Phishing schemes mimic OPM breach notifications

Phishing schemes mimic OPM breach notifications

It was probably inevitable:  The millions of Americans whose personal information may have been stolen from Office of Personnel Management databases must now worry about scammers trying to capitalize on the government's response to that breach.

A June 30 alert from the U.S. Computer Emergency Readiness Team warned that "US-CERT is aware of phishing campaigns masquerading as emails from [OPM] or the identity protection firm CSID." After the breach was disclosed on June 4, OPM contracted with CSID to notify affected personnel and promised free credit monitoring for those whose records were compromised.

US-CERT did not offer specific examples of the fake emails, but did urge recipients to report any suspicious messages.   The agency also reminded individuals that "the legitimate domain used for accessing identity protection services is https://opm.csid.com."

The breaches of OPM data are believed to have affected current and former federal employees, recent applicants for federal jobs, some industry contractors and -- thanks to the details demanded on the Standard Form 86 used for security clearances -- a wide range of applicants' family members, friends and acquaintances.  OPM has not specified the number of individuals believed to be affected, but estimates have ranged from 4 million to upwards of 14 million.   

About the Author

Connect with the GCN staff on Twitter @GCNtech.

Featured

  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected