OVERVIEW
In March 2021, a mass phishing campaign targeted State of New Hampshire employee emails. In total there were 1,200 inbound emails with 2,335 recipients. We would like to make the USNH community members aware of the specifics of these emails, so that they can recognize it if they see it.
PHISHING EMAIL INFORMATION
The emails were sent from a compromised official State government email. The emails were informing the victim that their mailbox was nearing full and contained a link with credential harvesting malware. If the link was selected, it would redirect the victim to a fake website and prompt the victim to enter their credentials. If the credentials were entered, they would then be harvested. Following the collection of the credentials, the victim’s email account would be accessed by the cyber actor, at that point, they could then recreate this entire phishing campaign from a new compromised email account.
Email Subject = Microsoft Exchange Mailbox Maintenance
PHISHING EMAIL SCREENSHOT
