Staff are still falling for phishing scams Attack.Phishing , with social media friend requests and emails pretending to come from Attack.Phishing the HR department among the ones most likely to fool Attack.Phishing workers into handing over usernames and passwords . Phishing scams Attack.Phishing aim to trick Attack.Phishing staff into handing over data -- normally usernames and passwords -- by posing as Attack.Phishing legitimate email . It 's a technique used by the lowliest criminals as part of ransomware campaigns , right up to state-backed hackers because it continues to be such an effective method . In a review of 100 simulated attack campaigns for 48 of its clients , accounting for almost a million individual users , security company MWR Infosecurity found that sending Attack.Phishing a bogus friend request was the best way to get someone to click on a link -- even when the email was being sent Attack.Phishing to a work email address . Almost a quarter of users clicked the link to be taken through to a fake login screen , with more than half going on to provide a username and password , and four out of five then going on to download a file . A spoof email claiming to be Attack.Phishing from the HR department referring to the appraisal system was also very effective : nearly one in five clicked the link , and three-quarters provided more credentials , with a similar percentage going on to download a file . Some might argue that gaining access Attack.Databreach to a staff email account is of limited use , but the security company argues that this is a handy for an assault . A hacker could dump Attack.Databreach entire mailboxes , access Attack.Databreach file shares , run programs on the compromised user 's device , and access multiple systems , warned MWR InfoSecurity . Even basic security controls , such as two-factor authentication or disabling file and SharePoint remote access , could reduce the risk . The company also reported bad news about the passwords that users handed over : while over 60 percent of passwords were found to have a length of 8 to 10 characters -- the mandatory minimum for many organizations -- the company argued that this illustrates how users stick to minimum security requirements . A third of the passwords consisted of an upper-case first letter , a series of lower-case letters , and then numbers with no symbols . It also found that 13.6 percent of passwords ended with four numbers in the range of 1940 to 2040 . Of those , nearly half ended in 2016 , which means one-in-twenty of all passwords end with the year in which they were created .

The shadowy hacker consortium known as Callisto Group targeted the UK 's Foreign Office over several months in 2016 . According to research firm F-Secure , Callisto Group is an advanced threat actor whose known targets include military personnel , government officials , think tanks and journalists , especially in Europe and the South Caucasus . Their primary interest appears to be gathering intelligence related to foreign and security policy in the Eastern Europe and South Caucasus regions , and this , combined with infrastructure footprint links to known state actors , suggests a nation-state benefactor , the firm said . In October 2015 the Callisto Group targeted a handful of individuals with phishing emails that attempted to obtain Attack.Databreach the target ’ s webmail credentials . Then , in early 2016 , the Callisto Group began sending Attack.Phishing highly targeted spear phishing emails with malicious attachments that contained , as their final payload , the “ Scout ” malware tool from the HackingTeam RCS Galileo platform . Scout was , ironically , originally developed for law enforcement . “ These spear-phishing emails were crafted Attack.Phishing to appear highly convincing , including being sent Attack.Phishing from legitimate email accounts suspected to have been previously compromised Attack.Databreach by the Callisto Group via credential phishing Attack.Phishing , ” F-Secure noted in a paper , adding that the group is continuing to set up new phishing Attack.Phishing infrastructure every week . One of the targets for Callisto in 2016 was the Foreign Office , according to BBC sources . The outlet reports that the government is investigating an attack that began in April last year . A source told the BBC that the compromised server didn ’ t contain the most sensitive information , fortunately . In a statement , the UK 's National Cyber Security Centre ( NCSC ) declined attribution or comment and merely said : `` The first duty of government is to safeguard the nation and as the technical authority on cybersecurity , the NCSC is delivering ground breaking innovations to make the UK the toughest online target in the world . The government 's Active Cyber Defence programme is developing services to block , prevent and neutralise attacks before they reach inboxes. ” F-Secure also said that evidence suggests the Callisto Group may have a nation-state sponsor , and that it uses infrastructure tied to China , Russia and Ukraine . It told the BBC that Callisto Group 's hacking efforts show similarities in tactics , techniques , procedures and targets to the Russia-linked group known as APT28 , though the two appear to be different entities . However , Callisto Group is also associated with infrastructure used for the sale of controlled substances , which “ hints at the involvement of a criminal element , ” F-Secure said . Going a bit further , a different source told the BBC that two of the phishing domains used in the UK attack Attack.Phishing “ were once linked to an IP address mentioned in a US government report into Grizzly Steppe. ” Grizzly Steppe is the code-name for Russian meddling in the US elections .