Scammers leveraging OPM's credit monitoring offer

As anticipated, scammers apparently have started using the Office of Personnel Management offer of identity protection services for victims of the data breach to launch email "phishing" expeditions to trick recipients into sharing personal information.

The  U.S. Computer Emergency Readiness Team, or US-CERT, which is part of the Department of Homeland Security's National Cybersecurity and Communications Integration Center, posted a notice on its website warning of the scam.
"US-CERT is aware of suspicious domain names that may be used in phishing campaigns masquerading as official communication from the Office of Personnel Management (OPM) or the identity protection firm CSID. "Https:// is the legitimate domain used by CSID, which is responsible for identity protection services for those affected by the recent data breach.

"US-CERT recommends that users visit the OPM website for more information. Users are also encouraged to read US-CERT's guidance on avoiding social engineering and phishing attacks and report suspicious emails."

2021 Digital Almanac

Stay Connected

Latest Forum Posts

Ask the Expert

Have a question regarding your federal employee benefits or retirement?

Submit a question