Microsoft has successfully taken control of 50 domains used for spear phishing attacks.
These sites have been associated with hacking groups affiliated with North Korean. Their aim is to gain access to users data and also to upload malware attacks unto IT Systems.
The phishing emails were mainly targeted at government employees, international agencies, university staffs, based in the US, Japan, and North Korea. The trick is to falsely inform users of attacks on their account and giving them a link to change their login details.
The link, of course, redirected users to domain names that were carefully engineered to look official, in an attempt to update their login details, unsuspecting users give away their private details including bank accounts, passwords, social account details and logins to confidential information.
Beyond these, the hackers would from then on copy any new email sent by a victim even after login details had been changed.
Microsoft successfully launched a court action against the perpetrators and was able to clamp down on all fifty emails used for the phishing operation.
While we celebrate Microsoft’s victory, domains names are cheaply acquired these days and these hackers could simply copy their work unto new domains and continue their operation.
Users are advised to take precaution whenever they receive emails claiming their accounts may have been compromised. DO NOT CLICK THE LINK, visit the website directly, DON’T COPY the link and try to figure out what’s really going on with your data. After spending some time on phishing platforms, the anomalies would often easily reveal themselves and you can tell it’s all a lie after all.