Cyber criminals pose a threat to Postal Service™ employees by creating fake websites that closely resemble LiteBlue. These bad actors use fraudulent websites to capture employee identification numbers and passwords, so they can access employees’ personal information in PostalEASE, including direct deposit and other payroll information. These fake websites feature an address (“URL”) that resembles the actual address, such as “LightBlue,” “LiteBlu,” or “LiteBlue.org.”
Over the last few weeks, USPS® has taken steps to warn employees about the threats that cyber criminals pose, showed employees how to protect themselves, and implemented enhancements to existing security protocols. These steps included a targeted awareness communication campaign, which involved a letter sent to all employees’ address of record and the distribution of two required stand-up talks. Additionally, USPS implemented a system of email notifications (when changes are made to employees’ net-to-bank and allotment accounts), and provided instructions on setting up this functionality.
On January 15, 2023, USPS deployed the MFA solution for LiteBlue to enhance the security of employees’ IDs, passwords, and other personal data, while preventing unauthorized access and misuse of their accounts. At this time, you are required to sign up for MFA to access LiteBlue.
As part of MFA implementation, complete these steps:
n Reset your Self-Service Profile (SSP) password.
n Verify answers to security questions.
n Verify the last four digits of your Social Security Number (new security enhancement).