Silent Push, a detection-focused threat intelligence solution focused on identifying and nullifying threats before they launch, released a blog post today outlining an ongoing “fake bid” phishing campaign that is targeting US government contractors.
The company identified a long list of targeted government contractors and live phishing sites trying to collect their credentials. This campaign appears to have been ongoing for some time and is representative of an ongoing tactic of attacking the supply chain used by multiple adversaries in recent years.
The attacker had a list of companies to target and then had set up fake government department procurement landing pages depending on what they would be bidding for. It is not clear how much this aligns with the real world alignment of contracts. Do these targeted companies already have contracts with those departments?
Also Read: Strategies to Set up Kubernetes Continuous Compliance
The lure was sent via email and then the victim, if they clicked on the link would be taken to the fake government procurement landing page. Once they had clicked through an “invitation for bid” pop up there was a clear “click here to bid” button which would lead to a data collection form for the users email address and password.
“From this point on we can only speculate what the attackers did with the gathered credentials, if they were successful,” said Ken Bagnall from Silent Push.
Silent Push has released all related indicators to their customers through their live threat feeds.
For more such updates follow us on Google News ITsecuritywire News