FBI warns of threat actors spoofing Bureau domains, email accounts

FBI warns of threat actors spoofing Bureau domains, email accounts

The U.S. law enforcement agency shares a sampling of more than 90 spoofed FBI-related domains registered recently



The Federal Bureau of Investigation (FBI) has issued a warning about domains designed to spoof the Bureau’s official website, fbi.gov. The alert lists more than 90 such fraudulent websites that have been registered recently.


“The FBI observed unattributed cyber actors registering numerous domains spoofing legitimate FBI websites, indicating the potential for future operational activity,” said the law enforcement agency. The list of fraudulent domains includes somewhat plausible examples, such as “fbihelp.org” and “fbifrauddepartment.org”, as well as more or less bizarre ones like “powerfulfbi.ninja” or “fbigiftshop.shop”.


For context, domain spoofing involves the creation of a website whose domain name has near-to-identical characteristics to the original. However, there will be some subtle differences, such as the threat actors changing a letter, symbol, or adding a word in the domain name. Another telltale sign will be that the website will use an alternate top-level domain (TLD) compared to the original, government-related websites in the United States, for example, use the “.gov” TLD.


The goal of the cybercriminals is to use these webpages to wreak all manner of havoc, such as disseminating false information, gathering sensitive data from unwitting victims who have fallen for their ruses, or spreading malware. The gathered information typically includes account credentials, usernames, passwords, email addresses, and a range of other personally identifiable information that can then be utilized to carry out various forms of fraud and identity theft or be warns threat actors spoofing bureau domains email accounts