FCC staff targeted in phishing attack that cloned agency login site – By David DiMolfetta (Nextgov) / March 1, 2024
A cybercriminal group built a duplicate webpage used by employees to validate their login credentials.
The Federal Communications Commission on Friday confirmed it was the subject of a phishing operation that deployed a fake login page used by staff to authenticate their credentials.
The cloned site, known as a phishing kit, was constructed by hackers who duplicated a legitimate login webpage from identity management vendor Okta, aiming to deceive users into entering in their private account information. It was discovered by cloud security firm Lookout, who announced the findings on Thursday.
“The FCC was aware of this fake website and took measures to address it,” said agency spokesperson Will Wiquist. “Beyond that, we will decline to comment about FCC security measures.”
