The Federal Bureau of Investigation (FBI) has issued a warning for US companies regarding a new scam involving urgent requests for data transfer known as Emergency Data Requests.
Scammers are using hacked electronic addresses from state institutions to demand confidential data from private companies under the guise of needing the information for investigations. Due to concerns for public safety, many companies are complying with these requests without thoroughly verifying them. This has led to criminals gaining access to personal information such as phone numbers, addresses, and email addresses, which are then used for extortion or phishing schemes.
According to the FBI, there has been a surge in the sale of compromised government accounts on shadow forums in recent months. For instance, in August 2024, CyberP-Razmostik offered to sell access to .gov addresses for espionage and extortion purposes. The seller even claimed to assist customers in sending emergency data requests and provided fake documents to disguise the requests as official law enforcement communications.
These incidents are not isolated. In March 2024, another criminal advertised access to government emails from over 25 countries and offered assistance with data requests, including providing email addresses and phone numbers. In December 2023, there were reports of attempts to obtain data through fake threats, with non-compliance allegedly leading to harm to individuals.
To enhance company security, the FBI advises carefully scrutinizing all incoming emergency data requests, verifying the authenticity of documents, and conducting thorough checks on the sender’s credentials. The following security measures are recommended:
- Implementing two-factor authentication
- Enforcing strict password management policies
- Creating complex passwords with a minimum length of 16 characters
- Restricting access to corporate networks
- Implementing network segmentation to prevent malware spread
- Utilizing tools to monitor suspicious activity
Due to the heightened threat, the FBI strongly advises organizations to review their incident response plans and update security policies. It is crucial to maintain close communication with regional FBI offices for information sharing and coordinated efforts. In case of suspicious incidents or criminal activities, organizations are encouraged to report to the IC3.GOV portal or contact the nearest regional FBI department promptly.