Cybersecurity, Privacy, & AI

Trending Now
Your AI Agent Could Become Your Biggest Insider Threat • The New Cyber Deterrent Isn’t a Weapon. It’s Cyber Recovery. • Commerce OIG Calls for Changes to NIST Vulnerability Database Management • Pentagon Looks to AI, Other Tech to Help Tackle Contested Logistics Challenges • How Defensive Cyber Responds to Hockey-Stick Growth of AI-Driven Threats
Protests & Claims Newsletter Cyber & Privacy Newsletter Compliance & Enforcement Newsletter Development Newsletter Transforming Procurement Newsletter
Published on March 1, 2019 • Cyber

Federal Bidding Scam Targets US Contractors

Researchers have discovered phishing campaigns mimicking US government bidding sites and procurement portals in a bid to scam federal contractors.

The campaigns feature well-crafted imitations of eProcurement login portals for the Departments of Transportation and Labor, intended to capture contractors’ credentials and other identifying information. Some of the sites feature pop-up windows inviting contractors to bid on projects.

For example, impostor web sites have domain names that begin with “transportation.gov” or “dol.gov”, but end at a foreign top-level domain. The fake DOT site gives an email address ending with “@dot-gov.us” instead of “@dot.gov”, and similar sites use the same trick in crafting deceptive “.us” addresses for state agencies.

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.

© PubKGroup 2024