Threat Watch

Microsoft Phishing Campaign Impersonates US Government Agencies

An ongoing phishing campaign that was originally reported on January 2022 has been altered to include better lures and new techniques. The main lure is a request to victim to bid on lucrative government contracts. This along with the use of fraudulent government emails from different agencies make it harder for victims to identify the phishing emails. The email is accompanied with a PDF that has been simplified and made smaller as opposed to earlier in the campaign. The PDF took user to phishing websites that were specifically crated, and those have seen improvements including the use of HTTPS.

ANALYST NOTES

Companies should ensure that phishing training is being conducted for employees in a productive way. As a rule, inks should never be followed or clicked from senders that are not known. Often threat actors will use PDFs that take the victims to another website to try an evade email security filters, which is why proper training is needed.

https://www.bleepingcomputer.com/news/security/microsoft-365-phishing-attacks-impersonate-us-govt-agencies/