In December 2018, Amnesty International documented widespread targeted phishing attacks against human rights defenders (HRDs) in the Middle-East and North Africa, in the report “When Best Practice Isn't Good Enough”. That report documented how attackers had specifically developed techniques to target HRDs who had taken extra steps to secure their online accounts, such as by using more secure, privacy-respecting email providers, or enabling two-factor authentication on their online accounts. Following this, in July 2019, HRDs again shared with Amnesty International numerous new malicious emails they had received, that revealed a renewed campaign of targeted phishing we believe to be orchestrated by the same attackers or by a closely related group.