Spear phishing: how to stay safe and prevent advanced attacks against civil society

As digital attacks against members of civil society grow more complex, the Digital Security Helpline recognizes the importance of sharing actionable insights to prevent and respond to these threats. As part of this work, we will organize Safe and strong: a series of webinars on digital security, which will kick off on March 10, 2026 at 2 pm UTC (9 am New York, 2 pm Central Europe) with a session focused on phishing attacks, specifically spear phishing, which is increasingly common. 

Spear phishing is a form of phishing that is highly targeted, aimed at compromising the data and communications of specific individuals or groups — such as high-profile activists, journalists, and members of civil society — through tailored social engineering techniques. This kind of approach can deceive even highly skilled and tech-savvy users. 

In our conversation we will use practical examples and cases such as those we document in our reports on attacks in Eastern Europe and the Middle East, and offer insight from experts who will share some of the best practices to prevent and contain these threats. The session will be in English.

Registration is available here.

“SAFE AND STRONG”: A WEBINAR SERIES ON DIGITAL SECURITY

is an initiative of the Digital Security Helpline to bring together civil society, private sector partners, and other support organizations, to discuss how to increase resilience in the digital age.

Speakers: 

Rebekah Brown is a threat intelligence expert and author. Currently, she is a senior researcher at the Citizen Lab at the Munk School of Global Affairs & Public Policy at the University of Toronto (“the Citizen Lab”). She also co-wrote the book “Intelligence-Driven Incident Response,” is an instructor at SANS Institute, and previously worked at Apple, focusing on security engineering and architecture.

Justin Albrecht is a principal threat researcher at Lookout. He works with his team to uncover new mobile threats, track actors and targets, and provide accurate research and reporting on these issues. Justin has over 20 years of experience tracking cyber threat actors, terrorists, and intelligence activities in both the intelligence community, and more recently as a member of Lookout’s Threat Intelligence Team.

Mykola Kostynyan is a digital security capacity building project designer and manager, working with organizations who provide digital security assistance to civil society and independent media in Eastern Europe. Mykola has worked with NGOs including Internews, IREX, Digital Security Lab Ukraine, Media Diversity Institute, OSCE and others to strengthen the digital health of media and civil society organizations and promote digital safety among civic actors. Mykola is co-founder of the RESIDENT.NGO, a CiviCERT community member, and co-founder of the Eastern Partnership Digital Security Practitioners Network.

Marilou Maala has worked as a Security Incident Handler in the Helpline for three years since joining the organization in 2018. When internal opportunities opened to provide a second level of support to the team and to the civil society community, she took the role, knowing the challenge. Having to grow in the environment that supports career and life development, gaining knowledge of the sociopolitical context of cases she has worked with each beneficiary was one of the biggest wins in life that counts. When not doing DFIR-related stuff, she enjoys video games, movies, TV series, and verbal tea.

Mohammed Al-Maskati (moderator) is the Digital Security Helpline Director at Access Now, formerly Digital Protection Coordinator for the Middle East and North Africa region at Front Line Defenders. He was shortlisted in Index on Censorship’s Freedom of Expression Awards 2019 and Security Serious Unsung Heroes Awards 2020. He discovered phone hacking of human rights defenders and journalists in Palestine, Bahrain, and Jordan.