NCSC Security Advisory - NCSC-EV-2015-126
The NCSC is aware of a recent campaign involving credential harvesting attacks in the form of spear phishing emails targeting a number of different government agencies.
The attack is delivered using a spear phishing email containing a malicious link, different social engineering techniques to fool the victim and/or compromising legitimate email accounts to propagate further.
Refer here for the full NCSC Security Advisory - NCSC-EV-2015-126 [PDF, 429 KB].