FBI warns election officials of credential phishing attacks

2022-03-29 16:52

"As of October 2021, US election officials in at least nine states received invoice-themed phishing emails containing links to websites intended to steal login credentials."

On 5 October 2021, unidentified cyber actors targeted US election officials in at least nine states, and representatives of the National Association of Secretaries of State, with phishing emails.

On 18 October 2021, cyber actors used two email addresses, purportedly from US businesses, to send phishing emails to county election employees.

On 19 October 2021, cyber actors used an email address, purportedly from a US business, to send a phishing email containing fake invoices to an election official.

The US federal law enforcement agency believes the threat actors behind this phishing campaign will likely continue or increase attacks against US election officials with new phishing emails as the 2022 midterm elections are closing in.

Network defenders are advised to educate email users such as the election officials targeted in these attacks on how to identify phishing, social engineering, and spoofing attempts and always confirm requests for sensitive info-including credentials-through secondary channels.

News URL

https://www.bleepingcomputer.com/news/security/fbi-warns-election-officials-of-credential-phishing-attacks/

#attack #credential #election #FBI #phishing

News URL

Related news