Security Awareness Training Blog

Spear Phishing Blog

Learn about current spear phishing attacks, specific examples, and techniques the bad guys are currently using so your users don't fall for these attacks.

Spear Phishing Campaign Targets Southeast Asia

Researchers at Group-IB are tracking a previously unknown threat actor dubbed “Dark Pink” that’s using spear phishing attacks to target government, military, and religious organizations. ...
Continue Reading

Using AI Large Language Models to Craft Phishing Campaigns

Researchers at Check Point have shown that Large Language Models (LLMs) like OpenAI’s ChatGPT can be used to generate entire infection chains, beginning with a spear phishing email. The ...
Continue Reading

[Heads Up] Giant LastPass Breach Can Supercharge Spear Phishing Attacks

By Roger A. Grimes. KnowBe4 recommends that everyone use a password manager to create and use strong passwords as a part of their password policy ...
Continue Reading

Spear Phishing Campaign Targets Japanese Political Organizations

Researchers at ESET warn that a Chinese-speaking threat actor dubbed “MirrorFace” targeted Japanese political organizations with spear phishing emails in the run-up to the Japanese House ...
Continue Reading

[EYE OPENER] Phishing Attacks 61% Up Over 2021. A Whopping 255 Million Attacks This Year So Far

Security Magazine wrote this week about the recent eye opening SlashNext State of Phishing report. "SlashNext analyzed billions of link-based URLs, attachments and natural language ...
Continue Reading

Social Engineering and Bogus Job Offers

Researchers at SentinelOne have warned that North Korea’s Lazarus Group is using phony Crypto.com job offers to distribute macOS malware. The researchers aren’t sure how the lures are ...
Continue Reading

Sentence in a Catphishing Case

A convict serving twenty-five years in South Carolina for voluntary manslaughter and attempted armed robbery, Darnell Kahn, has now also been convicted in a US court on Federal sextortion ...
Continue Reading

Spear Phishing Campaign Targets Financial Institutions in African Countries

Researchers at Check Point have discovered a spear phishing campaign dubbed “DangerousSavanna” that's targeting financial entities in at least five African countries.
Continue Reading

More Super Targeted Spear Phishing Ahead

Hardly a day goes by without a news alert about the latest HUGE data breach. It’s so commonplace today that it rarely rates showing at the top of the news. In a newspaper, the ...
Continue Reading

Children of Conti go Phishing

Researchers at AdvIntel warn that three more ransomware groups have begun using the BazarCall spear phishing technique invented by the Ryuk gang (a threat group that subsequently ...
Continue Reading

Spear Phishing Campaign Targets Facebook Business Accounts

Researchers at WithSecure have discovered a spear phishing campaign targeting employees who have access to Facebook Business accounts. The attackers are targeting specific employees, and ...
Continue Reading

KnowBe4’s 2022 Phishing By Industry Benchmarking Report Reveals that 32.4% of Untrained End Users Will Fail a Phishing Test

Once again, the human layer continues to be the most desirable attack vector for cybercriminals. 2022 marks the 5th year KnowBe4 has analyzed hundreds of millions of elements of data in ...
Continue Reading

Spear Phishing Campaign Targets the US Military

Researchers at Zscaler warn that a spear phishing campaign is targeting the US military and other sectors with phishing emails that purport to be voicemail notifications. The emails ...
Continue Reading

A Closer Look at HR Scams: Does Niceness Have a Downside?

Threat actors are targeting HR employees who are looking to hire new people, according to Lisa Vaas at Contrast Security. As part of their job, HR employees frequently interact with ...
Continue Reading

Spear Phishing Campaign Targets Former Israeli Officials

An Iranian threat actor is conducting a spear phishing operation against Israeli officials, according to researchers at Check Point. The targets have included the former Foreign Minister ...
Continue Reading

Spear Phishing a Diplomat

Researchers at Fortinet observed a spear phishing attack that targeted a Jordanian diplomat late last month. The researchers attribute this attack to the Iranian state-sponsored threat ...
Continue Reading

Mustang Panda Uses Spear Phishing to Conduct Cyberespionage

The China-based threat actor Mustang Panda is conducting spear phishing campaigns against organizations in NATO countries and Russia, as well as entities in the US and Asia, according to ...
Continue Reading

Cozy Bear Goes Typosquatting

Researchers at Recorded Future’s Insikt Group warn that the Russian threat actor NOBELIUM (also known as APT29 or Cozy Bear) is using typosquatting domains to target the news and media ...
Continue Reading

More_eggs Malware Distributed Via Spear Phishing

Threat actors are sending out the stealthy “more_eggs” malware in spear phishing emails that target hiring managers, according to researchers at eSentire’s Threat Response Unit (TRU).
Continue Reading

TraderTraitor: When States do Social Engineering

North Korea’s Lazarus Group is using social engineering attacks to target users of cryptocurrency, according to a joint advisory from the US FBI, the Cybersecurity and Infrastructure ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews