A mysterious new phishing campaign is targeting government departments and related business services around the world in cyberattacks that aim to steal the login credentials from victims.
In total, the phishing attacks have targeted at least 22 different potential victim organisations in countries including the United States, Canada, China, Australia, Sweden and more. All of the attacks involve emails claiming to be related to the targeted government agencies and all of them attempt to trick victims into clicking an email link that asks for their username and password.
Anyone who enters their login credentials into the spoofed government agency websites will give cyber criminals access to their account.
The campaign has been discovered and detailed by cybersecurity researchers at Anomali; but while it’s clear a lot of work has gone into what researchers describe as a ‘persistent’ campaign, it’s unclear who is behind the attacks or what their ultimate motivations are. It could be an effort to conduct corporate espionage.
“It could be that the adversaries are trying to gain access to potential bidders to undercut the competition or to compromise government suppliers for more long-term gain,” Sara Moore, cyber-threat intelligence analyst at Anomali, told ZDNet.
The majority of the attacks focus on government departments, but a small percentage also target procurement and logistics firms related to the targets.
The country in which the largest number of these attacks have been seen is the United States with the U.S. Department of Energy, U.S. Department of Commerce and U.S. Department of Veterans Affairs among those targeted.
Those behind the attacks have been careful to create unique lures for each of their targets, using phishing emails containing a lure document purporting to be related to bidding and procurement activity of the department. In each case, the phishing email is written in the native language of the target department’s country.
For example, a phishing email targeting the U.S. Department of Commerce claims to contain information related to bidding on commercial products and services, with the target encouraged to open a lure document. The document contains an embedded link, which the target is encouraged to click through to and it’s this that leads to one of the phishing websites.
More Related Posts Here
- AU cybersecurity plan criticized by Experts
- Five African Nations Acquire Prominence for Cyber Attacks
- Free ESET Cybersecurity Awareness Training set up For Kenya's SMEs
- Nigeria loses N127 billion to cybercrime
- Cyber fraud exacerbated by fake apps-CA Report
- Cyber attacks in Kenya rose to 11.2 million in first quarter, CA Report
- New account Fraud increase Worldwide