This is an update to Public Service Announcement I-051525-PSA, released May 15, 2025, which can be found here. Activity dating back to 2023 reveals malicious actors have impersonated senior U.S. state government, White House, and Cabinet level officials, as well as members of Congress to target individuals, including officials’ family members and personal acquaintances. If you receive a message claiming to be from a current or former senior U.S. official, do not assume it is authentic and follow the below recommendations to identify suspicious messages.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- France to ditch Windows for Linux to reduce reliance on US tech
April 10, 2026
France is trying to move on from Microsoft Windows. The country said it plans to move some of its government computers currently running Windows to the open source operating system Linux to further reduce its reliance on U.S. technology. Linux is an open source operating system that is free to download and use, with various customized ...
- Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations
April 6, 2026
The financially motivated cybercriminal actor tracked by Microsoft Threat Intelligence as Storm-1175 operates high-velocity ransomware campaigns that weaponize N-days, targeting vulnerable, web-facing systems during the window between vulnerability disclosure and widespread patch adoption. Following successful exploitation, Storm-1175 rapidly moves from initial access to data exfiltration and deployment of Medusa ransomware, often within a few days and, ...
- Iran targets M365 accounts with password-spraying attacks
March 31, 2026
Suspected Iran-linked threat actors are conducting password-spraying attacks against hundreds of organizations, primarily Middle Eastern municipalities, in campaigns that security researchers believe may have been aimed at supporting bomb-damage assessment following missile strikes. Tel Aviv-based Check Point Research on Tuesday said that the attackers used multiple source IP addresses to target numerous Microsoft 365 accounts, affecting ...
- Iran threatens to start attacking major US tech firms on April 1
March 31, 2026
Iran’s Islamic Revolutionary Guard Corps warned Tuesday that it plans to begin attacking more than a dozen American companies across the Middle East on Wednesday in retaliation for the killing of Iranian citizens in the ongoing war with the US and Israel. The list of companies includes Apple, Google, IBM, Intel, Microsoft, Tesla, and Boeing, which ...
- Iranian hackers allegedly breached FBI Director Patel’s personal emails
March 27, 2026
Hackers breached FBI Director Kash Patel’s personal email, according to sources familiar with the situation. The majority of the emails were from prior to 2019, according to sources, and appear to be from before his tenure at the FBI. There were a few emails from 2022, sources told ABC News. “The FBI is aware of malicious ...
- Millions possibly affected by data breach at dermatology giant QualDerm
March 25, 2026
Dermatology management services giant QualDerm suffered a cyberattack in late 2025 which saw it lose sensitive personal and healthcare data on more than three million people. The company is now notifying affected individuals by mail, noting in a breach notification letter that between December 23 and 24, 2025, a threat actor managed to access “a limited ...