A well-known hacking group Pawn Storm, aka Fancy Bear, set up phishing sites last June mimicking the U.S. Senate’s Active Directory Federation Services (AD FS) server. The group has been attempting to phish webmail accounts for many years and typically target U.S. senators and international political organizations.
Those include international and military organizations, Ministry of Defenses, Ministry of Foreign Affairs, intelligence units and defense contractors that provide IT services and engineering/robotics design for the U.S. government.
A new blog post by Duo Information Security Journalist Thu Pham describes some of the techniques used to cleverly phish people, as well as how attackers use stolen DNS admin credentials to compromise mail servers. Read it here: https://duo.com/blog/phishing-campaign-targets-us-senators-and-political-organizations