The e-mail appeared to come from NATO headquarters in Brussels, offering information about the earthquake in Italy. But anyone clicking on the link wasn’t directed to the western military alliance, but to a server that installed spyware on the recipient’s computer.
The so-called spear phishing attack hit German parliamentarians’ inboxes in August, according to an investigative report by the Süddeutsche Zeitung newspaper and public broadcasters NDR and WDR. Recipients included members of the Social Democratic Party, Left Party and Christian Democratic Union.
In 2015, the intranet of the Bundestag, Germany’s lower legislative chamber, was the target of a similar e-mail attack. At the time, federal security officials called it a “grave and far-reaching attack” and a “not insignificant data leak.” They traced the cyber attack to Russia