people clicking on a link in the email that goes to a malicious website that looks harmless but can have total control over their PC in less than five seconds
That's not really phishing. More like a drive-by download. Phishing is where the e-mail or web site attempt to truck the luser into entering an ID/password for the legitimate site being masqueraded.
Phishing attempts to exploit a weakness in the user, downloads exploit the o/s or client software.