The Federal Bureau of Investigation (FBI) is warning of the resurgence of a method used by hackers to steal the personal data of customers of large companies. Giants like Meta, Apple, Snap and Discord have been targeted.
Spoofed government email addresses
“ Cybercriminals are likely to access compromised U.S. and foreign government email addresses and use them to make fraudulent requests for emergency data from U.S.-based businesses, exposing customers’ personal information to use. subsequent criminal purposes », warns the federal police service in an official document.
Concretely, The suspects impersonate government and police email addresses in order to obtain private user information (emails, phone numbers) from technology companies. The requests, like subpoenas, allege false threats, such as allegations of human trafficking. In one of them, the cybercriminals assured that the person “ would suffer greatly or die » if the company in question did not return the requested information.
The authority explains having observed a “ resurgence » of this type of messages, hence his decision to raise public awareness of this new scourge. An initiative rare enough to be noted on the part of the American government.
The FBI calls for more vigilance
The perpetrators would mainly be groups known as Recursion Team and Lapsus$, says the FBI. The latter has also made headlines by specifically targeting Apple and Meta, which fell into the trap in 2022.
In this context, the authorities are calling on law enforcement to strengthen their cybersecurity measures in order to prevent intrusions, in particular by improving passwords and deploying multi-factor authentication. Likewise, companies are called to “ demonstrate critical thinking regarding any data request received urgently “.
Phishing, doxing, harassment…
Hackers use the personal information obtained to target victims with different types of financial scams, including phishing. Risks of doxing, a malicious practice which consists of searching for and publicly publishing personal and private information about a person without their consent, are also noted. The victim can also suffer different forms of harassment once their personal data is in the hands of hackers.
This type of threat is added to the long list of cyberattacks, which are currently increasing in number. Proof of this is with the major data leak that recently hit Free.
- The FBI is warning against a method used by hackers to steal personal information from large technology companies.
- Cybercriminals steal compromised email addresses from law enforcement and approach businesses demanding the data.
- Apple, Meta, Snap and Discord have been targeted.