"Spoofed websites, the FBI explains, can be used for the theft of personal information and to facilitate monetary fraud or other illicit activities. To deceive users into accessing the spoofed websites, threat actors rely on alternative spelling of words, or use a different top-level domain than the legitimate site. Individuals could access a spoofed FBI IC3 website when attempting to find the official domain to submit a complaint, the FBI explains."
""Threat actors create spoofed websites often by slightly altering characteristics of legitimate website domains, with the purpose of gathering personally identifiable information entered by a user into the site, including name, home address, phone number, email address, and banking information," the Bureau notes. To avoid accessing the spoofed websites, the FBI recommends that users navigate to the legitimate IC3 website by typing www.ic3.gov in the browser's address bar."
Threat actors are creating spoofed versions of the IC3 website to harvest personally identifiable information and enable monetary fraud. Attackers employ slight domain alterations, alternative spellings, or different top-level domains to deceive users searching for the official site. Spoofed pages can capture names, home addresses, phone numbers, email addresses, and banking information submitted by visitors. Users may encounter spoofed sites while attempting to submit complaints. To reduce risk, navigate directly to www.ic3.gov, avoid sponsored search results, confirm the site ends in .gov, do not click suspicious URLs or graphics, and never provide payment to recover lost funds.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]