- IC3 false websites are cheating users to give personal and bank information
- Cybercriminals falsifies trusted domains and combine them with phishing emails for redirection
- The FBI warns that counterfeit IC3 sites can deceive victims trying to inform the cybercrime
False websites for the crime of the Internet (IC3) are being used to cheat people to give confidential personal and banking information, according to the Federal Research Office (FBI).
The office recently issued a new public service announcement to warn about malicious destination pages, which are the main center of the United States government to inform the cyber crime.
It collects complaints about online scams, fraud, identity theft, ransomware and other crimes enabled online, and then shares it with law enforcement agencies to help investigate and track digital threats throughout the world already worldwide.
Go through the government
Anyone, whether victims or third parties, can submit a report through the official IC3 website. While not all cases receive a direct response, the data helps the FBI to understand the broader trends and take measures when possible.
“The threat actors create websites often falsified by altering slightly the characteristics of the legitimate domains of the website, with the purpose of collecting personal identification information entered by a user on the site, including the name, the home address, the telephone number, the email address and bank information,” the FBI warned.
For example, falsified website domains may have alternative words spelling or use an alternative higher level domain to impersonate a legitimate website.
The public members could visit it without knowing it falsified websites while trying to find the FBI IC3 website to send an IC3 report.
Cyberfrinals falsify legitimate websites all the time. The false login pages of Google or Amazon are created to steal credentials for work space or cloud services. Fraudulent banking pages are created to deceive people to deliver access to their bank accounts, and social media sites are falsified to access commercial accounts and propagate malware through paying advertising.
These sites are generally combined with a Phishing email campaign, which are used to redirect victims without considering any suspicion.
Through Bleepingcomputer
