Artificial Intelligence (AI) has changed the rules of phishing. It no longer relies on clumsy English or poorly spoofed addresses. Today, it’s powered by large language models (LLMs), social graph mining, and contextual mimicry. For the Korea watcher community—a small, digitally active, and often isolated group—this evolution has made phishing far more dangerous.

North Korea has consistently used phishing to target researchers, analysts, and academics focused on the regime—individuals who pose an indirect threat by shaping policy, public opinion, or sanctions enforcement. These attacks date back over a decade, with early campaigns impersonating fellow scholars, journalists, or conference organizers to trick targets into opening malware-laden attachments or submitting credentials. The intent was clear: infiltrate devices, access private research, and monitor the intellectual networks scrutinizing the DPRK.

Notable campaigns have spoofed think tanks, universities, individual researchers, and UN-affiliated entities, exploiting the small, highly-networked nature of the Korea watcher community. In some cases, researchers found themselves victims of long-term surveillance, with compromised accounts used to phish others in their circle—turning trust into a weapon. As the threat evolved, phishing became more precise, more patient, and more psychologically manipulative—making even seasoned analysts susceptible.

North Korea’s broader cyber operations, already known for their ingenuity and persistence, are rapidly adopting AI. This is not just speculation; there is growing evidence that offensive cyber units tied to the Reconnaissance General Bureau (RGB) and Lazarus Group have begun integrating generative AI into reconnaissance, social engineering, and payload delivery. Although yet to be utilized in phishing campaigns targeting researchers, analysts, and academics, it is abundantly clear that they will be.

The next generation of North Korea’s phishing attacks targeting researchers, analysts, and academics will be faster, more credible, and tailored with unnerving precision.

What should you look out for? Well, the truth is, you’ll never spot it. “Detection” is a thing of the past.