Cofense
Credential Phishing Targeting Government Contractors Evolves Over Time
Cofense Resources

Credential Phishing Targeting Government Contractors Evolves Over Time

Credential Phishing Targeting Government Contractors Evolves Over Time

Threat actors are running a series of campaigns spoofing several departments of the United States government. The emails claim to request bids for government projects but lead victims to credential phishing pages instead. These campaigns have been ongoing since at least mid-2019 and were first covered in a Cofense Flash Alert in July 2019. These advanced campaigns are well crafted, have been seen in environments protected by secure email gateways (SEGs), are very convincing, and appear to be targeted. They have evolved over time by improving the email contents, the PDF contents, and the appearance and behavior of the credential phishing pages.

Related Resources:


2024 Annual State of Email Security Report
2024 Annual State of Email Security Report
Q3 2023 Cofense Phishing Intelligence Report
Q3 2023 Cofense Phishing Intelligence Report
Q2 2023 Cofense Phishing Intelligence Report
Q2 2023 Cofense Phishing Intelligence Report
Download the Resource


Related Resources:


2024 Annual State of Email Security Report
2024 Annual State of Email Security Report
Q3 2023 Cofense Phishing Intelligence Report
Q3 2023 Cofense Phishing Intelligence Report
Q2 2023 Cofense Phishing Intelligence Report
Q2 2023 Cofense Phishing Intelligence Report