https://flex-qa.www.us-corp-qa-3.tnqa.net/townnews/internet/article_dc76d6f9-ffb6-5ebe-aa2f-2c640bd9a47b.htmlScammers posed as tech support to hack employees at two US agencies last year, officials say | Townnews | flex-qa.www.us-corp-qa-3.tnqa.netSkip to main content
Cybercriminals hacked employees of at least two US federal civilian agencies last year as part of a "widespread" fraud campaign that sought to steal money from individuals' bank accounts, US cybersecurity officials revealed Wednesday.
In one case, the unidentified hackers posed as tech support, convinced a federal employee to call them and then instructed the federal employee to visit a malicious website, according to the advisory from the US Cybersecurity and Infrastructure Security Agency, National Security Agency and a threat-sharing center for state and local governments known as MS-ISAC.
The goal of the scam, which appears to have hit both private sector and government agencies, was to trick victims into sending the scammers money. It was unclear if that happened in the case of the federal employees.
The episodes underscore how federal officials, like others, can be duped into sharing sensitive financial information -- and that they might not find out about it for weeks or months afterward.
CISA discovered the activity in October 2022, but the hackers had been sending phishing emails to federal employees' personal and government email accounts since at least June, according to the advisory.
Forensic analysis "identified related activity" on many other federal networks in addition to the two initial agency victims, the advisory said.
While financially motivated crooks were apparently behind this campaign, the US agencies said they were concerned such hackers could sell stolen data to government-backed spies. The legitimate tech-support software used in the scam is useful for hackers looking to maintain covert, long-term access to a network, officials said.
Keep it Clean. Please avoid obscene, vulgar, lewd,
racist or sexually-oriented language. PLEASE TURN OFF YOUR CAPS LOCK. Don't Threaten. Threats of harming another
person will not be tolerated. Be Truthful. Don't knowingly lie about anyone
or anything. Be Nice. No racism, sexism or any sort of -ism
that is degrading to another person. Be Proactive. Use the 'Report' link on
each comment to let us know of abusive posts. Share with Us. We'd love to hear eyewitness
accounts, the history behind an article.
(0) comments
Welcome to the discussion.
Log In
Post a comment as Guest
Keep it Clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.
PLEASE TURN OFF YOUR CAPS LOCK.
Don't Threaten. Threats of harming another person will not be tolerated.
Be Truthful. Don't knowingly lie about anyone or anything.
Be Nice. No racism, sexism or any sort of -ism that is degrading to another person.
Be Proactive. Use the 'Report' link on each comment to let us know of abusive posts.
Share with Us. We'd love to hear eyewitness accounts, the history behind an article.