From threatpost.com
The campaign, codenamed “Bad Tidings,” has sought out victims’ credentials with clever fake landing pages pretending to be the Saudi Arabian Ministry of Interior’s e-Service portal.
An ongoing three-year-old phishing campaign has been targeting the credentials of Saudi Arabian government agencies — with a financially motivated actor the likely culprit.
The campaign, code-named “Bad Tidings,” has siphoned victims’ credentials by pretending to be the Kingdom’s Ministry of Interior’s e-Service portal, known as “Absher.” The recent emails have targeted four government entities: the Ministry of Interior, Saudi Government, Ministry of Foreign Affairs and the Ministry of Labor and Social Development – as well as the Saudi British Bank.
While the campaign has been ongoing since November 2016, researchers with Anomali said that in the past few months, the number of phishing landing pages has suddenly spiked.