Threat Alert Phishing Attacks Impersonate Philippine Agency

• Cybercriminals have launched a series of phishing attacks impersonating the Philippine Department of Trade and Industry government agency.
• While the sender for these emails is “Department of Trade and Industry (DTI)”, the sending address does not match a valid Philippine government email address. 
• These DTI-branded lures contain malicious RAR attachments titled “TRADING ADVISORY.zip”.  
• These lures include messaging stating that every licensed recruitment agency has to acknowledge and endorse. Recipients are also allegedly required to forward the email to all foreign counterparts for endorsement.      

Key Actions (at Work and at Home)

• Remain alert to phishing indicators. Mismatches between sending addresses and an organization’s name are always warning signs, as are gratuitous typos and grammatical mistakes.  
• Remember cybercriminals take advantage of strong emotions. Emails seemingly coming from government agencies warning of business disruptions can cause significant anxiety for recipients. Keep in mind cybercriminals seek to capitalize on moments of anxiety and the difficulty in thinking clearly in such situations. 
• Report ANY suspicious emails using the Phish Alarm button. Remember: Our organization occasionally sends phishing simulations.