Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Spear Phishing Blog

Learn about current spear phishing attacks, specific examples, and techniques the bad guys are currently using so your users don't fall for these attacks.

View Topics

AI-Powered Spear Phishing Can Now Outperform Human Attackers

Apr 16, 2025 12:13:09 PM By Stu Sjouwerman
Researchers at Hoxhunt have found that AI agents can now outperform humans at creating convincing phishing campaigns.
Continue Reading

Russian Threat Actor Launches Spear-Phishing Campaign Against Ukrainians

Apr 10, 2025 10:13:12 AM By Stu Sjouwerman
The Russian threat actor Gamaredon is targeting Ukrainians with spear-phishing documents related to troop movements, according to researchers at Cisco Talos.
Continue Reading

Spear Phishing is the Top Cyber Threat to the Manufacturing Sector

Feb 20, 2025 12:54:32 PM By Stu Sjouwerman
Spear phishing was the top cybersecurity threat to the manufacturing sector over the past six months, according to a report from ReliaQuest. These attacks accounted for 41% of ...
Continue Reading

Protect Your Data: Russian Spear-Phishing Targets Microsoft 365 Accounts

Feb 18, 2025 8:13:54 AM By Stu Sjouwerman
Several Russian threat actors, including the SVR’s Cozy Bear, are launching highly targeted spear phishing attacks against Microsoft 365 accounts, according to researchers at Volexity.
Continue Reading

From Madison Avenue to Malware

Feb 7, 2025 4:39:50 PM By Javvad Malik
In the bustling world of 1960s Madison Avenue, a young advertising executive named Lester Wunderman was about to revolutionize the industry. Wunderman, often called the father of direct ...
Continue Reading

Russian Spear-Phishing Campaign Targets WhatsApp Accounts

Jan 22, 2025 9:53:44 AM By Stu Sjouwerman
The Russian threat actor “Star Blizzard” has launched a spear-phishing campaign attempting to compromise WhatsApp accounts, according to researchers at Microsoft. The operation targets ...
Continue Reading

Japan Attributes More Than 200 Cyberattacks to China Threat Actor "MirrorFace"

Jan 15, 2025 10:34:45 AM By Stu Sjouwerman
Japan’s National Police Agency (NPA) has attributed more than 200 cyber incidents over the past five years to the China-aligned threat actor “MirrorFace,” Infosecurity Magazine reports.
Continue Reading

Russia’s APT29 Launches Major Spear Phishing Campaign

Dec 23, 2024 5:14:23 PM By Stu Sjouwerman
Trend Micro warns that the Russian state-sponsored threat actor Earth Koshchei (also known as “APT29” or “Cozy Bear”) is using spear phishing emails to trick victims into connecting to ...
Continue Reading

Critical Infrastructure Under Siege: 42% Spike in Ransomware Attacks on Utilities

Dec 17, 2024 10:05:27 AM By Stu Sjouwerman
Ransomware attacks targeting utilities have surged by 42% over the past year, with spear phishing playing a major role in 81% of cases, according to a ReliaQuest study spanning November ...
Continue Reading

94% of U.K. Businesses Aren’t Adequately Prepared for AI-Driven Phishing Scams

Dec 13, 2024 12:31:54 PM By Stu Sjouwerman
A new report makes it clear that U.K. organizations need to do more security awareness training to ensure their employees don’t fall victim to the evolving use of AI.
Continue Reading

China Threat Actor Targets Individuals and Entities in Japan Via Spear Phishing Campaign

Dec 2, 2024 2:42:53 PM By Stu Sjouwerman
Researchers at Trend Micro warn that the China-aligned threat actor Earth Kasha has launched a new spear phishing campaign targeting individuals and organizations in Japan.
Continue Reading

Nation-State Threat Actors Rely on Social Engineering First

Nov 12, 2024 3:38:33 PM By Stu Sjouwerman
A new report from ESET has found that most nation-state threat actors rely on spear phishing as a primary initial access technique.
Continue Reading

Chinese Threat Actor Targets OpenAI With Spear-Phishing Attacks

Oct 16, 2024 3:47:17 PM By Stu Sjouwerman
OpenAI has disclosed that its employees were targeted by spear-phishing attacks launched by a suspected Chinese state-sponsored threat actor.
Continue Reading

The U.K.'s NCSC and U.S. FBI Warn of Iranian Spear-Phishing Attacks

Oct 2, 2024 3:10:00 PM By Stu Sjouwerman
The U.K.’s National Cyber Security Centre (NCSC) and the U.S. FBI have released an advisory warning of Iranian state-sponsored spear-phishing attacks targeting “individuals with a nexus ...
Continue Reading

Election-Themed Phishing Threats Are on the Rise

Sep 25, 2024 1:54:49 PM By Stu Sjouwerman
Researchers at ReliaQuest have published a report looking at cyber threats surrounding the upcoming US presidential election, warning that election-related phishing will continue to ...
Continue Reading

U.S. Government Indicts Chinese National For Alleged Spear Phishing Attacks

Sep 18, 2024 1:40:36 PM By Stu Sjouwerman
The U.S. Justice Department has indicted a Chinese national, Song Wu, for allegedly sending spear phishing emails to employees at various U.S. military and government entities, research ...
Continue Reading

Phishing is Still the Top Initial Access Vector

Sep 5, 2024 11:21:58 AM By Stu Sjouwerman
Phishing remains a top initial access vector for threat actors, according to researchers at ReliaQuest. Phishing and other social engineering tactics can bypass security technologies by ...
Continue Reading

Iran’s APT42 Targets WhatsApp Users With Spear-Phishing Attacks

Aug 29, 2024 8:52:16 AM By Stu Sjouwerman
Researchers at Meta have published details on Iranian spear-phishing attacks targeting WhatsApp accounts. The activity is attributed to APT42, a threat actor tied to Iran’s Islamic ...
Continue Reading

US Political Campaigns Targeted by Iranian Spear Phishing Attacks

Aug 21, 2024 4:02:10 PM By Stu Sjouwerman
Researchers at Recorded Future’s Insikt Group warn that the Iranian state-sponsored threat actor “GreenCharlie” is launching spear phishing attacks against US political campaigns.
Continue Reading

Russian Super-Threat Group Fin7 Comes Back from the Dead

Jul 26, 2024 8:33:58 AM By Stu Sjouwerman
Declared “dead” by the U.S. Attorney’s Office in 2023, the Russian cyber crime group Fin7 is impersonating some of the top global brands.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews