Published on: November 13, 2024
The Federal Bureau of Investigation (FBI) recently put out an alert warning the world’s governments and police districts that there’s been a large uptick of stolen police information winding up on hacker forums.
Hackers have been fraudulently acquiring compromised email accounts for various government and police districts around the world and selling them more often than ever before, which in turn also caused a rise in criminals maliciously using the information. They’ve been sending fake subpoenas and customer data requests to US-based companies in an attempt to damage them.
“In August 2024, a known cyber-criminal on an online forum posted their sale of “High
Quality .gov emails for espionage/social engineering/data extortion/Dada requests,
etc”, which included US credentials,” the FBI alert reads. “The poster indicated they could guide a buyer through emergency data requests and sell real stolen subpoena documents to pose as a law officer.”
The report also highlights other ways criminals are acting fraudulently. In some cases, the scammer bragged about obtaining sensitive government emails from over 25 countries.
“In August 2023, a cyber-criminal stated they were teaching individuals how to create
and submit their own emergency data requests to get information on any social media
account for 100USD,” the FBI said.
The FBI has also given some advice on the best ways to deal with these scams.
“Enhanced password protocols implemented in early 2023 highlighted that a mandated
increase in password length, the use of multi-factor-authentication (MFA) for users with
administrative rights, policy controls directed at vishing, and improved baseline monitoring
worked together to decrease successful attempts at cracking passwords and made networks
more resilient to a threat actor’s initial intrusion and persistence,” the report reads.
They also recommend that companies review the security of third-party companies that they have relationships with and make sure that they regularly monitor remote connections.