Phishing Champaign on Cyber Space of Bangladesh

by CIRT Team

A targeted phishing campaign was identified originating from the compromised government/law enforcement email accounts. The attacker leveraged legitimate credentials to gain unauthorized access and send fraudulent emails to a wide range of recipients, primarily within government organizations and law enforcement agencies. This campaign reflects a well-coordinated credential-based phishing operation, targeting critical sectors to exploit trust within intra-government communications.

The phishing emails typically include:

• Embedded phishing links within .jpeg or .png files disguised as document attachments.
• Password-protected .docx files, intended to bypass email security filters.

Most Targeted Sectors:

• Law Enforcement Agencies
• Government Organizations

Get the Full Document

CIRT Team

Recommended Posts

Situational Alert for CII, Energy Sectors, Banks

25 Jul 2025 - Security Advisories & Alerts

Situational Awareness for Eid-ul-Adha Holidays

04 Jun 2025 - Security Advisories & Alerts

Situational Awareness for Eid-Ul-Fitr 2025 Holidays

27 Mar 2025 - Security Advisories & Alerts