The U.S. Department of Agriculture (USDA) is warning vendors who wish to participate in USDA food purchase programs of a possible phishing scheme using fraudulent email messages. The fake emails look like they are solicitations for bids sent by USDA’s Agricultural Marketing Service (AMS), which manages USDA’s food purchase programs.
The threat actors have been impersonating various U.S. Government (USG) entities to lure targets into opening malicious files contain links to fake bidding processes for contractors.
The threat actors operating this campaign have been actively spoofing USDA emails to impersonate USDA employees.
All information regarding USDA acquisitions, including solicitations, solicitation amendments, and award notices, will be published through the Web-Based Supply Chain Management (WBSCM) system, through GovDelivery, and on AMS’ website at www.ams.usda.gov/selling-food. Bids, modifications, withdrawals of bids, and price adjustments must be submitted using WBSCM. The USDA will not use any other system to receive bids.
If you receive an email like the one described above, DO NOT RESPOND OR CLICK ANY OF THE LINKS and IMMEDIATELY DELETE the original email.
For more information about this issue, contact the Commodity Procurement Program at (202)-720-4517. More