Google notifies 14,000 Gmail users of targeted APT28 attacks
Google has sent more than 14,000 Gmail users notifications that they’ve been the target of a spear-phishing attached orchestrated by state-sponsored hacking group APT28 or “Fancy Bear”. Spear phishing is a term used to describe email or electronics communication scam targeted towards a specific individual or organisation. In this case it is believed the hacking group’s aim was to get access to sensitive documents and communications, and then “pivot” to other individuals or internal networks. Fancy Bear has been linked to Russia’s military intelligence apparatus.
Although this campaign has been launched by a sophisticated group, protecting yourself from such an attack is simple. Switching on multi-factor authentication will protect you most of the time, and for CEOs or other high-risk user we recommend you look into phone based or physical security keys.