Phishing Scam Targets Military Families
Threat researchers at Lookout are helping to take down a phishing campaign that has been targeting members of the United States military and their families.
The scammers behind the long-running campaign impersonate military support organizations and personnel to commit advance fee fraud, stealing sensitive personal and financial information for monetary gain.
“Based on our analysis, it’s clear that the threat actor is looking to steal sensitive data from victims such as their photo identification, bank account information, name, address and phone number,” wrote Lookout’s researchers in a blog post on the scam published today.
“With this information, the actor could easily steal the victim’s identity, empty their bank account and impersonate the individual online.”
The campaign’s backbone is a series of websites that have been designed to appear as though they are affiliated with the military. To bring an added touch of authenticity to the sites, the operators add advertisements for Department of Defense services to their malicious content.
The sites offer expensive services that are never delivered, or trick users into thinking that they are in a romantic relationship with a member of the military. Fake services offered include care packages, leave applications, and communication permits.
Infrastructure indicators coupled