FCC Reimbursement Cybersecurity Alert

Posted on November 30th, 2018 by

In light of a recent fraud attempt, the FCC has taken the unusual step of issuing an email to all television stations receiving television auction channel change reimbursement funds. The email notes that there has been no threat to the FCC’s systems or reimbursement program, but that the FCC was recently made aware that a reimbursement recipient may have been the victim of a “spear-phishing attack.”

In the attack, a familiar vendor was impersonated and requested an email that payments be redirected to a different bank account than previously specified by the vendor. The email itself included non-public information about an invoice. The FBI is now investigating the incident.

The FCC completed a review of its systems and found no indication that they had been breached or compromised. Their email included the following helpful tips:

  • Regularly change passwords, including those used for access to non-public information
  • Limit the number of parties who have access to passwords and other sensitive information
  • Be alert for suspicious or unusual communications and separately verify any such communications with a trusted source
  • Double check for minor changes in the email address used to contact trusted parties on important communications
  • Use anti-virus software and be sure it is up to date
  • Hover over links before you click to ensure that the website listed is in fact the one you intend to visit