Softpedia: A US Army combat commander decided to run a small experiment to see how many Army employees would fall for a phishing scam. No one fell for it, but the lack of coordination with other government departments led to a scandal.
According to The Washington Post, the phishing emails were designed to look like they were coming from Thrift Savings Plan, a small agency that provides retirement savings services for a majority of federal workers. The emails carried the subject line “Thrift Savings Plan Alert: Passcode Reset” and appeared to come from a tspgov.us email address.