Gov URL Shortener Abused Spammers
According to researchers at Symantec, the open redirect vulnerabilities of .gov websites enable spammers to use and abuse a .gov URL shortener service. The address shortener that's reserved for social media activities for the U.S. government has been taken advantage of by spammers and scammers in order to create false .gov addresses for the sake of making their work-at-home scams look more authentic.
The Symantec experts involved in this study
Have found a new kind of email spa.
Movement that attempts to fool users into visiting false 1.usa.gov domain addresses. The unique shortened URL was developed as a result of a partnership between the Bitly URL shortener company and USA.gov, which is the official web portal of the U.S.A.'s government.
A USA.gov page in fact reveals that all URLs that end with .mil or .gov can be shortened by the Bitly shortener into an address that falls into the 1.usa.gov domain. Because of the vulnerability, spammers can now create their own rogue addresses that can trick anyone into clicking them.
At this point, a .gov shortened URL can take users to either a spam site or a trustworthy site at the flip of a coin, because there's no way he'll be able to know until he clicks it. There are certain URL shorteners like TinyURL that show previews of the shortened URLs by typing in additional words into the address that you want to visit, in case they aren't "trustworthy" to you at all.
That preview option is lacking when it comes to the Bitly URL shortener, so spammers can make their spam email look more legitimate and scammers can trick more people into patronizing their fake work-at-home offers. The .gov feature of Bitly, ironically enough, was originally developed in order to help people know that the shortened URL they're going to click is from the U.S. government.
Unfortunately, those who aren't aware of this new exploit and vulnerability will be taken in by the nefarious URL shortener spammers that post fake .gov URLs under false pretenses. They abuse .gov sites that use open redirect scripts in order to fool those who inherently trust .gov URLs to click. That's how dangerous these online outlaws are. They always find a way to abuse services and use it to their own advantage, by hook or by crook.
Powerful UTM Firewall, Vulnerability Scanner, WiFi Penetration Testing software
SecPoint is specialized to deliver the best IT security solutions and products.