Federal Agency Scrambles Amid âOngoing Situationâ After Unauthorized Messages Are Sent To Thousands
The Federal Bureau of Investigation says it is aware of reports that unauthorized emails from a legitimate FBI address were sent to thousands of organizations.
“The FBI and CISA are aware of the incident this morning involving fake emails from an @ic.fbi.gov email account,” the FBI said in a statement Saturday. “This is an ongoing situation, and we are not able to provide any additional information at this time. The impacted hardware was taken offline quickly upon discovery of the issue. We continue to encourage the public to be cautious of unknown senders and urge you to report suspicious activity to ic3.gov or cisa.gov.”
Over 100,000 inboxes were hit with the emails, according to the Europe based nonprofit Spamhaus Project, and warned about a “sophisticated chain attack” on the recipients cyberinfrastructure.
The emails were meant to appear that they came directly from the FBI and Department of Homeland Security.
These fake warning emails are apparently being sent to addresses scraped from ARIN database. They are causing a lot of disruption because the headers are real, they really are coming from FBI infrastructure. They have no name or contact information in the .sig. Please beware!
— Spamhaus (@spamhaus) November 13, 2021
“Itâs a guess, but our thought is that [itâs] a combination scare-ware (get people to shut things down or make changes in a hurry), and a character assassination against the guy named in it, AND a way to make the FBI scramble,” Spamhaus tweeted when asked about the “ultimate goal” of the fake emails.
The emails came from the address [email protected] and were signed with the message “stay safe.”