Category Archives: Phishing

Report of Estonian Information Board: International Security and Estonia in 2017

Paragraphs from the “Cyber Threats” section on page 36:

Although the crippling of a critical Estonian infrastructure by a state actor in 2017 is not likely, it is certain that Estonia will remain a target of hostile cyber activity. [..] Considering the cyber attacks that sowed confusion in the US in 2016 and Latvia’s experience in holding the presidency of the European Union in 2015, it is also likely that Estonia will come under increased scrutiny from foreign cyber criminals in the second half of 2017.

As in past years, the Estonian government sector was not unscathed by attacks in 2016. The mailboxes of employees of the Riigikogu (parliament), the Ministry of Foreign Affairs and the Ministry of Economic Affairs and Communications were the targets of phishing attempts. An example of such attacks was an incident in 2016 where an attempt was made to steal information in the possession of a Finnish member of the Bellingcat research group. The information concerned the military conflict in Ukraine and the downing of the MH17 airliner.

Haven’t heard of the phishing attempt against Bellingcat member in Estonia. The spearphishing example screenshot above actually comes from the ESET report on Sednit hacking group.


Tax refund scammers use the name of the Estonian Tax and Customs Board


“Today I received an email from Already at the beginning it seemed doubtful that such letter would come in November. However, even more bizarre became the thing when I opened the link from this email. It is obvious that this email seeks to scam out of naive people their credit card details – card number, CVV2 code” a person who received the letter writes in her Facebook post.