“Spear phishing” targets a specific person
Hackers from Russia and Iran frequently target officials, journalists and NGOs through sophisticated hacking systems, “spear phishing” designed to lure specific people using personal information, British cyber security officials warned on Thursday.
The National Cyber Security Center NCSC, Russia-based Seaborgium and Iran-based TA453 groups linked to the Revolutionary Guard attacked various organizations and individuals inside and outside the UK in 2022.
“Attacks are not directed at the general population, but on specific sectors such as academia, security, government bodies, NGOs and think tanks, as well as politicians, journalists and activists,” he added.
+ Cybercrime exposes single ticket registration data
+ Agia is vulnerable to cyber attack; He says the systems have been restored
NCSC urged those working in these industries to familiarize themselves with these hacking techniques and advice to mitigate them.
“Spear phishing” is an attempt to “trick a specific person into sharing confidential information” by creating a sophisticated message containing personal information and getting them to open it.
According to the NCSC, the hacker does “a reconnaissance around his target” to make his attacks more effective.
Hackers based in Russia and Iran are “relentlessly pursuing their goals of stealing online credentials and compromising sensitive systems,” said Paul Chichester, NCSC’s director of operations.
They often contact victims via email, social media and professional platforms, “impersonating their targets’ real contacts, sending fake invitations to conferences and events and sharing malicious links disguised as links to video conferences”.
For example, TA453 used the Zoom platform to organize fraudulent video calls, posing as reputable professionals, and then sending malicious links through the site’s chat.
