Cybersecurity, Privacy, & AI

Trending Now
Agriculture Department Kicks Off $300M Palantir Deal on IT, National Security Work • Vercel Attack Fallout Expands to More Customers and Third-Party Systems • Seeing the Cyber in Economic Statecraft • Responding to a Data Breach: How to Preserve the Attorney-Client Privilege • NIST Cyber Center to Launch OT ‘Visibility’ Project
Protests & Claims Newsletter Cyber & Privacy Newsletter Compliance & Enforcement Newsletter Development Newsletter Transforming Procurement Newsletter
Published on March 1, 2019 • Cyber

Federal Bidding Scam Targets US Contractors

Researchers have discovered phishing campaigns mimicking US government bidding sites and procurement portals in a bid to scam federal contractors.

The campaigns feature well-crafted imitations of eProcurement login portals for the Departments of Transportation and Labor, intended to capture contractors’ credentials and other identifying information. Some of the sites feature pop-up windows inviting contractors to bid on projects.

For example, impostor web sites have domain names that begin with “transportation.gov” or “dol.gov”, but end at a foreign top-level domain. The fake DOT site gives an email address ending with “@dot-gov.us” instead of “@dot.gov”, and similar sites use the same trick in crafting deceptive “.us” addresses for state agencies.

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.

© PubKGroup 2024