IC3 flags scam after branding disgruntled IT staff a 'threat'

A day after announcing that disgruntled IT employees posed a "significant cyber threat" to the US businesses, the Internet Crime Complaint Center (IC3) has revealed that cyber criminals are posing as its employees in order to dupe the public.

"Cyber criminals posing as Internet Crime Complaint Center (IC3) employees are defrauding the public," said IC3 in a statement. "The IC3 has received complaints from victims who were receiving emails purported to be from the IC3. This advisory informs readers how the scheme works, offers measures to help mitigate the threat, and advises how to report incidents to law enforcement."

The organisation said that victims have reported receiving emails by a sender identified as a representative of IC3 stating that a criminal report was filed on the victim's name and social security number. Victims that requested additional information from the scammer were instructed to obtain prepaid money cards to avoid legal action. 

The scam emails come as IC3 brands disgruntled current or former information technology employees as a "cyber threat" to US businesses.

On 23 September, IC3 — which was established as a joint partnership between the Federal Bureau of Investigations (FBI) and the National White Collar Crime Center — said in a statement that the exploitation of business networks and servers by disgruntled or former employees has resulted in several "significant" FBI investigations.

"The FBI and DHS assess that disgruntled and former employees pose a significant cyber threat to US businesses due to their authorized access to sensitive information and the networks businesses rely on," said IC3.

"The exploitation of business networks and servers by disgruntled and/or former employees has resulted in several significant FBI investigations in which individuals used their access to destroy data, steal proprietary software, obtain customer information, purchase unauthorised goods and services using customer accounts, and gain a competitive edge at a new company.

“The theft of proprietary information in many of these incidents was facilitated through the use of cloud storage websites, like Dropbox, and personal email accounts. In many cases, terminated employees had continued access to the computer networks through the installation of unauthorized remote desktop protocol software," it said.

The US government has been on high alert to internal security threats posed by its own disgruntled employees thanks to the likes of former NSA contractor Edward Snowden and the US Army's Chelsea (formerly Bradley) Manning, both of whom publicly leaked masses of sensitive and classified information.

Now, IC3 is moving to put non-government businesses on high alert as well, issuing a number of recommendations, including the termination of all accounts associated with an employee or contractor immediately upon dismissal, changing administrative passwords to servers and networks following the release of IT personnel, and avoiding using shared usernames and passwords for remote desktop protocol.

In early September, Australian Attorney-General George Brandis also flagged security concerns related to the leaking of sensitive information by organisations' insiders, delivering new guidelines to prevent the "insidious enemy" of "trusted insiders" leaking sensitive government information to the public.

On September 2, Brandis launched a new personnel security handbook for government that outlines how agencies can be protected against deliberate, or accidental, information leaks through their staff.

"Prior to Snowden's disclosures, we were working with our allies to fight national security threats and combating terrorism, people smuggling and organised crime," he said at the time.