Microsoft is reporting phishing attacks on dozens of companies and “persons of interest.”

Dozens of companies and “persons of interest” have been targeted since the start of the year by phishing attacks carried out by a Russian-based spy group. So says Microsoft. The group is called by tech firm Seaborgium and is said to focus on stealing emails and attachments from victims’ mailboxes.

Before the spy team launches a phishing attack, research on the target takes place, mainly targeting the social network or contacts within the target’s sphere of influence. For example, attackers use LinkedIn to communicate through fake profiles and build relationships of trust.

Attackers send messages with links or attachments that link to a phishing site. Once victims enter their email account credentials on this website, attackers attempt to steal emails and attachments from the mailbox. Attackers also set up forwarding rules so that incoming email is automatically forwarded to a specific email address.

Microsoft says the attackers gained access to the mailing list data of “sensitive groups,” including former intelligence officials. This data is used for further attacks. According to Microsoft, the personal accounts of more than 30 companies and an undisclosed number of “persons of interest” have been targeted since the start of the year.

This mainly concerns companies in the United States and the United Kingdom, as well as the Baltic countries, Scandinavia and Eastern Europe. To counter such attacks, Microsoft recommends using multi-factor authentication (MFA) for all users and from all locations. It is recommended to use more secure MFA implementations such as FIDO tokens or Microsoft Authenticator and avoid SMS-based MFA.

See also  Spain will not cut gas consumption by 15 percent

Ferdinand Woolridge

 "Subtly charming analyst. Beer maven. Future teen idol. Twitter guru. Lifelong bacon fan. Pop culture lover. Passionate social media evangelist."

Leave a Reply

Your email address will not be published. Required fields are marked *