The Postal Service is reminding employees and contractors to be aware of the growing social engineering threat to the organization.
Social engineering is the use of deception and psychological pressure to influence people to divulge confidential information or grant unauthorized access to systems and data.
Unlike traditional cyberattacks that exploit system vulnerabilities, social engineering targets human behavior by leveraging trust, fear and phony deadlines.
These scams continue to evolve in appearance and complexity. They may appear as deceptive emails, dishonest text messages or fraudulent phone calls.
Cybercriminals may impersonate co-workers, bosses or outside partners to make their requests seem legitimate.
Employees and contractors should always:
• Limit the information they share online or through unsolicited requests. Avoid posting or disclosing details about their job, workplace or personal life that could be used to target them;
• Verify the identity of the requester before sharing any information. Use known, official contact methods instead of relying on details provided in the message; and
• Be cautious of urgent, unexpected requests — especially those involving sensitive information, payments or account access — and take a moment to evaluate the request before responding.
Report social engineering attempts targeting USPS-issued devices to the Cybersecurity Operations Center at 866-877-7247 or by emailing cybersafe@usps.gov.
The CyberSafe at USPS Monthly Awareness Campaigns pages on Blue and LiteBlue have more information.
