They succeed because many environments protect the mailbox but not the business process behind it. Attackers only need one trust decision to stick, then they can exploit people, delegated approvals, or automation that accepts the email as proof of intent.
Why This Matters for Security Teams
Phishing remains effective because email security, MFA, and awareness training often stop at the inbox while attackers target the trust path behind the message. Once a user, approver, or automation accepts the message as legitimate, the attacker can trigger payment changes, OAuth consent, token theft, or delegated access. That is why phishing is still a business-process attack, not just a message-filtering problem.
For identity teams, the important shift is to treat the email as an untrusted signal and the downstream action as the control point. This is especially relevant when phishing reaches SaaS approvals, help desk resets, or workflow automation that implicitly trusts mailbox content. NHIMG’s Ultimate Guide to NHIs — Why NHI Security Matters Now shows why this matters at scale, including that only 5.7% of organisations have full visibility into their service accounts and 90% of IT leaders say proper NHI management is essential to zero trust.
That gap mirrors what recent incident analysis shows in practice: the attacker only needs one trust decision to stick, and from there the mailbox becomes a launchpad into identities, approvals, and automation. In practice, many security teams encounter this only after a signed approval, token grant, or BEC-style transfer has already occurred, rather than through intentional control testing.
How It Works in Practice
Well-defended environments usually block commodity spam, malicious links, and known payloads. The failure happens when the phishing message is designed to produce a legitimate-looking internal action. That can include an OAuth consent prompt, a password reset, a help desk callback, a shared document approval, or a workflow that accepts email as proof of intent. The attack succeeds because the security boundary is not the mailbox alone but the decision the mailbox triggers.
Current guidance suggests breaking this path with layered controls that evaluate intent at the point of action, not just at the point of delivery. That means strong conditional access, phishing-resistant MFA, sender validation, step-up approval for sensitive actions, and separate verification channels for payment, access grants, and identity recovery. For automation, the safer pattern is to prevent mail-triggered workflows from executing privileged actions without independent policy checks. NHI governance also matters because service accounts, API keys, and delegated tokens often extend the blast radius after the first compromise. NHIMG’s 52 NHI Breaches Analysis and the Ultimate Guide to NHIs — Key Challenges and Risks both point to the same operational reality: secret sprawl and over-privilege turn a single phish into broad access.
- Require separate approval paths for payments, privilege elevation, and identity recovery.
- Use phishing-resistant MFA and device-bound controls for high-risk workflows.
- Limit OAuth consent and monitor new grants, delegated tokens, and inbox rules.
- Apply least privilege to service accounts and rotate exposed secrets quickly.
- Alert on anomalous forwarding, login, and workflow triggers after suspicious mail events.
These controls tend to break down in legacy shared-mailbox environments and approval chains where one trusted inbox can still authorize multiple downstream systems.
Common Variations and Edge Cases
Tighter approval controls often increase friction, requiring organisations to balance speed against assurance. That tradeoff is real in finance, HR, executive support, and IT service desks where rapid action is part of the operating model. Best practice is evolving, but there is no universal standard for how much friction is enough; the right answer depends on the sensitivity of the workflow and the cost of a mistaken trust decision.
Some phishing variants do not try to steal the password at all. They target MFA fatigue, inbox rule creation, OAuth app abuse, or credential capture for downstream systems. In other cases, attackers use highly targeted lures that bypass generic awareness training because the message is operationally plausible. External reporting from CISA cyber threat advisories and the Anthropic report on AI-orchestrated cyber espionage both reinforce that attacker tradecraft now combines social engineering with automation and rapid follow-through.
The edge case to watch is when a phishing email reaches a privileged human and a privileged non-human identity at the same time. In those environments, one message can compromise both decision authority and execution authority, which is why mailbox defense alone is never enough.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 and CSA MAESTRO address the attack and risk surface, while NIST AI RMF set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-03 | Phishing often leads to secret theft and stale credential abuse. |
| CSA MAESTRO | A2 | Agentic workflows can trust email and approvals too readily. |
| NIST AI RMF | Phishing against AI-driven workflows is a governance and risk issue. |
Inventory, rotate, and revoke exposed secrets immediately after suspicious email-driven incidents.
Related resources from NHI Mgmt Group
- Why do business email compromise attacks succeed even in well-run organisations?
- Why do AI-driven phishing attacks still succeed when organisations use modern authentication?
- Why do data in motion controls still fail in well-defended environments?
- Why do phishing attacks still succeed even when people know the warning signs?
