Before adding and sharing your Fraud Alert please check to see if a similar alert has already been posted, thank you:


Microsoft shuts down phishing sites, accuses Russia of new election meddling

Post a Fraud Alert:

Russia has denied any knowledge of a spear phishing attempt that allegedly mimicked the domains of the US Senate and two US-based think tanks.

Russia’s denial came after Microsoft said it detected and shut down the campaign.

“Last week, Microsoft’s Digital Crimes Unit (DCU) successfully executed a court order to disrupt and transfer control of six Internet domains created by a group widely associated with the Russian government and known as Strontium, or alternatively Fancy Bear or APT28,” Microsoft Chief Legal Officer Brad Smith wrote in Microsoft’s announcement Monday. “We have now used this approach 12 times in two years to shut down 84 fake websites associated with this group.”

The domains were apparently meant to mimic those of the International Republican Institute, the Hudson Institute, and US Senate systems. “Attackers want their attacks to look as realistic as possible and they therefore create websites and URLs that look like sites their targeted victims would expect to receive email from or visit,” Microsoft said.

Spear phishing attacks are designed to trick specific people into divulging login credentials or into clicking on malicious links.

Microsoft is “concerned that these and other attempts pose security threats to a broadening array of groups connected with both American political parties in the run-up to the 2018 elections,” Smith wrote.

A Kremlin spokesperson denied any knowledge of the alleged spear-phishing campaign.

“We don’t know which hackers they are talking about, we don’t know what is meant about the impact on elections,” Kremlin spokesperson Dmitry Peskov told CNN. “From the US, we hear that there was not any meddling in the elections. Whom exactly they are talking about, what is the proof, and on what grounds are they reaching such conclusions?”