Security Awareness Training Blog

Spear Phishing Blog

Learn about current spear phishing attacks, specific examples, and techniques the bad guys are currently using so your users don't fall for these attacks.

View Topics

[Wake-Up Call] It's Time to Focus More on Preventing Spear Phishing

May 31, 2023 2:22:02 PM By Roger Grimes
Fighting spear phishing attacks is the single best thing you can do to prevent breaches.
Continue Reading

Spear Phishing Trends in 2023

May 31, 2023 8:57:49 AM By Stu Sjouwerman
50% of organizations surveyed were victims of spear phishing attacks in the last twelve months, according to a new report from Barracuda. The report also found that, on average, ...
Continue Reading

Recently Exposed North Korean Threat Actor APT43 Targeting Organizations With Spear Phishing

Apr 6, 2023 9:02:08 AM By Stu Sjouwerman
Google’s Threat Analysis Group (TAG) has published a report describing the activities of “ARCHIPELAGO,” a subset of the North Korean state-sponsored threat actor APT43. ARCHIPELAGO’s ...
Continue Reading

[HEADS UP] Russian Hacker Group Launches New Spear Phishing Campaign with Targets in US and Europe

Feb 16, 2023 9:17:56 AM By Stu Sjouwerman
The Russian-based hacking group Seaborgium is at it again with increased spear phishing attacks targeting US and European countries in the last year.
Continue Reading

Reddit is the Latest Victim of a Spear Phishing Attack Resulting in a Data Breach

Feb 15, 2023 8:18:20 AM By Stu Sjouwerman
There is a lot to learn from Reddit's recent data breach, which was the result of an employee falling for a “sophisticated and highly-targeted” spear phishing attack.
Continue Reading

Spear Phishing Attacks Increase 127% as Use of Impersonation Skyrockets

Feb 9, 2023 8:51:35 AM By Stu Sjouwerman
Impersonation of users, domains, and brands is on the rise, as is the use of malicious links, in response to security vendors improving their ability to detect malicious attachments.
Continue Reading

Russian and Iranian Spear Phishing Campaigns are Running Rampant in the UK

Jan 30, 2023 8:52:25 AM By Stu Sjouwerman
The UK’s National Cyber Security Centre (NCSC) has described two separate spear phishing campaigns launched by Russia’s SEABORGIUM threat actor and Iran’s TA453 (also known as Charming ...
Continue Reading

Spear Phishing Campaign Targets Southeast Asia

Jan 17, 2023 8:52:07 AM By Stu Sjouwerman
Researchers at Group-IB are tracking a previously unknown threat actor dubbed “Dark Pink” that’s using spear phishing attacks to target government, military, and religious organizations. ...
Continue Reading

Using AI Large Language Models to Craft Phishing Campaigns

Jan 4, 2023 8:41:49 AM By Stu Sjouwerman
Researchers at Check Point have shown that Large Language Models (LLMs) like OpenAI’s ChatGPT can be used to generate entire infection chains, beginning with a spear phishing email. The ...
Continue Reading

[Heads Up] Giant LastPass Breach Can Supercharge Spear Phishing Attacks

Dec 28, 2022 2:27:36 PM By Roger Grimes
By Roger A. Grimes. KnowBe4 recommends that everyone use a password manager to create and use strong passwords as a part of their password policy ...
Continue Reading

Spear Phishing Campaign Targets Japanese Political Organizations

Dec 22, 2022 9:43:59 AM By Stu Sjouwerman
Researchers at ESET warn that a Chinese-speaking threat actor dubbed “MirrorFace” targeted Japanese political organizations with spear phishing emails in the run-up to the Japanese House ...
Continue Reading

[EYE OPENER] Phishing Attacks 61% Up Over 2021. A Whopping 255 Million Attacks This Year So Far

Oct 30, 2022 1:17:04 PM By Stu Sjouwerman
Security Magazine wrote this week about the recent eye opening SlashNext State of Phishing report.  "SlashNext analyzed billions of link-based URLs, attachments and natural language ...
Continue Reading

Social Engineering and Bogus Job Offers

Sep 29, 2022 9:37:07 AM By Stu Sjouwerman
Researchers at SentinelOne have warned that North Korea’s Lazarus Group is using phony Crypto.com job offers to distribute macOS malware. The researchers aren’t sure how the lures are ...
Continue Reading

Sentence in a Catphishing Case

Sep 26, 2022 9:59:32 AM By Stu Sjouwerman
A convict serving twenty-five years in South Carolina for voluntary manslaughter and attempted armed robbery, Darnell Kahn, has now also been convicted in a US court on Federal sextortion ...
Continue Reading

Spear Phishing Campaign Targets Financial Institutions in African Countries

Sep 7, 2022 11:00:00 AM By Stu Sjouwerman
Researchers at Check Point have discovered a spear phishing campaign dubbed “DangerousSavanna” that's targeting financial entities in at least five African countries.
Continue Reading

More Super Targeted Spear Phishing Ahead

Aug 16, 2022 3:42:05 PM By Roger Grimes
Hardly a day goes by without a news alert about the latest HUGE data breach. It’s so commonplace today that it rarely rates showing at the top of the news. In a newspaper, the ...
Continue Reading

Children of Conti go Phishing

Aug 16, 2022 11:57:46 AM By Stu Sjouwerman
Researchers at AdvIntel warn that three more ransomware groups have begun using the BazarCall spear phishing technique invented by the Ryuk gang (a threat group that subsequently ...
Continue Reading

Spear Phishing Campaign Targets Facebook Business Accounts

Jul 28, 2022 9:03:57 AM By Stu Sjouwerman
Researchers at WithSecure have discovered a spear phishing campaign targeting employees who have access to Facebook Business accounts. The attackers are targeting specific employees, and ...
Continue Reading

KnowBe4’s 2022 Phishing By Industry Benchmarking Report Reveals that 32.4% of Untrained End Users Will Fail a Phishing Test

Jul 13, 2022 7:00:00 AM By Joanna Huisman
Once again, the human layer continues to be the most desirable attack vector for cybercriminals. 2022 marks the 5th year KnowBe4 has analyzed hundreds of millions of elements of data in ...
Continue Reading

Spear Phishing Campaign Targets the US Military

Jun 22, 2022 8:59:46 AM By Stu Sjouwerman
Researchers at Zscaler warn that a spear phishing campaign is targeting the US military and other sectors with phishing emails that purport to be voicemail notifications. The emails ...
Continue Reading
Subscribe

Search Our Blog


Free Phishing Security Resource Kit

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews