USPS: Identifying inside security risks

The Postal Service is asking employees to remain vigilant for insider security threats that could compromise the organization’s operations. Insider security threats refer to employees, contractors or business partners who fall into two categories: accidental insiders and malicious insiders. Accidental insiders unintentionally violate security policies or online best practices by: Not physically securing laptop computers…

 Continue reading

USPS: Watch out for coronavirus scams

If you’re a Postal Service employee, watch out for scams that attempt to use the coronavirus pandemic to con you into revealing personal information. Emergency situations are prime opportunities for criminals to take advantage of unsuspecting consumers. Scammers are creating websites devoted to the coronavirus pandemic and COVID-19, the disease caused by the virus. These…

 Continue reading

USPS urges increased cybersecurity vigilance amid Mideast tensions

USPS is requiring employees, contractors and others to demonstrate increased cybersecurity vigilance amid escalating tensions in the Middle East. Email spearphishing campaigns targeting U.S. government agencies are intensifying, the Postal Service Corporate Information Security Office reports. Cyberthreat actors are aggressively attempting to steal sensitive information, including account credentials and financial information, using targeted information campaigns….

 Continue reading

Postal Bulletin: Staying Safe in the New Cyber Frontier

Welcome to the New Cyber Frontier: What You Need to Know to Stay Safe The world changes fast, yet technology evolves even faster. While technology today provides great benefits such as being able to conduct business on the go, it also creates more risks. Cyber threats, which are criminal or unethical activities that take place…

 Continue reading

USPS: Charging smartly – Safety tips for personal devices

The Postal Service is reminding employees that plugging smartphones, unapproved thumb drives, e-cigarettes and other personal devices into USPS computers violates the organization’s security policies. Plugging unauthorized devices into postal equipment runs the risk of inadvertently transferring malicious software, which could disable computers and allow hackers to gain access to the organization’s network. To protect…

 Continue reading

USPS: Mobile device users must complete new course

Employees who use USPS-issued mobile devices will soon be required to complete a new cybersecurity training course. The course, ISEC Mobile Devices, will address the proper security measures for smartphones, tablets and similar devices. The course also will cover policy information, best practices and tools to assist in securing the devices. The course became available…

 Continue reading

USPS OIG Report: Informed Visibility Vulnerability Assessment

Objective Our objective was to evaluate the Informed Visibility (IV) system’s externally-facing and supporting servers and databases to determine whether they comply with U.S. Postal Service security control requirements and industry best practices; and whether they pose a risk to the confidentiality, integrity, and availability of the system. The security-related information in this report reflects…

 Continue reading

USPS OIG Report: Capital Metro Physical and Environmental Controls Site Security

Objective Our objective was to determine whether the U.S. Postal Service established and implemented effective physical and environmental security controls according to Postal Service policy at the [Redacted] Processing and Distribution Center (P&DC). The Postal Service has the mail processing resources, information technology (IT) network, and transportation infrastructure to deliver mail to every residential and…

 Continue reading