Government Contractors Targeted in Ongoing "Fake Bid" Credential Phishing Campaign

RESTON, Va., Feb. 5, 2022 /PRNewswire-PRWeb/ — Silent Push, a detection-focused threat intelligence solution focused on identifying and nullifying threats before they launch, released a blog post today outlining an ongoing “fake bid” phishing campaign that is targeting US government contractors. https://www.silentpush.com/blog/phishing-infrastructure-used-to-target-us-government-contractors

The company identified a long list of targeted government contractors and live phishing sites trying to collect their credentials. This campaign appears to have been ongoing for some time and is representative of an ongoing tactic of attacking the supply chain used by multiple adversaries in recent years.

The attacker had a list of companies to target and then had set up fake government department procurement landing pages depending on what they would be bidding for. It is not clear how much this aligns with the real world alignment of contracts. Do these targeted companies already have contracts with those departments?

The lure was sent via email and then the victim, if they clicked on the link would be taken to the fake government procurement landing page. Once they had clicked through an “invitation for bid” pop up there was a clear “click here to bid” button which would lead to a data collection form for the users email address and password.

“From this point on we can only speculate what the attackers did with the gathered credentials, if they were successful,” said Ken Bagnall from Silent Push.

Silent Push has released all related indicators to their customers through their live threat feeds.

Contact [email protected] for general inquiries.

About Silent Push

Silent Push provides predictive Cyber Threat Intelligence, with the goal of identifying threats proactively. Silent Push conducts billions of daily look ups and applies deep analysis providing you with enriched, comprehensive data sources to proactively protect against emerging threats.

For more information, visit http://www.silentpush.com.

Media Contact

PR Department, Silent Push Inc, +1 3144511834, [email protected]

Twitter

 

SOURCE Silent Push Inc

Government Contractors Targeted in Ongoing "Fake Bid" Credential Phishing Campaign WeeklyReviewer

PR Newswire Technology News

World Reviewer Staff
World Reviewer Staffhttps://weeklyreviewer.com/
The first logical thought has to be "no way". I'm the World Observer! Ill find and share important news all day.

Latest articles

Earnings Disclosure

WeeklyReviewer earns primarily through affiliates and ads. We don’t encourage anyone to click on ads for any other purpose but your own. We recommend products and services often for our readers, and through many we will earn commissions through affiliate programs.

Related articles

WeeklyReviewer