A public service announcement from the Federal Bureau of Investigation (FBI) has been released to help the public recognize and avoid spoofed FBI-related Internet domains. The FBI observed unattributed cyber actors registering numerous domains spoofing legitimate FBI websites, indicating the potential for future malicious activity.
The FBI is right to advise the public about the risks posed by spoofed domains. Cyber criminals use various methods to get the attention of their intended victims, and the letters F-B-I do get people’s attention. Part of being security-aware, which every individual needs to be, is becoming familiar with common abuse patterns. In this case, many of the illegitimate domains use various other words in conjunction with “fbi,” which is a common practice by malicious actors. But, since legitimate organizations do own variations on their own domain names, Internet users also need to consider the context of any link they are presented with. For example, if a link referring to the FBI (or other government agency) arrives as an unsolicited text message, there is a high likelihood of fraud. When in doubt, users should type the simplest version of the domain name (such as fbi.gov) into the browser, and navigate around the site to find the content they seek.