DWP Cybersecurity Alert: Phishing Attempt on Maine Water Operators and Well Drillers

Maine Department of Health & Human Services sent this bulletin at 06/24/2024 04:44 PM EDT

This update is coming to you from the Maine CDC Drinking Water Program.

Having trouble viewing this email? View it as a Web page.

Bookmark and Share

DWP Cybersecurity Alert:
Phishing Attempt on Maine Water Operators and Well Drillers

If you are a Maine water operator or well driller and have received an email similar or identical to the one below: DO NOT PRESS ANY LINKS. DELETE IT IMMEDIATELY.

This morning (June 24, 2024), an unknown entity impersonating the Maine CDC Drinking Water Program (DWP) sent an illegitimate email to Maine water operators and well drillers. The email requested that recipients click on a link or risk having their water license revoked. This type of email is known as a phishing email. These emails tend to use urgent and threatening language to get recipients to take quick actions without thinking. Phishing messages or “bait” can come in the form of an email, text, direct message on social media or phone call. These messages are often designed to look like they come from a trusted person or organization. Phishing occurs when criminals try to trick us into opening infectious links, emails or attachments to steal our personal information (or other important data) or infect our devices.
-Adapted from CISA “Recognize and Report Phishing” Webpage.

The screenshot below shows the phishing email (with personally identifying information redacted). We have included DWP comments to help you identify this email as an illegal and nefarious phishing attempt.

Screenshot of Attempted Phishing Email:

cyber3

cyber2

Please contact your IT provider or the DWP Water Resources and Resilience Team (207.287.2070) with any cybersecurity questions or concerns. DWP likely won’t have the answer, but we know whom to ask.


Thank you for your hard work providing safe drinking water!

 

URLS: