BEWARE! Microsoft warns of "SEABORGIUM" phishing attack

    Microsoft has warned users to stay safe from SEABORGIUM phishing attack.
    By: SHAURYA TOMER
    | Updated on: Aug 16 2022, 18:13 IST
    WARNING! SBI shows how to protect yourself against online fraud, phishing
    Gmail
    1/5 SBI says that you should be suspicious of any e-mail or text message containing urgent requests for personal or financial information as banks almost never use e-mails as a form of confirmation of identity and always verify a website’s address line with the address mentioned in the email. (HT_PRINT)
    Fake calls
    2/5 Only contact the organization you want to connect with by using a telephone number from a credible source like bill or a phone book. Never give away any confidential personal or financial information on the phone to strangers or even family members or friends. (Pixabay)
    Antivirus
    3/5 It is advised to regularly update your computer with anti-virus software, spyware filters, e-mail filters and firewall programs and use the latest version available of the web browser. (Pixabay)
    image caption
    4/5 NEVER keep your banking credentials the same as your other online accounts. Never save your login credentials on your browser as they can be easily misused. (Pixabay)
    iPhone
    5/5 Do not share any confidential information through suspicious emails, websites, social media networks, text messages or phone calls and regularly check your credit and debit card statements regularly to ensure all transactions done are legitimate. (Pixabay)
    phishing
    View all Images
    Attackers impersonate official Microsoft emails and target their clients. (HT_PRINT)

    Microsoft has issued a warning for Microsoft clients regarding a phishing attack that is doing the rounds. The warning was issued by Microsoft's Threat Intelligence Center (MSTIC). The phishing attack, called SEABORGIUM, targets Microsoft's clients posing as security experts from Microsoft via email. Although this phishing scheme, which originated in Russia has been present since 2017, it has recently popped up again, targeting a number of people before it was red-flagged by Microsoft's Threat Intelligence Center.

    How does it work?

    In this phishing scheme, the threat actor targets the same organization slowly over a long period of time. According to Microsoft, once it is successful, it slowly infiltrates targeted organizations' social networks through constant impersonation, rapport building, and phishing to deepen their intrusion. It builds rapport and develops trust with the target organization.

    The threat actors use numerous emails impersonating real employees of Microsoft. The company says that the SEABORGIUM actor delivers malicious URLs directly in an email or via attachments as you can see below, often imitating hosting services like Microsoft's own OneDrive.

    A phishing kit known as EvilGinx is used to steal the victim's personal and financial information. A phishing portal is designed which looks exactly like the Microsoft's to fool victims into entering their login credentials.

    Microsoft has explained that, “In limited cases, SEABORGIUM has been observed setting up forwarding rules from victim inboxes to actor-controlled dead drop accounts where the actor has long-term access to collected data. On more than one occasion, we have observed that the actors were able to access mailing-list data of sensitive groups, such as those frequented by former intelligence officials, and maintain a collection of information from the mailing-list for follow-on targeting and exfiltration.”

    “There have been several cases where SEABORGIUM has been observed using their impersonation accounts to facilitate dialog with specific people of interest and, as a result, were included in conversations, sometimes unwittingly, involving multiple parties. The nature of the conversations identified during investigations by Microsoft demonstrates potentially sensitive information being shared that could provide intelligence value,” the company added further.

    So, until Microsoft publishes another security patch, it is best advised to not open unrecognized attachments from unknown sources.

    Follow HT Tech for the latest tech news and reviews , also keep up with us on Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

    First Published Date: 16 Aug, 18:13 IST
    NEXT ARTICLE BEGINS
    keep up with tech