Warning from Microsoft, stay away from SEABORGIUM Phishing Attacks
All of us know that Microsoft is one of the popular companies that has been offering several beneficial services to its customers, and other companies. Then you’ll be shocked after knowing the results that came after the phishing attacks done by SEABORGIUM. Huh! What is SEABORGIUM? Also, how it is going to affect users?
A warning was issued by Microsoft specially for its clients that a phishing attack is taking place again on the platform for Microsoft users. The idea for this warning was from Microsoft’s Threat Intelligence Center (MSTIC). This attack is known as the SEABORGIUM Phishing Attack. The main job of this attack is to target Microsoft’s clients imitating security experts from Microsoft via email.
Although this phishing scheme originated in Russia and has been present since 2017, recently it showed up again. When it came into the market it started targeting numerous people before it was red-flagged by Microsoft’s Threat Intelligence Center.
Acting up like this made the company tenser, and to get control over the situation it has to take strict action to re-articulate things as previous. Let’s see what’s process took place to fulfill the needs of cyber criminals.
Process of Attack
- Adversaries target the same organization smoothly over a long period.
- Once they succeed, they try too many things to deepen their intrusion, those things include targeting the organization’s social networks via constant impersonation, rapport building, and phishing.
- It builds rapport and develops trust with the target organization.
- Adversaries use numerous emails impersonating real employees of Microsoft.
This much was done to take advantage of the current situation, and as the attack goes further it could damage more than it does. Let’s look at what the company has to say about this.
The SEABORGIUM adversaries send malicious URLs directly in an email or via attachments. They often imitate hosting services such as Microsoft’s own OneDrive. The EvilGinx phishing kit is used to steal the victim’s personal and financial data. A phishing portal is customized that looks exactly like Microsoft’s to trick victims into entering their login credentials.
“In limited cases, SEABORGIUM has been observed setting up forwarding rules from victim inboxes to dead drop accounts controlled by adversaries, where the criminals have long-term access to collected data. On more than one occasion, we have observed that the actors were able to access mailing-list data of sensitive groups, such as those frequented by former intelligence officials, and maintain a collection of information from the mailing-list for follow-on targeting and exfiltration.”
Company added further
“SEABORGIUM has been observed using their impersonation accounts to facilitate dialog with specific people of interest and, as a result, were included in conversations, sometimes unwittingly, involving multiple parties. The nature of the conversations identified during investigations by Microsoft demonstrates potentially sensitive information being shared that could provide intelligence value,”
Advice to Microsoft Users
To avoid such things, you can just follow Microsoft’s instructions. Microsoft advised that before it publishes another security patch, users must avoid opening any unrecognized attachments from unknown sources. In this way, users will be able to protect themselves from unauthorized access.
Watch more news here: