The warning came exactly a week before the US presidential election, with US intelligence accusing Russia of interference to undermine the Democratic ticket of Vice President Kamala Harris and Tim Walz.
During the campaign, detected by Microsoft on Oct. 22, thousands of emails were sent to more than 100 organizations. According to Microsoft, the goal of the ongoing operation is likely intelligence gathering.
“Based on our investigation of previous Midnight Blizzard spear-phishing campaigns, we assess that the goal of this operation is likely intelligence collection,” Microsoft added.
The hacker group has been linked by the United States and the United Kingdom to Russia’s Foreign Intelligence Service (SVR). Their activity dates back to 2018, and they usually target governments, diplomatic entities, NGOs, and IT service providers, primarily in the United States and Europe.
Phishing emails use social engineering tactics to manipulate recipients. They exploit emotions like fear, urgency, or curiosity to trick them into revealing sensitive information or clicking on malicious links.
These emails often impersonate trusted entities, such as banks or government agencies, making them appear legitimate and increasing the likelihood of victim response.