US government phishes its own employees

The US Department of Justice (DOJ) has admitted that it has been sending phishing emails to its own employees in order to test their security awareness.

Over the last two weeks, DOJ employees have been receiving emails from the "Thrift Savings Plan Account Coordinator" asking them to input their login details by January 31st to get inofrmation about their 401k savings plans.

However, many people have recognised that this was a phishing email and began filling up email mailboxes with warnings about the bogus message. Now the DOJ has admitted that it was just a test of how security-minded its staff are.

"We have learned that the messages are part of a hoax invented and distributed by DOJ to test employee security awareness," said a memo was circulated by Ted Shelkey, assistant director for information systems security.

“The bailout Web site are not malicious. There is no need to distribute warning messages to colleagues and law enforcement contacts. Please delete all such messages and associated alerts."

Justice Department spokeswoman Gina Talamona told Associated Press that the phony e-mail was a security test.

"This specific exercise was successfully completed within the defined time period," said Talamona, who works out of the agency's Washington headquarters.

"Scenarios are intended to represent an example of persistent cyber threats facing today's Internet users," she said.