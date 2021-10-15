At Least 50,000 Users Are Warned By Google About A Government-Backed Phishing Attack.

This year, Google has sent out over 50,000 alerts to users who may be victims of a government-sponsored phishing attempt.

These alerts are being sent by Google’s Threat Analysis Group (TAG). The notifications inform users that their accounts may be among the targets of a purported phishing and malware campaign carried out by various hacker organizations, according to the organization’s blog post published Thursday.

The amount of warnings issued this year is up 33% over the previous year, according to TAG. This surge, according to the organisation, is due to its efforts to defeat the APT28 or Fancy Bear. APT 28 is a Russian threat actor who launched a massive malware and phishing campaign.

It’s worth noting, though, that not everyone who receives these notifications is actually under attack.

According to Gizmodo, Google clarified that some people could be possible targets of the phishing attempt.

Google also stated that one of their defense tactics includes issuing at least 50,000 alerts. TAG has apparently discovered that the state-sponsored hack is affecting more than 50 countries around the world.

More than 270 government-backed attacker groups are now being tracked by TAG as part of the malware and phishing campaign. It implies that there are multiple actors involved.

The APT35 is one of the cyber attack groups that TAG has been keeping an eye on. This group, apparently backed by Iran, has been launching large-scale cyber attacks employing unique approaches for several years. It is said to be targeting “high-value accounts,” or those linked to government agencies, news groups, nonprofit organizations, and national security personnel.

During actual events, cyber attackers belonging to this group are said to pose as legitimate representatives from organizations. They begin their attacks with non-malicious initial contact emails. Those that respond in disguise to the hackers are subsequently sent emails containing phishing URLs.

The APT35 hijacked a website associated with a university in the United Kingdom earlier this year. According to reports, the hackers enticed their victims by giving them an invitation to a phony webinar. They were also able to send second-factor identification codes to the smartphones of their targets.

Google has been alerting users about these types of attacks since 2012. According to Bleeping Computer, the corporation even revamped its alert system in 2017 and added probable attack vector information.