The American multinational tech company Google has alerted more than 14,000 Gmail users about a phishing campaign targeting them. The operation is allegedly conducted by a hacking group that has been linked to Russia, dubbed APT28.
Following the discovery of phishing emails, Google has immediately blocked them.
At the end of September, Google discovered that a large number of Gmail users from a wide range of businesses were being targeted by the APT28 hacking gang. The threat actor, also known as Fancy Bear, has been operational starting with 2004.
Shane Huntley, Director of Google’s Threat Analysis Group (TAG) said this week that “this particular campaign comprised 86% of the batch of warnings we sent for this month.”
He notes that these warnings suggest recipient targeting rather than a breach of their Gmail account.
So why do we do these government warnings then? The warning really mostly tells people you are a potential target for the next attack so, now may be a good time to take some security actions.
— Shane Huntley (@ShaneHuntley) October 7, 2021
According to him, these warnings are normal for activists, reporters, government representatives, and individuals who work in national security systems as government-backed organizations