Dive Brief:
-
An advanced persistent threat group launched a wave of coordinated post-election phishing campaigns this week, according to Volexity.
-
The attacks were focused on U.S. think tanks and non-governmental organizations (NGOs), the security firm announced in a blog. It’s not clear why these groups in particular were targeted.
-
Volexity suspects a group it calls The Dukes — also known as APT29 or Cozy Bear — is responsible for the attacks. The same group has been tied to the breach of the Democratic National Committee and other intrusions.
Dive Insight:
The phishing emails demonstrate how savvy cyber criminals have become. Not only did they spoof real individuals and organizations, such as the Clinton Foundation, they also offered timely and intriguing post-election data analysis or documents that promised to demonstrate how the election was rigged.
The emails were sent to various people who focus on national security, defense, international affairs, public policy, and European and Asian studies, according to Volexity.
It’s not clear how many people may have fallen for the scam.
Phishing attacks are on the rise and more companies than ever before have been duped into providing sensitive or proprietary information. There were more phishing attacks in the first quarter of 2016 than any other time in history, according to the Anti-Phishing Working Group.