Home / News / US-CERT: Email-Based Phishing Attacks Target Gov’t Agencies, Private Sector

US-CERT: Email-Based Phishing Attacks Target Gov’t Agencies, Private Sector

CyberCrimeKeyboardThe U.S. Computer Emergency Readiness Team has disclosed email-based phishing campaigns that it said operated between June and July to target government agencies and the private sector.

US-CERT said Saturday that it detected three phishing attacks in the form of email-attached website links, compromised corporate websites and a compressed file that contained a malicious executable content.

The attackers worked to spread the campaigns by infecting systems to gain entry into organizational networks and steal critical non-public information, according to US-CERT.

The team recommends organizations implement email server and security gateway filters, web proxy and firewall and DNS server blocks in order to address the threat.

US-CERT also calls on agencies to scan email server logs for applicable sender, subject and attachments; check web proxy, DNS, firewall and IDS logs for malicious activity; and assess anti-virus logs for malware alerts.

For infected systems, US-CERT recommends users capture live memory and forensic images of systems for analysis.

Check Also

AHRQ Challenge Seeks New Apps to Facilitate Patient-Reported Outcome Data Collection

The Agency for Healthcare Research and Quality has launched a three-phase competition to develop new applications …

Leave a Reply

Your email address will not be published. Required fields are marked *