The sheer volume of phishing e-mails received by many nongovernmental organizations that do work in China means that many are automated, according to Engin Kirda, director of Northeastern University’s Information Assurance Institute. He was part of a team of researchers that uncovered long-running spear-phishing attacks aimed at the World Uyghur Congress – a group that advocates self-determination for China’s Uyghur minority. The researchers examined more than 1,000 emails sent between 2009 and 2013.

Automated phishing e-mails go out to a range of targets the hackers are interested in, according to Mr. Kirda. Once someone accidentally clicks a link or opens an attachment, the malware connects back to a command and control server and starts populating a database. From there, it’s available whenever the attackers need it. With such easy automation and cheap storage, attackers have every incentive to compromise as many targets as possible.