(Washington) Fake emails attributed to the US Department of Homeland Security were sent on Saturday from a secure FBI computer server, US federal police confirmed after reports from experts from the European organization Spamhaus.
In a statement, the FBI and the Cybersecurity and Infrastructure Agency (CISA) confirmed the incident, without providing details.
“The FBI and the CISA are aware of the incident this morning involving fake emails from an account at @ ic.fbi.gov,” according to their statement. “This is an ongoing situation and we can not provide any other additional information at the moment”, they add, specifying that “the affected material was taken offline soon after the discovery of the problem”.
“We continue to encourage the public to be careful of unknown senders and ask you to report any questionable activity,” the statement continued.
No indication was available as to how these emails were sent, either by someone authorized to access the server or by an outside hacker.
According to Spamhaus information, a large number of fake emails were sent in two waves early Saturday from an address on a government portal for business law enforcement, used by many government agencies.
Some of the emails, sent on behalf of the group responsible for detecting cyberattacks at the Department of Homeland Security, read: “urgent, your systems are at risk.”
These emails warned their recipients that they were the target of a “sophisticated” attack by a known gang specializing in racketeering, according to Spamhaus.
Brian Krebs, an independent cybersecurity expert, explained that he himself received a fake email from the FBI address, but with another message.