The Postal Service wants employees and contractors to regularly monitor their financial and online payment accounts for possible fraud.
Cybercriminals are increasingly using social engineering techniques to con users into revealing checking, savings and investment information by claiming there is a problem with their accounts.
Social engineering typically involves phishing emails that urge victims to click on links that download malware onto computers. Thieves use the malware to crack passwords for financial accounts.
Criminals also use urgent text and voice messages instructing users to call phone numbers. Some impersonate tech support, claiming the user’s computer is infected with a virus.
When the user calls, the criminals pressure them to provide access to their accounts or move funds to different accounts out of the user’s control.
To avoid scams and protect your accounts, the USPS Corporate Information Security Office recommends:
• Being suspicious. If you get an urgent email, text message or voicemail about your financial accounts, it might be a scam.
• Using strong passwords, passphrases or multifactor authentication methods. Protect financial, work and personal email accounts with long, unique passwords. Enable multifactor authentication on all financial accounts.
• Active monitoring. Set up automated alerts that send emails or text messages whenever money is moved into or out of your accounts. The earlier you detect something that is wrong, the easier it will be to correct it.
The CyberSafe at USPS Blue and LiteBlue and Monthly Awareness Campaigns pages have additional information.