The Gambia Cyber Security Alliance has detected a sophisticated job recruitment phishing campaign orchestrated by malicious actors, specifically targeting entities like the Gambia Ports Authority. These threat actors have meticulously created over 18 subdomains, aligning them with their intended victims. Notably, during our security assessment, it was discovered that two deceptive sites were designed to imitate Gambia Ports:

1. job.gambiaports.gm.infoprogram.online (Already surfaced on the internet)

2. apply.job.gambiaports.gm.infoprogram.online (Another stage of the process)

Further investigations have revealed a wider scope of targets across Africa, including notable organizations such as GOIL in Ghana, SNCCSA in Congo overseeing port operations, Visit Namibia’s visa acquisition platform, Burundi’s prominent brewer and soft beverage company, Nordgold operating in Burkina Faso and Guinea, NOCMA in Malawi, National Development Bank in Botswana, Botswana Oil promoting “Your Fuel Your Future” initiative, and Epangelo Mining Company in Namibia.

Additionally, three respected security vendors – Google Safebrowsing, BitDefender, and Fortinet

have identified these fraudulent sites as phishing platforms, further emphasizing the severity and sophistication of this cyber threat. The Gambia Cyber Security Alliance is committed to sharing intelligence with affected organizations across the African continent to collectively mitigate this growing menace.