06/18/2026

Cyber Criminals Redirecting Users to Fraudulent Websites with Malicious Traffic Distribution Systems

FBI Alert Number I-061826-PSA

The Federal Bureau of Investigation (FBI) is publishing this Public Service Announcement (PSA) to warn the public of cyber criminal use of traffic distribution systems (TDSs) to gain access to victim networks for ransomware or other financial scams. TDS is a technology used to route internet traffic visitors to different destinations after users visit webpages, click advertisement links, sign up for promotions and discounts, or download an application. Cyber criminals use TDSs to selectively redirect users to compromised or fake login websites that can host phishing¹ pages for online financial fraud or prompt users to download software updates containing malware.

How a Malicious Traffic Distribution System Works

Initiation of Redirection Cyber criminals use a variety of methods to drive users to a TDS, including social engineering techniques, such as links included in phishing emails, search engine optimization poisoning² that promotes fraudulent advertisement links that mimic legitimate ones, or the compromise of legitimate websites through changes to the website code.
1. Legitimate websites are vulnerable to cyber criminal compromise when using insecure passwords or outdated website themes and plugins. Cyber criminals obtain unauthorized access to websites by brute forcing³ weak administrative passwords or leveraging exploits for outdated website plugins. After obtaining administrative access to legitimate websites, cyber criminals edit the website’s code, which redirects website visitors to a malicious TDS.

More Info

Complete Story

06/18/2026

Cyber Criminals Redirecting Users to Fraudulent Websites with Malicious Traffic Distribution Systems

FBI Alert Number I-061826-PSA

How a Malicious Traffic Distribution System Works