On 28 May 2021, the Cybersecurity and Infrastructure Agency (CISA) issued a joint Cybersecurity Advisory with the FBI, which reads in part as follows: “CISA and the Federal Bureau of Investigation (FBI) are responding to an ongoing spearphishing campaign targeting government organizations, intergovernmental organizations, and non-governmental organizations. A sophisticated cyber threat actor leveraged a compromised end-user account from Constant Contact, a legitimate email marketing software company, to spoof a U.S. government organization and distribute links to malicious URLs.”

To read the full text of the advisory, please click here.