Security Awareness Training Blog

Spear Phishing Blog

Learn about current spear phishing attacks, specific examples, and techniques the bad guys are currently using so your users don't fall for these attacks.

No Politician Too Small: School Board Candidates Targeted By Phishing and BEC Scams

Cybercriminals are broadening their targets to include even local political candidates, as an escalating series of phishing attacks was recently directed at school board candidates in ...
Continue Reading

[NEW RESEARCH]: KnowBe4’s 2024 Phishing by Industry Benchmarking Report Reveals that 34.3% of Untrained End Users Will Fail a Phishing Test

The prevalence of cyber crime continues to soar, victimizing individuals in both their work and private lives. Cybercriminals are indiscriminate, targeting around the clock and across the ...
Continue Reading

Russia’s Military Intelligence Service Launches Spear Phishing Attacks

Researchers at Recorded Future warn that BlueDelta, a threat actor tied to Russia’s GRU, is launching spear phishing attacks against European defense and transportation entities.
Continue Reading

China Threat Actor Targeting African and Caribbean Entities With Spear Phishing Attacks

The China-aligned threat actor “Sharp Dragon” is launching spear phishing attacks against government entities in African and Caribbean countries, according to researchers at Check Point.
Continue Reading

Alert: Nova Scotians Hit by Surge of Sophisticated Spear Phishing Scams

The Royal Canadian Mounted Police (RCMP) in Nova Scotia is warning of spear phishing attacks that impersonate company managers. The scammers text company employees requesting a payment to ...
Continue Reading

U.S. Government Warns of North Korean Spear-Phishing Campaigns

The North Korean state-sponsored threat actor Kimsuky is launching spear phishing attacks against individuals working at think tanks and academic institutions in the US, according to a ...
Continue Reading

US Justice Department Accuses Iranian Nationals of Launching Spear Phishing Attacks

The US Department of Justice has indicted four Iranian nationals for allegedly launching spear phishing attacks against the US government and defense contractors. In one instance, the ...
Continue Reading

Russian Threat Actor FIN7 Targeting the Automotive Industry with Spear Phishing Attacks

The cybercriminal threat actor FIN7 is launching spear phishing attacks against the automotive industry in the United States, according to researchers at BlackBerry.
Continue Reading

Critical Improvements To The Seven Most Common Pieces of Cybersecurity Advice

I have been in the cybersecurity industry for over 35 years and I am the author of 14 books and over 1,400 articles on cybersecurity.
Continue Reading

Catfishing Campaign Targets Members of the UK Government

At least twelve men working in the UK parliament have recently been targeted by WhatsApp spear phishing messages, POLITICO reports. The targeted individuals include “a senior Labour MP, ...
Continue Reading

New Report Shows Phishing Links and Malicious Attachments Are The Top Entry Points of Cyber Attacks

New TTP attack data covering 2023 sheds much needed light on the threat actor and user actions that are putting organizations at the most risk.
Continue Reading

Narwhal Spider Threat Group Behind New Phishing Campaign Impersonating Reputable Law Firms

Using little more than a well-known business name and a invoice-related PDF, the “NaurLegal” phishing campaign aims at installing malware trojans.
Continue Reading

If Social Engineering Accounts for up to 90% of Attacks, Why Is It Ignored?

Social engineering and phishing are involved in 70% to 90% of all successful cybersecurity attacks. No other initial root hacking cause comes close.
Continue Reading

Microsoft and OpenAI Team Up to Block Threat Actor Access to AI

Analysis of emerging threats in the age of AI provides insight into exactly how cybercriminals are leveraging AI to advance their efforts.
Continue Reading

Credential Theft Is Mostly Due To Phishing

According to IBM X-Force’s latest Threat Intelligence Index, 30% of all cyber incidents in 2023 involved abuse of valid credentials. X-Force’s report stated that abuse of valid ...
Continue Reading

State-Sponsored Threat Actors Targeting European Union Entities With Spear Phishing Campaigns

Numerous state-sponsored threat actors frequently launched spear phishing attacks against European Union entities last year, according to a new report from the EU’s Emergency Response ...
Continue Reading

Iran-Aligned Threat Actor "CharmingCypress" Launches Spear Phishing Attacks

Researchers at Volexity warn that the suspected Iranian threat actor CharmingCypress (also known as “Charming Kitten” or “APT42”) has been launching spear phishing attacks against Middle ...
Continue Reading

North Korean Threat Actor Targeting Cybersecurity Researchers With Spear Phishing Attacks

A suspected North Korean state-sponsored threat actor called “ScarCruft” is launching spear phishing attacks against cybersecurity professionals, according to researchers at SentinelOne.
Continue Reading

Red Flags for Phishing: Verizon Outlines Latest Scams to Watch Out For

Verizon has published an article outlining various forms of social engineering attacks, including SMS/text messaging phishing (smishing), voice phishing (vishing), and spear phishing ...
Continue Reading

Why Security Awareness Training Is Effective in Reducing Cybersecurity Risk

Security awareness training (SAT) works! A well-designed security awareness training campaign will significantly reduce cybersecurity risk.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews