The Federal Bureau of Investigation has warned federal employees that cybercriminals are attempting to steal their login credentials in connection to a widely used government financial services platform, according to a notice viewed by FedScoop.
Hackers are targeting the Employee Personal Page, or MyEPP page, which is operated by the National Finance Center (NFC), a financial and human resources shared service within the Agriculture Department used by 661,000 employees across the federal government for payroll. The site, which is used to manage salary and benefits information, is typically accessed through an online account or with Login.gov credentials.
According to the FBI, cybercriminals hope to trick federal employees by running advertisements on search engines that impersonate the NFC website. If they click on the ad, employees are brought to a “sophisticated phishing website” that looks similar to the actual MyEPP page that aims to capture their login credentials when users enter them.
Several federal employees have reported unauthorized access to their accounts and reported changes to their routing and bank account information, according to the notice. The FBI is directing employees who believe they might be victims to the Internet Crime Complaint Center.
Meanwhile, a “Help” page for the NFC MyEPP login site remains unavailable because, the agency says, it’s still working on ensuring compliance with the executive order focused on what the Trump administration calls “gender ideology.”
Federal workers are often prime targets for phishing attempts since their credentials can be used for a wide range of nefarious purposes, including espionage, theft and as an entry point for larger hacking campaigns against agencies. Government login credentials are sometimes sold online.
The scheme comes as federal workers face heightened anxiety over their employment status and as the Trump administration continues its effort to reduce the size of the U.S. government.
Neither the Agriculture Department nor the FBI responded to a request for comment by publication time.
