Security Alert: FBI Impersonators Revealed in Phishing Scam

The FBI have recently reported a case of hackers impersonating their an online portal, designed to report the crime. Using four different variations of an email to entice innocent members of the public. Hackers encouraged users to reveal their personal information, which was used for a phishing scam.

On February 1st, 2018 an alert was issued by the FBI after they had received a high number of complaints from the public. It was reported they had received emails from the fraudulent company, impersonating the FBI’s Internet Crime Complaint Center (IC3).  The IC3 is where victims of Internet crime file their complaints.

The fraudsters themselves had been clever with the execution of their scam. In order to not raise suspicion from members of the public who were sent the scam emails, there were links to each email. The links highlighted a recent case of Internet fraud, that led to the arrest of a scammer. The FBI’s investigations and announcement revealed four different emails sent to victims. The idea was to alert them they were victims of a fabricated fraud.

The txt.file attached to the fraudulent emails were reported to be filled with malware, designed to capture a victim’s personal data, for the imposter’s scam.  The aim was for victims to fall further into the trap, by downloading the document, entering their personal details, then returning to the sender.

One of the emails sent designed to entice the victims included a fake IC3  social media logo and social media page. The page directed victims to enter personal details. An additional email confirmed that victims were eligible to receive compensation,  as they were recently a victim of crime. All those who received the emails were unaware that they had fell prey to the imposter’s plan to steal personal details.

Sections of the scam emails have been revealed, that stated ‘the scammer had over 2,000 named alias originating from Russia, Nigeria, London, and Ghana. Many more of the gang  hid their identities.’ ‘Our records show that you have been a victim of fraud, your personal details were found on the offender’s personal devices.’ The email further confirmed that the victim could claim up to 1.5 million (approximately $2 million) as compensation.

The third email offered a promise of compensation by leading the victims to believe that ‘they had received unfair treatment from major banks, or logistics companies. Due to this, their names were listed in the companies’ databases where fraudulent emails were sent, to Africa as well as a number of other countries.’

The final email was a fake creation using the Internet Crime Investigation and Cyber Division’s branding. It claimed the victim’s internet IP address was found to be a victim of a cyber scam, the scammers urged the victims to make contact via phone.

It has been confirmed as of December 2017, the IC3 have received over 100 complaints regarding this case of Internet fraud. However, no financial loss has been suffered.