Silver Fox Targets Japanese Firms with Spearphishing During Tax Season

Silver Fox Targets Japanese Firms with Spearphishing During Tax Season

First seen 26 Mar 2026, 15:17 UTC Infosecurity-MagazineGbhackersCybersecuritynewsWelivesecurity 79% similarity 69.5

Article Content

Browse articles
ThreatCluster

The Silver Fox cyber threat group is conducting a targeted spearphishing campaign against Japanese businesses, particularly manufacturers, during the annual tax filing and corporate restructuring season. The attackers exploit the high volume of legitimate financial and HR communications, using emails that impersonate internal departments and executives. Common phishing lures include tax compliance violations and salary adjustments, which make employees more likely to trust and act on these messages. The campaign has been active since at least 2023 and has expanded from Chinese-speaking targets to include Japan and Southeast Asia. The malicious emails typically contain links or attachments that deploy ValleyRAT, a remote access trojan, allowing attackers to gain unauthorized access to systems. Silver Fox has a history of aligning its operations with regional business cycles, as similar phishing activity was observed in Japan last year. Organizations are advised to enhance employee awareness and verify all financial requests through separate communication channels.

Key Points: • Silver Fox is targeting Japanese firms with tax-themed spearphishing emails. • The campaign exploits the busy tax season, increasing the likelihood of employee trust. • Malicious emails often contain links or attachments that deploy ValleyRAT malware.

ThreatCluster AI

Timeline

2023-01-01
Silver Fox begins targeting Chinese-speaking organizations.
2023-03-01
Similar tax-themed phishing activity observed in Japan.
2026-03-27
Current spearphishing campaign against Japanese firms reported.

Community

Browse all →