If you have used email before, chances are strong that someone has attempted to take advantage of you. Some scams are obvious, but hackers have become increasingly more sophisticated. A very popular method is called Spoofing, when the hacker impersonates a user and their email address actually appears as if it came directly from your friend, co-worker, or government official/agency, thereby gaining an illegitimate advantage.
IC3 reports that in 2014, they received 16 complaints per day (5,840 per year) about consumers receiving emails from high ranking government officials and government agencies that were spam attacks. The report also notes that FBI Director James Comey and Attorney General Eric Holder are among the officials used in spoofing. $11.3 million dollars in total losses have been reported from government impersonation email scams. Who among us have been the biggest victims?
These cyber attacks clearly have a targeted demographic they go after because for ages 29 and younger, both male and female combined for only 3% of the total losses. This sounds scary on a personal level, but the stakes can get much higher when law enforcement or public officials get Spoofed.
Imagine Attorney General Eric Holder getting spoofed and a fake email goes out to someone in the Department of Justice (DOJ) that is fishing for classified information. The DOJ staffer could mistakenly assume this email was legitimate and within minutes a hacker could acquire the information or install malware on the victim’s computer.
As recently as April 21, 2015, the FBI issued a notice that warned “Hacktivists threaten to target law enforcement personnel and public officials.” It is not hard to imagine countless scenarios where these spam attacks could put our national security, or the public trust, at risk. I’d encourage any law enforcement or public officials to research the necessary steps to minimize their risk of cyber attacks. Using identity monitoring tools can be one way our public officials and law enforcement community can be proactive and safeguard their data.