Pause, Review, Verify: Beware of phishing emails that appear to be coming from other agencies
You should be cautious and suspicious of all emails, even those that appear to be from known senders. In a recent instance of attempted fraud, an email that appeared to come from a state email address instructed agency staff to click on a link to update their credentials. Be aware that official updates will not come from outside the department, nor ask you to follow a link to update credentials.
Cybercriminals are using artificial intelligence and other automated methods targeting state and municipal entities using publicly available information. Some phishing emails include invoices or other attachments requesting immediate action, and may use email addresses from known vendors. You should validate the legitimacy of such emails by contacting the agency or vendor through a phone or video call using numbers already on file. If there is any doubt, users should NOT open these emails, and immediately contact their IT staff.
If your staff gets one of these suspicious emails, in addition to your incident response notification protocols, please contact CTREmergencyNotification@mass.gov with any incidents or suspected incidents of fraud or cyber attacks. This will ensure that CTR can act to protect enterprise systems or assist with mitigation strategies and continued operations. Visit the CTR Cyber Center for additional resources and links for Cybersecurity Tips and Alerts.