1 min read

FBI Warns of Spoofed Domains Imitating their Website

Silviu STAHIE

November 25, 2020

FBI Warns of Spoofed Domains Imitating their Website

Cyber actors have spoofed legitimate FBI websites in an effort to trick people, possibly by disseminating false information or gathering credentials, according to an FBI advisory.

Spoofing official domains, whether they belong to private companies or public institutions, is just one of many steps cybercriminals take before launching an attack. In this situation, the FBI noticed that unnamed actors registered numerous domains that imitate the official URL. In most cases, the attackers are only interested in featuring the FBI letters along with other words and vastly different domain names.

“Spoofed domains and email accounts are leveraged by foreign actors and cybercriminals and can easily be mistaken for legitimate websites or emails,” says the FBI. “Adversaries can use spoofed domains and email accounts to disseminate false information; gather valid usernames, passwords, and email addresses; collect personally identifiable information; and spread malware, leading to further compromises and potential financial losses.”

The attackers changed some of the domain names from gov to org or com. They also added other words with results like ‘cyber-crime-fbi.org’, ‘agenciafbi.ga’, ‘fbi.systems’ and many others. While it’s possible to train security solutions to recognize spoofed domains, it’s also up to users to pay close attention to links they open.

The FBI also issued several simple recommendations, such as keeping the operating systems and applications updated to the most current versions, update the anti-virus and anti-malware solutions to their latest version, regularly conduct network scans, and verify that the visited website has a Secure Sockets Layer (SSL) certificate.

Spoofing URLs is not exclusive to government agencies, and many companies, especially the bigger ones, face this problem every day. It’s one of many tools in the hacker’s arsenal, and it”s especially effective in phishing campaigns.

tags


Author



Right now

Top posts

Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

August 27, 2021

2 min read
Your Netflix Account May Be on Sale on Darkweb. Protect It

Your Netflix Account May Be on Sale on Darkweb. Protect It

August 13, 2021

3 min read
E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Romance scammers arrested in Texas for defrauding elderly lonely hearts Romance scammers arrested in Texas for defrauding elderly lonely hearts
Graham CLULEY

September 28, 2021

3 min read
iCloud Private Relay Vulnerability Exposes User IP Addresses, Researchers Find iCloud Private Relay Vulnerability Exposes User IP Addresses, Researchers Find
Silviu STAHIE

September 27, 2021

1 min read
Bitcoin.org Compromised; Attackers Posted “Double Your Money” Announcement Bitcoin.org Compromised; Attackers Posted “Double Your Money” Announcement
Silviu STAHIE

September 27, 2021

1 min read