Microsoft: Phishing Scam Targets Politicians
Microsoft says hackers have targeted at least three candidates for Congress. Security experts say the group behind the attacks has been linked to Russia's intelligence services.
The revelation came at the Aspen Security Forum in a speech from Tom Burt, Microsoft's head of Customer Security & Trust. He was talking about domains that appeared to be Microsoft-owned but were in fact bogus sites.
Burt said one of the domains was the landing page for a phishing attack, meaning it was the page somebody would go to if they followed a misleading link from an email or social media message. The page in question falsely gave the impression of being operated by Microsoft.
Pages Referred To Specific Candidates
According to Burt, examination of metadata on the page (information that was part of the page's code but not readily visible on the page itself) included references to three people standing in November's mid-term elections. That strongly suggests the page had been set up specifically to target those candidates through the phishing attacks.
Burt didn't name the candidates for security reasons, but said they could be "interesting targets from an espionage standpoint, as well as an election disruption standpoint." Microsoft was able to get the domain taken down and it doesn't appear any of the candidates had been mislead by it. (Source: qz.com)
The domains were known to be operated by a group that Microsoft refers to as "Strontium", though other security researchers call "Fancy bear." It has been linked with Russian intelligence.
Emails The Likely Target
The most likely explanation for the attack was that the idea was to have the candidates visit the pages, believe they were genuine, then trick them into handing over some form of login details such as usernames and passwords. This could then be used to get into a Microsoft account or, if the victims reused login information, into other accounts.
Such an attack does require a lot of things to go right for the attackers, but it may also be possible they are unleashing the same tactic over and over to play the numbers game. The goal seems to be to gain access to private email messages and them make them public, something that would could embarrass the candidates.
One theory is that the idea isn't so much to hurt specific candidates, but rather to create wider political divisions and undermine the democratic process itself. (Source: bbc.co.uk)
What's Your Opinion?
Do you believe Russia is behind such attacks? Should candidates get better training in cyber security? Should law enforcement put extra effort into tackling cyber crime against politicians?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.
Comments
Not surprised
My Instagram was hacked by some Russians, and I'm nobody. I traced the account back to an address ending in ".RU". So I'm assuming if they are hacking me, they are working hard hacking "important" people. Guess they think 45 just doesn't give a crap.
E-Mail Hacking
unless there is some unworthy info in the emails, what reason is there to hack them?
besides, are there ANY providers that do not have the "Your computer is unrecognized. Please get a pin number via your cell phone or other e-mail account to unlock your e-mail"? all I do is clear my cookies using IOBit's software and I get these messages all the time using the SAME COMPUTER that was used before. I assume that applies to an ACTUAL NEW COMPUTER as well. of course, if the server is in the politicians basement or bathroom, all bets are off.
Senator Claire McCaskill was one target
The computers for U.S. Senator Claire McCaskill (D-Missouri) were among the three targeted according to the Senator's office. It is amazing the lengths to which the GOP and its sycophants in Russia will go to steal an election. Voter suppression efforts, false charges of voter fraud where there consistently has been none, incredible gerrymandering that makes the Democrats look pure and clean, and so much more coupled with the GOP's allies in Russia -- the GOP can't win legitimately, so they cheat and cheat. But what do you expect from a political party intent on fulfilling George Orwell's worst fears in "1984"?