Please beware of an ongoing phishing attack targeting cleared employees of U.S. Department of Defense, including contractors. In response to the U.S. Office of Personnel Management (OPM) data breach that occurred earlier this year, the OPM recently began notifying individuals affected by that attack. However, the Federal Bureau of Investigation informed Health Net Information Security of a sophisticated spoofing attempt posed as a legitimate OPM email in an attempt to acquire personal information such as your Social Security number.
The first page of the phishing email appears to be on official OPM letterhead and assigns the recipient a PIN number. The second page of the email, though, has major inconsistencies and attempts to solicit information the OPM should already have.
Clues to look for:
· The email address. In this instance, the email address was changed from a .gov to a .com address.
· Look for inconsistencies. Is the font drastically different from one page to the next? Are there grammatical errors, copying and pasting mistakes or incorrect page numbers listed? All of these examples were found in the recent phishing email.
Remember, it is not necessary to provide the OPM any of your personal information. Please alert your spouse or domestic partner of the ongoing phishing attacks as they may also be targeted. We highly encourage any employee who receives a notification from the OPM to review the OPM’s website regarding notification and verification procedures and to follow those instructions. The website also includes a toll-free number (1-866-408-4555) if you have questions or concerns.
It is our duty to be vigilant and protect ourselves from future attacks. The security threat is constantly evolving as criminals make sophisticated attempts to acquire our personal data. Please reach out if you are in doubt. If you suspect a phishing attack, please forward the email to Information Security for review.