SEARCH FINANCIAL SERVICES INFRASTRUCTURE SECURITY SCIENCE INTERVIEWS

 

     

Cyber Actors Spoof FBI-Related Domains

November 25, 2020

The FBI observed unattributed cyber actors registering numerous domains spoofing legitimate FBI websites, indicating the potential for future operational activity. The FBI's main official website is www.fbi.gov. (See appendix for a list of identified spoofed FBI-related Internet domains.)

Spoofed domains and email accounts are leveraged by foreign actors and cybercriminals and can easily be mistaken for legitimate websites or emails. Adversaries can use spoofed domains and email accounts to disseminate false information; gather valid usernames, passwords, and email addresses; collect personally identifiable information; and spread malware, leading to further compromises and potential financial losses

Cyber actors create spoofed domains with slightly altered characteristics of legitimate domains. A spoofed domain may feature an alternate spelling of a word, or use an alternative top-level domain, such as a "[.]com" version of a legitimate "[.]gov" website. Members of the public could unknowingly visit spoofed domains while seeking information regarding the FBI's mission, services, or news coverage. Additionally, cyber actors may use seemingly legitimate email accounts to entice the public into clicking on malicious files or links.

The FBI urges all members of the American public to critically evaluate the websites they visit, and the messages sent to their personal and business email accounts, to seek out reliable and verified FBI information.

Recommendations

  • Verify the spelling of web addresses, websites, and email addresses that look trustworthy but may be imitations of legitimate election websites.
  • Ensure operating systems and applications are updated to the most current versions.
  • Update anti-malware and anti-virus software and conduct regular network scans.
  • Do not enable macros on documents downloaded from an email unless absolutely necessary, and after ensuring the file is not malicious.
  • Do not open emails or attachments from unknown individuals. Do not communicate with unsolicited email senders.
  • Never provide personal information of any sort via email. Be aware that many emails requesting your personal information may appear to be legitimate.
  • Use strong two-factor authentication if possible, using biometrics, hardware tokens, or authentication apps.
  • Use domain whitelisting to allow outgoing network traffic to websites that are deemed safe.
  • Disable or remove unneeded software applications
  • Verify that the website you visit has a Secure Sockets Layer (SSL) certificate.

Victim Reporting and Additional Information

The FBI encourages the public to report information concerning suspicious or criminal activity to their local field office (www.fbi.gov/contact-us/fieldoffices) or the FBI's Internet Crime Complaint Center (www.ic3.gov).

Appendix of Identified Spoofed FBI-Related Internet Domains

This list is not comprehensive but demonstrates the range of spoofed domains that exist.

Identified Spoofed Domains
agenciafbi.ga fbiigovv.com infofbi-unit.com
authefbi.ga fbi-intel.com johnsonfbi.com
cyber-crime-fbi.org fbikids.com legalienfbi.com
fbi.camera fbimaryland.org plapper-fbi.com
fbi.cash fbimaxwell.com powerfulfbi.ninja
fbi.ca fbimostwanted.info us-fbigov.com
fbi.health fbi-news.com virtualfbi.com
fbi.studio fbinews.ga xalienfbi.com
fbi.systems fbinews.online x-alienfbi.com
fbi.xn--mgbayh7gpa fbinigeria.org fbi-fraud.com
fbi0.com fbi-ny.com fbidefense.com
fbibau.us fbioffice.ml fbienglish.com
fbi2.com fbi-official.com fbifrauddepartment.org
fbi-unit.net fbiofficial.online fbifraud.primebnkonline.com
fbi3262.live fbione.com fbiglobalgp.com
fbi7.cn fbiopenthedoor.icu fbigov.art
fbi9.com fbiorganisation.online fbi-gov.network
fbi9.me fbiorganization.club fbigrantinvestigation.com
fbiagent.online fbipedophilerings.com fbiinspectionunit.com
fbi-augustyn.pl fbiphoto.com fbi-police.com
fbiaustralia.com fbireserveco.biz fbi-c-d.com.co
fbibau.de fbireport.us fbicyberdivision.com
fbi-bau.de fbiusagov.online hdqkfbi.cn
fbi-biz.com fbiurl.com ic-fbi.org
fbiboston.xn--mgbayh7gpa fbiusagov.com fbiwarning.club
fbi-c.com.co fbiusgov.com fbi-cd.com.co
Registered Spoofed Domains but Currently Unable to Resolve
fbihelp.org fbi-belote.com fbilibrary.ml
fbigiftshop.shop fbispassport.gq fbi-pay.com
fbiboston.com.jo fbi99.cn fbi2000.com
fbiusa.net fbi.com.jo fbipublicidad.com
fbi-usa.us fbi058.com  

Terms of Use | Copyright 2002 - 2020 CONSTITUENTWORKS SM  CORPORATION. All rights reserved. | Privacy Statement