Advanced phishing scam targets Middle East and impersonates UAE Ministry of Human Resources

CloudSEK researchers uncovered an extensive phishing campaign in which threat actors (TAs) impersonated the UAE government’s Ministry of Human Resources.

Discovered through XVigil, the company’s artificial intelligence (AI) digital risk monitoring platform, the new threats will target a variety of government and corporate entities in the financial, travel, hospital, legal, oil and gas, and consulting industries.

“The actors created a fake website […] similar to legal domains […] deceive users,” CloudSEK wrote in an article consult.

Investigations by security experts indicate that it was a massive phishing campaign targeting individual job seekers and businesses and exposing them to 419 and BEC scam.

“By observing the patterns of email addresses used to register domains, domain names, and hosting infrastructure, it can be inferred that a single threat actor or group of threat actors owns all of these phishing domains and websites,” CloudSEK said.

Further investigation of email addresses also led to the discovery of 43 domains sharing the same registrant information.

“During our investigation of fake domains, CloudSEK researchers discovered various other domains reported on websites on the Open Source Internet (OSINT) […] As a scam, targeting job seekers. “

According to security experts, the aforementioned phishing projects could also be exploited by other threat actors to target specific users and steal their passwords, files, encrypted wallets and other sensitive information.

To mitigate the impact of these attacks, companies and individuals should avoid downloading suspicious files from unknown sources or clicking on suspicious links, CloudSEK said.

Additionally, the company says that visibility of file extensions (on Windows systems) should be enabled to discover files with unknown file extensions before downloading them.

at last, CloudSEK It was concluded that multi-factor authentication (MFA) and the use of up-to-date antivirus and anomaly detection tools also help reduce the impact of these advanced phishing scams.