The FBI says it is aware of reports that unauthorized emails from a legitimate FBI address were sent to thousands of organizations.
"The FBI and CISA [Cybersecurity and Infrastructure Security Agency] are aware of the incident this morning involving fake emails from an @ic.fbi.gov email account," the FBI said in a statement Saturday. "This is an ongoing situation, and we are not able to provide any additional information at this time. The impacted hardware was taken offline quickly upon discovery of the issue. We continue to encourage the public to be cautious of unknown senders and urge you to report suspicious activity to ic3.gov or cisa.gov."
More than 100,000 inboxes were hit with the emails, according to the Europe based nonprofit Spamhaus Project, which warned about a "sophisticated chain attack" on the recipients' cyberinfrastructure.
The emails were meant to appear that they came directly from the FBI and Department of Homeland Security.
"It’s a guess, but our thought is that [it’s] a combination scare-ware (get people to shut things down or make changes in a hurry), and a character assassination against the guy named in it, AND a way to make the FBI scramble," Spamhaus tweeted when asked about the "ultimate goal" of the fake emails.
The emails came from the address firstname.lastname@example.org and were signed with the message "stay safe."