SAM.gov hackers used spearphishing, spoofing, credential theft

FedScoop: Cybercrooks who stole federal payments by hacking contractor accounts on a GSA website used sophisticated spearphishing techniques to steal login credentials and then diverted payments to bank accounts they controlled, an executive of a contractor targeted in the scam told FedScoop.

It’s unclear how much the scammers have netted through their scheme, which is being investigated by the GSA inspector general and federal law enforcement. The inspector general’s office declined to comment, but sources familiar with the investigation told FedScoop that the cyberattacks that facilitated the fraud had been identified last year and were ongoing as
recently as last week.

Read article

Share