Russian Intelligence Services Continue to Target Commercial Messaging Applications
Summary
CISA and the FBI have released an updated Public Service Announcement regarding ongoing phishing campaigns by Russian Intelligence Services (RIS) targeting commercial messaging applications. The alert provides updated tactics, recommended mitigations, and examples of phishing messages used in these campaigns.
IFF Assessment
This article details ongoing targeting by state-sponsored threat actors, which represents a direct threat to defenders and organizations.
Defender Context
Defenders should be aware of these evolving phishing tactics targeting commercial messaging applications, as they may be used to gain initial access to sensitive networks. Organizations should reinforce user training on recognizing and reporting phishing attempts, and consider implementing stricter controls on messaging application usage and access.