Cyber threat actors are targeting the US Census Bureau for future malicious campaigns. The FBI has recently issued a warning about the hackers spoofing US Census Bureau domains. In the flash alert, the FBI stated that hackers may use these spoofed domains for phishing and credential theft attacks.

The US Census Bureau is a statistical agency of the federal government. It collects statistical data on over 300 million US citizens. The bureau provides data on the US economy and population to allocate over $675B in federal funds per year. 

Federal Bureau of Investigation Cyber Division issued this flash alert. It was published in coordination with the US DHS’ Office of Intelligence & Analysis, DHS-CISA, the US Census Bureau, and the Department of Commerce.

Insight into the 63 Registered Spoofed Domains 

The alert also listed the 63 newly registered domains impersonating the US Census Bureau. According to the US Intelligence and Security Service, the FBI observed numerous newly registered domains. These entities were not associated with the US Census Bureau. They were the domains that spoofed the Bureau’s websites, likely for malicious purposes.

Usually, lookalike or spoofed domains have altered character(s) with the domain. If not then they associate another domain with similar-looking characteristics to the original domain. For example: If ‘censusburea[.]com‘ is the legitimate domain then the spoofed could be ‘uscensusburea[.]co’.

Reportedly, these look-alike domains did not occur to have already been used in any cyber attacks. However, it is expected that hackers may use these domains to spread malware or financially motivated campaigns to target individuals and businesses.

Why do Hackers Spoof Domains and Email Addresses?

Cyber criminals spoof domains to create fake website names or email addresses of legitimate sources. They do so to create malicious websites or emails to lure unsuspecting users. Often employees become victims of such spoofing attempts. 

Majorly hackers use these spoofed domains to carry out phishing scams or email attacks. They send out spam emails using spoofed email domains to trick users. They incite victims with alarming message content to click on malicious links or download malware without the victims’ knowledge.

These cyber criminals carry out such malicious campaigns to obtain unauthorized access to the victim’s sensitive information. Currently, attackers are massively using email spoofing attacks to launch highly sophisticated email-borne attacks. 

In our previous blogs too, we discussed various topics on the rising email spoofing and BEC attacks. In addition to that, with the growing number of online communication, email security has become the biggest issue of concern this year.

How to Secure Your Email Domain from Hackers?

No wonder how hackers have advanced in their tactics easily spoofing email domains today. Therefore, it is best to institute essential email security tools to protect your email domain. 

Email domain security tools like TDMARC are designed and developed to serve the same motive. TDAMRC is an email authentication and anti-spoofing solution that monitors three standard outbound email authentication protocols i.e. DMARC, SPF, and DKIM. 

This industry-leading tool defends email domains against domain forgery and email-based attacks like spoofing, BEC, spamming, etc. TDMARC comes with unique features like:

• Customizable Threat Summary: Get the email domain threat summary for any time period as per your requirement.
• Email Channels Insight: Gain full insight into email channels, including third-party emails and abuse.
• Smart DMARC: Set DMARC in a click-through TDMARC dashboard without the need to revisit the DNS.

• Smart SPF: Alter IPs and email sources in SPF record through the dashboard sans the need to visit the DNS.
• Alerts & Reports: Receive automated alerts and reports of threat details through emails.
• IAM (Identity Access Management): Control user access to critical information within the organization.