The news is full of reports about compromised emails of important public officials and political leaders. While we don’t know for sure who is behind the compromise of these emails, all indications are that the Russians are behind this. One of the leading investigators of this problem is Crowdstrike, who waxes poetic about the sophistication and technical prowess of the attackers. What are these bad guys doing that requires the resources of a country? Is this some kind of cyber atomic bomb coming out of a massive cyber Manhattan project? No.
Ars Technica shows us exactly what the attackers are doing. They are sending spearphishing emails using deceptive URL shorteners to trick users into compromising actions.
When the user clicks the links, bad things happen. The bad guys change-up the technical aspects of the basic attack in order to evade detection. The unchanging aspect of this attack is the deceptive email which tricks the recipient into enabling the technical exploits.