Home / News / US-CERT: Email-Based Phishing Attacks Target Gov’t Agencies, Private Sector

US-CERT: Email-Based Phishing Attacks Target Gov’t Agencies, Private Sector

CyberCrimeKeyboardThe U.S. Computer Emergency Readiness Team has disclosed email-based phishing campaigns that it said operated between June and July to target government agencies and the private sector.

US-CERT said Saturday that it detected three phishing attacks in the form of email-attached website links, compromised corporate websites and a compressed file that contained a malicious executable content.

The attackers worked to spread the campaigns by infecting systems to gain entry into organizational networks and steal critical non-public information, according to US-CERT.

The team recommends organizations implement email server and security gateway filters, web proxy and firewall and DNS server blocks in order to address the threat.

US-CERT also calls on agencies to scan email server logs for applicable sender, subject and attachments; check web proxy, DNS, firewall and IDS logs for malicious activity; and assess anti-virus logs for malware alerts.

For infected systems, US-CERT recommends users capture live memory and forensic images of systems for analysis.

Check Also

Top Pentagon Data Officer Explains Challenges Utilizing AI at DoD

Michael Conlin, Pentagon’s chief data officer, has said that the structure of data and developing a workforce would be the two major challenges to the agency’s adoption of artificial intelligence, FedScoop reported Thursday.

Leave a Reply

Your email address will not be published. Required fields are marked *