Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


URL Condensing Facility Exploited for Launching Online Scams

According to specialists at Symantec the security company, cyber criminals frequently make use of URL shortening facilities so as for duping probable victims who end up opening specially crafted web-links. Lately they have been using a similar facility which is particularly meant for the United States government departments as well as their employees, the specialists highlight.

For the trick to work, one simple e-mail is distributed greeting the recipient as Jean-Guy and asking him to visit http://1.usa.gov/Rxpfn9.

And although appearing genuine, the web-link, in fact, leads onto various kinds of malevolent sites which are designed for supporting ads related to "make quick bucks" sinister campaigns.

Naturally, the online crooks' ruse is persuasive given that the web-link looks real.

Actually, there is an own URL condensing facility for the United States government wherein USA.gov joined to bitly.com a well-known domain creates 1.USA.gov. Anyone trying to condense certain web-address whose suffix is .gov or .mil while collaborating with bitly.com, he will get a 1.usa.gov web-address.

It thus follows how attaining the authentic appearing URL became possible for the scammers. The security specialists further explain the manner in which the scammers just made use of open-redirect flaw existing within Vermont.gov the authorized Vermont website of U.S. government.

Indeed for making the website more real, cyber-criminals crafted the different web-links such as news articles along with menu bar in a way to take victims onto a spoofed financial news site, Symantec's specialists point out Moreover, the web-links embedded on the article specifically take onto another site on which there is a spurious attempt for carrying out the sale, they caution. Symantec.com published this observation on October 19, 2012.

Now, it may be noted that the scam has turned out effective since there've been more than 43,000 visitors for the condensed URLs within just a week, with most, expectedly, based in USA.

Also, with 1.USA.gov, other web-links presented seem as genuine because of the trustworthiness of the said shortened URL. Yet another problem also crops up which's that there can be hijacking of a lot of .gov websites for turning them into redirectors towards additional adversary sites.

Related article: URL Distributing Gumblar is No.1 malware Site Says Google

ยป SPAMfighter News - 10/27/2012

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page