According to the security vendor Anomali, sources of domains and over 120 phishing sites have been detected as involved with a major global campaign that is targeting government procurement services. Anomali stated that the credential harvesting campaign consisted of spoofed sites for international government departments as well as spoofed email services.
The documents attached to the phishing emails contain links to the compromised sites that feature an illegitimate login service. Anomali found that the US was the most heavily targeted government, followed by Canada, Japan, Poland, and China. Anomali reports that over 62 domains and 122 phishing sites were detected, although none of these sites remains active today.
Read More: Over 100 Phishing Sites Spotted in Global Government Campaign