Researchers at Juniper Threat Labs warn that phishing attacks are utilizing a new obfuscation technique to hide malicious JavaScript. “While investigating a sophisticated phishing attack targeting affiliates of a major American political action committee (PAC) in early January 2025, Juniper Threat Labs observed a new JavaScript obfuscation technique,” the researchers write.

KnowBe4’s Threat Lab recently observed a phishing campaign targeting educational institutions. Over a 30 day period, 4,361 threats were reported, originating from 40 unique sender domains. 65% of these domains were compromised educational institution IDs. The ultimate aim of these attacks was to harvest credentials resulting in the potential data loss, compromise and further phishing emails.

It’s no secret that phishing has always relied on deception. Scam-targeted enterprises the world over warn their customers of the social engineering tactics and brand impersonation designed to trick them into handing over credentials. Besides email-based phishing, social media has become a hotbed for phishing attacks, with scammers using fake ads, impersonated accounts, and fraudulent messages to lure users.

Zimperium warns of a surge in phishing attacks specifically tailored for mobile devices. These attacks are designed to evade desktop security measures in order to breach organizations through employees’ smartphones. Mobile phishing includes SMS phishing (smishing), QR code phishing (quishing), voice phishing (vishing), and mobile-targeted email phishing.

Researchers at ReliaQuest have published a report on a phishing breach in the manufacturing sector that went from initial access to lateral movement in just 48 minutes. The attackers began by swamping users with spam emails, then posed as tech support and offered assistance in stopping the flood of spam. “To gain entry into the organization’s network, the threat actor used social engineering and end-user manipulation,” the researchers write.

Phishing and malicious emails remained the primary vectors of infection during the second half of 2024, according to a new report from Acronis. “The number of email-based attacks detected in the second half of 2024 increased 197% compared to the second half of 2023, while the number of attacks per organization within the same time frame increased by 21%,” the report says.

Researchers at Cyble warn that a phishing kit is abusing the Open Graph (OG) protocol to target social media users. The Open Graph protocol, originally developed by Facebook in 2010, allows users to control the content preview that’s displayed when a link is posted on social media. The phishing kit, dubbed “OG Spoof,” abuses this feature to post malicious links that appear legitimate.

Cybercrooks are never short of seeking the next greatest opportunity to exploit unsuspecting victims, and it is no coincidence that the increasing interest in the R1 AI chatbot at DeepSeek offered them the best cover. With the emergence of fake DeepSeek websites, fraudulent sites have now been targeting personal information, logins, and even cryptocurrency wallet details from potential victims.

Several Russian threat actors, including the SVR’s Cozy Bear, are launching highly targeted spear phishing attacks against Microsoft 365 accounts, according to researchers at Volexity. The attackers are impersonating employees at the US State Department, the Ukrainian Ministry of Defence, the European Union Parliament, and well-known research institutions.

At KnowBe4, we constantly strive to stay ahead of emerging threats and create training content to warn users about the latest tactics used by cybercriminals. One of the ways we do this is through our internally produced demo video productions, which used to star the incredible Kevin Mitnick and his legendary hacking demos. In these modules we showcase real-world attack scenarios and provide actionable insights on how to defend against them. Last year my colleague Dr.