Barrel Phishing vs Phishing: How Two-Stage Attacks Work
Day one: An email from a new vendor asks if you’re the right person to discuss a partnership opportunity. Nothing suspicious. No links. No attachments. You reply confirming your role.
Day three: A follow-up arrives with a “proposal document” attached. You open it without hesitation. You already know this sender.
This is barrel phishing. The first email had one purpose: make you trust the second one.