Phishing attacks typically occur through emails, where attackers send messages that appear to be from legitimate sources. These emails may contain links to fake websites that mimic real ones, prompting victims to enter their credentials. In toxicology, attackers might pose as regulatory bodies, research collaborators, or healthcare organizations.