Be Vigilant for Fraudulent Emails – Even if They’re From the FBI
Specifically, on Nov. 13, (updated on Nov. 14), the FBI issued a press release on this attack:
“The FBI is aware of a software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal (LEEP) to send fake emails. LEEP is FBI IT infrastructure used to communicate with our state and local law enforcement partners. While the illegitimate email originated from an FBI-operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service. No actor was able to access or compromise any data or PII on the FBI’s network. Once we learned of the incident, we quickly remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of our networks.”
This incident is a form of Business Email Compromise (BEC), a growing cybercrime epidemic, with staggering losses to businesses and organizations of all sizes. BEC is a scheme in which an attacker uses fraudulent email to impersonate an executive, business contact, or another person to get a transfer of funds, money, or sensitive information. When BEC involves the takeover of a legitimate email account, like the FBI, it is called Email Account Compromise (EAC). EAC is dangerous because fraudulent emails may be sent from legitimate accounts.
It is important for businesses and organizations of all kinds and sizes to address potential incidents like this in their cybersecurity programs, by implementing policies and procedures to protect against them, conducting ongoing security awareness training, including reminders, implementing security technology, and developing and implementing incident response plans. A high-profile example like this provides a great learning opportunity to alert users that constant vigilance is necessary because even the FBI can be compromised.
For more on BEC, see our recent alert last month on Business Email Compromise.
If you have questions about the content of this alert, please contact David Ries (email@example.com; 412.394.7787), Melissa Ventrone (firstname.lastname@example.org; 312.360.2506), or another member of Clark Hill’s Cybersecurity, Data Protection, and Privacy Group.
WEBINAR: The Race to 2024: Politics and Social Media in the Workplace and Employer Rights.
Over the last several years, employers have seen and continue to see increased political activities from their employees at work and on social media platforms, including on business-related social media platforms, like LinkedIn. Managing employee expression causes unique challenges for employers and HR professionals, and in a General Election year, these challenges are likely to increase as the Presidential race, and other races, heat up.
Webinar: A Cookieless Future and Promise of PETs: A Primer on Privacy Enhancing Technologies
This webinar will explore PETs – we will define what they are, what problems PETs exist to address, and emerging PET standards including the National Institute of Standards and Technology (NIST) draft guidance on how to evaluate PET effectiveness. We will provide specific PET use cases and discuss how PETs may be utilized to address the phase out of third party cookies by certain browsers for purposes of targeted advertising.
WEBINAR: Cybersecurity Resilience in Law Firms
This webinar focuses on law firms seeking useful information about robust cybersecurity strategies to protect their clients, maintain ethical and legal compliance, and fortify their digital infrastructure.