Hideez and Yubico are giving free security keys, such as Yubikeys and Trustkeys, to any journalist working in Ukraine. See Free security keys for journalists | Yubico Secure It Forward In Ukraine
What is phishing?
Phishing is type of attack that tries to trick you into sharing your password. This is the most popular type of an attack on the internet, because it is not technological attack, but attack on the human. It’s quick, cheap, dirty, and effective.
Typical phishing attack would be a URL domain tricking. An attacker may send you an alleged email from “Facebook” that you need to update your information, with the link that goes to faceb00k.com, and not facebook.com. It will look, feel, and smell the same as the real facebook, with the only difference that your username and password will go to an attacker, rather than actual Facebook. An attacker may as well redirect you to an actual facebook, and you won’t even realise that you were phished.
Phishing can be:
The goal of phishing could be to steal your password, or/and to install malware, by opening document, link, or some executable file.
Russian Federation has extensive experience in executing effective phishing attack, including DNC email leak in 2016. Russia lacks tech specialists so they are using and will be using phishing as a primary attack vector.