Online phishers target contractors

Find opportunities — and win them.

Security firm Anomali has found faux government websites that are inviting contractors to bid in a ploy to collect emails and passwords.

It might look like a Labor Department or Transportation Department website soliciting bids on a contract. And the URL is just similar enough that you might not notice.

But these sites aren’t real and they are dangerous.

Cybersecurity firm Anomali has reported two fake government websites for Transportation and Labor that go "phishing" for personal information on anyone who clicks through to the link.

These sites are very similar to the actual government websites, including leadership names and photos. This includes the real name and title of a Transportation Department employee in the Office of Small and Disadvantaged Business Utilization but a different email.

The fake Transportation site features a pop-up window that is styled as an “Invitation for Bid.” It redirects users to a login page so it can harvest email addresses and passwords.

The spoofed Labor page looks like a regular page of theirs but includes a “Click here to bid” box that also tries to collect email and password information.

While investigating these two sites, Anomali found other sites targeting government agencies. The domain names are similar enough that they are easy to mistaken.

For example, they found gov[.]us spoofing usa.gov. Virginiagov[.]us stood in for Virginia.gov

Anomali offered a series of steps and advice contractors should follow:

  • Be wary of unsolicited communication from federal agencies.
  • Don’t click on embedded links
  • Inspect website address to ensure they are indeed from the agency
  • When in doubt, directly contact the agency before submitting information.

Anomali said they expect to see more of these kinds of faux sites moving forward.