Context:Â The FBI has issued a warning to police departments and governments worldwide about a rise in cybercriminal activities that involve the use of hacked police emails. Cybercriminals exploit these email accounts to send fake subpoenas and unauthorized data requests to tech companies, aiming to access sensitive customer data.
Key Threats:
Fake Emergency Data Requests (EDRs):Â Criminals use compromised government emails to submit fake EDRs, bypassing formal court approval processes. EDRs claim urgent situations, like threats to safety, pressuring companies to quickly release data.
Cybercrime Forums and Services: Cybercriminals are selling police email access and fake EDR services on cybercrime forums. Vendors offer forged EDR services for $1,000–$3,000, claiming access to hacked government emails in over 25 countries.
Phishing & Malware Attacks:Â Hackers often gain email access via phishing and malware. The FBI noted poor cybersecurity practices in many law enforcement agencies, emphasizing the need for stronger protections, like multifactor authentication.
Market for Fake EDR Services:Â Some vendors specialize in sending false requests to specific platforms, while others sell access to hacked government emails, leaving document forgery to the buyer. Vendors also exploit platforms like Kodex, a service for screening EDR legitimacy, by creating accounts to request data.
Challenges and Consequences:
High Compliance Rates:Â Tech companies often comply with EDRs to avoid potential harm, making them vulnerable to data leaks from fake requests.
Account Freeze Exploits:Â Criminals can abuse EDRs to freeze or even seize funds in financial accounts, posing serious risks to individuals and companies.
Preventive Measures:Â Kodex and the FBI stress that law enforcement agencies improve security practices. Kodex, founded by a former FBI agent, works with companies to verify requests and has suspended numerous suspicious accounts. However, the FBI warns that more agencies need to adopt robust security measures to prevent similar incidents.