Alert: Refund Scam Targeting Federal Agencies via RMM Software

At least two federal civilian agencies were the unfortunate victims of a refund scam campaign, perpetrated through the use of remote monitoring and management (RMM) software. CISA, the NSA and the MS-ISAC discovered the campaign in October, but it appears the cybercriminals had been at work since June, and were still going strong in September.