FBI Domain Spam Campaign

FBI Domain Spam Campaign

FBI Domain Spam Campaign



Hackers can use their abilities to do good, to do bad and sometimes just to show what they can do. The last option was the case for this scenario. 

A well-known hacker named “pompompurin” wanted to point out a vulnerability in the FBI system and managed to compromise their domain name and internet address as you can see in the “sent from” section in the email that was sent (eims@ic.fbi.gov). 

This email campaign was sent in a mass distribution to at least 100 thousand different email addresses and to companies which already began to be alarmed about their passwords and data being attacked. 

In the email body the sender blames “Vinnie Troia” for the allegedly “sophisticated chain attack” that occurred, but is this true? Apparently not.  

As it turns out, there is a massive feud between Vinnie Troia (massive player in the cyber-security world and the owner of two dark-web intelligence companies). And also between RaidForums hackers, which pompompurin is part of. 

The purpose of this campaign was to show the vulnerability of the FBI code and system and smear Vinnie Troia's name along the way.  

The FBI admitted that the address and domain the spam email was sent from is genuine and belongs to them. 

 The spam email that was sent: 

 Greenshot 2021-11-14 08.32.35

How did we detect it? 

On the same day of this spam campaign the email was received by an IRONSCALES user. IRONSCALES automatically inserted a spam banner in the email that made the user look at this email with caution. 

After the user reported this incident, they made the whole IRONSCALES community safe from this and similar email incidents. 

The IRONSCALES community is a powerful tool that makes all IRONSCALES users protected from malicious and spam massages. 

Moreover, Themis, the IRONSCALES AI analyst resolved this email incident as spam.   

We provides a SelfLearning NexGen User-Friendly platform combining AI and HumanInsights (HI) along with providing a number of advanced detection techniques for such Impersonation attempts, Polymorphic Attacks, Phishing, Fake Login, SocialEngineering, AccountTakeover, and URLs Links detection using ComputerVision Technology, 50+ engines scanning for advance MalwareDetection BEC Anomaly Detection using Natural Language Processing and offers a multi-layered approach, all combined with our Award Winning MLearning and AI-powered IncidentResponse and Virtual SOC remediating these attacks at the Mailbox level. SRC Cyber Solutions LLP in India provides the most comprehensive Mailbox Level Protection. If you want to know more kindly Click here

© 2023 SRC Cyber Solutions LLP. All Rights Reserved.