Re: strange scam? email claiming to be from the fbi

[Richard <lists-nanog () listmail innovate net>]

> Date: Monday, November 15, 2021 10:14:30 -0500
> From: Christopher Morrow <morrowc.lists () gmail com>
>
> https://www.washingtonpost.com/nation/2021/11/14/fbi-hack-email-cyb
> erattack/
>
> On Mon, Nov 15, 2021, 09:56 Glenn McGurrin wrote:
>
> > I had a bit of an odd one this morning, I received two emails
> > through contacts listed in whois subject: "Urgent: Threat actor in
> > systems" from "eims () ic fbi gov".  I was all set to ignore them as
> > an odd bit of spam but did a quick check on the headers and was
> > surprised to see it had valid dkim and spf and was from an actual
> > FBI IP, queue real worry starting.  Luckily it looks like it was a
> > case of something being hacked on the FBI's end as calling they
> > immediately knew what I was calling about and said they had dealt
> > with the compromised equipment.  Further googling after that call
> > shows a few more reports of this ex.
> > https://twitter.com/spamhaus/status/1459450061696417792 and

Seems it wasn't an actual "intrusion" [into an fbi email system],
rather simply taking advantage of a very badly configured web site to
send out the messages [from an fbi machine].

<https://krebsonsecurity.com/2021/11/hoax-email-blast-abused-poor-coding-in-fbi-website/>