Security Awareness Training Blog

Spear Phishing Blog

Learn about current spear phishing attacks, specific examples, and techniques the bad guys are currently using so your users don't fall for these attacks.

94% of U.K. Businesses Aren’t Adequately Prepared for AI-Driven Phishing Scams

A new report makes it clear that U.K. organizations need to do more security awareness training to ensure their employees don’t fall victim to the evolving use of AI.
Continue Reading

China Threat Actor Targets Individuals and Entities in Japan Via Spear Phishing Campaign

Researchers at Trend Micro warn that the China-aligned threat actor Earth Kasha has launched a new spear phishing campaign targeting individuals and organizations in Japan.
Continue Reading

Nation-State Threat Actors Rely on Social Engineering First

A new report from ESET has found that most nation-state threat actors rely on spear phishing as a primary initial access technique.
Continue Reading

Chinese Threat Actor Targets OpenAI With Spear-Phishing Attacks

OpenAI has disclosed that its employees were targeted by spear-phishing attacks launched by a suspected Chinese state-sponsored threat actor.
Continue Reading

The U.K.'s NCSC and U.S. FBI Warn of Iranian Spear-Phishing Attacks

The U.K.’s National Cyber Security Centre (NCSC) and the U.S. FBI have released an advisory warning of Iranian state-sponsored spear-phishing attacks targeting “individuals with a nexus ...
Continue Reading

Election-Themed Phishing Threats Are on the Rise

Researchers at ReliaQuest have published a report looking at cyber threats surrounding the upcoming US presidential election, warning that election-related phishing will continue to ...
Continue Reading

U.S. Government Indicts Chinese National For Alleged Spear Phishing Attacks

The U.S. Justice Department has indicted a Chinese national, Song Wu, for allegedly sending spear phishing emails to employees at various U.S. military and government entities, research ...
Continue Reading

Phishing is Still the Top Initial Access Vector

Phishing remains a top initial access vector for threat actors, according to researchers at ReliaQuest. Phishing and other social engineering tactics can bypass security technologies by ...
Continue Reading

Iran’s APT42 Targets WhatsApp Users With Spear-Phishing Attacks

Researchers at Meta have published details on Iranian spear-phishing attacks targeting WhatsApp accounts. The activity is attributed to APT42, a threat actor tied to Iran’s Islamic ...
Continue Reading

US Political Campaigns Targeted by Iranian Spear Phishing Attacks

Researchers at Recorded Future’s Insikt Group warn that the Iranian state-sponsored threat actor “GreenCharlie” is launching spear phishing attacks against US political campaigns.
Continue Reading

Russian Super-Threat Group Fin7 Comes Back from the Dead

Declared “dead” by the U.S. Attorney’s Office in 2023, the Russian cyber crime group Fin7 is impersonating some of the top global brands.
Continue Reading

Russian Spear Phishing Campaigns Target NATO Entities

Researchers at Mandiant (part of Google Cloud) warn that Russian government threat actors continue to target NATO member countries with spear phishing attacks. APT29 in particular has ...
Continue Reading

Ransomware Attack on U.K. Health Service Laboratory Disrupts Major London Hospital Services

What likely started as a quick ransomware “smash and grab” has turned into a headline case resulting in responses from both U.K. and U.S. law enforcement.
Continue Reading

Russian Threat Actor Launches Spear Phishing Attacks Against French Diplomats

France’s cybersecurity agency ANSSI has issued an alert outlining a Russian spear phishing campaign targeting French diplomats, the Record reports. The agency attributes the campaign to ...
Continue Reading

Simulated Phishing Tests Matter

If you had to choose between regular cybersecurity training and simulated phishing testing, the data shows you should choose simulated phishing tests.
Continue Reading

Brazilian Entities Increasingly Targeted by Nation-State Phishing Attacks

Mandiant has published a report looking at cyber threats targeting Brazil, finding that more than 85% of government-backed phishing activity comes from threat actors based in China, North ...
Continue Reading

No Politician Too Small: School Board Candidates Targeted By Phishing and BEC Scams

Cybercriminals are broadening their targets to include even local political candidates, as an escalating series of phishing attacks was recently directed at school board candidates in ...
Continue Reading

[NEW RESEARCH]: KnowBe4’s 2024 Phishing by Industry Benchmarking Report Reveals that 34.3% of Untrained End Users Will Fail a Phishing Test

The prevalence of cyber crime continues to soar, victimizing individuals in both their work and private lives. Cybercriminals are indiscriminate, targeting around the clock and across the ...
Continue Reading

Russia’s Military Intelligence Service Launches Spear Phishing Attacks

Researchers at Recorded Future warn that BlueDelta, a threat actor tied to Russia’s GRU, is launching spear phishing attacks against European defense and transportation entities.
Continue Reading

China Threat Actor Targeting African and Caribbean Entities With Spear Phishing Attacks

The China-aligned threat actor “Sharp Dragon” is launching spear phishing attacks against government entities in African and Caribbean countries, according to researchers at Check Point.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews