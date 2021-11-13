The Federal Bureau of Investigations (FBI) has confirmed that false emails were sent from their official email account, saying there is an “ongoing” investigation into the matter.

FBI emails warning of a cyber security threat were flagged on Saturday by activists on social media, and the FBI has since confirmed that hackers are likely behind the emails, which came from an official government email account.

“This is an ongoing situation and we are not able to provide any additional information at this time,” the FBI offered in a statement to Nexstar, adding that the public should report any “suspicious” emails from “unknown senders.”

These emails look like this:Sending IP: 153.31.119.142 (https://t.co/En06mMbR88)From: eims@ic.fbi.govSubject: Urgent: Threat actor in systems pic.twitter.com/NuojpnWNLh — Spamhaus (@spamhaus) November 13, 2021

The email system hackers appear to have gained access to is one used by agents and officials with the department to communicate with the public, according to a report from Bloomberg, which would mean it is not a system hosting classified emails.

The following chart shows email traffic originating from the FBI mailserver (https://t.co/En06mMbR88 | 153.31.119.142) involved. You can clearly see the two spikes caused by the fake warning last night. Timestamps are in UTC. pic.twitter.com/vPKvzv74gW — Spamhaus (@spamhaus) November 13, 2021

The Spamhaus Project, an organization focusing on “spam, phishing, botnets and malware sources,” first reported on the “scary” emails, providing an example and explaining the convincing part is the fact that the hackers behind the false messages have access to official headers and they are coming from “FBI infrastructure.”

Tens of thousands of bogus warnings were reportedly sent out as part of the cyberattack.

