ArenaMUSEUM OF THE INBOX
SCROLL ↓
Every square is a real spam email we caught. Hover any tile — or click it — to see the attack and its red flag.
THE MUSEUM OF THE INBOX
Every tile is a real phishing attack we caught — reassembled into what they were really after.
VOTE — THEY TARGET THE PROCESS
We elect the people who run for office.
That makes the people who power campaigns a deliberate target. This isn't random spam — it's aimed.

Joint advisories warn that foreign adversaries heavily target campaign infrastructure and personal staff email with tailored spear-phishing lures to gain long-term access.

CISA & FBI

Threat groups iterate their social engineering during election windows, explicitly aiming to breach political campaigns.

Microsoft Threat Intelligence — Defending Democracy

Phishing is the chief initial-access method used against campaigns — to steal donor databases, communications, and candidate credentials.

ReliaQuest Threat Research

AI has exponentially increased the volume and precision of hyper-targeted phishing hitting political entities, timed to fundraising quarters and primaries.

Defending Digital Campaigns
THE ATTACKS WE SEE MOST
A few real lures, hand-picked — and how many times each one landed in our inboxes.
CAPITOL — THEY TARGET THOSE WHO GOVERN
Then we help them govern.
Once our clients hold office, the target on their operations only grows. Protecting them starts with protecting us.

Political administrators and candidate accounts are primary targets for foreign intelligence and e-crime actors; phishing remains the primary vector to breach party databases and email servers.

Ireland's National Cyber Security Centre

Public indictments track state-sponsored entities running focused hack-and-leak phishing networks against major political and presidential campaign infrastructure.

FBI & ODNI

It isn't only national races — small state and local campaigns are systematically targeted; attackers build "social graphs" mapping relationships to maximize success.

Sophos
AND MORE OF THE PLAYBOOK
Different disguises, same goal — your access. Each of these hit us too.

HOLD THE LINE — S.L.A.M.

Four questions that keep the whole team safe. Ask them before you click, open, or reply.

SENDER
Were you expecting this? Is the sender truly known to you — and does the real address match the display name? A friendly name can hide a stranger's address.
LINKS
Hover before you click. Does the link actually go where it claims? If it's unexpected or the destination looks off, don't click.
ATTACHMENTS
Were you expecting a file? Don't open surprise invoices, PDFs, or "documents to sign" — and beware an "attachment" that's really an image linking to a fake login.
MESSAGE
Would a colleague really email out of the blue asking you to buy gift cards or text them at 2am? Urgency + secrecy + off-channel = stop and verify.
Arena
THANK YOU
for your diligence. Every suspicious email you stop and report makes Arena — and everyone we serve — safer.
S · L · A · M  —  Sender · Links · Attachments · Message