The FBI is alerting companies that cybercriminals are using compromised U.S. and foreign government email addresses to send fraudulent emergency data requests.
By sending these fraudulent requests to U.S.-based companies, the hackers are looking to gain access to the companies’ holdings of their customers’ personally identifying information (PII), the FBI said in a Nov. 4 Private Industry Notification.
“As of August 2024, FBI noted an uptick in criminal forum posts regarding conducting fraudulent emergency data requests and is releasing this notification for industry awareness,” the notification said.
It was reported in 2022 that hackers were using email accounts and websites associated with police departments and other government agencies to send unauthorized emergency data requests for healthcare patient data, saying the information couldn’t wait for a court order.
In the U.S., federal, state or local law enforcement agencies that want to obtain information about who owns an account at a social media firm or what internet addresses a specific cellphone account has used in the past must submit an official court-ordered warrant or subpoena.
More Info