Sign in

Fake emails warning ‘Urgent: threat actor in systems’ sent from secure FBI server

The FBI confirmed independent security group Spamhaus's report that a large number of fake emails were sent in two waves early Saturday from an address on the government's Law Enforcement Enterprise Portal, which is used by multiple government agencies.

Published on: Nov 14, 2021, 07:41:46 IST
AFP
Share
Share via
  • facebook
  • twitter
  • linkedin
  • whatsapp
Copy link
  • copy link

Fake emails purportedly from the US Department of Homeland Security warning of cyberattacks were sent out Saturday from a secure FBI computer server, computer security experts said.

Some of the emails, sent in the name of the Homeland Security cyber threat detection group, were headlined: "Urgent: threat actor in systems." (Shutterstock | Representational image)
Some of the emails, sent in the name of the Homeland Security cyber threat detection group, were headlined: "Urgent: threat actor in systems." (Shutterstock | Representational image)

The FBI confirmed independent security group Spamhaus's report that a large number of fake emails were sent in two waves early Saturday from an address on the government's Law Enforcement Enterprise Portal, which is used by multiple government agencies.

Some of the emails, sent in the name of the Homeland Security cyber threat detection group, were headlined: "Urgent: threat actor in systems."

They warned recipients that they were the target of a "sophisticated" hacking attack from a known extortion gang, according to Spamhaus.

Independent cyber security expert Brian Krebs said he, too, had received a fake email from the FBI address, though with a different message.

In a statement, the FBI and the DHS Cybersecurity and Infrastructure Agency confirmed the incident, without offering details.

"The FBI and CISA are aware of the incident this morning involving fake emails from an @ic.fbi.gov email account," they said in a statement.

"This is an ongoing situation and we are not able to provide any additional information at this time. The impacted hardware was taken offline quickly upon discovery of the issue. We continue to encourage the public to be cautious of unknown senders and urge you to report suspicious activity," it added.

There was no indication of how the emails were sent -- whether by someone using legitimate access to the server or a hacker from outside.

Get the latest headlines from US news and global updates from Pakistan, Nepal, UK, Bangladesh, Russia and US Iran war Live, get all the latest headlines in one place on Hindustan Times.