That is so obviously a bogus message. What's curious to me is that they
didn't include any scam links.
Oh. Wait. Headlines this morning is that fake FBI emails are in the
cloud. Unsophisticated observers might believe that the FBI email system
has been broken into, but we all know fake source addresses are all too
easy. Although, the FBI's email system may have been broken into (either
way is possible).
bp
<part15sbs{at}gmail{dot}com>
On 11/14/2021 8:41 AM, Chuck McCown via AF wrote:
-----Original Message----- From: e...@ic.fbi.gov
Sent: Friday, November 12, 2021 11:35 PM
To: ch...@go-mtc.com
Subject: Urgent: Threat actor in systems
Our intelligence monitoring indicates exfiltration of several of your
virtualized clusters in a sophisticated chain attack. We tried to
blackhole the transit nodes used by this advanced persistent threat
actor, however there is a huge chance he will modify his attack with
fastflux technologies, which he proxies trough multiple global
accelerators. We identified the threat actor to be Vinny Troia, whom
is believed to be affiliated with the extortion gang TheDarkOverlord,
We highly recommend you to check your systems and IDS monitoring.
Beware this threat actor is currently working under inspection of the
NCCIC, as we are dependent on some of his intelligence research we can
not interfere physically within 4 hours, which could be enough time to
cause severe damage to your infrastructure.
Stay safe,
U.S. Department of Homeland Security | Cyber Threat Detection and
Analysis | Network Analysis Group
--
AF mailing list
AF@af.afmug.com
http://af.afmug.com/mailman/listinfo/af_af.afmug.com
