HTML Comment Evasion vs. On-Device AI Defense
Attackers dilute malicious signals in HTML attachments using excessive comments to bypass AI/ML email filters.
- Evasion impact: Targets AI-augmented...

Created by Oscar Lankford Jr
Technical research on spear‑phishing attacks and defenses for high‑value financial institutions
Explore the latest content tracked by Financial Spear Phishing Digest
Attackers dilute malicious signals in HTML attachments using excessive comments to bypass AI/ML email filters.
Two recent campaigns illustrate how threat actors weaponize trusted platforms to bypass enterprise controls in high-value targeting.
This guide stands out as a foundational reference by mapping layered email defenses that directly address spear phishing and BEC targeting high-value...
This campaign chains DocuSign impersonation with Cloudflare Turnstile abuse to deliver a legitimately signed ScreenConnect MSI for initial access.
-...
Interpol's Operation First Light exposed the enduring scale of conventional financial fraud, netting 5,800 arrests and $293M in seizures across 97...
AI has shifted from experimental to fully operational in attacks, costing organizations tens of millions and enabling sophisticated extortion and...
Hong Kong's SFC has issued new anti-phishing requirements for crypto platforms and online brokers following a near-$1 million loss from a malicious Ethereum token approval.
EvilTokens deploy AES-GCM encrypted HTML combined with Microsoft Device Code Phishing to conceal Microsoft 365 account takeover pages until browser rendering, bypassing traditional email security filters in high-value financial environments.
Passkeys are mainstream, with 75% of consumers and 68% of companies adopting them, rendering stolen credentials obsolete.
Insurance firms face 38.1% baseline phishing susceptibility, among the highest sectors.
Greek police recovered the full €4 million in a BEC attack where suspects illegally accessed a shipping company's correspondence with a foreign bank,...
Vendor impersonation campaigns exploit brand trust by nesting malicious redirects inside legitimate security-vendor domains. A recent...
Attackers abuse Microsoft's Device Authorization Grant to phish high-value accounts by tricking users into entering codes on official login pages.
-...
AI is driving device-aware phishing that fingerprints victims for tailored malware while compressing attack timelines, demanding faster...