The FBI again is warning the general public to look & think before they click.
The FBI is urging the American public to ensure they are getting “reliable & verified FBI information.”
While spoofed domains & fraudulent websites have always posed a threat to the unsuspecting internet user, a recent campaign involving fake FBI websites compelled the Federal Bureau of Investigation to alert the public this week.
In a Public Service Announcement posted on Mon., the FBI reiterated that its website is fbi.gov & for users to beware of spoofed domains. In particular, individuals should be vigilant & double check the spelling of domains, look out for alternate spellings of words in the URL, or sites that have different looking top-level domains.
“The FBI observed unattributed cyber actors registering numerous domains spoofing legitimate FBI websites, indicating the potential for future operational activity,” the PSA reads, “The FBI urges all members of the American public to critically evaluate the websites they visit, & the messages sent to their personal & business email accounts, to seek out reliable & verified FBI information.”
The Bureau warns the sites could be used by attackers to carry out a handful of outcomes such as the spreading of disinformation & malware, the gathering of usernames, passwords, email addresses & other personally identifiable information, etc.
Apart from the speculative examples above, the FBI declined to specify exactly what its seen attackers do with the domains. but it did share a few examples of the spoofed domains it has spotted as of late.
While not every internet user has the same experience finding spoofed domains, the way the majority of these are spelled should tip off users that something is not right.
A quick check finds that most of these URLs are offline; others are for sale – at least one (fbireport.us) redirects back to the FBI’s official website. While there is no indication any of the domains have been used in an attack, they could be used for future attacks.
The FBI also provided these suggestions to help users better find spoofed domains:
- Verify the spelling of web addresses, websites, & email addresses that look trustworthy but may be imitations of legitimate election websites.
- Ensure operating systems & applications are updated to the most current versions.
- Update anti-malware & anti-virus software & conduct regular network scans.
- Do not enable macros on documents downloaded from an email unless absolutely necessary, & after ensuring the file is not malicious.
- Do not open emails or attachments from unknown individuals. Do not communicate with unsolicited email senders.
- Never provide personal information of any sort via email. Be aware that many emails requesting your personal information may appear to be legitimate.
- Use strong 2-factor authentication if possible, using biometrics, hardware tokens, or authentication apps.
- Use domain whitelisting to allow outgoing network traffic to websites that are deemed safe.
- Disable or remove unneeded software applications
- Verify that the website you visit has a Secure Sockets Layer (SSL) certificate.
US Census Bureau
It is the 2nd time in the past 2 months that the FBI has warned about spoofed domains. In Oct., the service warned attackers were attempting to mimic sites associated with the US Census Bureau.
The FBI posted 63 different domains it noticed that were registered & attempting to trick users into thinking they were legitimate.