An e mail notification system utilized by U.S. federal and state authorities departments to alert residents to vital info has been used to ship rip-off emails, information.killnetswitch has discovered.
The U.S. state of Indiana stated Tuesday that it’s “conscious of fraudulent messages purportedly despatched by state businesses” to residents about unpaid tolls. information.killnetswitch has seen one e mail message despatched from an Indiana authorities division that claimed the recipient had an excellent toll stability, and contained a disguised hyperlink that redirected to a malicious website.
A press release from the Indiana Workplace of Expertise stated it was “working with the corporate that was used to ship these messages to cease any additional communication.”
Indiana stated a contractor’s account was hacked and used to ship the rip-off messages. The state stated it was not conscious of “any present state methods” being compromised, however didn’t rule out an earlier breach.
The assertion stated that the contract with the unspecified firm, which information.killnetswitch has discovered is govtech large Granicus, resulted in December 2024, however the state claimed that the corporate “didn’t take away the state’s account.”
When reached for remark, Granicus spokesperson Sharon Rushen advised information.killnetswitch: “We’re conscious of the latest malicious emails despatched by way of GovDelivery from Indiana’s authorities area.” The corporate confirmed the breach was attributable to a compromised consumer account, however didn’t touch upon Indiana’s claims.
“Granicus methods themselves weren’t breached,” stated Rushen. When requested, the corporate stated it does have the technical means to find out what number of people acquired the malicious emails, however didn’t instantly present a determine of these affected.
Different native governments are additionally reporting points associated to GovDelivery. When requested about this, Granicus stated the corporate has “seen an uptick in focused social engineering of govDelivery prospects with the objective of sending malicious emails by way of govDelivery methods.”
Faux toll messages are an more and more frequent rip-off, because the Federal Commerce Fee warned in January. The rip-off entails sending textual content messages and emails that declare the recipients owe cash to tolling businesses throughout the US. By focusing on e mail methods utilized by governments to inform the general public, scammers are hoping victims can be extra more likely to open official-looking emails.
An individual who acquired the rip-off message shared the e-mail with information.killnetswitch. The rip-off e mail was despatched from an official Indiana authorities e mail handle related to the state’s Emergency Operations Heart, which coordinates responses and alerts within the occasion of a pure catastrophe or different emergency occasions. The e-mail claimed the recipient had unpaid tolls in Texas, and that “failure to pay could end in penalties or car registration holds.”
The rip-off e mail contained a hyperlink, which seems as an official govdelivery.com
net handle, however when clicked redirects to a malicious website impersonating the web site of Texas’ Division of Transport’s street toll assortment service, TxTag.
The rip-off web site tried to trick customers into turning over their private info, similar to their title, cellphone quantity, dwelling handle, and their bank card particulars. The positioning (and one other clone website hosted on the same area) gave the impression to be offline as of Tuesday morning on the U.S. east coast.
A spokesperson for the Indiana authorities didn’t instantly remark.
Doña Ana County in New Mexico additionally confirmed on Tuesday that its information portal, which is managed by Granicus, was compromised. The county’s IT director Kent English described the compromise as a “system-wide situation affecting different authorities shoppers.”
information.killnetswitch has seen an e mail, supplied by a reader, that originated from a govdelivery.com
e mail handle related to Doña Ana County, however the contents impersonate an expert providers firm that included a hyperlink to a rip-off website demanding a fee.
A spokesperson for Doña Ana County didn’t reply to a request for remark.
Up to date with extra particulars of the GovDelivery situation affecting a number of prospects, and extra remark from Granicus.