Official Indiana .gov email addresses are phishing residents
Indiana state agencies on Tuesday are warning residents to delete phony emails sent using official state government email addresses.
Phishing emails emanating from numerous departments — from the Department of Child Services to the Indiana Horse Racing Commission — fraudulently inform recipients of unpaid toll fees and warn of financial penalties or vehicle registration holds if they refuse to pay. The emails, which sign off with “Thank you, TxTag Customer Service,” include links to presumably malicious websites.
Indiana Homeland Security posted a message to X Tuesday morning, drafted by the Indiana Office of Technology, which warns of the scam.
“The State does not send unpaid toll notifications via text or email messages. IOT is working with the company that was used to deliver those messages to stop any further communications,” the message reads.
The note goes on to explain that the state government terminated its contract with an unnamed vendor at the end of last year, but it “did not remove the State’s account.”
“A contractor’s account was hacked and used to send those messages,” the technology office’s message explains. “IOT is not aware of any current state systems being compromised.”
Screenshots of the emails show the messages were distributed via the GovDelivery Communications Cloud, software from the Denver software firm Granicus.
When asked how it was possible for a contractor the state no longer works with to compromise the state’s security, a technology office spokesperson explained in an email that “the compromised account resided in GovDelivery, and that was the system used to send the messages.”
Granicus spokesperson Sharon Rushen told StateScoop that the incident does not extend to its own platform and that Granicus’ systems are secure.
“This issue has been confirmed as the compromise of an administrative user’s account, either through guessing the credentials or the individual was socially engineered into providing them,” Rushen wrote in an email. “We have seen an uptick in instances where users of our system fall prey to these types of scams and encourage all of our customers to utilize all the security features available in our system, including multi-factor authentication.”
Some of the Indiana state agencies that have distributed the messages include the state Department of Transportation, Prosecuting Attorneys Council, Department of Workforce Development, and the Family and Social Services Administration.
The state’s transportation department advised residents to delete the messages and report them to the Federal Trade Commission and the Internet Crime Complaint Center.
