Earlier this year, Spamhaus researchers observed a major shift in phishing targeting Japan. Starting in April, a China-nexus threat actor began using residential proxy networks to send phishing emails instead of subnets at China Telecom and China Unicom. This blog explores the campaign’s origins and countermeasures against residential proxy-enabled spam.
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2025/10/bad-sushi-china-nexus-phishers-shift-to-residential-proxies/
