--- title: "FBI Warns Hackers, Halliburton Cyber Threats, TfL Targeted Threat | DMARC Report" description: "FBI Warns Hackers, Halliburton Cyber Threats, TfL Targeted Threat from DMARC Report explains practical steps for email authentication, domain protection." image: "https://dmarcreport.com/og/blog/fbi-warns-hackers-halliburton-cyber-threats-tfl-targeted-threat.png" canonical: "https://dmarcreport.com/blog/fbi-warns-hackers-halliburton-cyber-threats-tfl-targeted-threat/" --- Quick Answer \_According to the FBI's 2022 Internet Crime Report (IC3), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report FBI Warns Hackers, Halliburton Cyber Threats, TfL Targeted Threat Related: [Free DMARC Checker](/tools/dmarc-checker/) ·[How to Create an SPF Record](/tools/spf-record-generator/) ·[SPF Record Format](/blog/spf-format-checker-dos-and-donts-for-email-authentication/) Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Ffbi-warns-hackers-halliburton-cyber-threats-tfl-targeted-threat%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=FBI%20Warns%20Hackers%2C%20Halliburton%20Cyber%20Threats%2C%20TfL%20Targeted%20Threat&url=undefined%2Fblog%2Ffbi-warns-hackers-halliburton-cyber-threats-tfl-targeted-threat%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Ffbi-warns-hackers-halliburton-cyber-threats-tfl-targeted-threat%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Ffbi-warns-hackers-halliburton-cyber-threats-tfl-targeted-threat%2F&title=FBI%20Warns%20Hackers%2C%20Halliburton%20Cyber%20Threats%2C%20TfL%20Targeted%20Threat "Share on Reddit") [ ](mailto:?subject=FBI%20Warns%20Hackers%2C%20Halliburton%20Cyber%20Threats%2C%20TfL%20Targeted%20Threat&body=Check out this article: undefined%2Fblog%2Ffbi-warns-hackers-halliburton-cyber-threats-tfl-targeted-threat%2F "Share via Email") ![FBI Warns Hackers, Halliburton Cyber Threats, TfL Targeted Threat](https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg) ![Dmarc alignment 7820 1 150x150](https://media.mailhop.org/dmarcreport/images/2024/09/dmarc-alignment-7820-1-150x150.jpg) > From a product strategy perspective, DMARC reporting is evolving from a security tool to a business intelligence platform, says Brad Slavin, General Manager of DuoCircle. The data in aggregate reports tells you not just who’s spoofing you, but who’s sending legitimate email on your behalf - and whether they’re doing it correctly. \_According to the [FBI’s 2022 Internet Crime Report (IC3)](https://www.ic3.gov/Media/PDF/AnnualReport/2022IC3Report.pdf), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report FBI Warns Hackers, Halliburton Cyber Threats, TfL Targeted Threat ```

00:00 ``` / ``` 2:00 ``` RSS Feed ``` Share Link Embed ``` /\*! This file is auto-generated \*/ ’ title=“Embed Code” class=“input-embed input-embed-15463” readonly/> ``` ``` Your wait is finally over, as we are here with our \*\*September Week 1 edition of fresh cybersecurity news! This week, we will be talking about North Korean hackers’ aggressive social engineering moves. Next in the pipeline is Halliburton’s oil sector [cyber attack](https://www.reuters.com/technology/cybersecurity/top-us-oilfield-firm-halliburton-hit-by-cyberattack-2024-08-21/). Lastly, booking your next vacation can be risky as major travel sites are still vulnerable to cyberattacks. Without much ado, let’s start! ## FBI issues warning against highly skilled North Korean hackers North Korean [threat actors](https://securityintelligence.com/news/united-states-bounty-information-north-korean-cyber-threats/) have been making aggressive hacking attempts for the past couple of months on **cryptocurrency companies**. Their main goal is to gain illegitimate access through [malware](https://apnews.com/article/cybercrime-malware-fbi-takdown-ce415e9ea0f11d31e6cf3e401a264d3c) deployment and steal precious crypto assets. The FBI has been looking into the matter for some time now and has found that the North Korean [social engineering](https://www.tradingview.com/news/cointelegraph:b57bca928094b:0-fbi-warns-of-north-korean-social-engineering-schemes-to-steal-crypto/) tactics are quite evasive in nature. Even highly trained cybersecurity experts are finding it hard to \*\*detect and intercept these hacking moves. ![Dmarc report](https://media.mailhop.org/dmarcreport/images/2024/09/dmarc-report-1.jpg) Of late, these threat actors have been conducting in-depth research to discover potential victims. As per the observation of experts, it is believed that the primary target of North Korean threat groups are individuals who have connections with ETFs and other **similar financial assets**. _This is a kind of pre-operational staging that largely hints towards their potential attacks on cryptocurrency companies in the near future_. FBI is concerned about the sophisticated and meticulously planned cyberattacks that involve determining particular [DeFi and cryptocurrency companies](https://cryptonews.com.au/news/north-korean-hackers-to-target-defi-crypto-employees-fbi-warns-123171/) as potential targets. The next stage involves luring the potential targets with hard-to-resist offers such as investment or job opportunities. These \*\*state-sponsored threat actors are quite trained in personalizing these offers to enhance their credibility. Also, North Korean hackers communicate with their targets in fluent English and have in-depth knowledge of cryptocurrency. As these cyber threats escalate, it’s crucial to fortify [email security](https://dmarcreport.com/blog/why-email-security-matters-and-how-to-get-it-right/) by implementing [SPF](https://dmarcreport.com/what-is-spf/), [DKIM](https://dmarcreport.com/what-is-dkim/), and [DMARC](https://dmarcreport.com/) protocols to protect against phishing and [spoofing attacks](https://thehackernews.com/2024/05/nsa-fbi-alert-on-n-korean-hackers.html) that could exploit **vulnerabilities in your communications**. ## Halliburton’s cyberattack hints at the gaping risk of cyber threats in the oil sector. The recent incident of cyberattack on Halliburton has created ripples across the oil sector. On 21st August 2024, threat actors managed to gain access to [Halliburton- the global energy services company](https://thecyberexpress.com/halliburton-cyberattack-threat/). They penetrated Halliburton’s system and **exfiltrated valuable data**. After the attack, Halliburton had to go offline for some time in order to bring things back on track. Because of the cyberattack, the company was unable to fully access the \*\*business applications pertaining to corporate functions and day-to-day operations . Cybersecurity experts believe that this attack is a wake-up call for the oil sector, utilities, and other critical infrastructures across the globe. The need of the hour is to fix existing vulnerabilities and amp up **cybersecurity systems**. They must deploy [micro-segmentation](https://www.imperva.com/learn/application-security/micro-segmentation/) controls within their networks in order to limit unnecessary external access. Threat actors have already started \*\*exploring and carrying out this kind of cyberattack on [critical infrastructure](https://commercial.allianz.com/news-and-insights/expert-risk-articles/cyber-attacks-on-critical-infrastructure.html) systems across the US. _For example, small utilities like water supply systems in Texas and Muleshoe have been affected by similar attacks_. ![Gmail dmarc](https://media.mailhop.org/dmarcreport/images/2024/09/gmail-dmarc-7821.jpg) ## TfL was recently targeted by threat actors! The computer systems of [Transport for London](https://en.wikipedia.org/wiki/Transport%5Ffor%5FLondon), the **UK-based transport agency**, recently fell prey to cyberattack. According to TfL, the threat actors could not access customer data. _However, insider report suggests that the backroom systems of TfL have been badly affected. Also, the employees have been asked to work from home as of now_. TfL’s Customer Information System has connected with its customers through emails and informed them about the ongoing cyberattack situation. An advisory cum warning has also been issued for the customers. The incident has been reported to relevant \*\*government agencies by Transport for London. Agencies like [NCSC and NCA](https://www.ncsc.gov.uk/news/experts-reveal-insights-cyber-crime-ecosystem) are working closely on this cyber offense and are trying to mitigate the impact of the attack. TfL has insisted that they prioritize cybersecurity and that they won’t be taking this incident lightly. The [CTO at Transport for London](https://www.thestack.technology/tfl-ongoing-cyber-security-incident/) has stated that the transport agency has adopted \*\*adequate measures to prevent any cybersecurity mishap in the future. However, this is not the first time TfL has experienced a cyber offense. The transport company was attacked by the[ Cl0p ransomware group ](https://www.cybersecurity-insiders.com/clop-ransomware-gang-strikes-london-transport-for-london-tfl/)just a few months back. Cl0p threat group targeted MOVEit, one of TfL’s clients. Cl0p managed to access the details of a whopping 13,000 customers. However, TfL stated that the [Russia state-sponsored threat group](https://www.darkreading.com/cyberattacks-data-breaches/russia-sponsored-cyberattackers-infiltrate-microsoft-s-code-base) could not access the **consumers’ bank details**. The attack has further led to confusion and panic among \*\*daily commuters who are worried about their [personal data](https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/personal-information-what-is-it/what-is-personal-information-a-guide/) available with Transport for London. The major delays at places like King’s Cross have also created a sense of uproar among daily commuters. [Cybersecurity](https://dmarcreport.com/blog/how-to-educate-or-train-employees-on-cybersecurity/) experts believe that these attacks, backed by nations like **Iran, China, Russia etc**., are gaining momentum in view of creating a sense of political and public disorder . ## Topics [ dkim ](/tags/dkim/)[ DMARC ](/tags/dmarc/)[ email security ](/tags/email-security/)[ News ](/tags/news/)[ SPF ](/tags/spf/) ![Vasile Diaconu](https://media.mailhop.org/dmarcreport/images/team/vasile-diaconu.jpg) [ Vasile Diaconu ](/authors/vasile-diaconu/) Operations Lead Operations Lead at DuoCircle. Runs project management, developer coordination, and technical support execution for DMARC Report. [LinkedIn Profile →](https://www.linkedin.com/in/vasile-diaconu/) ## Take control of your DMARC reports Turn raw XML into actionable dashboards. Start free - no credit card required. [Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/) ## Related Articles [ Foundational 4m Akira flaunts victims, Idaho targets orthodontist, AI granny protects Nov 22, 2024 ](/blog/akira-flaunts-victims-idaho-targets-orthodontist-ai-granny-protects/)[ Foundational 4m Ambient Light Spying, Cybersecurity Prices Drop, Euro 2024 Threats Jul 10, 2024 ](/blog/ambient-light-spying-cybersecurity-prices-drop-euro-2024-threats/)[ Foundational 4m Banks Drop OTPs, Major Cyber Heist, Spying Spouses Arrested Jul 18, 2024 ](/blog/banks-drop-otps-major-cyber-heist-spying-spouses-arrested/)[ Foundational 4m Car Cameras Hackable, UK Water Breach, Thailand Frees Captives Feb 28, 2025 ](/blog/car-cameras-hackable-uk-water-breach-thailand-frees-captives/) ```json {"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json [{"@context":"https://schema.org","@type":"BlogPosting","headline":"FBI Warns Hackers, Halliburton Cyber Threats, TfL Targeted Threat","description":"FBI Warns Hackers, Halliburton Cyber Threats, TfL Targeted Threat from DMARC Report explains practical steps for email authentication, domain protection.","url":"https://dmarcreport.com/blog/fbi-warns-hackers-halliburton-cyber-threats-tfl-targeted-threat/","datePublished":"2024-09-05T10:55:13.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2024-09-05T10:55:13.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/vasile-diaconu/#person","name":"Vasile Diaconu","url":"https://dmarcreport.com/authors/vasile-diaconu/","jobTitle":"Operations Lead","description":"Vasile Diaconu is the Operations Lead at DuoCircle, the company behind DMARC Report and AutoSPF. He coordinates between engineering, product, and technical support - running project management, interfacing with developers on customer-reported issues, and making sure work that comes in through the support channel actually gets closed out. Vasile sits at the intersection of customer feedback and engineering execution, giving him a direct view of which email authentication problems customers hit most often in production.","image":"https://media.mailhop.org/dmarcreport/images/team/vasile-diaconu.jpg","knowsAbout":["SaaS Operations","Technical Support Coordination","Customer Issue Resolution","Engineering Program Management","Deployment Operations"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/vasile-diaconu/"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/fbi-warns-hackers-halliburton-cyber-threats-tfl-targeted-threat/"},"articleSection":"foundational","keywords":"dkim, DMARC, email security, News, SPF","wordCount":1091,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"FBI Warns Hackers, Halliburton Cyber Threats, TfL Targeted Threat","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}] ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"FBI Warns Hackers, Halliburton Cyber Threats, TfL Targeted Threat","item":"https://dmarcreport.com/blog/fbi-warns-hackers-halliburton-cyber-threats-tfl-targeted-threat/"}]} ```