Skip to Main Content View Text-Only

The City of Portland, Oregon

Office of Management & Finance

Bureau of Technology Services

BTS HelpDesk: 503-823-5199

1120 SW 5th Avenue, Suite 1111, Portland, OR 97204

Welcome to our blog. Here we will let you know the latest happenings in the information security world.


Massive Fraud Against State Unemployment Insurance Programs

By Brian Ventura

Please be aware of fraud during this new normal. Fraudsters are looking for any way to trick us

The content below is directed at state agencies, however is relevant to City of Portland employees. Some of our co-workers, friends and colleagues are on unemployment. Some of our co-workers, friends and colleagues are in Washington State and may be affected.

Also, this is an example of how fraudsters will find ways to exploit any process where they can steal money or information. Are there City of Portland processes that could be similarly attacked? If you have a concern, please contact BTS Information Security so we can provide security expertise and tools.

Massive Fraud Against State Unemployment Insurance Programs

The United States Secret Service has received reporting of a well-organized Nigerian fraud ring exploiting the COVID-19 crisis to commit large-scale fraud against state unemployment insurance programs. The primary state targeted so far is Washington, while there is also evidence of attacks in North Carolina, Massachusetts, Rhode Island, Oklahoma, Wyoming and Florida. It is extremely likely every state is vulnerable to this scheme and will be targeted if they have not been already.

In the state of Washington, individuals residing out-of-state are receiving multiple ACH deposits from the State of Washington Unemployment Benefit Program, all in different individuals’ names with no connection to the account holder. A substantial amount of the fraudulent benefits submitted have used PII from first responders, government personnel and school employees. It is assumed the fraud ring behind this possess a substantial PII database to submit the volume of applications observed thus far.

This fraud network is believed to consist of hundreds, if not thousands, of mules with potential losses in the hundreds of millions of dollars. The banks targeted have been at all levels including local banks, credit unions, and large national banks.

COVID-19 Cyber threats - April 2020

By Christopher Paidhrin

COVID-19 pandemic hits the internet as well. Be cautious out there.

City of Portland Cybersecurity highlights:

  • The City continues to protect and manage City technology networks, servers and computers with robust security capabilities. The City is able to protect laptops even when they are 'off' the City network.
  • Please remember that on Wednesdays to leave your laptops powered on so that they can collect the patches and updates they need.
  • In addition, BTS teams are deploying expanded secure remote access services (VPN) and encouraging all City employees to use Office-365 access whenever possible.

COVID-19 Websites Cyber threats

Not all COVID-19 websites are safe. 48,000 COVID-19 related web domains have been registered this year.

Scammers are eager to cash in on the pandemic.

If you'd like the scary details, Sophos has an article for you: https://news.sophos.com/en-us/2020/03/24/covidmalware/

FBI resource:   https://www.fbi.gov/coronavirus

COVID-19 Malware and Ransomware threats

Not only are there misleading websites there are a myriad of malware and ransomware threats. Several links are included, below, to narrow your research.

Quick To Do List:

  • Don't Click on unfamiliar hyperlinks
  • Don't download unsolicited attachments
  • Don't provide confidential information without verifying the request
  • Remember that BTS HelpDesk will never ask for your password
  • Remember that no one should ever ask for your username and password, or ask to use them. Ever.
  • Contact the HelpDesk immediately if you think you may have been phished. 503.823.5199

COVID-19 malware and ransomware resources:

https://www.bleepingcomputer.com/news/security/new-coronavirus-themed-malware-locks-you-out-of-windows/

https://www.bleepingcomputer.com/news/security/new-coronavirus-ransomware-acts-as-cover-for-kpot-infostealer/

https://www.itproportal.com/news/new-coronavirus-malware-trashes-windows-pcs/

https://blog.checkpoint.com/2020/04/02/coronavirus-update-in-the-cyber-world-the-graph-has-yet-to-flatten/

Be safe when you go outside, and when you go online.

+++