Hundreds of postal workers fell victim to a scam that stole about $1 million from them, with the United States Postal Service reportedly slow to address the problem.
The theft occurred when cybercriminals rerouted the paychecks employees were receiving by using their usernames and passwords. The criminals are believed to have obtained the credentials by tricking employees with a mirror-image-like website used to check the service's payroll system. Postal leaders claimed in a statement that they first were notified about “unusual log-in activity involving a limited number of employees” in December, allowing the criminals to act for an extended period of time, according to USA Today.
STICKING POINTS: BIDEN MULLS STUDENT LOANS, CLIMATE CHANGE IN DEBT CEILING TALKS
“I’m the primary breadwinner in my family. This isn’t 200 bucks. This is $900 out of my check,” Atlanta mail handler Joe Hoagland said. “They knew about it for weeks and dragged their feet on telling us.”
The American Postal Workers Union claims that at least 460 of its members lost at least one direct deposit check during the fraud, equaling about $1 million. So far, roughly half of the $1 million has been recovered.
Hoagland, who had his own situation resolved in March, has blamed himself for being tricked but claims accountability for the issue is split between his employer and the scammers.
“I’m a realist. I know there are scammers out there,” Hoagland said. “You just have to protect yourself and realize [the threat] is never going away.”
CLICK HERE TO READ MORE FROM THE WASHINGTON EXAMINER
Charlie Cash, the APWU's industrial relations director, claimed that the Postal Service has taken the position that it did nothing wrong and therefore is not culpable, but said members of the union "completely disagree." In a 2013 audit from the Office of the Inspector General, Cash pointed to vulnerabilities in the Postal Service's human resources system that left it open to unauthorized access. Additionally, a union member told the Postal Service in March 2022 about the series of fake human resources websites that left employees vulnerable.
Work-related scams can be easy to fall for. Experts warn employees not to follow a link in an email or a text, and instead bookmark the sites they are trying to reach, or enter a URL manually. Additionally, employers are advised to train employees to detect phishing and implement multifactor authentication when logging into websites.