Spoofed FBI Internet Domains Pose Cyber and Disinformation Risks
*Note: This information is provided by the FBI to assist cyber security specialists protect against the persistent malicious actions of cyber criminals. The CCI is happy to share this information to further information sharing initiatives. The information is provided without any guaranty or warranty and is for use at the sole discretion of the recipients.
Questions regarding this PSA should be directed to your local FBI Field Office. The CCI encourages the public to report information concerning suspicious or criminal activity to their local FBI field office (www.fbi.gov/contact-us/fieldoffices) or the FBI’s Internet Crime Complaint Center (www.ic3.gov).
Local Field Office Locations: www.fbi.gov/contactus/field-office
On 23 November 2020, the Federal Bureau of Investigation (FBI) issued an announcement to help the public recognize and avoid spoofed FBI-related Internet domains. The FBI observed unattributed cyber actors registering numerous domains spoofing legitimate FBI websites, indicating the potential for future operational activity. The FBI’s main official website is www.fbi.gov.
Spoofed domains and email accounts are leveraged by foreign actors and cybercriminals and can easily be mistaken for legitimate websites or emails. Adversaries can use spoofed domains and email accounts to disseminate false information; gather valid usernames, passwords, and email addresses; collect personally identifiable information; and spread malware, leading to further compromises and potential financial losses.
Cyber actors create spoofed domains with slightly altered characteristics of legitimate domains. A spoofed domain may feature an alternate spelling of a word or use an alternative top-level domain, such as a “[.]com” version of a legitimate “[.]gov” website. Members of the public could unknowingly visit spoofed domains while seeking information regarding the FBI’s mission, services, or news coverage. Additionally, cyber actors may use seemingly legitimate email accounts to entice the public into clicking on malicious files or links.
The FBI urges all members of the American public to critically evaluate the websites they visit, and the messages sent to their personal and business email accounts, to seek out reliable and verified FBI information.
Download this FBI Public Service Announcement here for a list of identified spoofed FBI-related Internet domains.