HomeBensalem TimesL&I warns about emails impersonating Workforce Development staff

L&I warns about emails impersonating Workforce Development staff

Messages contain links or attachments with malicious software that could infect computers or steal personal information

The Department of Labor & Industry is advising organizations that interact with its Bureau of Workforce Development to be on the lookout for email messages impersonating staff. The messages contain links or attachments with malicious software that could infect computers or steal personal information.

“I want to emphasize that neither L&I nor the commonwealth have been compromised by hackers in any way,” said Secretary Jerry Oleksiak. “Anyone who receives a potentially suspicious message should contact our employees through a separate email or phone call to confirm that it was sent by them.”

Email “spoofing” is a common tactic used in spam and phishing attacks. The goal is to trick the recipient into believing the message is from someone they know and trust so they will provide personal information, open attachments or click on links.

While the origins of the issue are still unknown, it is believed an issue involving a third party allowed bad actors to obtain copies of legitimate email messages sent by L&I staff. The bad actors are now using the contents of these legitimate messages to construct fraudulent emails targeting L&I business partners. L&I and the Office of Administration are working with these third parties to try to identify the source of the issue.

There is no evidence that any commonwealth systems or accounts have been compromised. There is also no evidence at this time of fraudulent emails being sent in relation to any unemployment compensation program administered by the department.

Although phishing emails are becoming increasingly sophisticated, there are potential warning signs to watch out for, including:

Asking for personal information: Legitimate organizations will never send unsolicited emails asking for your personal and sensitive information
Generic greetings: Be more cautious about email messages with a generic salutation such as “Dear customer” or “Dear member”
Spoofed email addresses and links: Use your mouse cursor to hover (do not click) over any links or email addresses; you should see a pop-up that shows the actual address
Small inconsistencies: Watch for red flags such as strange email addresses or slight misspellings in hyperlinks
Sense of urgency: Many phishing emails try to create a false sense of urgency in hopes that the user ignores telltale signs
Bad grammar or misspellings: Messages from legitimate sources are likely to be well-written and not contain obvious mistakes
Unknown sources: Never open attachments or links from people or companies that you do not know

Visit pa.gov/cyber for more information.

Philadelphia
scattered clouds
52.3 ° F
54.3 °
48.3 °
88 %
0mph
40 %
Tue
73 °
Wed
78 °
Thu
71 °
Fri
65 °
Sat
60 °
- Advertisment -
661FansLike
551FollowersFollow

Current Issue

Current Edition LBT

19006 Huntingdon Valley

Latest