FBI Warns Gmail, Outlook Users Of $100 Government Emergency Data Email Hack

    3
    0
    FBI Warns Gmail, Outlook Users Of 0 Government Emergency Data Email Hack


    Following the offer for sale of high-quality government email addresses, with full credentials, on an underground cybercrime forum, with instructions on using them as part of an emergency data request attack for an additional $100, the Federal Bureau of Investigation has issued a warning to all email users. Suggesting that the credentials could be used for everything from espionage to data extortion or ransomware, the threat actor said that stolen subpoena documents enabling an attacker to pose as a law enforcement officer could also be purchased.

    ForbesCourt Rules 4th Amendment Trumps Gmail Illegal Content Search Warrant Bypass

    Compromised Government Email Credentials For Sale

    The Federal Bureau of Investigation gas released a Private Industry Notification, PIN 20241104-001, warning of an ongoing cyber attack trend that uses compromised U.S. and foreign government email addresses. The attack modus operandi involves the use of fraudulent emergency data requests, which can request information to be supplied immediately by a business while bypassing additional reviews of the request for legitimacy, courtesy of their urgent nature, in order to expose sensitive information.

    The threat type itself, even as a particularly sophisticated and somewhat complex twist on simpler phishing attacks, is not new but the increased volume of postings offering both the compromised credentials themselves and the knowledge required to exploit them is.

    The Email Compromise Crime Timeline

    The FBI noted that the first sales in relation to an emergency data request notification hacking scam was more than a year ago in Aug. 2023. At this time the detailed instructions were being offered for $100 on the dark web. By Oct. 2023, another cyber criminal was offering compromised government email addresses to be used alongside these instructions. These, in effect, allowed the hacker to seem like a law enforcement officer for all intents and purposes. This quickly meant that the methodology here was used as an initial access sector, and sold by brokers to the ransomware trade. In Dec. 2023, campaigns using the method were uncovered where supposed law enforcement officers or government officials were using the likely death of an individual if the information was not provided immediately.

    ForbesGoogle Claims World First As AI Finds 0-Day Security Vulnerability

    Fast forward to now, and cyber criminals claiming ownership of compromised government emails across 25 countries were offering the complete package, including U.S. credentials and the real but stolen subpoena documents.

    FBI Mitigations Against Emergency Data Request Email Attacks

    The FBI alert comes complete with mitigations as follows:

    • Review the security posture of all third-party vendors associated with your organization.
    • Monitor external connections.
    • Implement an incident recovery plan.
    • Apply critical thinking to any emergency data requests received.
    • Use strong password protocols.
    • Use secure password storage.
    • Use two-factor authentication.
    • Configure accounts according to the principle of least privilege.
    • Secure Remote Desktop protocol usage.
    • Segment networks.
    • Keep all software and operating systems up to date.

    Perhaps the most critical of all of these is, appropriately enough, to apply critical thinking. Fraudsters and hackers alike rely upon knee-jerk reactions, using time-constrained instructions, to get you to do something that ordinarily you might be suspicious of. Following the instructions in an emergency data request email out of the blue, without getting confirmation of origin and having a second pair of eyes to authenticate, is just the kind of scenario an attacker loves. Take this FBI warning seriously or it might just cost your dearly.



    Source link

    LEAVE A REPLY

    Please enter your comment!
    Please enter your name here