On Tuesday, the Federal Bureau of Investigation (FBI) issued a warning to the US election and other state and local government officials about a widespread phishing operation that has been attempting to steal their credentials since at least October 2021.
If successful, this activity may provide cyber actors with sustained, undetected access to a victim’s systems. As of October 2021, US election officials in at least nine states received invoice-themed phishing emails containing links to websites intended to steal login credentials.
Considering that the phishing emails have similar attachment files, use compromised email addresses, and were sent at the same time, this is most probably a coordinated, ongoing attempt to attack US election officials.
According to the FBI, the threat actors employed a variety of techniques to lead their victims to phishing landing pages that were intended to fool them into entering their logins.
On October 18, 2021, cybercriminals sent phishing emails to county election employees using two email addresses that appeared to be from US enterprises.
The FBI identified three waves of phishing emails aimed at election officials, each of which used different methods to hoodwink them into revealing their credentials:
On 5 October 2021, unidentified cyber