Summary: The State Department is warning employees about a fraudulent scheme targeting their payroll accounts, involving phishing and social engineering tactics.
Key Point:
🔒 Cybercriminals are using phishing, email takeovers, and social engineering to redirect employee payroll deposits.
📧 The scheme initially targeted annuity accounts before evolving into phishing attempts for login data.
🔥 Phishing attempts included a spoofed IRS form that could expose systems to malware.
🎯 Federal login data has been a common target for malicious actors.
______________________
The State Department’s oversight office is warning current and former employees to be cautious of a fraudulent scheme targeting workers’ payroll accounts.
The Monday alert said that cybercriminals are attempting to use “phishing, email account takeovers, and social engineering” to veer employee payroll deposits into their own bank accounts.
The scheme first targeted annuity accounts, which are linked to employees’ pension plans, by creating email addresses that looked similar to annuitants and used those spoofed accounts to request changes to their internal deposit information in the agency’s systems.
It later evolved into phishing attempts where realistic-looking communications were sent in an attempt to retrieve login data for workers’ Employee Express accounts, a government platform that helps federal employees electronically process their payroll transactions.
One of those phishing attempts included a spoofed IRS 1099 form that, if clicked on, would covertly expose victims’ systems to malware, the agency said.
Federal login data has repeatedly been a target of malicious actors. The Federal Communications Commission in early March confirmed it was the target of a phishing scheme in which hackers built a cloned version of an agency verification site to siphon login credentials used by staff to authenticate their identity.
“An interesting youtube video that may be related to the article above”