Beware of video call links that are attempts to steal Microsoft 365 access, researchers tell NGOs
Russia-linked hackers are stepping up their game with new tactics to infiltrate Microsoft 365 environments. According to cybersecurity researchers, they’re focusing on NGOs associated with Ukraine and using deceptive methods to harvest access tokens.
Key Points
- Recent phishing schemes target NGOs in Europe, particularly those involved with human rights in Ukraine.
- Attackers use messaging apps like Signal or WhatsApp to lure victims into joining a fake video call.
- An OAuth code generated during this call is exploited to gain access to Microsoft 365 accounts.
- The cyber operations are linked to groups UTA0352 and UTA0355, specifically tailored towards NGOs.
- Organisations are urged to train staff to be cautious about unexpected contacts, especially via secure messaging platforms.
Content Summary
The article highlights how certain threat actors, presumed to be linked to Russia, are increasingly targeting NGOs through sophisticated phishing attacks. These attacks aim to capture OAuth access tokens for Microsoft 365 accounts, utilising social engineering techniques that centre around an invite to a video call about the Ukraine conflict. If unsuspecting employees share the generated OAuth codes, attackers can gain entry to sensitive accounts. The cybersecurity firm Volexity has reported that this activity has intensified since March, emphasising the need for vigilance against unsolicited communications, particularly from vulnerable platforms.
Context and Relevance
This article is critical for anyone involved in NGOs or organisations that use Microsoft 365. The alarming rise of phishing attacks targeting these groups underlines the importance of cybersecurity awareness. As trends show a growing focus on remote and digital communication tools, it’s vital to stay informed about potential threats, ensuring the safety of sensitive information.
Why should I read this?
If you’re part of an NGO or handle sensitive data, this article lays out the latest phishing tactics you need to watch out for. Knowing how these hackers operate can save your organisation from significant data breaches. We’ve broken this down so you don’t have to wade through the technical jargon alone—stay ahead of the curve!