FBI Attributes Abuse of Its Email Account to Software 'Misconfiguration'

A wave of phony emails from an FBI mail server originated from an issue with the agency's Law Enforcement Enterprise Portal.

Dark Reading Staff, Dark Reading

November 15, 2021

1 Min Read
Dark Reading logo in a gray background | Dark Reading

The FBI on Saturday responded to a report flagged by Spamhaus of phony emails coming from the agency's actual @ic.fbi.gov domain, calling the incident a result of a software misconfiguration on its Law Enforcement Enterprise Portal (LEEP), from which the FBI communicates with state and local law enforcement.

The emails, which warned of a fake cyberattack, were sent on Nov. 12, and Spamhaus reported early the next morning that the messages indeed were fake:  "We have been made aware of "scary" emails sent in the last few hours that purport to come from the FBI/DHS. While the emails are indeed being sent from infrastructure that is owned by the FBI/DHS (the LEEP portal), our research shows that these emails *are* fake," Spamhaus tweeted.

The FBI on Saturday confirmed that the emails came from one of its LEEP servers, it was not part of the agency's corporate email system. "No actor was able to access or compromise any data or [personally identifiable information] on the FBI’s network. Once we learned of the incident, we quickly remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of our networks."

Read more here

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights