|
Cyber Actors Spoof FBI-Related Domains
November 25, 2020
 The FBI observed unattributed
cyber actors registering numerous domains spoofing legitimate FBI
websites, indicating the potential for future operational activity.
The FBI's main official website is
www.fbi.gov.
(See appendix for a list of identified spoofed FBI-related Internet
domains.)
Spoofed domains and email
accounts are leveraged by foreign actors and cybercriminals and can
easily be mistaken for legitimate websites or emails. Adversaries
can use spoofed domains and email accounts to disseminate false
information; gather valid usernames, passwords, and email addresses;
collect personally identifiable information; and spread malware,
leading to further compromises and potential financial losses
Cyber actors create spoofed
domains with slightly altered characteristics of legitimate domains.
A spoofed domain may feature an alternate spelling of a word, or use
an alternative top-level domain, such as a "[.]com" version of a
legitimate "[.]gov" website. Members of the public could unknowingly
visit spoofed domains while seeking information regarding the FBI's
mission, services, or news coverage. Additionally, cyber actors may
use seemingly legitimate email accounts to entice the public into
clicking on malicious files or links.
The FBI urges all members of
the American public to critically evaluate the websites they visit,
and the messages sent to their personal and business email accounts,
to seek out reliable and verified FBI information.
Recommendations
-
 Verify
the spelling of web addresses, websites, and email addresses
that look trustworthy but may be imitations of legitimate
election websites.
- Ensure operating systems
and applications are updated to the most current versions.
- Update anti-malware and
anti-virus software and conduct regular network scans.
- Do not enable macros on
documents downloaded from an email unless absolutely necessary,
and after ensuring the file is not malicious.
- Do not open emails or
attachments from unknown individuals. Do not communicate with
unsolicited email senders.
- Never provide personal
information of any sort via email. Be aware that many emails
requesting your personal information may appear to be
legitimate.
- Use strong two-factor
authentication if possible, using biometrics, hardware tokens,
or authentication apps.
- Use domain whitelisting
to allow outgoing network traffic to websites that are deemed
safe.
- Disable or remove
unneeded software applications
- Verify that the website
you visit has a Secure Sockets Layer (SSL) certificate.
Victim Reporting and
Additional Information
The FBI encourages the public
to report information concerning suspicious or criminal activity to
their local field office (www.fbi.gov/contact-us/fieldoffices)
or the FBI's Internet Crime Complaint Center (www.ic3.gov).
Appendix of
Identified Spoofed FBI-Related Internet Domains
This list is not comprehensive
but demonstrates the range of spoofed domains that exist.
|
Identified Spoofed
Domains |
|
agenciafbi.ga |
fbiigovv.com |
infofbi-unit.com |
|
authefbi.ga |
fbi-intel.com |
johnsonfbi.com |
|
cyber-crime-fbi.org |
fbikids.com |
legalienfbi.com |
|
fbi.camera |
fbimaryland.org |
plapper-fbi.com |
|
fbi.cash |
fbimaxwell.com |
powerfulfbi.ninja |
|
fbi.ca |
fbimostwanted.info |
us-fbigov.com |
|
fbi.health |
fbi-news.com |
virtualfbi.com |
|
fbi.studio |
fbinews.ga |
xalienfbi.com |
|
fbi.systems |
fbinews.online |
x-alienfbi.com |
|
fbi.xn--mgbayh7gpa |
fbinigeria.org |
fbi-fraud.com |
|
fbi0.com |
fbi-ny.com |
fbidefense.com |
|
fbibau.us |
fbioffice.ml |
fbienglish.com |
|
fbi2.com |
fbi-official.com |
fbifrauddepartment.org |
|
fbi-unit.net |
fbiofficial.online |
fbifraud.primebnkonline.com |
|
fbi3262.live |
fbione.com |
fbiglobalgp.com |
|
fbi7.cn |
fbiopenthedoor.icu |
fbigov.art |
|
fbi9.com |
fbiorganisation.online |
fbi-gov.network |
|
fbi9.me |
fbiorganization.club |
fbigrantinvestigation.com |
|
fbiagent.online |
fbipedophilerings.com |
fbiinspectionunit.com |
|
fbi-augustyn.pl |
fbiphoto.com |
fbi-police.com |
|
fbiaustralia.com |
fbireserveco.biz |
fbi-c-d.com.co |
|
fbibau.de |
fbireport.us |
fbicyberdivision.com |
|
fbi-bau.de |
fbiusagov.online |
hdqkfbi.cn |
|
fbi-biz.com |
fbiurl.com |
ic-fbi.org |
|
fbiboston.xn--mgbayh7gpa |
fbiusagov.com |
fbiwarning.club |
|
fbi-c.com.co |
fbiusgov.com |
fbi-cd.com.co |
|
Registered Spoofed
Domains but Currently Unable to Resolve |
|
fbihelp.org |
fbi-belote.com |
fbilibrary.ml |
|
fbigiftshop.shop |
fbispassport.gq |
fbi-pay.com |
|
fbiboston.com.jo |
fbi99.cn |
fbi2000.com |
|
fbiusa.net |
fbi.com.jo |
fbipublicidad.com |
|
fbi-usa.us |
fbi058.com |
|
|
