(Bloomberg) — Hackers are targeting U.S. election officials with invoice-themed phishing emails in an attempt to steal user names and passwords, the FBI said in a bulletin Tuesday.
Since October, election officials in nine states have received phony emails that would dupe users into handing over their login credentials. Some of the ruses contained similar file attachments, the FBI said, with names such as “invoice inquiry.pdf.”
A compromised U.S. government official’s account was responsible for sending some of the malicious emails, the bureau said. The effort has the characteristics of a “coordinated, ongoing” campaign aimed at accessing election officials’ accounts, according to the bulletin.
The FBI didn’t identify any suspects who might be behind the effort.
The government has warned that attackers will likely increase their targeting of election officials ahead of the November midterm elections. Bryan Vorndran, the assistant director for the FBI’s cyber division, told a House panel Tuesday that he’s been meeting regularly with other U.S. officials “to ensure that 2022 is a secure election.”
More stories like this are available on bloomberg.com
©2022 Bloomberg L.P.
