Alert

OPM Identity-Protection Phishing Campaigns

Last Revised

US-CERT is aware of suspicious domain names that may be used in phishing campaigns masquerading as official communication from the Office of Personnel Management (OPM) or the identity protection firm CSID. Https://opm.csid.com is the legitimate domain used by CSID, which is responsible for identity protection services for those affected by the recent data breach.

US-CERT recommends that users visit the OPM website for more information. Users are also encouraged to read US-CERT's guidance on avoiding social engineering and phishing attacks and report suspicious emails.

This product is provided subject to this Notification and this Privacy & Use policy.