The FBI’s Internet Crime Complaint Center has issued two warnings relating to web threats facing website owners and people browsing the web.
The first threat relates to flaws in the popular WordPress website hosting and content management platform. Specifically, the FBI said that it has seen numerous incidents of websites being defaced using vulnerabilities in the platform.
Hackers are using messages relating to the IS terrorist group to gain notoriety for their actions, although they have no actual involvement with the organisation.
“The defacements have affected website operations and the communication platforms of news organisations, commercial entities, religious institutions, federal/state/local governments, foreign governments, and a variety of other domestic and international sites,” the FBI said.
“Although the defacements demonstrate low-level hacking sophistication, they are disruptive and often costly in terms of lost business revenue and expenditure on technical services to repair infected computer systems.”
The FBI urged website owners to regularly update websites and apply patch-scanning tools to find flaws before they are exploited.
The US Computer Emergency Readiness Team urged website administrators to heed the FBI’s advice and maintain a vigilant eye.
The second threat relates to a long-running campaign by cyber crooks to create fake government websites that trick unsuspecting web users into entering personally identifiable information (PII) and paying fees for non-existent services.
The FBI said that, while this threat is minimal, the damage it can cause to individuals is high.
“Victims are having their PII data compromised which may be used by criminals for any number of other illicit activities, ranging from the creation of fraudulent IDs and passports to fraudulent loans and tax refunds,” it said.
“The PII can include the victim’s name, address, phone number, email address, social security number, date of birth and mother’s maiden name.“
The FBI said that people need to be more alert to the website they are using for such services, and check that they have the right URL before entering information or sending any payments.
The warnings come amid revelations that Russian hackers successfully breached computer systems at the White House.
Not all loose ends tied yet, admits Bain backer SK Hynix
It's Stack Overflow's second calculator, and first for external devs
Theresa May always the keenest cabinet voice in favour of draconian online censorship, surveillance and controls
No need to waste time on Google launch planned for 4 October