In a new post, Google announced it had sent warnings about state-sponsored phishing attempts to users globally.
Google’s Threat Analysis Group (TAG) director Shane Huntley explained that between July and September 2019, 12,000 warnings have been sent to users in 149 countries.
More than 90% of these users were targeted via “credential phishing emails”, whereby attempts are made to gain the victim’s account credentials to hijack their account.
“We encourage high-risk users—like journalists, human rights activists, and political campaigns—to enroll in our Advanced Protection Program (APP), which utilizes hardware security keys and provides the strongest protections available against phishing and account hijackings. APP is designed specifically for the highest-risk accounts,” said Huntley.
TAG tracks over 270 targeted or government-backed groups for more than 50 countries: “These groups have many goals including intelligence collection, stealing intellectual property, targeting dissidents and activists, destructive cyber attacks, or spreading coordinated disinformation. “
Huntley also discussed details about a campaign from a Russia-nexus threat group called “Sandworm”, that was modifying legitimate Android applications with malware and target users in South Korea, as well as Ukraine.
In September 2017, another campaign was identified by Sandworm, where by similar tactics were used to deploy a fake version of the UKR.net email app on the Play Store.
Over a year later, evidence was found of Sandworm shifting from using attacker-controlled accounts to trying and uploading malicious apps to compromising legitimate developers. Throughout November, 2018 – Sandworm was targeting software and mobile app developers in Ukraine via spear-phishing emails with malicious attachments.
“TAG works closely with other technology companies—including platforms and specialized security firms—to share intelligence and best practices. We also share threat information with law enforcement. And of course there are multiple teams at Google at work on these issues with whom we coordinate.”
The post #Privacy: Google sends over 12K state phishing warnings in three months appeared first on PrivSec Report.