Security News > 2022 > January > Cloned Dept. of Labor Site Hawks Fake Government Contracts

Cloned Dept. of Labor Site Hawks Fake Government Contracts
2022-01-19 11:00

A new phishing campaign is targeting aspiring government vendors with an invitation to bid on various fake federal projects with the U.S. Department of Labor.

The phishing lure email texts claim that the DoL is soliciting bids for "Ongoing government projects," and included a.PDF file attached with government branding.

Once clicked, the link takes victims to various domains impersonating the DoL. The malicious site was a copy-and-paste of the website styling code from the actual Department of Labor site, with the addition of a bright red link directing victims to a credential harvester asking for the login details of a Microsoft or other business account, the report added.

"When an INKY engineer made a first attempt at entering fake credentials, the site displayed a fake incorrect credentials error," the researchers wrote.

"But behind the scenes, those fake credentials had already been harvested."

To avoid compromise, INKY suggests security teams remind end users that legitimate government domains end in.


News URL

https://threatpost.com/cloned-dept-of-labor-fake-government-contracts/177734/