New Jersey State Employees were targeted in a phishing scam.
According to the New Jersey Cybersecurity and Communications Integration Cell (NJCIC), several emails were sent to New Jersey State employees earlier this month using a spoofed sender email address impersonating the Office of the Attorney General.
Additional tactics were used to create a sense of urgency by including the subject line, “Email Security Notification,” and requesting the recipient to confirm their email account.
The website of the Attorney General has a warning that reads, “While the communications appear to be sent from the email address associated with njoag, it originated from a different source.”
“While these messages have been blocked, we are making you aware out of an abundance of caution and ask that you be alert to phishing emails and spoofing techniques that can be detected by carefully examining senders’ email addresses.”
The NJCIC said that the majority of the emails were blocked due to cybersecurity software. While an investigation continues, state employees were urged to change their passwords and make sure multi-factor authentication is enabled for their account.