Mass phishing attacks were conducted on behalf of government institutions

Based on monitoring activities conducted by the Computer Emergency Response Center of the Special Communication and Information Security State Service of the Republic of Azerbaijan, as well as incident notifications received, mass phishing email campaign targeting email addresses of various government institutions within the AzStateNet network have been identified. The attack scenario is based on social engineering techniques aimed at creating a sense of fear and urgency among citizens, with the objective of coercing victims into complying with certain demands through fraudulent notifications and attached documents.

The investigation established that, at the initial stage of the attack scenario, an email entitled “Cinayət istintaqının zəruriliyi barədə bildiriş” was sent from an email address that appeared legitimate. At subsequent stages, communication with the victim was continued, during which demands implying alleged legal liability and financial obligations were put forward. The further analysis determined that the campaign was built not so much on malicious links or files, but rather on elements of psychological pressure, manipulation and abuse of trust.

We inform you that the detailed investigation of the aforementioned incident was carried out by the Malware Research Laboratory of the Computer Emergency Response Center.

Citizens are once again advised not to panic when encountering such cases, to carefully verify the source of incoming emails and not to respond immediately to suspicious notifications. Particular caution should be exercised with messages sent on behalf of official institutions that invoke legal liability, fines or demands for urgent action and in such circumstances, it is essential to verify the information directly with the relevant institutions. At the same time, where suspicious emails and attachments are detected, reporting them to the responsible information security personnel and competent institutions is of significant importance for the timely prevention of cyber threats.