The FBI on Saturday responded to a report flagged by Spamhaus of phony emails coming from the agency's actual @ic.fbi.gov domain, calling the incident a result of a software misconfiguration on its Law Enforcement Enterprise Portal (LEEP), from which the FBI communicates with state and local law enforcement.
The emails, which warned of a fake cyberattack, were sent on Nov. 12, and Spamhaus reported early the next morning that the messages indeed were fake: "We have been made aware of "scary" emails sent in the last few hours that purport to come from the FBI/DHS. While the emails are indeed being sent from infrastructure that is owned by the FBI/DHS (the LEEP portal), our research shows that these emails *are* fake," Spamhaus tweeted.
The FBI on Saturday confirmed that the emails came from one of its LEEP servers, it was not part of the agency's corporate email system. "No actor was able to access or compromise any data or [personally identifiable information] on the FBI’s network. Once we learned of the incident, we quickly remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of our networks."
Read more here.