APWA Wisconsin Chapter Emergency Committee Chair Bruce Slagoski has asked the Chapter to share this information:
On the evening of Wednesday, 07 March 2018, the Wisconsin Statewide Intelligence Center (WSIC) received multiple reports of a new spear phishing campaign targeting public sector employees inside and outside of Wisconsin. The phishing email spoofs delivery notices from FedEx, but spoofing of other companies such as UPS and banks has also been reported. The email contains the name and social security number (labeled as the phone number) of the recipient, and a Google Docs link.
When the user clicks the Google Docs link, it runs a script to download an executable program. It is suspected that the executable program is designed to turn the infected computer into part of a botnet. A botnet is a network of private computers infected with malicious software. The botnet is controlled as a group without the owners’ knowledge and is often used to send other spam. WSIC is currently working with partners to determine the source of the PII.
These domains have been associated with this campaign: