Fake emails purportedly from the U.S. Department of Homeland Security warning of cyberattacks were sent out Saturday from a secure FBI computer server, computer security experts said.
The FBI confirmed independent security group Spamhaus’s report that a large number of fake emails were sent in two waves early Saturday from an address on the government’s Law Enforcement Enterprise Portal, which is used by multiple government agencies.
Some of the emails, sent in the name of the Homeland Security cyber threat detection group, were headlined: “Urgent: threat actor in systems.”
They warned recipients that they were the target of a “sophisticated” hacking attack from a known extortion gang, according to Spamhaus.
Independent cyber security expert Brian Krebs said he, too, had received a fake email from the FBI address, though with a different message.
In a statement, the FBI and the DHS Cybersecurity and Infrastructure Agency confirmed the incident, without offering details.
“The FBI and CISA are aware of the incident this morning involving fake emails from an @ic.fbi.gov email account,” they said in a statement.
“This is an ongoing situation and we are not able to provide any additional information at this time. The impacted hardware was taken offline quickly upon discovery of the issue. We continue to encourage the public to be cautious of unknown senders and urge you to report suspicious activity,” it added.
There was no indication of how the emails were sent—whether by someone using legitimate access to the server or a hacker from outside.