Pawn Storm (aka Sednit5, Fancy Bear, APT28, Sofacy and STRONTIUM8) might sound like Instagram accounts, top-secret spy programs or recently passed legislation, but in reality they are all different names for the same successful cyber espionage group (or threat actor group). These actors often use multi-angle bombardment attacks on the same target, implementing multiple methods to reach their goals and relying on practiced (proven) techniques, especially when it comes to phishing attacks.
Credential phishing is an effective tool used within cyber espionage campaigns. Many Internet users are trained by experience not to fall victim to these types of phishing attacks. By spotting obvious grammar and spelling errors, uncommon domains in URLs or the absence of a secure, encrypted connection in the browser bar help users identify possible malicious threats. However, professional threat actors like Pawn Storm have the resources and experience to avoid these simple mistakes and invent crafty social engineering tactics to bypass red flag indicators. These devious professionals send phishing emails with perfect spelling and grammar in any language, and have no problem evading spam filters and other security measures. Essentially, credential phishing attacks have become an effectively dangerous tool that can have severe damaging effects on vast amounts of sensitive data, which can be stolen, blackmailed or erased. Credential phishing is also a strategic step to penetrate deeper into target’s digital infrastructure.
Even though groups such as Pawn Storm can target individuals like as Colin Powell and Hillary Clinton, or groups such as Democratic National Committee (DNC) and World Anti-Doping Agency (WADA), there are protective measures you can do to raise the level of your defenses against cybercriminals:
To read the full Pawn Storm report please visit here.