Spoofed FBI Domains Pose Risk Of Cybercrime And Disinformation

A public service announcement from the Federal Bureau of Investigation (FBI) has been released to help the public recognize and avoid spoofed FBI-related Internet domains. The FBI observed unattributed cyber actors registering numerous domains spoofing legitimate FBI websites, indicating the potential for future malicious activity. 

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Tim Helming
Tim Helming , Security Advocate
InfoSec Expert
November 25, 2020 7:49 pm

The FBI is right to advise the public about the risks posed by spoofed domains. Cyber criminals use various methods to get the attention of their intended victims, and the letters F-B-I do get people’s attention. Part of being security-aware, which every individual needs to be, is becoming familiar with common abuse patterns. In this case, many of the illegitimate domains use various other words in conjunction with “fbi,” which is a common practice by malicious actors. But, since legitimate organizations do own variations on their own domain names, Internet users also need to consider the context of any link they are presented with. For example, if a link referring to the FBI (or other government agency) arrives as an unsolicited text message, there is a high likelihood of fraud. When in doubt, users should type the simplest version of the domain name (such as fbi.gov) into the browser, and navigate around the site to find the content they seek.

Last edited 2 years ago by Tim Helming
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x