Security Awareness Training Blog

Spear Phishing Blog

Learn about current spear phishing attacks, specific examples, and techniques the bad guys are currently using so your users don't fall for these attacks.

Russian Spear-Phishing Campaign Targets WhatsApp Accounts

The Russian threat actor “Star Blizzard” has launched a spear-phishing campaign attempting to compromise WhatsApp accounts, according to researchers at Microsoft. The operation targets ...
Continue Reading

Japan Attributes More Than 200 Cyberattacks to China Threat Actor "MirrorFace"

Japan’s National Police Agency (NPA) has attributed more than 200 cyber incidents over the past five years to the China-aligned threat actor “MirrorFace,” Infosecurity Magazine reports.
Continue Reading

Russia’s APT29 Launches Major Spear Phishing Campaign

Trend Micro warns that the Russian state-sponsored threat actor Earth Koshchei (also known as “APT29” or “Cozy Bear”) is using spear phishing emails to trick victims into connecting to ...
Continue Reading

Critical Infrastructure Under Siege: 42% Spike in Ransomware Attacks on Utilities

Ransomware attacks targeting utilities have surged by 42% over the past year, with spear phishing playing a major role in 81% of cases, according to a ReliaQuest study spanning November ...
Continue Reading

94% of U.K. Businesses Aren’t Adequately Prepared for AI-Driven Phishing Scams

A new report makes it clear that U.K. organizations need to do more security awareness training to ensure their employees don’t fall victim to the evolving use of AI.
Continue Reading

China Threat Actor Targets Individuals and Entities in Japan Via Spear Phishing Campaign

Researchers at Trend Micro warn that the China-aligned threat actor Earth Kasha has launched a new spear phishing campaign targeting individuals and organizations in Japan.
Continue Reading

Nation-State Threat Actors Rely on Social Engineering First

A new report from ESET has found that most nation-state threat actors rely on spear phishing as a primary initial access technique.
Continue Reading

Chinese Threat Actor Targets OpenAI With Spear-Phishing Attacks

OpenAI has disclosed that its employees were targeted by spear-phishing attacks launched by a suspected Chinese state-sponsored threat actor.
Continue Reading

The U.K.'s NCSC and U.S. FBI Warn of Iranian Spear-Phishing Attacks

The U.K.’s National Cyber Security Centre (NCSC) and the U.S. FBI have released an advisory warning of Iranian state-sponsored spear-phishing attacks targeting “individuals with a nexus ...
Continue Reading

Election-Themed Phishing Threats Are on the Rise

Researchers at ReliaQuest have published a report looking at cyber threats surrounding the upcoming US presidential election, warning that election-related phishing will continue to ...
Continue Reading

U.S. Government Indicts Chinese National For Alleged Spear Phishing Attacks

The U.S. Justice Department has indicted a Chinese national, Song Wu, for allegedly sending spear phishing emails to employees at various U.S. military and government entities, research ...
Continue Reading

Phishing is Still the Top Initial Access Vector

Phishing remains a top initial access vector for threat actors, according to researchers at ReliaQuest. Phishing and other social engineering tactics can bypass security technologies by ...
Continue Reading

Iran’s APT42 Targets WhatsApp Users With Spear-Phishing Attacks

Researchers at Meta have published details on Iranian spear-phishing attacks targeting WhatsApp accounts. The activity is attributed to APT42, a threat actor tied to Iran’s Islamic ...
Continue Reading

US Political Campaigns Targeted by Iranian Spear Phishing Attacks

Researchers at Recorded Future’s Insikt Group warn that the Iranian state-sponsored threat actor “GreenCharlie” is launching spear phishing attacks against US political campaigns.
Continue Reading

Russian Super-Threat Group Fin7 Comes Back from the Dead

Declared “dead” by the U.S. Attorney’s Office in 2023, the Russian cyber crime group Fin7 is impersonating some of the top global brands.
Continue Reading

Russian Spear Phishing Campaigns Target NATO Entities

Researchers at Mandiant (part of Google Cloud) warn that Russian government threat actors continue to target NATO member countries with spear phishing attacks. APT29 in particular has ...
Continue Reading

Ransomware Attack on U.K. Health Service Laboratory Disrupts Major London Hospital Services

What likely started as a quick ransomware “smash and grab” has turned into a headline case resulting in responses from both U.K. and U.S. law enforcement.
Continue Reading

Russian Threat Actor Launches Spear Phishing Attacks Against French Diplomats

France’s cybersecurity agency ANSSI has issued an alert outlining a Russian spear phishing campaign targeting French diplomats, the Record reports. The agency attributes the campaign to ...
Continue Reading

Simulated Phishing Tests Matter

If you had to choose between regular cybersecurity training and simulated phishing testing, the data shows you should choose simulated phishing tests.
Continue Reading

Brazilian Entities Increasingly Targeted by Nation-State Phishing Attacks

Mandiant has published a report looking at cyber threats targeting Brazil, finding that more than 85% of government-backed phishing activity comes from threat actors based in China, North ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews