Phishing attacks have been increasingly effective for malicious actors for years—and things really haven’t changed much. A recent study by Brigham and Women’s Hospital in Boston, which conducted simulations at six anonymous healthcare facilities in the U.S., found that one in seven phishing email were clicked in the span of seven years. 

Healthcare facilities are extremely vulnerable to phishing attacks, but they’re not the only ones. Like any other professional that’s on a path to succeed, threat actors are constantly refining their methods, says Tonya Dudley, security solutions advisor at Cofense. 

“Every time we set up a new technology to help mitigate it, they learn their way around it,” she told InfoSec Insider during a recent video interview shot at the InfoSec World Conference & Expo in Orlando, Florida. 

In the full video interview below, Dudley provides us with a glimpse into the state of phishing attacks in 2019, and more importantly, what security professionals should be doing about it.

Click here to watch the video.