Threat researchers at Lookout are seeking to take down a phishing campaign that has allegedly been targeting members of the US military and their families. The campaign has been operating for a while and impersonates military support organizations and personnel to commit advance fee fraud and steal sensitive personal and financial information. Lookout stated that the threat actor is motivated by financial gain and stealing sensitive data from victims. Information sought out by attackers includes photo identification, bank account information, names, addresses, and phone numbers.
The campaign operates using a series of websites that are designed to appear legitimate. The operators enhance the authenticity of the sites by adding advertisements for Department of Defense services to their malicious and illegitimate content. The site pretends to offer expensive services that are never delivered or trick users into thinking they are in a romantic relationship with a member of the military. Some of the fake services include leave applications, communication permits, and care packages. Cybersecurity researchers have pointed to Nigeria as the scammers’ operational base.
Read More: Phishing Scam Targets Military Families