Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
The Internet Security

Russian, Iranian Hackers Pose as Journalists in Emails, UK Says (bloomberg.com) 15

British cybersecurity officials are warning that hacking groups linked to Russia and Iran are duping people into clicking malicious links by impersonating journalists and experts. From a report: The hackers, who have similar goals but are said to be working separately, have sought to steal emails from people working in academia, defense, the media and government, as well as from activists and non-governmental organizations, according to an advisory released on Thursday by the UK's National Cyber Security Centre. "These campaigns by threat actors based in Russia and Iran continue to ruthlessly pursue their targets in an attempt to steal online credentials and compromise potentially sensitive systems," said Paul Chichester, the center's director of operations. "We strongly encourage organizations and individuals to remain vigilant to potential approaches and follow the mitigation advice in the advisory to protect themselves online."
This discussion has been archived. No new comments can be posted.

Russian, Iranian Hackers Pose as Journalists in Emails, UK Says

Comments Filter:
  • by poptopdrop ( 6713596 ) on Thursday January 26, 2023 @08:44AM (#63241895)

    Anyone here vouch for him ? ...

  • ./ editors was better in making headlines /sarcasm
  • I see an article about hacking and clicking on links and see a link in the article. No way that I'm going to click on the link.
  • by RoccamOccam ( 953524 ) on Thursday January 26, 2023 @09:21AM (#63241999)
    With so many actual "journalists" posing as journalists, I'm surprised this was even noticed.
  • I'm a Russian/Iranian princess journalist and I need you help....
    I inherited 671 millions ....

  • by zarmanto ( 884704 ) on Thursday January 26, 2023 @11:07AM (#63242253) Journal

    Ironically, I just happened to receive an unsolicited email message this morning -- in my work e-mail account, even! -- suggesting I go watch a YouTube review of a gaming related product. I glanced through the message briefly, because it was ostensibly about something I actually might be interested in... but then I saw that the link for their YouTube video referenced in the message was to some random domain that was unfamiliar, instead of an actual YouTube link.

    Well, naturally my first assumption was that they're trying to track clicks for advertising purposes... and my corresponding first instinct was simply to not give them the satisfaction. Heck, no! You don't need to be tracking my activities, bud. Instead, I googled the YouTube video myself. Wouldn't you know it? The caption on the thumbnail for the YouTube video prominently displayed the phrase "paid promotion by..." and it identified the same company that had sent out the email. I didn't even bother to watch the video, because nope. Just like that, I'm no longer interested.

    Of course, it's not precisely the same thing, as I don't actually have any reason to believe that the email I received was from hackers... but these are nonetheless the kind of habits that we all need to pursue. Don't click any links that people email or text you. Period.

    "But wait! What if it's actually legit, or important??"

    My philosophy is pretty simple: if someone I actually know wants to show me a video that badly, they'll almost always be more than happy to shove their own phone in my face the next time I see them. (And they frequently do!) And if it's from someone that I don't know, then it's automatically not that important to me. The clickbait advertisers are just going to have to work a lot harder for my eyeballs.

Keep up the good work! But please don't ask me to help.

Working...