Fraud Management & Cybercrime , Fraud Risk Management , Social Engineering

Fraudsters Spoof FBI Domain

Bureau Identifies Nearly 100 Spoofed Websites Created by Cybercriminals
Fraudsters Spoof FBI Domain

The FBI has identified nearly 100 spoofed websites that use some incarnation of the agency's name. Fraudsters and other cybercriminals potentially could leverage for disinformation campaigns and credential theft.

See Also: Live Webinar | Improve Cloud Threat Detection and Response using the MITRE ATT&CK Framework

The FBI notes in an alert that cybercriminals outside the U.S. and other threat actors are spoofing the FBI's official website - www.fbi.gov. Although the agency has not yet detected any illegal activity that uses these domains, it warns they could be used to spread false information, harvest personally identifiable information or distribute malware.

"Cyber actors create spoofed domains with slightly altered characteristics of legitimate domains. A spoofed domain may feature an alternate spelling of a word or use an alternative top-level domain, such as a '[.]com' version of a legitimate '[.]gov' website," the FBI notes.

Individuals could unknowingly visit spoofed domains while seeking information regarding the FBI's mission, services or news coverage, the bureau says. Additionally, fraudsters may use seemingly legitimate email accounts to entice the public into clicking on malicious files or links.

"A key target for these attacks are mobile users, who may be more convinced with a short URL that they can see in its entirety," says Chris Hazelton, director of security solutions at security firm Lookout says. "Short URLs that include 'FBI' are more likely to trick users into reacting, particularly when received in a text message. Users are three times more likely to click on a phishing link on a mobile device than on a laptop."

Growing Trend

Since the onset of the COVID-19 pandemic, security experts have warned that fraudsters and cybercriminals are increasingly using spoofed websites of federal agencies.

Earlier this month, researchers at Abnormal Security uncovered a phishing campaign that spoofed the U.S. Internal Revenue Service domain in an attempt to trick targeted victims into sending money to fraudsters (see: IRS Domain Spoofed in Fraud Campaign).

In October, security firm Proofpoint found a phishing campaign that spoofed the U.S. Election Assistance Commission domain to harvest banking credentials, account data and vehicle identification information (see: Fraudsters Alter Election Phishing Scam).

Proofpoint also found fraudsters were using spoofed website templates with COVID-19 themes as part of phishing attacks designed to steal login credentials and banking data. These malicious templates included a spoofed IRS website (see: Spoofed Website Templates Help Spread COVID-19 Scams: Report).


About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is senior correspondent for Information Security Media Group's global news desk. She has previously worked with IDG and other publications where she reported on developments in technology, minority rights and education.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.