Georgia Tech Procurement Assistance Center

In doubt? Check with GTPAC!

By

Your team at the Georgia Tech Procurement Assistance Center (GTPAC) stands ready to offer you advice about any aspect of government contracting — especially when you have any doubt about the legitimacy of a contract-related service or solicitation.

We’ve published many articles before about government contracting scams (click here to see previous articles), and once again we want to bring another one to your attention.

Just a few days ago, a GTPAC client contacted one of our Counselors and asked about the legitimacy of a request for a quotation he received, supposedly from the Dept. of Defense (DoD).  Once we examined the email and the attachment that our client sent us, we told him to run — not walk — away from it!

Here Are the Details

The email was purportedly from a DoD official soliciting a quote for some laptops and computer drives.

We examined the email and its attachment, including the following:

  • We called the phone number in the email which was answered by a person who didn’t identify himself.  When we asked questions, he said that he’d have the person identified in the email call us back with details.  No one called back.
  • We checked the identity of the person who supposedly sent the email.  The email’s Quote form identified him as Deputy Director for Procurement at AT&L.   We determined that, in reality, he is DoD’s Deputy Director for Earned Value Management.  AT&L (Acquisition, Technology and Logistics) is a unit within DoD that no longer exists; it’s been reorganized into two groups: research and engineering (R&E) and acquisition and sustainment (A&S).  (See details of that reorganization by clicking here.)
  • We also identified the DoD official’s real email address and his actual phone number; they were not the email address or phone number shown in the email and on the Quote form that was sent to our client.
  • We noted that the federal solicitation number shown on the Quote form was not in the correct format, and the Quote form itself was not a form we have ever seen before.
  • The wording of the email was sloppy and unprofessionally prepared.

Based on the above, we advised our client to not respond because we believe this is a probable scam which will lead to an order to ship the products to a bogus shipping address, for which payment will never be received.  We also alerted the appropriate DoD officials of this probable scam.

What You Should Do

It’s as simple as 1-2-3.

  1. Stay alert to possible scams involving government contracting.  There are many scams in circulation literally every day.
  2. Don’t let the temptation of landing a sale overtake your common sense.  If it looks like easy money, it’s probably bogus.
  3. Whenever you are in doubt, contact GTPAC for advice.  We’ll be happy to check things out for you and provide you with our opinion.  It’s as simple as forwarding anything suspicious to us at: gtpacatl@innovate.gatech.edu.

Remember, the GTPAC team is here to help you succeed in the government marketplace!

P.S.:  If your business is located outside the state of Georgia, you can find a procurement technical assistance center (PTAC) by clicking here.

 

Chinese government hackers steal massive amounts of data from Navy contractor computers

By

Chinese government hackers have stolen large swaths of highly sensitive data on undersea warfare from a Navy contractor’s computers, The Washington Post reports.

The stolen information includes secret plans to develop a supersonic anti-ship missile to be used by submarines by 2020, American officials told the Post.

The incidents took place in January and February, but officials did not disclose the contractor that was targeted, the newspaper reported Friday.

Although the information was highly sensitive, it was housed on the contractor’s unclassified network, according to the Post.

“Per federal regulations, there are measures in place that require companies to notify the government when a ‘cyber incident’ has occurred that has actual or potential adverse effects on their networks that contain controlled unclassified information,” Navy Lt. Marycate Walsh said in a statement. “It would be inappropriate to discuss further details at this time.”

Keep reading this article at: http://wtkr.com/2018/06/08/wapo-chinese-government-hackers-steal-massive-amounts-of-data-from-navy-contractor-computers/

Scam Alert: Malicious e-mail spoofs being sent to vendors

By

The Defense Logistics Agency (DLA) is reporting that a fake solicitation is being sent to vendors in the form of a Request for Quotation (RFQ).

The fake email solicitation, purporting to be from DLA, has been targeting GSA STARS II vendors.

The emails are not from DLA.mil.  Instead, they are coming from a “Reply-To” address ending in @dla-mil.us, which is not a government address.

In some cases, “stars2@american consultants.com” has been identified to supposedly send messages on behalf of a DLA Contract Specialist — these are also fake.

Some of the bogus emails suggest that vendors use the “stars2” Google Group at https//groups.google.com/a/americanconsultants.com to obtain more information or to unsubscribe from the email communication.  Be advised that “stars2” is not a DLA affiliated group.

Always remain cautious of emails that arrive in your inbox that are not explicitly addressed to you.  Sometimes scammers attempt to hide their actions by addressing their targets in the “bcc” line.

Also, please be aware that the phone number in these recent bogus emails is not a DLA phone number.  In addition, the RFQ form in the email is not an official government form, nor is the signature block legitimate.

DLA’s notice about this matter can be seen here: Vendor Phishing Notice -DLA – 8 June 2018.  The notice shows copies of the bogus emails.

Bottom line: Vendors should always remain vigilant about suspicious emails, and be cautious about opening email attachments.  Questions or comments can be directed to DLA at CERTFusionCell@dla.mil.

In addition, if you ever have a question about the legitimacy of any emails having to do government contracting opportunities, especially those which solicit a fee, please feel free to contact the Georgia Tech Procurement Assistance Center (GTPAC) for advice.  GTPAC can be emailed at gtpacatl@innovate.gatech.edu.

To read previous articles about scams involving government contracting, visit http://gtpac.org/?s=scam

Georgia National Guard wants some help prepping for a big cyber test

By

The Georgia Army National Guard is gearing up for an inspection of its cyber posture and is looking for a contractor to provide technical assistance as it prepares.

The guard unit plans to upgrade its IT systems ahead of the review and needs assistance with “network configuration, server administration and information assurance,” according to a solicitation on the government contracting site FedBid.

“The objective of this contract is to provide skill and expertise in order to successfully pass the [Command Cyber Readiness Inspection],” according to the performance work statement. “This work will be performed to bring the [Georgia Army National Guard] into compliance with current DOD network security standards.”

Keep reading this article at: https://www.nextgov.com/cybersecurity/2018/05/georgias-national-guard-unit-wants-some-help-prepping-big-cyber-test/148190/

FTC wants to help small businesses spot cyber scams

By

If you’re a small business owner receiving Facebook messages about a business grant you’ve won, you might be the target of a cyber scam—and the Federal Trade Commission wants to make sure you don’t fall victim.

FTC this week launched a new site designed to help small businesses protect themselves from cyberattack. They’re often easy targets, especially because they don’t have the financial resources larger organizations do to constantly monitor their networks, according to FTC.

The Facebook scam, in which criminals posed as a recipient’s friend to collect cellphone numbers, is just one example; the percentage of spear-phishing attempts directed at small businesses rose from 18 percent in 2011 to 43 percent in 2015, according to Symantec’s threat report.

Keep reading this article at: http://www.nextgov.com/cybersecurity/2017/05/ftc-wants-help-small-businesses-spot-cyber-scams/137734/

Modified BPA for security products coming from GSA within 30 days

By

Continuous Diagnostics and MitigationThe General Services Administration (GSA) will move the continuous diagnostics and mitigation (CDM) acquisition vehicle into its second phase within the next month by issuing modifications to the blanket purchase agreement, a GSA official said June 2.

The CDM vehicle, which has a $6 billion ceiling, is one of the prime federal tools for defending civilian networks that are under siege daily from hackers.

CDM Ordering Guide - GSA 2015Whereas Phase I of CDM is giving agencies tools to detect what devices are on their networks, Phase 2 will focus on better identifying who is on those networks. Thus, security products for identity management and network boundary protection will be in the offing from vendors during Phase 2.

The third phase, to come at an undetermined date, will delve further into boundary protection and tackle incident response.

Keep reading this article at: http://fcw.com/articles/2015/06/02/dhs-cdm-awards.aspx

Here comes GSA’s next government-wide telecom contract vehicle

By

The General Services Administration’s information technology contracting office is seeking industry feedback on plans for the next governmentwide contract vehicle for telecommunications and related services.

GSA is in the process of developing Network Services 2020, or NS2020, a slate of approved vendors offering everything from basic telephone and data services to niche satellite and infrastructure contracts for federal agencies. The request for information posted April 8, 2014 seeks industry feedback on how GSA should structure that global contracting vehicle.

GSA will begin soliciting bids in fiscal 2015 from vendors who want to be part of the NS2020 contract vehicle, according to the RFI. Contracts with the vendors approved under NS2020 will likely be available for 15 years or for 10 years with five option years, the RFI said.

NS2020 will replace Networx, a similar global contract vehicle for telecom services that’s set to expire soon, but will include a broader suite of services.

Keep reading this article at: http://www.nextgov.com/cio-briefing/2014/04/here-comes-gsas-next-governmentwide-telecom-contract-vehicle/82210/?oref=nextgov_cio_briefing

Contracting News

Read More

Contracting Tips

Read More

GTPAC News

Read More

Georgia Tech News

Read More