Security Awareness Training Blog

Spear Phishing Blog

Learn about current spear phishing attacks, specific examples, and techniques the bad guys are currently using so your users don't fall for these attacks.

Obvious, but Probably Effective: Konni RAT Screensaver

A North Korean threat actor is targeting users in Russia with a New Year’s Eve-themed phony screensaver file, the Record reports. Researchers at Cluster25 spotted the activity, and say ...
Continue Reading

Reducing Stress with CBD Is the Latest Theming for Phishing Attacks

Spanning three languages and at least 15,000 unique phishing emails, this latest phishing campaign targets stressed out workers in the U.S. and France, avoiding detection and promising to ...
Continue Reading

SideCopy: How an Intelligence Service Uses Phishbait

Researchers at Malwarebytes offer more details on a spear phishing campaign run by a Pakistani threat actor that’s come to be known as “SideCopy.” The campaign was first reported by ...
Continue Reading

New Phishing Campaign has Fake DHL Shipping

Researchers at Avanan have spotted a new phishing campaign that’s impersonating DHL with phony shipping notifications. The emails inform the recipients that they need to update their ...
Continue Reading

Spear Phishing Campaign Targets North Korean Defectors

A state-sponsored threat actor is sending spear phishing emails to North Korean defectors and also to journalists who cover matters related to North Korea, according to researchers at ...
Continue Reading

Malicious Retail Phishing Sites Spike Ahead of Shopping Holidays

Researchers at Check Point have observed a record number of malicious phishing shopping websites that have been set up over the past two months. The researchers assume these sites were ...
Continue Reading

“Customer Complaint” May Get Your Attention

A spear phishing campaign is sending phony “customer complaints” that contain a link to a malicious website, according to Paul Ducklin at Naked Security. The phishing emails appear to ...
Continue Reading

Bait Attacks as Reconnaissance

Researchers at Barracuda warn that attackers are sending non-malicious emails as a precursor to targeted phishing attacks.
Continue Reading

New 'Frankenphishing' Tactic Combines Other Phishing Kits Into One

RiskIQ has observed another phishing kit that’s been pieced together from portions of other phishing kits.
Continue Reading

Over Half of all Impersonation Attacks Target Non-Executive Employees

A new report shows how cybercriminals focus on users that are less vigilant and more prone to falling for social engineering and impersonation tactics designed to gain access to finances.
Continue Reading

KnowBe4's Q3 2021 Top-Clicked Phishing Email Report Includes New Global Data [INFOGRAPHIC]

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We are now looking at the top categories globally, general subjects (in the United States and Europe, ...
Continue Reading

Man Spends Thousands and is Exposed for Typosquatting with Cryptocurrency

A man in Brazil spent more than $200,000 on typosquatting domains between November 2020 and February 2021, the Washington Post reports. Typosquatting is a phishing technique in which ...
Continue Reading

New James Bond Movie is Cybercriminals Shiniest Phishbait

Cybercriminals are using the new James Bond movie, No Time to Die, as phishbait, the National reports. Researchers at Kaspersky warn that malicious ads and phishing sites are claiming, ...
Continue Reading

Phishing Attacks Maintain “New Normal” Elevated Levels into the Middle of 2021

New data from the Anti-Phishing Working Group (AWPG) shows the Q2 of 2021 showed similar phishing activity to that of Q1, indicating no slowdown in attacks.
Continue Reading

[HEADS UP] Millions of malicious emails will slip past security filters in Q4

Researchers at Tessian have published a report looking at recent trends in spear phishing attacks. The researchers found that 45% of employees said that they clicked on a phishing email ...
Continue Reading

Social Media as Artillery Preparation for Spear Phishing

Researchers at ESTsecurity warn that a North Korean threat actor known as “Kumsong 121” is using compromised social media accounts to launch spear phishing attacks, the Daily NK reports. ...
Continue Reading

Spear Phishing Becomes a Bigger Problem as the Average Organization is Targeted 700 Times a Year

With threat actors honing their trickery skills to craft the perfect email used to fool a would-be victim recipient, new data shows cybercriminals are stepping up their game on a number ...
Continue Reading

[INFOGRAPHIC] New Report Shows Users Are Falling for Security and HR-Related Phishing Attacks

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. These are broken down into three different categories: social media related subjects, general subjects, ...
Continue Reading

New LuminousMoth APT Takes a Double-Infection Vector Approach to Attacks

Spotted by security researchers at Kaspersky Labs, this large-scale yet extremely targeted campaign of attacks focuses on government organizations within Southeast Asia.
Continue Reading

Year-Long Phishing Campaign Targets Energy, Oil & Gas Companies Using Spoofed B2B Correspondence

Uncovered by the research team at cloud protection vendor Intezer, this new phishing campaign seeks to steal information and position each victim as the foothold to spear phish additional ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews