Families of U.S. military workers and individuals looking to have romantic relationships with soldiers are being actively targeted by an enduring phishing campaign that involves fraudsters spoofing military support organizations and personnel, VentureBeat reports. Suspected threat actors behind the operations have been seeking to exfiltrate victims' names, bank account data, phone numbers, addresses, and photo identification, in an effort to facilitate future identity theft attacks and bank account theft, according to a Lookout Threat Lab report. Researchers were able to link the attacks to Nigeria after discovering that Nigerian providers mainly hosted the websites they used. One of the web developers also accidentally left a phone number with the Nigerian country code on the website's draft. Poor operational security practices have made tracking the group easier for researchers, who have also associated the group with 50 military scam sites, as well as other scams that involve cryptocurrency trading, phony delivery services, and banks.