Microsoft revealed that some hackers attempted to use a fake Microsoft website to launch a phishing attack on three mid-term candidates in the US Congress. Tom Burt, vice president of corporate security and information at the Aspen Security Forum, said that Microsoft has partnered with the US government to stop these attacks, saying that the associated domain names have been cleared and malicious attacks by hackers have not been successful.
Although Burt did not provide details of the behind-the-scenes black-handed attacks, the description provided was a reminder of another wave of cyber attacks that occurred in 2016, when they used fake Microsoft domain names.
Two years ago, it was part of the Strontium–and a hacker group called Fancy Bear attacked the Democratic National Committee. The Strontium is often found to associate with the Russian government.
Just this week with Russian President Vladimir Putin, US President Trump said there is no reason to believe that the Kremlin came out to intervene in the 2016 US presidential election.
Burt said, “We don’t see the activity of them trying to infiltrate think tanks and academia and in social networks to do the research that they do to build the phishing attacks that they then launch. That doesn’t mean were not going to see it. There’s a lot of time left before the election.”
Now, Microsoft has not provided any details about the phishing target but said the company would continue to monitor possible cyber attacks.