"Cyber Threats Target US Election Officials With Phishing Campaign"

On March 29, the FBI issued a warning about an ongoing and extensive phishing campaign aimed at US election officials. Since October 2021, attackers have attempted to obtain officials' login credentials in at least nine states by using fake invoice inquiries and hacked email accounts. If successful, this activity could offer cybercriminals long-term undetected access to a victim's systems, according to the FBI's Private Industry Notification. On October 5, 2021, unidentified threat actors sent phishing emails to US election authorities and National Association of Secretaries of State (NASS) representatives. These emails were sent from at least two different email accounts, one of which was discovered to be a compromised email account belonging to a US government official. A malicious file called INVOICE INQUIRY.PDF was attached to the emails, directing recipients to a website that collected credentials. Similar instances occurred on October 18 and 19, allegedly using email accounts from private US businesses. These attacks targeted county election officials and personnel. The phishing emails contained Microsoft Word documents disguised as invoices, which also lured users to credential-harvesting websites. As the incidents all happened within a short period of time and used the same phishing approach, the attacks were likely launched by the same threat actor. The FBI's alert did not specify whether any systems or data were compromised as a result of these incidents, but these types of attacks are expected to continue or worsen in the lead-up to the 2022 midterm elections. This article continues to discuss the phishing attempts targeting US election officials and recommendations from the FBI on how to prevent phishing attacks. 

Security Intelligence reports "Cyber Threats Target US Election Officials With Phishing Campaign"