Microsoft has warned users to stay safe from SEABORGIUM phishing attacks.
Microsoft has issued a warning to Microsoft customers about a phishing attack that is making the rounds. The warning was issued by Microsoft’s Threat Intelligence Center (MSTIC). The phishing attack, called SEABORGIUM, targets Microsoft customers who impersonate Microsoft security experts via email. Although this phishing scheme, which originated in Russia, has been around since 2017, it recently resurfaced, targeting multiple people before Microsoft’s threat intelligence center flagged it.
In this phishing scheme, the threat actor targets the same organization slowly over a long period of time. According to Microsoft, once successful, it slowly infiltrates target organizations’ social networks through constant impersonation, relationship building, and phishing to deepen its intrusion. Build a relationship and develop trust with the target organization.
Threat actors use numerous emails impersonating real Microsoft employees. The company says the SEABORGIUM actor delivers malicious URLs directly in an email or via attachments, as you can see below, often mimicking hosting services like Microsoft’s own OneDrive.
A phishing kit known as EvilGinx is used to steal the victim’s personal and financial information. A phishing portal that looks exactly like Microsoft’s has been designed to trick victims into entering their login credentials.
Microsoft explained that “In limited cases, SEABORGIUM has been observed setting forwarding rules from victims’ inboxes to actor-controlled dead drop accounts where the actor has long-term access to the data collected.On more than one occasion, we have observed that actors were able to access data from sensitive group mailing lists, such as those frequented by former intelligence officials, and maintain a collection of information of the mailing list for targeting and tracking. exfiltration”.
“There have been several instances where SEABORGIUM has been observed using its impersonation accounts to facilitate dialogue with specific persons of interest and as a result have been included in conversations, sometimes unwittingly, with multiple parties . The nature of the conversations identified during Microsoft’s investigations demonstrate that potentially sensitive information is being shared that could provide intelligent value,” the company added.
Therefore, until Microsoft releases another security patch, it is better not to open unrecognized attachments from unknown sources.
Last weekend, I wrote about Warren Mosler's argument that the Fed's rate hikes could be…
Last weekend, I he wrote on Warren Mosler's argument that the Fed's rate hikes could…
Last week, the chairman of the Fed, Jerome Powell said, "the disinflationary process has begun".…
Earlier this week, I joined Romaine Bostick and Scarlet Fu Bloomberg TV. The Congressional Budget…
Tomorrow morning, I'll be joining CNBC's Squawk Box to talk about a new effort tax…
Former Vice President Mike Pence talks about privatizing Social Security. The remarks came Thursday before…