Spear Phishing Emails Used for Credential Harvesting Across
Mulitple Government Agencies
The NCSC is aware of a recent campaign involving credential harvesting attacks in the form of spear phishing emails targeting a number of different government agencies.
The attack is delivered using a spear phishing email containing a malicious link, different social engineering techniques to fool the victim and/or compromising legitimate email accounts to propagate further.
Refer here for the full NCSC Security Advisory - NCSC-EV-2015-126 .