Redirect flaw on .gov sites leaves open door for phishers

Share this article:

At least 20,000 users have fallen victim to a spam campaign that uses shortened links to legitimate government sites to carry out a hoax.

In the scams, users receive emails containing “1.usa.gov” short links and are redirected twice upon clicking -- first, immediately past a legitimate government site, then, to websites that look like CNBC news articles touting “$4,000 a month” home-based business opportunities. 

Once at the fake CNBC site, victims are lured into clicking on links on the page that direct them to a home-based business site also owned by attackers.

Researchers at Dell SecureWorks Counter Threat Unit (CTU) dissected the campaign and have yet to see any cases of malware being on the hacker sites, though exploit kits could appear on the pages at any time.

Jeff Jarmoc, senior security researcher at CTU, told SCMagazine.com on Friday that to steal personal information, fraudsters count on victims filling out a form on the home-based business site.

“I haven't seen anything that asks for credit card information,” Jarmoc said. “All I've seen is [forms] asking for names, addresses, phone numbers and emails. They may be used to recruit money mules. I'm not entirely sure what they are after, but it seems to be direct financial fraud, or to get you to participate in some other scheme.”

While the campaign is relatively elementary, the tactic is troubling, as attackers are exploiting a vulnerability in legitimate government sites to redirect victims elsewhere, researchers said.

Page 1 of 2
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Beazley: employee errors root of most data breaches, but malware incidents cost ...

Insurance firm Beazley analyzed more than 1,500 data breaches it serviced between 2013 and 2014.

Apple issues seven updates, fixes more than 40 vulnerabilities in iOS 8, OS 10.9.5

Apple issues seven updates, fixes more than 40 ...

In one of its infrequent "Update Surprisedays," Apple plugged holes, boosted security and added features.

Canadian telecom co. Telus unveils first transparency report

The company received more than 100,000 government requests for customer data last year.