In September 2022, the CISA performed audits on several FCEB networks and found them to have been victim to a “widespread, financially motivated phishing campaign.” A month later, security researchers at Silent Push reported on a “typosquatting” trojan campaign involving several trusted domains, including PayPal, Microsoft, Geek Squad, and Amazon. On Wednesday, CISA confirmed several federal staff members had fallen for the help-desk-themed phishing campaign.
“[We] assess that since at least June 2022, cyber criminal actors have sent help desk-themed phishing emails to FCEB federal staff’s personal, and government email addresses,” the alert reads.
