February 24, 2021

Maryland Residents and Businesses Warned About Cyber Criminals Sending Messages Impersonating State Government Agencies

The Maryland Coordination and Analysis Center (MCAC) is warning residents and businesses that cyber criminals may be sending them messages impersonating Maryland government agencies. The “phishing” attempts, which are used to gain personal and/or corporate information, may involve messages impersonating agencies including the Maryland Department of Labor, the Department of Transportation and the Office of the Secretary of State.

MCAC is warning that the information cyber criminals are seeking likely would be used in other forms of cyber crimes.

The methods that the cyber criminals are using in these phishing attempts include sending fraudulent text messages, presenting fake government websites and sending phishing email messages.

Although the cyber criminal attempts can look similar to actual sites, closely examining the messages could show grammatical or spelling errors. The fake messages often will be stating responses need immediate replies and that the recipient must pay “urgent” attention. There also may be references to legal complications if the communications are not answered.

One way to detect possible fraudulent messages is to check the URL address of the agency, which often will not resemble an official government agency. The return address of the sender also may not resemble an official government address. The return address also may contain an incorrect domain (such as a message allegedly from the Department of Transportation may have a return address in which the sender’s domain reads .edu--which would actually represent an educational institution).

The fraudulent attempts ask questions which, if answered, would give the cyber criminals significant insight into an individual’s, or a company’s, information.

If someone suspects that they may have received a fraudulent message, they should not respond to the attempt in any manner. They should first find an actual address or phone number for the agency that allegedly is represented and contact that agency directly to see if a message has been sent to them.

Recipients of fake and fraudulent messages should report those attempts to the Maryland Department of Information Technology service desk at 410-697-9700 or at service.desk@maryland.gov.

More details on the warning from MCAC can be obtained here. 

CYBER THREAT ACTORS ARE IMPERSONATING MARYLAND GOVERNMENT AGENCIES IN PHISHING SCHEMES by Public Information Office on Scribd