Read the full story
Microsoft is warning it has uncovered a new spearphishing campaign by the same hacking group believed to be behind the devastating SolarWinds supply chain attacks. They are believed to be targeting a large number of organisations across many countries.
Spearphishing involves highly targeted phishing attacks against high-value targets. In this case, it appears the spearphishing is targeted towards government agencies involved with foreign policy, and international development organisations. Around 3000 email accounts used by over 150 organisations in 24 countries are affected.
According to Microsoft, the attacks were focused on intelligence gathering, as opposed to being financially motivated. This is a further indication that nation-state actors are likely to be behind this and the earlier SolarWinds exploit.
This is a reminder of the importance of having training measures in place so the people in your organisation are equipped with the skills they need to identify phishing emails.
Phriendly Phishing, CyberCX’s proprietary phishing training system, is designed for all levels of staff within an organisation. Using interactive modules, users gain a strong understanding over time of the methods used when conducting phishing attacks and how suspected phishing emails should be handled.
Contact us today for further information on phishing awareness training for your organisation.