Connect with us

Hi, what are you looking for?

Tech & Science

Phishing campaign targets UN humanitarian organizations (Includes interview)

The organizations that have been targeted by the phishing attack include UNICEF, UN World Food, the Heritage Foundation, the International Federation of the Red Cross and Red Crescent Societies, and the United States Institute of Peace. The form of the attack is that by luring victims to fake landing pages that impersonates Microsoft Office 365 login pages, attackers hope to steal user credentials. The attack is especially directed towards mobile devices.

The attack was detected by Lookout Phishing AI and it has been running since March 2019. Signs are that the attacks are still continuing. The associated IP network block and Autonomous System Number (ASN) has been known to have hosted malware in the past.

To understand more about the attack, Digital Journal caught up with Alexander García-Tobar, CEO and co-founder of Valimail.

According to García-Tobar, the attacks show a new level of sophistication: “The latest phishing campaign targeting officials from the United Nations, UNICEF, Red Cross and other humanitarian aid organizations demonstrates how sophisticated and highly convincing phishing attacks have become. By using deviously coded phishing sites, hackers are attempting to steal login credentials and ultimately seek monetary gain or insider information.”

He notes that in most cases the attacks will have been thwarted: “It’s worth noting that most of these phishing sites never made it into widely used databases of bad links. As a result, security tools focused on scanning the contents of email messages would not have flagged emails containing links to these sites.”

However, there is more that can done, such as “preventing phishing emails from ever entering inboxes in the first place is a critical step in stopping these types of attacks, and that can be done most effectively by validating the identity of the sender.”

In terms of on-going protection, across all businesses, García-Tobar recommends: “Emails from these attackers could be stopped by flagging the sender as untrusted. Implementing advanced anti-phishing solutions that validate senders’ identities is crucial to keep such attacks at bay.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Entertainment

Academy Award winner Colin Firth ("The King's Speech") chatted about starring in the new limited series "Lockerbie: A Search for Truth," which will premiere...

Business

“Quantum technologies are the next revolution in technology.”

Entertainment

The Miss Netherlands beauty pageant is being scrapped after 35 years, organisers said, transforming into a platform dealing with mental health.

World

Iran's Narges Mohammadi won the 2023 Nobel Peace Prize for her fight for women's rights - Copyright Fondation Narges Mohammadi/AFP/File -Narges Mohammadi, the Iranian...