State Dept. aims to reel in a ‘phishing as a service’ provider to test its staff

​The State Department, with its recent history of email security issues, is looking to phish its own personnel — all in the name of training.

The State Department, with a recent history of email security issues, is looking to phish its own personnel.

The department’s Directorate of Information Assurance, Office of Policy, Liaison and Training issued a request for information earlier this month on “Phishing Email Simulation Services and Training,” looking at the potential of procuring vendor-hosted and -managed “Phishing as a Service.”

The idea is that a vendor would create, send and track faux phishing emails in various languages to State’s 190,000 personnel worldwide at their email addresses. Those workers who fall for the phishing attempts — referred to as “violators” — would be sent to corrective training, according to the RFI. 

Potential vendors would also need to generate data on the simulated treats and the violators, such as common threat vectors — like how a successful phishing attempt could give a malicious agent access to other networks or systems.


In late 2014, Russian hackers were able to make it all the way into White House unclassified systems from an entry point in a State Department email server, according to CNN. The perpetrators apparently used a phishing email from a address to access the State networks, officials said.

And before news broke last year that former Secretary of State Hillary Clinton had used a personal email address for official business, Romanian hacker Guccifer breached a Clinton adviser’s email and released memos sent to a private “” domain that outlets linked to the secretary. Clinton use of personal email has been a stumbling block during her campaign to be named the Democratic nominee in November’s presidential election.     

Contact the reporter on this story via email at or follow him on Twitter @BillyMitchell89. Subscribe to the Daily Scoop to get all the federal IT news you need in your inbox every morning at

Billy Mitchell

Written by Billy Mitchell

Billy Mitchell is Senior Vice President and Executive Editor of Scoop News Group's editorial brands. He oversees operations, strategy and growth of SNG's award-winning tech publications, FedScoop, StateScoop, CyberScoop, EdScoop and DefenseScoop. After earning his degree at Virginia Tech and winning the school's Excellence in Print Journalism award, Billy received his master's degree from New York University in magazine writing.

Latest Podcasts