Name: Pivotalogic, Inc.
Address: 6900 Wedgwood Rd N Ste 460, Maple Grove, MN, 55311, US

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Context: The FBI has issued a warning to police departments and governments worldwide about a rise in cybercriminal activities that involve the use of hacked police emails. Cybercriminals exploit these email accounts to send fake subpoenas and unauthorized data requests to tech companies, aiming to access sensitive customer data.
Key Threats:
- Fake Emergency Data Requests (EDRs): Criminals use compromised government emails to submit fake EDRs, bypassing formal court approval processes. EDRs claim urgent situations, like threats to safety, pressuring companies to quickly release data.
- Cybercrime Forums and Services: Cybercriminals are selling police email access and fake EDR services on cybercrime forums. Vendors offer forged EDR services for $1,000–$3,000, claiming access to hacked government emails in over 25 countries.
- Phishing & Malware Attacks: Hackers often gain email access via phishing and malware. The FBI noted poor cybersecurity practices in many law enforcement agencies, emphasizing the need for stronger protections, like multifactor authentication.
Market for Fake EDR Services: Some vendors specialize in sending false requests to specific platforms, while others sell access to hacked government emails, leaving document forgery to the buyer. Vendors also exploit platforms like Kodex, a service for screening EDR legitimacy, by creating accounts to request data.
Challenges and Consequences:
- High Compliance Rates: Tech companies often comply with EDRs to avoid potential harm, making them vulnerable to data leaks from fake requests.
- Account Freeze Exploits: Criminals can abuse EDRs to freeze or even seize funds in financial accounts, posing serious risks to individuals and companies.
Preventive Measures: Kodex and the FBI stress that law enforcement agencies improve security practices. Kodex, founded by a former FBI agent, works with companies to verify requests and has suspended numerous suspicious accounts. However, the FBI warns that more agencies need to adopt robust security measures to prevent similar incidents.

Read the full article HERE

0 comments

Professional services

Customized risk and compliance gap assessments with a tailored roadmap to address gaps and vulnerabilities.

Expert security leadership that assesses, addresses, and continually improves your security posture and compliance, all at a fraction of the cost of a full-time CISO.

Comprehensive penetration testing to uncover vulnerabilities and reinforce your defenses before attackers can exploit them.

Incident response plan development and testing, paired with rapid, expert action to contain security incidents, minimize damage, and maintain compliance with industry standards.

Managed Services

Securely manage vendor relationships from start to finish.

Empower your team to recognize threats.

Protect your inbox from phishing and spam.

Continuous scanning and alerts for swift risk remediation.

Quickly detect, respond, and recover from advanced threats.

Secure, manage, and simplify passwords.

Monitor exposed data before it’s used against you.

Industry

Ensure patient trust with robust data protection and compliance.

Safeguard financial data while meeting compliance at every level.

Enhance student safety and privacy while supporting educational goals.

Framework

Simplify security: How to build your security program with NIST CSF 2.0

Resources

Master HIPAA: How to achieve compliance with our ultimate guide

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Professional Services

Industry

Company

Managed Services

Framework

Resources