Phishing Campaign Impersonates the UAE

Phishing Campaign Targets UAEResearchers at CloudSEK have observed a financially motivated phishing campaign that’s impersonating the United Arab Emirates (UAE) Ministry of Human Resources. The large-scale campaign is targeting organizations in the “Finance, Travel, Hospital, Legal, Oil and Gas, and Consultation industries.”

“The actors created a fake website www.mohregov-ae[.]com that resembles the legitimate domain www[.]mohre[.]gov[.]ae, to defraud users,” the researchers write.

CloudSEK then tied this domain to forty-three other phishing sites that targeted immigrants looking for jobs in the Middle East, as well as targeting companies in order to carry out business email compromise (BEC) attacks. The researchers note that the sites are different depending on their purpose. The sites targeting job seekers are convincingly spoofed versions of legitimate career websites.

“While [the] domains that are presumably used to target job seekers impart a credible impression to first-time visitors, the domains potentially targeting businesses with BEC scams do not have a website and are most likely primarily used only to send emails,” the researchers write.

CloudSEK notes that despite the different types of scams, it appears that a single actor is behind this campaign.

“Upon observing the pattern of the email address used to register the domains, domain name, and hosting infrastructure, it can be inferred that a single threat actor or a threat actor group owns all these phishing domains and websites,” the researchers write.

CloudSEK offers the following advice for users to avoid falling for these attacks:

  • Avoid downloading suspicious documents from unknown sources.
  • Avoid clicking on suspicious links.
  • Enable the visibility of file extensions, and be wary of downloading files with unknown file extensions.
  • Ensure the usage of MFA (Multi-Factor Authentication).
  • Use up-to-date antivirus and anomaly detection tools.

New-school security awareness training can teach your employees to follow security best practices so they can thwart social engineering attacks.

CloudSEK has the story.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Phishing

Subscribe To Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews