Researchers Reveal Scatter Spider’s Tools, Tactics, and Key Indicators

Check Point Research has revealed important details about the phishing domain patterns and advanced attack techniques of the infamous Scattered Spider organization, which has brought a new wave of cyberthreats under close investigation.

Known for their aggressive social engineering tactics, this financially motivated group active since at least 2022 and comprising young individuals aged 19–22 from the US and UK has recently expanded its focus to the aviation sector alongside traditional enterprise targets.

Emerging Threat Targets Aviation

High-profile incidents, including the July 2025 data breach impacting six million Qantas customers, as well as attacks on Hawaiian Airlines and WestJet, underscore the urgent need for robust defenses.

Check Point’s findings reveal a sprawling phishing infrastructure designed to deceive employees across industries, from technology and retail to medical and financial services, highlighting the group’s opportunistic, sector-agnostic approach.

Check Point Research has identified approximately 500 suspicious domains mimicking legitimate corporate ...