Apparently crooks used the USA.gov shortening service to make their phishes look a little bit more legit. Using shorteners in this way isn’t anything new but this instance is worth noting because the flaw wasn’t actually in the Bit.ly-supported service. Rather the bad guys used an existing USA.gov link that points to a vulnerable .vermont.gov website. The vulnerability, an open-redirect, allowed the them to forward spammed users to a financially themed phishing site.
The fact that cyber crooks often misuse URL shortening services in order to trick users into following dangerous links is not news, but Symantec researchers have lately spotted a considerable increase in malicious links shortened with the 1.USA.gov service.
The result of a collaboration between USA.gov and bitly.com, the service is automatically employed whenever anyone uses bitly to shorten a URL that ends in .gov or .mil.
In the latest spam campaigns, the offered shortened 1.USA.gov links lead to a .vermont.gov site, which then thanks to a open-redirect vulnerability is made to forward the visitors to a scammy work-from-home website that spoofs a legitimate financial news network website.
Were you aware of this scam? Post your comments below. Today’s post pic is from TechZone360.com.