Department of Homeland Security Phishing Scam

The National Cybersecurity and Communications Integration Center (NCCIC) is the Nation’s flagship cyber defense, incident response, and operational integration center. Its mission is to reduce the Nation’s risk of systemic cybersecurity and communications challenges.

The Department of Homeland Security (DHS) has released a statement indicating that an email phishing campaign is in the wild that purports to be a legitimate email from DHS. The email tricks users into clicking on a malicious link or downloading a malicious attachment by looking like a legitimate DHS notification. DHS has indicated that the attackers send the emails from a spoofed email address that appears to be a National Cyber Awareness System (NCAS) alert and lures targeted recipients into downloading malware through a malicious attachment or link.

Phishing Scam Prevention Recommendations:

The Cybersecurity and Infrastructure Security Agency (CISA) has provided these recommended actions to avoid being victimized by social engineering and phishing attacks:

• Be wary of unsolicited emails, even if the sender appears to be known.
• Before opening the email, contact your organization’s helpdesk or search the internet for the main website of the organization or topic mentioned in the email.
• Use caution with email links and attachments without authenticating the sender.
• Immediately report any suspicious emails to your information technology helpdesk, security office or email provider.

Additional CISA recommendations for users include:

• Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information.
• If an unknown individual claims to be from a legitimate organization, verify his or her identity directly with the company.
• Do not provide personal information or information about your organization.
• Do not reveal personal or financial information in email, and do not respond to email solicitations for this information, including links sent in email.
• Don’t send sensitive information over the internet before checking a website’s security.
• Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain.
• If you are unsure whether an email request is legitimate, verify it by contacting the company directly.
• Install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic.

powersolution.com’s managed clients have protections in place such as anti-virus and anti-malware scanning, DNS based malware protection, and anti-virus and malicious web content filtering through the firewall. Even with all of these protection layers, threats can still pass through. Ultimately, users need to be diligent when reading emails to ensure the information presented is accurate.