Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Phishing Campaign Targets Multiple U.S. and International Government Procurement Services

by Anomali

Jan 23, 2020

Global Phishing Campaign Spoofs Multiple Government Procurement Services With Credential Harvesting

Anomali researchers have identified a credential harvesting campaign designed to steal the login credentials for multiple government procurement services from a range of countries. The procurement services are used by multiple public sector organizations to match buyers and suppliers.

This whitepaper aims to provide an overview of the discovered phishing campaign, as Anomali researchers consider it likely that the actors will continue to target these services in the future. We'll cover:

• The targeted landscape and spoofed organizations
• Lure documents and credential harvesting sites
• Threat Infrastructure Analysis
• Specific indicators of compromise (IOCs) associated with the campaign

Read the full report to understand the possible motivations of this phishing campaign.