Fraudsters Exploit Emergency Data Requests to Steal Personal Information
The FBI has issued a warning to U.S. companies about a new scheme in which fraudsters use urgent data requests, known as Emergency Data Requests (EDRs), to steal personal information.
Using compromised government email addresses, these fraudsters urgently demand that private companies hand over confidential data, allegedly needed for investigations. Fearing for public safety, companies often comply without thoroughly verifying the requests. As a result, criminals gain access to users’ personal information—phone numbers, addresses, and email addresses—which is then used for extortion or phishing.
According to the FBI, there has been a recent increase in the sale of compromised government accounts on dark web forums. For instance, in August 2024, a cybercriminal offered access to .gov addresses for espionage and extortion purposes, claiming the ability to help buyers send emergency data requests and even supplying fake documents to impersonate law enforcement officers.
These incidents are not isolated. In March 2024, another criminal claimed to have access to government email accounts in over 25 countries and offered assistance in requesting data, including email addresses and phone numbers. In December 2023, attempts were documented where fraudulent requests included threats that failure to comply could result in loss of life.
To enhance companies’ defenses, the FBI recommends critically assessing all incoming emergency data requests, scrutinizing documents for forgeries and inconsistencies in legal codes, and thoroughly verifying the sender upon any suspicion.
Among the proposed security measures are:
- implementing two-factor authentication;
- enforcing strict password management policies;
- creating passwords with at least 16 characters, using complex combinations of letters, numbers, and special symbols;
- restricting access to corporate networks;
- configuring network segmentation to prevent malware spread;
- using tools to monitor suspicious activity.
In light of the heightened threat, the FBI strongly advises organizations to review their incident response plans and update security policies. Maintaining close contact with regional FBI offices for swift information exchange and coordinated action is also essential. For reporting suspicious incidents and criminal activities, the FBI recommends using the ic3.gov portal or contacting the nearest regional office.
