FBI Warns About Hackers Sending Fake Data Requests to Steal Confidential User Data

You May Be Interested In:Scientists discover new way to make fuel from water and sunlight, but more work is needed


  • The FBI recently filed a public notice revealing that some hackers are compromising government and police email addresses to send fake data requests and steal user data. 
  • Such kinds of scams have always been around but lately, there’s been a sharp increase in the number of cases. 
  • Many hackers have been found selling stolen government emails on online forums over 2023 and 2024.

The FBI has warned that hackers have come up with a brand new way to steal data. They are now hacking into official email addresses of government agencies and the police department and then using them to submit “emergency” data requests.

The “emergency data request” is a process in which authorities are allowed to ask companies to share information that is otherwise considered confidential. It’s usually used in situations where the stakes are high. For instance, if someone’s safety or life is at risk. 

This isn’t the first time that fraudsters have tried to take advantage of this situation. However, as per the public notice filed by the FBI this week, there’s been an increase in such attacks since August.

How Did the Authorities Discover These Scams?

The FBI noticed a number of posts by these hackers on online forums over 2023 and 2024 where they claimed to have access to the email addresses used by the US authorities.

The latest trigger happened in August 2024 when a well-known cybercriminal posted a sale on an online forum for high-quality government emails and social engineering data that can be used for espionage. 

The sale poster indicated that the buyer would also get real stolen subpoena documents and would be guided through the process. 

Usually, when you file a data access request, you also need some kind of legal justification for it. This includes court orders and subpoenas (only in some rare emergencies you can access data without any legal document). 

However, this isn’t a hurdle for the hackers anymore because by accessing government emails, they are also able to access the necessary resources required to create genuine-looking subpoenas.

Usually, companies scrutinize such requests, but not when there’s an emergency. Hence, in most cases, these hackers would make the situation seem so serious that the company wouldn’t have enough time to verify the subpoenas.

False threats and claims of human trafficking were the most common excuses. In one case, the hacker even said that “someone will greatly suffer or die” if the company didn’t share the necessary data.

Some companies like PayPal have been successful in identifying such false requests. For instance, in March 2024, a similar emergency data request was submitted to the company where the attacker claimed that the data was important for an ongoing child trafficking case. 

PayPal was able to recognize that it was a fraudulent claim and rejected the request. However, not every company manages to successfully detect such fraudulent claims. Instead, many fall victim to it. 

Impact & Solution

The consequences of this scam can be devastating. Data extracted from such scams can be used in phishing scams, financial fraud, and identity thefts.

The FBI has two pieces of advice for the companies.

  • First, they need to improve their cybersecurity to avoid intrusions from unwanted actors.
  • Secondly, in cases of energy data requests, they should apply their critical thinking before handing out any data.   

The worst part is many popular companies such as Meta, Google, Apple, and Snap have been targeted. Each of these companies has millions of users and they collectively receive tens of thousands of data requests every year – that’s a lot of people at risk. 

Add Techreport to Your Google News Feed

Get the latest updates, trends, and insights delivered straight to your fingertips. Subscribe now!

Subscribe now

Krishi ChowdharyKrishi Chowdhary

Krishi is an eager Tech Journalist and content writer for both B2B and B2C, with a focus on making the process of purchasing software easier for businesses and enhancing their online presence and SEO.
Krishi has a special skill set in writing about technology news, creating educational content on customer relationship management (CRM) software, and recommending project management tools that can help small businesses increase their revenue.
Alongside his writing and blogging work, Krishi’s other hobbies include studying the financial markets and cricket.

View all articles by Krishi Chowdhary

The Tech Report editorial policy is centered on providing helpful, accurate content that offers real value to our readers. We only work with experienced writers who have specific knowledge in the topics they cover, including latest developments in technology, online privacy, cryptocurrencies, software, and more. Our editorial policy ensures that each topic is researched and curated by our in-house editors. We maintain rigorous journalistic standards, and every article is 100% written by real authors.

share Paylaş facebook pinterest whatsapp x print

Similar Content

Flash News Hub | © 2024 | News