Anomali researchers have identified a credential harvesting campaign designed to steal the login credentials for multiple government procurement services from a range of international countries. The procurement services are used by multiple public and private sector organizations to match buyers and suppliers.
This whitepaper aims to provide an overview of the discovered phishing campaign, as Anomali researchers consider it likely that the actors will continue to target these services in the future. We'll cover:
- The targeted landscape and spoofed organizations;
- Lure documents and credential harvesting sites;
- Threat Infrastructure Analysis;
- Specific indicators of compromise (IOCs) associated with the campaign.
Read the full report to understand the possible motivations of this phishing campaign.