The FBI again is warning the general public to look (and think) before they click.
While spoofed domains and fraudulent websites have always posed a threat to the unsuspecting internet user, a recent campaign involving fake FBI websites forced the Federal Bureau of Investigation to alert the public this week.
In a Public Service Announcement posted on Monday, the FBI reiterated that its website is fbi.gov and for users to beware of spoofed domains. In particular, individuals should be vigilant and double check the spelling of domains, look out for alternate spellings of words in the URL, or sites that have different looking top-level domains.
"The FBI observed unattributed cyber actors registering numerous domains spoofing legitimate FBI websites, indicating the potential for future operational activity,” the PSA reads, “The FBI urges all members of the American public to critically evaluate the websites they visit, and the messages sent to their personal and business email accounts, to seek out reliable and verified FBI information.”
The bureau warns the sites could be used by attackers to carry out a handful of outcomes like the spreading of disinformation and malware, the gathering of usernames, passwords, email addresses and other personally identifiable information, to name a few.
Aside from the speculative examples above, the FBI declined to specify exactly what its seen attackers do with the domains but it did share a few examples of the spoofed domains its spotted as of late.
While not every internet user has the same experience spotting spoofed domains, the way the bulk of these are spelled should tip off users that something is not right. A quick check finds that most of these URLs are offline; others are for sale – at least one (fbireport.us) redirects back to the FBI’s official website. While there’s no indication any of the domains have been used in an attack, they could be used for future attacks.
The FBI also provided these tips to help users better spot spoofed domains:
- Verify the spelling of web addresses, websites, and email addresses that look trustworthy but may be imitations of legitimate election websites.
- Ensure operating systems and applications are updated to the most current versions.
- Update anti-malware and anti-virus software and conduct regular network scans.
- Do not enable macros on documents downloaded from an email unless absolutely necessary, and after ensuring the file is not malicious.
- Do not open emails or attachments from unknown individuals. Do not communicate with unsolicited email senders.
- Never provide personal information of any sort via email. Be aware that many emails requesting your personal information may appear to be legitimate.
- Use strong two-factor authentication if possible, using biometrics, hardware tokens, or authentication apps.
- Use domain whitelisting to allow outgoing network traffic to websites that are deemed safe.
- Disable or remove unneeded software applications
- Verify that the website you visit has a Secure Sockets Layer (SSL) certificate.
It's the second time in the past two months that the FBI has warned about spoofed domains. In October, the service warned attackers were attempting to mimic sites associated with the US Census Bureau. The FBI posted 63 different domains it noticed that were registered and attempting to trick users into thinking they were legitimate.
