The US, Department of Homeland Security (DHS), Cyber Intelligence Network (CIN) is aware of a Thanksgiving Day-themed phishing email campaign with at least two variants targeting US government entities. The campaign began on 19 November 2018, and the phishing emails include Thanksgiving Day-themed subject lines with holiday-themed titled documents. The emails spoof legitimate government senders and attempt to deliver malware to legitimate government entities. The reported agencies that have been spoofed include multiple fusion centers, Information Sharing and Analysis Centers (ISACs), and the DHS. The senders’ email addresses were only spoofed and no user email accounts were compromised.
Subject line: “Thanksgiving Day Greeting Card”
Document title: “Thanksgiving-Congratulation.doc” Document title: “Thanksgiving-Day-Card.doc”
If you receive this type of a spoofed government email, Do not open the email. These examples demonstrate both the use of official email addresses to trick users and the US holiday time frame (pre-Thanksgiving Day to New Year’s Day) to lure an unsuspecting user to open the email and thus received malicious malware. The traditional US and Western Europe Christmas holiday time is infamous for these type cyber-attacks, usually for financial fraud.
For questions, comments or assistance regarding this report, please contact Wapack Labs at 844-492-7225, or firstname.lastname@example.org