Researchers from Anomali discovered a new, mysterious phishing campaign that attempts to the steal login credentials from government departments from around the world. In total, the attacks have targeted at least 22 different organizations across North America, Europe and Asia.
The attacks consist of emails pretending to be related to the targeted government agencies and attempts to trick victims into clicking an email link that directs them to authentic-looking, spoofed government agency websites, prompting the victims to input their username and password. The country that has seen the highest volume of these attacks is the United States with the U.S. Department of Energy, U.S. Department of Commerce and U.S. Department of Veterans Affairs being among those targeted.
It’s currently unclear who is behind the attacks or what their primary goals are.