Why is the FBI falsifying AP stories and possibly spoofing news websites to hack suspects?


Executive Director

Buried in a three-year old Freedom of Information Act document, ACLU's Chris Soghoian yesterday found a 2007 email from a Seattle FBI office that showed the FBI secretly falsified an Associated Press story, and possibly spoofed the Seattle Times website, in an attempt to get a suspect to click a malicious link so they could hack his computer.

After defending the practice yesterday amid outcry yesterday, the FBI has suddenly switched its story and now says it did not, in fact, use a fake Seattle Times link, but did make up an AP story. The Washington Post also reported tonight that the FBI is now "researching the policy on whether an agent could impersonate a news organization." Here's what the editor in chief of the Seattle Times told the AP this afternoon:

Kathy Best, editor of The Seattle Times, said in a statement that while the newspaper was "pleased to hear" the FBI did not use the paper's name, it would have preferred to have found that information out earlier from the agency "instead of a defense of the tactic" Monday after the FBI was presented with internal agency documents showing a mocked up, phony Seattle Times email and Web page.

"Even if The Seattle Times name wasn't used, the issues raised are the same. The FBI, in placing the name of The Associated Press on a phony story sent to a criminal suspect, crossed a line and undermined the credibility of journalists everywhere -- including at The Times," Best said.

We wholeheartedly agree. 

If the FBI is impersonating news organizations in an attempt to send malware to suspects, it not only erodes reader trust in newspapers, but it is an affront to press freedom. This should be beyond the pale for the FBI—whether they did it in this case through a falsified AP story, a disguised Seattle Times link, or both.

The FBI and Justice Department owe some answers to news organizations and the public: How often have US law enforcement agencies impersonated news organizations to send malware to suspects? Since it worked in this 2007 case, has the number of times they've falsified news article and impersonated media websites to hack their targets increased in recent years? What other news organizations have they pretended to be? And how do they prevent innocent readers from clicking on these malicious links? We call on the FBI and Justice Department to condemn this sleazy tactic and make sure the US government never again impersonates a news organization—whether it's online or off.

Donate to support press freedom

Your support is more important than ever.

Read more about Security

First major study looks at how SecureDrop is used in newsrooms in North America

Today the Tow Center for Digital Journalism at Columbia Journalism School has published a first-of-its-kind study on how newsrooms are using SecureDrop, our open-source whistleblower submission system that is now …

Publishing the unredacted SecureDrop 0.3.4 audit report

In July, we announced the release of SecureDrop 0.3.4 and published the accompanying security audit by iSEC partners (now NCC Group). The audit found 10 issues, one of which …

US officials have no problem leaking classified information about surveillance—as long as it fits their narrative

In the past few days there have been a flurry of stories about the Russian plane that crashed in the Sinai peninsula, which investigators reportedly think may have been caused …