pushsecurity.com or follow @pushsecurity.