Phishing Campaign Exploits Fake Trump Assassination Story to Harvest Corporate Data

Nist Framework

A new phishing campaign circulating online is using a fabricated assassination attempt on former President Donald Trump to trick users into divulging personal and corporate information, according to cybersecurity experts at ESET. The attack targets corporate networks with the goal of stealing sensitive data and potentially infiltrating these systems.

While two genuine assassination attempts on Trump were reported prior to the 2024 U.S. elections, the latest claimā€”suggesting a plot against him by Iranian agentsā€”is completely false and intended to deceive. Experts are warning users to be cautious of this latest phishing scheme, which plays on current events and aims to capitalize on public interest in Trumpā€™s return to office.

The emails in question are being tailored to the domain names of specific victims, with perpetrators focusing on corporate targets. These emails often feature counterfeit logos of well-known media outlets to lend credibility to the fabricated story. The attackers then embed shortened URLs that lead to fake login pages designed to steal corporate user credentials.

As Trump is set to be inaugurated as the 47th President of the United States on January 20, 2025, the timing of the campaign is particularly strategic. The email campaigns often cite ā€œThe New York Times,ā€ a news outlet that has been critical of Trump, using it as a seemingly legitimate source of the assassination report. This tactic is intended to increase the likelihood that recipients will fall for the scam, especially given the mediaā€™s historic stance against the former president.

In a similar attack, a major software company was also targeted by the same phishing campaign, with the perpetrators swapping out logos to make the emails appear to come from Reuters. This shows how attackers are willing to adapt their tactics to maximize the effectiveness of their schemes.

Cybersecurity professionals recommend that users be vigilant and mark such suspicious emails as spam. If any of these messages make it to your inbox, experts advise against clicking on any embedded links, as they can redirect to malicious sites designed to install malware or steal sensitive data.

With the possibility of such campaigns increasing during the first few months of Donald Trumpā€™s second term in office, both public and private sectors are being urged to remain on high alert. Vigilance is essential in the face of these evolving cyber threats.

Ad
Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display