The FBI has warned that fake versions of its official website are the result of domain spoofing by cyber actors.
In a public service announcement, the FBI said it had observed “unattributed cyber actors” registering multiple domains purporting to be legitimate FBI websites.
Domain spoofing is when an attacker uses what appears to be an organisation’s domain to create a fake version of a website. This is done by setting up domains with slightly altered names, or use an alternative top-level domain, making them appear legitimate to the general public.
Threat actors may also spoof email addresses and use them to send malicious files or links.
In the context of the ongoing Covid-19 pandemic and recent presidential election, this type of attack may be particularly effective as people seek out information from official sources.
The FBI warned that fake websites can be used for a variety of nefarious purposes, including spreading misinformation, collecting personal information, spreading malware or duping victims into entering their usernames and passwords.
It has so far identified around 78 spoofed domains, but said that the list was not comprehensive.
The FBI urged the public to “critically evaluate the websites they visit, and the messages sent to their personal and business email accounts, to seek out reliable and verified FBI information”.
It also advised them to look closely at the spelling of web addresses, websites, and email addresses, update anti-malware and anti-virus software regularly and avoid opening emails or attachments from unknown individuals and providing personal information over email.
Carl Wearn, head of e-crime at Mimecast said:
“There are a wide range of reasons individuals or groups might have to spoof law enforcement or government websites. These specific examples are likely to be the potential for monetary gain through credential theft, as online reporting of crime is a feature of the genuine FBI website. The motive could also be more sinister, with the potential misuse to spread disinformation, and/or to impact the credibility and trust that individuals have in any agency or department.
“Spoofing or the use of law enforcement credentials to defraud or scam people has been a regular tactic of fraudsters for a long time, even preceding the internet, as criminals seek to exploit the trust society places in these particular organisations and the enhanced likelihood of compliance with their instructions given that trust. Please ensure you go to any genuine website via your browser, and do not click on links in emails or other electronic communications which may take you to these fake or spoofed websites and steal your personal details or worse.”