Vulnerability Management, Email security

Evolving phishing campaign sets sights on US government contractors

U.S. government contractors are being targeted by an ongoing phishing campaign that once used PDF files pertaining to the bidding process for Department of Labor projects but has since expanded to impersonate the Department of Commerce and the Department of Transportation, according to BleepingComputer. Aside from leveraging different lures in phishing messages, attackers behind the updated campaign have also utilized improved phishing page web behavior, as well as removed artifacts indicating fraudulent activity in old PDF attachments, a report from Cofense revealed. Attackers have applied more consistent formatting, bigger logos, and linked PDF files in the new emails, while the PDF files have not only been simplified but also featured metadata corresponding to the spoofed department. Moreover, HTTPS has been used on all phishing websites, which have also been given longer domains to better conceal malicious activity, the report said. "Given the advancements seen in each area of the phishing chain, it is likely the threat actors behind these campaigns will continue to innovate and improve upon their already believable campaigns," said Cofense.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.