A new phishing campaign is targeting federal contractors with an invitation to bid on various fake federal projects with the U.S. Department of Labor
Emails branded to look like legitimate communications from the DoL contain malicious links that, rather than leading to a government procurement portal, harvest the credentials of anyone who attempts to login.
The majority of phishing emails have a sender email addresses spoofed to look as if they came from no-reply@dol[.]gov, which is the real DoL site.
Emails are well crafted, claiming that the DoL is soliciting bids for “ongoing government projects,” and includes a .PDF file attached with government branding. Clicking on any of the links will direct victims to a malicious copy-and-paste site of the actual Department of Labor site, with the addition of a bright red link directing victims to a credential harvester asking for the login details of a Microsoft or other business account.
The Takeaway
Legitimate government domains end in .gov or .mil and official federal procurement departments do not typically send out cold solicitations for bids. Also, it is unusual to be asked for email credentials to view any document, especially by unsolicited email. Stay safe out there
-A
PS. We were on ThinkTech yesterday, talking with Jay Fidell about how Cybersecurity is important to maintaining or increasing the revenue potential of local businesses. It’s a short interview – though you or someone you know may find it interesting.