Infected emails seemingly bearing feedback on UK government draft G20 briefings — that actually steal data — are targeting government officials and economic development leaders ahead of this week’s global summit in Russia, researchers say. Spearphishing campaigns that coincide with the G20 are common, but this time researchers are questioning whether the documents might truly be genuine.
According to cybersecurity firm Symantec, a brief message in the body of the email thanks the recipient for circulating a series of “building block” documents on various global issues and new UK feedback on the documents.
“What is interesting about these documents is that each of them has track changes enabled and contains the reported comments from the UK called out in the original email,” Symantec researcher Satnam Narang writes in a blog post. “At this time, we cannot verify the authenticity of these documents, but from our observation, modifications were made to them earlier this month, which states that they were last modified by a user named ‘UK Government.”
The five files are labeled “UKcomments,” “UK-Building Block_DEVELOPMENT,” “UK-Building Block_EMPLOYMENT,” “UK-Building Block_ANTICORRUPTION” and “UK-Building Block_TRADE.
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Meta’s fine over data privacy breaches underscores the critical challenges…
Hi, Thanks, that is really useful information. I do have…
“This is a very worrying attack that hit T-Mobile and…
“This latest cyberattack against T-Mobile may be smaller than previous…
“Genesis Market is a complex global criminal access marketplace. Buyers…