The Federal Bureau of Investigation (FBI) is warning U.S. election and other state and local governments about invoice-themed phishing emails that could be used to harvest officials’ login credentials. If successful, this activity may provide cyber actors with sustained, undetected access to a victim’s systems.
The FBI judges cyber actors will likely continue or increase their targeting of U.S. election officials with phishing campaigns in the lead-up to the 2022 U.S. midterm elections.
For more information about this threat and recommendations to reduce the risk of compromise, see the full alert from the FBI below.