Ethical Hacking News
The FBI has issued an alert warning of a significant spike in hacked police emails and fake subpoenas, highlighting the need for increased security measures to protect email systems. Fake emergency data requests have become a pressing concern for cybersecurity experts, law enforcement agencies, and technology companies worldwide.
The rise of fake emergency data requests (EDRs) is a pressing concern for cybersecurity experts and law enforcement agencies worldwide. The problem is largely phishing-based, with cybercriminals using stolen credentials to gain access to compromised police and government email accounts. The consequences of fake EDRs can be severe, including freezing and seizing funds in specific accounts under the guise of a court-approved subpoena. Law enforcement agencies are developing new systems to combat this issue, such as assigning scores or credit ratings to each requestor based on their history of sending valid legal requests. The problem persists, with fake EDR vendors selling services that allow buyers to send phony police requests through legitimate email accounts for thousands of dollars.
The rise of fake emergency data requests (EDRs) has become a pressing concern for cybersecurity experts, law enforcement agencies, and technology companies worldwide. The FBI has recently issued an alert warning of a significant spike in hacked police emails and fake subpoenas, highlighting the need for increased security measures to protect email systems.
According to Donahue, the founder of Kodex, a startup aimed at helping tech companies screen out phony law enforcement data requests, the problem is largely phishing-based, with cybercriminals using stolen credentials to gain access to compromised police and government email accounts. These accounts are then used to send unauthorized subpoenas or customer data requests to U.S.-based technology companies.
The FBI has seen an uptick in postings on criminal forums regarding EDRs and the sale of email credentials stolen from police departments and government agencies. The agency warns that cybercriminals are likely gaining access to compromised US and foreign government email addresses, using them to conduct fraudulent EDRs and exposing customer information to further use for criminal purposes.
The consequences of fake EDRs can be severe, with crooks seeking to freeze and seize funds in specific accounts, often under the guise of a court-approved subpoena. The trouble lies in the fact that these EDRs largely bypass any official review, making it difficult for companies to determine whether they are legitimate.
In an effort to combat this issue, Kodex has developed a system where law enforcement officials must register an account on their website before sending a request for records regarding a specific customer. The system assigns a score or credit rating to each requestor based on their history of sending valid legal requests, making it easier to spot phony EDRs.
Despite these efforts, the problem persists, with fake EDR vendors selling services that allow buyers to send phony police requests through legitimate email accounts. One such vendor, "Pwnstar," claims to sell access to hacked government and police email accounts, often for prices ranging from $1,000 to $3,000 per successful request.
The rise of fake EDRs is a sobering reminder of the ongoing threats facing cybersecurity in today's digital landscape. As technology companies, law enforcement agencies, and individuals become increasingly reliant on digital communication, it is essential that we prioritize security measures to protect ourselves from these types of malicious activities.
In conclusion, the proliferation of fake emergency data requests poses a significant challenge for cybersecurity experts and law enforcement agencies worldwide. It is crucial that we take proactive steps to mitigate this issue, including developing more robust security measures and educating users about the dangers of phishing and social engineering attacks.
Related Information:
https://krebsonsecurity.com/2024/11/fbi-spike-in-hacked-police-emails-fake-subpoenas/
https://gizmodo.com/hackers-are-using-police-emails-to-send-tech-companies-fraudulent-data-requests-2000522134
Published: Sat Nov 9 15:05:56 2024 by llama3.2 3B Q4_K_M
