Categories: Tech News

ATTENTION! Microsoft warns of a “SEABORGIUM” phishing attack.

Microsoft has warned users to stay safe from SEABORGIUM phishing attacks.

Microsoft has issued a warning to Microsoft customers about a phishing attack that is making the rounds. The warning was issued by Microsoft’s Threat Intelligence Center (MSTIC). The phishing attack, called SEABORGIUM, targets Microsoft customers who impersonate Microsoft security experts via email. Although this phishing scheme, which originated in Russia, has been around since 2017, it recently resurfaced, targeting multiple people before Microsoft’s threat intelligence center flagged it.

How it works?

In this phishing scheme, the threat actor targets the same organization slowly over a long period of time. According to Microsoft, once successful, it slowly infiltrates target organizations’ social networks through constant impersonation, relationship building, and phishing to deepen its intrusion. Build a relationship and develop trust with the target organization.

Threat actors use numerous emails impersonating real Microsoft employees. The company says the SEABORGIUM actor delivers malicious URLs directly in an email or via attachments, as you can see below, often mimicking hosting services like Microsoft’s own OneDrive.

A phishing kit known as EvilGinx is used to steal the victim’s personal and financial information. A phishing portal that looks exactly like Microsoft’s has been designed to trick victims into entering their login credentials.

Microsoft explained that “In limited cases, SEABORGIUM has been observed setting forwarding rules from victims’ inboxes to actor-controlled dead drop accounts where the actor has long-term access to the data collected.On more than one occasion, we have observed that actors were able to access data from sensitive group mailing lists, such as those frequented by former intelligence officials, and maintain a collection of information of the mailing list for targeting and tracking. exfiltration”.

“There have been several instances where SEABORGIUM has been observed using its impersonation accounts to facilitate dialogue with specific persons of interest and as a result have been included in conversations, sometimes unwittingly, with multiple parties . The nature of the conversations identified during Microsoft’s investigations demonstrate that potentially sensitive information is being shared that could provide intelligent value,” the company added.

Therefore, until Microsoft releases another security patch, it is better not to open unrecognized attachments from unknown sources.


Published by

Recent Posts

More on the Interest-Income Channel

Last weekend, I wrote about Warren Mosler's argument that the Fed's rate hikes could be…

4 weeks ago

More information in the Interests Channel

Last weekend, I he wrote on Warren Mosler's argument that the Fed's rate hikes could…

4 weeks ago

Biden wants to reduce the deficit. Powell wants to reduce inflation. Do rate hikes undermine both goals?

Last week, the chairman of the Fed, Jerome Powell said, "the disinflationary process has begun".…

1 month ago

Quick thoughts on the CBO budget and economic outlook

Earlier this week, I joined Romaine Bostick and Scarlet Fu Bloomberg TV. The Congressional Budget…

1 month ago

Eight states have joined forces to raise taxes on America’s wealthiest

Tomorrow morning, I'll be joining CNBC's Squawk Box to talk about a new effort tax…

1 month ago

Mike Pence would pick up where Paul Ryan left off

Former Vice President Mike Pence talks about privatizing Social Security. The remarks came Thursday before…

2 months ago