Phishing campaign disrupts US-CERT

A phishing campaign has spoofed the US computer emergency readiness team (US-CERT) and hindered the organisation's ability to handle email.

A division of the US Department of Homeland Security, it issued a warning to internet users after the phishing email campaign emerged yesterday. Attackers spoofed US-CERT email addresses to target "a large number of private sector organisations as well as federal, state and local governments".

The phishing emails have an attached .zip file that contains a malicious executable called ‘US-CERT Operation Center Reports .eml.exe' with a subject line of ‘Phishing incident report' and include a phone number. The address soc@us-cert.gov was the primary spoofed address, but US-CERT notes other invalid email addresses were also used. 

An operator at US-CERT said it had difficulty receiving emails due to the phishing campaign. It advised that users should not open the email or attachments.

Sign up to our newsletters