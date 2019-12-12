REDWOOD CITY, Calif., Dec. 12, 2019 (GLOBE NEWSWIRE) -- Anomali , a leader in intelligence-driven cybersecurity, today published a new report from the Anomali Threat Research Team: Phishing Campaign Targets Login Credentials of Multiple U.S., International Government Procurement Services.



The research identified numerous phishing sites designed to steal credentials from victims at 22 government procurement services agencies and several private businesses. Targeted organizations in the United States included the U.S. Department of Energy, U.S. Department of Commerce, U.S. Department of Veterans Affairs, U.S. Department of Transportation, and the U.S. Department of Housing and Urban Affairs. Private enterprises targeted included DHL International and China-based SF-Express.

To execute the campaign, adversaries sent lure documents via phishing emails containing links to spoof phishing sites that were masquerading as legitimate login pages. Victims duped into following the phishing email link would then be invited to log in. Anyone who fell victim to the adversaries would have provided them with their credentials.

Anomali researchers have not identified the threat actors. Researchers say the method used is consistent with a persistent attack. Adversaries hosted the spoofed phishing site domains in Turkey and Romania. The campaign is currently dormant.

The full report can be accessed at: https://www.anomali.com/resources/whitepapers/phishing-campaign-targets-login-credentials-of-multiple-us-international-government-procurement-services . Identified Indicators of Compromise (IOCs) have been integrated directly into Anomali Altitude customers’ security infrastructures to enable faster and more automated detection, blocking, and response. For more information on how Anomali customers gain integrated access to threat research, visit: https://www.anomali.com/products

