Caution regarding spoofing activity surrounding Not Petya ransomware event
This information is marked TLP White; Subject to standard copyright laws. TLP: White information may be distributed without restriction.
*Any reproduction or reposting of this content requires proper credit/attribution to NH-ISAC.
It is being reported that bad actors are attempting to gain credential access through phishing attempts claiming to be Government Agency entities helping to resolve vulnerabilities related to the ongoing campaign.
Organizations are reminded to verify the links and security certificates of any such email. Note that examples include [.com] vs [.gov] extensions on supposed agency websites. Such phishing is not limited to using government agency spoofing.