Security News > 2022 > January > Office 365 phishing attack impersonates the US Department of Labor
A new phishing campaign impersonating the United States Department of Labor asks recipients to submit bids to steal Office 365 credentials.
The phishing campaign has been ongoing for at least a couple of months and utilizes over ten different phishing sites impersonating the government agency.
In a new report by email security firm INKY, who shared the report with Bleeping Computer before publication, researchers illustrated how the phishing attack is used to steal credentials.
Those who bid for a project will be taken to a credential harvesting form that targets their Microsoft Office 365 email address and password.
We saw something similar in December 2021, with phishing actors impersonating Pfizer and using well-crafted PDF attachments to invite recipients to submit bids to the pharmaceutical company.
In this case, the most obvious sign of the scam would be the Department of Labor requiring anyone to log in with Office 365 credentials to view a document, something that isn't the case on any U.S. government website.
News URL
Related news
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- US sanctions Chinese firm for hacking firewalls in ransomware attacks (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- US names Chinese national it alleges was behind 2020 attack on Sophos firewalls (source)
- US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack (source)
- Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)
- Microsoft fixes bug behind random Office 365 deactivation errors (source)
- Chinese hackers targeted sanctions office in Treasury attack (source)