State-Sponsored Threat Actors Targeting European Union Entities With Spear Phishing Campaigns

EU Entities Targeted Spear PhishingNumerous state-sponsored threat actors frequently launched spear phishing attacks against European Union entities last year, according to a new report from the EU’s Emergency Response Team (CERT-EU).

“In 2023, spear phishing remained the predominant initial access method for state-sponsored and cybercrime groups seeking to infiltrate target networks,” the report says.

“This sophisticated form of phishing involved highly targeted and personalised e-mail campaigns, meticulously crafted to deceive specific individuals within organisations. In Union entities or their vicinity, as well, spear phishing was the most observed method to attempt initial access. We have analysed 177 such attacks, that we found notable.”

The threat actors often used lures that were themed around EU organizations and impersonated real people.

“A number of adversaries used specific lures related to EU affairs, in their attempts to deceive users in our vicinity,” the researchers write.

“Some threat actors sent spear phishing e-mails containing malicious attachments, links, or decoy PDF files that originally were internal or publicly available documents related to EU policies....To make the spear phishing message even more credible, the attackers often impersonated staff members of Union entities or of the public administration of EU countries. These attacks targeted not only Union entities but also public administration in EU countries. This shows a significant interest by some adversaries to gather information related to various EU political matters."

The threat actors put a great deal of effort into researching their targets and crafting tailored social engineering attacks.

“Whatever the goal of the attack was, the threat actors dedicated time and resources in preparatory phases such as reconnaissance and social engineering,” the report says.

“Reconnaissance involves gathering intelligence about Union entities: the role of certain staff members, their contact lists, the documents or information they usually share with their stakeholders. Social engineering manipulates human psychology, and in the context of spear phishing against Union entities, social engineering aims to craft believable deceptive messages by leveraging information acquired from previous attacks or exposed on unsecured IT assets to increase the likelihood of successful infiltration.”

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Infosecurity Magazine has the story.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews