Scores of domains have been identified which spoof official Federal Bureau of Investigation (FBI) websites, prompting the FBI’s Internet Crime Complaint Center to issue a warning. While the intentions of the individuals who registered the domains is not known, it is strongly suspected that the domains were intended for use in future phishing or malware distribution campaigns.
The domains could be used to register email accounts that closely resemble those used by the FBI which could be used in convincing phishing campaigns to harvest credentials, distribute malicious files, or distribute false information. The websites are not currently thought to have been used for malicious purposes but could be being prepared for a future campaign.
The fake websites include:
- fbi-news.com
- fbi-fraud.com
- com
- com
- ca
- org
- fbi-official.com
- com
- com
- systems
The advice from the FBI is to follow cybersecurity best practices and critically evaluate any website or link in an email to determine whether it is an official FBI website and to only seek information from the FBI from verified FBI domains. If emails are received from unknown individuals, do not to open those messages or attachments, click links in those emails, or reply to those messages including personal information. You should never provide any personal information via email, and the FBI will never request that you do so in any email correspondence. Official FBI websites have the .gov TLD, and restrictions are in place to prevent the registration of those domains by non-government officials.
Since messages could be sent from those domains that distribute malware, ensure that you have installed antivirus software on your computer and that it is automatically updated with the latest virus definitions. You should also ensure that software and operating system updates or patches are applied promptly.
You should set strong passwords and, whenever possible, implement multi-factor authentication on your accounts. While it is no guarantee of the legitimacy of a website, you should always check that a website has a Secure Socket Layer (SSL) certificate (starts with https) before considering disclosing any personal or sensitive information.