Scammers Leveraging FBI’s Good Intentions: A Growing Threat
For nearly two decades, I’ve consistently argued that any attempt to craft lawful-access backdoors in encryption would ultimately prove counterproductive: by creating a means for law enforcement to circumvent security measures, we inadvertently empower malicious actors to exploit these very same vulnerabilities.
It appears that a common thread runs through non-technical backdoors.
Cybercriminals have been highly successful in masquerading as law enforcement, exploiting compromised police accounts to send targeted phishing emails to businesses, requesting sensitive customer information. In certain situations, spurious demands were made, including unfounded allegations of human trafficking and, in one instance, a threat that someone’s life was at risk, implying they would “suffer greatly” or even meet their demise unless the corporation complied with the request.
The FBI revealed that compromised law enforcement accounts enabled hackers to produce authentic-appearing subpoenas, prompting companies to voluntarily disclose sensitive customer information, including usernames, email addresses, phone numbers, and other private details.
•
Bruce Schneier, a renowned security technologist and computer expert, poses thoughtfully alongside a sprawling landscape, as captured by photographer Joe MacInnis in this evocative sidebar image.
