Cross-Site Phishing Introduction When discussing Red Team engagements, I normally hear that Phishing e-mails are the way to go. Usually this involves creating a payload and hosting it on a domain that matches your pretense.