Redirect flaw on .gov sites leaves open door for phishers
At least 20,000 users have fallen victim to a spam campaign that uses shortened links to legitimate government sites to carry out a hoax.
In the scams, users receive emails containing “1.usa.gov” short links and are redirected twice upon clicking -- first, immediately past a legitimate government site, then, to websites that look like CNBC news articles touting “$4,000 a month” home-based business opportunities.
Once at the fake CBNC site, victims are lured into clicking on links on the page that direct them to a home-based business site also owned by attackers. Researchers at Dell SecureWorks Counter Threat Unit (CTU) dissected the campaign and have yet to see any cases of malware being on the hacker sites, though exploit kits could appear on the pages at any time.
- Sun, 2013-05-19 23:11
- Wed, 2013-03-06 07:41
- Fri, 2013-03-01 10:29