CloudSEK researchers have identified an extensive phishing campaign in which threat actors (TA) were impersonating the Ministry of Human Resources of the UAE government.

Spotted through the company’s artificial intelligence (AI) digital risk monitoring platform XVigil, the new threat would target various government and corporate entities across the finance, travel, hospital, legal, oil and gas and consultation industries.

“The actors created a fake website […] that resembles the legitimate domain […] to defraud users,” CloudSEK wrote in an advisory.

The security experts’ investigation suggests this is a large-scale phishing campaign, mainly targeted at individual job seekers and businesses and exposing them to 419 and BEC scams.

“Upon observing the pattern of the email address used to register the domains, domain name, and hosting infrastructure, it can be inferred that a single threat actor or a threat actor group owns all these phishing domains and websites,” CloudSEK said.

Further investigation of the email address also led to the discovery of 43 domains that shared the same registrant information.

“During the course of our investigation into the fake domain, CloudSEK researchers discovered various other domains on the Open Source Internet (OSINT) that were reported on websites […] as scams, targeting job seekers.”

According to the security experts, the above phishing projects could also be utilized by other threat actors to target specific users and steal their passwords, documents, crypto wallets and other sensitive information.

To mitigate the impact of these attacks, CloudSEK said companies and individuals should avoid downloading suspicious documents from unknown sources or clicking on suspicious links.

Further, the company said the visibility of file extensions should be enabled (on Windows systems) to spot files with unknown file extensions before downloading them.

Finally, CloudSEK concluded that both multi-factor authentication (MFA) and the use of up-to-date antivirus and anomaly detection tools could also help reduce the impact of these advanced phishing scams.

Open chat
Iam Guest Posting Service
I Have 600 Site
Status : Indexed All
Good DA : 40-60
Different Nice I Category
Drip Feed Allowed
I can instant publish

My Service :
1. I will do your orders maximum of 1X24 hours, if at the time i’am online. I will do a maximum of 1 hour and the process is complete.
2. If any of you orders are not completed a maximum of 1x24 hours, you do not have to pay me, or free.
3. For the weekend, I usually online, that weekend when i’am not online, it means i’am working Monday.
4. For the payment, maximum payed one day after published live link.
5. Payment via paypal account
If you interesting, please reply
Thank You