strange scam? email claiming to be from the fbi

• Previous message (by thread): strange scam? email claiming to be from the fbi
• Next message (by thread): strange scam? email claiming to be from the fbi
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Date: Monday, November 15, 2021 10:14:30 -0500
> From: Christopher Morrow <morrowc.lists at gmail.com>
>
> https://www.washingtonpost.com/nation/2021/11/14/fbi-hack-email-cyb
> erattack/
> 
> On Mon, Nov 15, 2021, 09:56 Glenn McGurrin wrote:
> 
>> I had a bit of an odd one this morning, I received two emails
>> through contacts listed in whois subject: "Urgent: Threat actor in
>> systems" from "eims at ic.fbi.gov".  I was all set to ignore them as
>> an odd bit of spam but did a quick check on the headers and was
>> surprised to see it had valid dkim and spf and was from an actual
>> FBI IP, queue real worry starting.  Luckily it looks like it was a
>> case of something being hacked on the FBI's end as calling they
>> immediately knew what I was calling about and said they had dealt
>> with the compromised equipment.  Further googling after that call
>> shows a few more reports of this ex.
>> https://twitter.com/spamhaus/status/1459450061696417792 and

Seems it wasn't an actual "intrusion" [into an fbi email system],
rather simply taking advantage of a very badly configured web site to
send out the messages [from an fbi machine].

<https://krebsonsecurity.com/2021/11/hoax-email-blast-abused-poor-coding-in-fbi-website/>

• Previous message (by thread): strange scam? email claiming to be from the fbi
• Next message (by thread): strange scam? email claiming to be from the fbi
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]