Shift to Malwareless E-mail Attacks

FireEye has an interesting report that they put together using email from July to December last year.  It shows a shift from malware infected email to other types not using malware.  The big 4 among those were whaling, credential harvesting, spear phishing and W-2 scams.  That last one is because these are businesses FireEye is protecting and the scams are at the corporate level.  We have had some of those around here.  Several people have reported trouble with their credentials of late and I wonder what use that credential is being put to.