Skip to main content

Hackers Are Imitating Government Agencies To Spread Malware

By November 22, 2019May 9th, 2022Cybersecurity

Researchers at Proofpoint have found evidence of a new threat actor who has been sending out convincing looking emails.

They are claiming to come from several government agencies.

These include the Italian Revenue Agency, the German Federal Ministry of Finance, and the United States Postal Service.

This is all part of a malicious campaign designed to infect targeted recipients with a variety of malware.

The bulletin Proofpoint released on matter reads, in part, as follows:

“Between October 16 and November 12, 2019, Proofpoint researchers observed the actor sending malicious email messages to organizations in Germany, Italy, and the United States, targeting no particular vertical but with recipients that were heavily weighted towards business and IT services, manufacturing, and healthcare.

These spoofs are notable for using convincing stolen branding and lookalike domains of European taxation agencies and other public-facing entities such as Internet service providers.  Most recently, the actor has attacked US organizations spoofing the United States Postal Service.  The increasing sophistication of these lures mirrors improved social engineering and a focus on effectiveness over quantity appearing in many campaigns globally across the email threat landscape.”

In the US, emails claiming to be from the post office come with an attached Word Document called “USPS_Delivery.doc.”  If a recipient clicks on the document to open it, they’ll receive a message that the file has been encrypted for additional security and in order to view it, they’ll be required to “enable content.”

Naturally, clicking on the “enable content” button does nothing of the sort.  Instead, it installs whatever malware the senders have associated with the email in question.

The identity of the threat actor is not known at this time, but this is a serious issue that you should immediately alert all employees about in order to minimize the risk to your company.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.