Feb 2, 2009

Watch Out For Faux Phishing Scam

Fedblog reports that the Department of Justice tried a scam to test the vulnerability of its employees to internet phishing scams. The faux scam has now spread to the Department of Commerce. There is no telling whether other federal agencies, such as Social Security, will pull the same one on its employees. The scam involved an e-mail concerning the Thrift Savings Plan (TSP) of federal employees:
It states that if participants have lost more than 30% of their TSP account value, they are eligible for a one-time U.S. Government bailout to recover their losses. The message directs participants to a "look-alike" TSP web site that asks for account credentials (User Name and Password). The email is signed "TSP Account Coordinator."
If an employee responds to this message by posting their user name and password, nothing bad happens. Apparently, they just receive a message telling them that they just did something really, really stupid and that they had better be more careful.

I suppose this is for a good cause, but it strikes me as wrong.

2 comments:

Anonymous said...

SSA employees are too smart to fall for that. LOL

Anonymous said...

Assuming the original came through official channels (as the real scams sometimes do), how do THEY suggest WE be more careful--exactly?