Phone: Sales 888.732.3655  | CO Service: 720.445.9860 | ND Service: 701.390.9876

Follow-up Phishing: The End is Not the End

Jul 1, 2024

Beware of Follow-Up Phishing Scams: The End is Not the End

In the aftermath of a phishing attack, companies are often left scrambling to secure their systems and mitigate the damage. They tend to send out apologies, status updates, and press releases doing their best to keep the public and their customers informed. Unfortunately, cybercriminals are quick to exploit this vulnerable period by launching follow-up phishing scams. Follow-up phishing scams do not target the same victim twice, instead they pose as this victim in an attempt to pick out their next target.

What is a Follow-Up Phishing Scam?

A follow-up phishing scam occurs after an initial phishing attack. Cybercriminals use information obtained during the first breach to pose as the compromised company, sending emails to employees, customers, or partners. These emails often offer supposed solutions or updates on the situation, tricking recipients into further compromising their information. When these attacks happen scammers are trying to prey upon your fear to get you to click links and submit your information.

How Follow-Up Phishing Scams Work

  1. Initial Attack: The attacker successfully executes the first phishing attack, gaining access to the company’s email system or other sensitive information.
  2. Impersonation: Using the compromised email accounts or company branding, the attackers send follow-up emails. These emails are designed to appear legitimate, often mimicking the company’s communication style and format.
  3. Offering Fake Solutions: The emails typically claim to provide solutions to the initial attack, such as links to “security updates” or requests for verification of information to “secure” accounts.
  4. Exploiting Trust: Because these emails seem to come from a trusted source, recipients are more likely to comply with requests, inadvertently providing more information or clicking on malicious links.

Common Tactics in Follow-Up Phishing Scams

  1. Security Alerts and Updates: Emails may claim to offer critical security patches or updates that require immediate action.
  2. Verification Requests: Scammers might ask for verification of credentials or personal information to “ensure security” following the initial breach.
  3. Status Updates: Impersonating company officials, they provide fake updates on the status of the attack and remediation efforts, embedding malicious links or attachments.
  4. Customer Notifications: Cybercriminals may also send fraudulent communications to customers, leveraging the trust relationship to extract sensitive data.


Follow-up phishing scams pose a significant risk to companies whose vendors are recovering from an attack. By understanding these tactics and knowing what to look for, you can protect your company and its stakeholders from further harm. Stay vigilant, educate your team, and ensure clear, secure communication channels to safeguard against these persistent threats. Team training and zero trust security are the best ways to protect your team from follow-up phishing attacks. Reach out to our team to learn more.

Meet with Silicon Plains