While phishing continues to be the prevalent threat in malware-less email-based attacks, cybercriminals refine their methods by adding an impersonation component to increase the success rate against company employees.
Phishing emails are easy to deploy and do not require other preparation from the attacker than crafting a vague message that is sufficiently convincing for a large number of victims to fall for it. They are easy to spot most of the times and do not get into the inbox.
Impersonation attacks, also known as CEO fraud and business email compromise (BEC), are somewhat targeted and require the threat actor to do some reconnaissance about the recipient or the company they work for. This method is more difficult to detect by traditional security solutions because it typically does not follow a pattern.
Source: Bleeping Computer