Cyber Crooks Using Shortened .gov URLs in Scams

Apparently crooks used the USA.gov shortening service to make their phishes look a little bit more legit. Using shorteners in this way isn’t anything new but this instance is worth noting because the flaw wasn’t actually in the Bit.ly-supported service. Rather the bad guys used an existing USA.gov link that points to a vulnerable .vermont.gov website. The vulnerability, an open-redirect, allowed the them to forward spammed users to a financially themed phishing site.

via Net-Security.org

The fact that cyber crooks often misuse URL shortening services in order to trick users into following dangerous links is not news, but Symantec researchers have lately spotted a considerable increase in malicious links shortened with the 1.USA.gov service.

The result of a collaboration between USA.gov and bitly.com, the service is automatically employed whenever anyone uses bitly to shorten a URL that ends in .gov or .mil.

In the latest spam campaigns, the offered shortened 1.USA.gov links lead to a .vermont.gov site, which then thanks to a open-redirect vulnerability is made to forward the visitors to a scammy work-from-home website that spoofs a legitimate financial news network website.

Continued here.

#####

Were you aware of this scam? Post your comments below. Today’s post pic is from TechZone360.com.

4 comments for “Cyber Crooks Using Shortened .gov URLs in Scams

  1. October 23, 2012 at 8:47 pm

    Cyber Crooks Using Shortened .gov URLs in Scams http://t.co/smSNCBxJ

  2. October 23, 2012 at 9:25 pm

    Cyber Crooks Using Shortened .gov URLs in Scams http://t.co/mP45rZNh

  3. October 23, 2012 at 10:18 pm

    BLOGGED: Cyber Crooks Using Shortened .gov URLs in Scams http://t.co/cNheIKwm //Interesting attack.

  4. October 23, 2012 at 10:18 pm

    BLOGGED: Cyber Crooks Using Shortened .gov URLs in Scams http://t.co/KE7twpyh //Interesting attack.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.