FRAUD ALERT

*Employee and Annuitant Pay Account Takeovers*

The U.S. Department of State (DOS) Office of Inspector General (OIG), Office of Investigations (INV), has become aware of a fraud scheme targeting the payroll accounts of Department of State employees and annuitants. Specifically, the subjects engaged in the scheme are using phishing, email account takeovers, and social engineering to redirect payroll deposits from the employees? and annuitants? bank accounts to the subjects? bank accounts.

The scheme originally targeted annuitant accounts. The subjects perpetrated the scheme by creating email accounts similar to those of the annuitants and using the spoofed email accounts to request changes to the direct deposit accounts of the annuitants. The scheme later grew to include phishing attempts against employees to obtain identifying information and directly hacking into Employee Express accounts and changing the bank deposit information. One phishing ploy the subjects used was to send emails with revised 1099 forms that appeared to come from the Bureau of the Comptroller and Global Financial Services (CGFS). Clicking a link on the 1099 would then potentially expose a victim?s computer to malware.

To prevent being victimized, employees and annuitants should practice good cybersecurity habits (to include regularly changing passwords) and be vigilant in confirming the email addresses of alleged government agencies that send links or request sensitive information. Immediately report suspicious emails or other communications, such as texts and phone calls involving payroll, to CGFS and the OIG Computer Incident Response Team (CIRT).

If you have information about fraud, waste, abuse, mismanagement, or other crimes or violations of federal laws, rules, and regulations relating to Department or U.S. Agency for Global Media programs and operations, please report it to the OIG Hotline. You can submit your complaint at stateoig.gov/hotline [ [link removed] ].

The Hotline may be used for unclassified information only. To submit classified information, contact the Hotline at (800) 409-9926 or (202) 647-3320 for further instructions.


* FRAUD ALERT 2024-01.pdf [ [link removed] ]

?

?

________________________________________________________________________

Stay connected with the Department of State OIG:

The Great Seal [ [link removed] ]?Twitter [ [link removed] ]?RSS Feed?LinkedIn Icon [ [link removed] ] [ [link removed] ]

________________________________________________________________________

External links found in this content or on Department of State OIG websites that go to other non-Department websites should not be construed as an endorsement of the views or privacy policies contained therein.?

?

Update your subscriptions, modify your password or email address, or stop subscriptions at any time on your Subscriber Preferences Page [ [link removed] ]. You will need to use your email address to log in. If you have questions or problems with the subscription service, please contact subscriberhelp.govdelivery.com [ [link removed] ].

________________________________________________________________________

This email was sent to [email protected] using GovDelivery Communications Cloud on behalf of: Department of State OIG ? 2201 C Street NW ? Washington, DC 20520 GovDelivery logo [ [link removed] ]