CISO Consulting · Cybersecurity Advisory
ciso.sa
BREAKING High
Alert
📊 ⏱ 1 min read
New Phishing Campaign Targets Saudi Government Employees
19 Feb 2026 · 11:35
👁 5.1K
SHARE THIS ARTICLE
A coordinated spear-phishing campaign impersonating official government portals has been detected targeting Saudi public sector employees.
Security researchers have identified a new spear-phishing campaign targeting Saudi government employees through fake Absher and Tawakkalna login pages. The campaign uses convincing Arabic-language emails and SMS messages to steal credentials and deploy RAT malware.
🤖
AI Executive Analysis
📦 cached
A sophisticated spear-phishing campaign is actively targeting Saudi government employees using fake Absher and Tawakkalna login pages. Attackers are deploying Arabic-language emails and SMS messages to harvest credentials and install Remote Access Trojan (RAT) malware. This coordinated attack specifically impersonates trusted official government portals to exploit employee trust and gain unauthorized access to sensitive government systems.
Key Takeaways
→
Spear-phishing campaign specifically targets Saudi public sector employees using localized Arabic content
→
Attackers impersonate legitimate government platforms Absher and Tawakkalna to steal credentials
→
Campaign deploys RAT malware enabling persistent unauthorized access to compromised systems
⚠ Saudi Impact:
This campaign poses a critical threat to Saudi government organizations as successful credential theft could lead to unauthorized access to sensitive government data, systems, and citizen information. The use of RAT malware enables attackers to maintain persistent access, conduct lateral movement within networks, and potentially exfiltrate classified information. Given the targeting of Absher and Tawakkalna platforms, which are widely used for government services and COVID-19 management, the attack surface is significant and could affect multiple government entities and their operations.
spear-phishing
credential-theft
RAT-malware
government-sector
Absher
Tawakkalna
social-engineering
Saudi-Arabia
public-sector-attack
Arabic-language-threat
CISO Consulting · ciso.sa
https://ciso.sa/z/news/phishing-campaign-saudi-government
© 2026 CISO Consulting.
For informational purposes only.
💬 Comments (0)
🔒 Please log in to comment
Be the first to comment