Phishing attacks are nothing new or unusual, and yet the menace they pose is often overlooked in lieu of flashier malware, APTs, and 0-day exploits. This talk will discuss the state of modern phishing, delving into the economy of phishing. It will detail the roles within this economy and why it presents such a risk to organizations. Using RPG-style stat cards to highlight author strengths and weaknesses, we will then present our research on three phishing kit authors, break down their offerings, and discuss what it takes to run a successful phishing kit empire.