Researchers from Inky detailed a series of phishing attacks in which the sender address on most of the emails appeared to come from no-reply@dol.gov, the real domain for the Department of Labor.