Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Government Spam United States IT

Spammers Using Shortened .gov URLs 75

Posted by timothy
from the just-write-to-pueblo-colorado dept.
hypnosec writes "Cyber-scammers have started using '1.usa.gov' links in their spam campaigns in a bid to fool gullible users into thinking that the links they see on a website or have received in their mail or newsletter are legitimate U.S. Government websites. Spammers have created these shortened URLs through a loophole in the URL shortening service provided by bit.ly. USA.gov and bit.ly have collaborated, enabling anyone to shorten a .gov or .mil URL into a 'trustworthy' 1.usa.gov URL. Further, according to an explanation provided by HowTo.gov, creating these usa.gov short URLs does not require a login." Which might not be a big deal, except that the service lets through URLs with embedded redirects, and it is to these redirected addresses that scammers are luring their victims.
This discussion has been archived. No new comments can be posted.

Spammers Using Shortened .gov URLs

Comments Filter:
  • Re:2*WTF (Score:5, Informative)

    by rjr162 (69736) on Sunday October 21, 2012 @07:38AM (#41720861)

    That was exactly my thought. The URL shortener may be a f'up having it open like that, but the bigger f'up is the fact the site in the second link allows any address
    For example

    Http://labor.vermont.gov/LinkClick.aspx?link=http://www.slashdot.org

    To me that's the bigger f'up

  • Re:2*WTF (Score:5, Informative)

    by Afty0r (263037) on Sunday October 21, 2012 @08:51AM (#41721059) Homepage

    It will be for tracking purposes, so that the site owners knows who has clicked on which external links, and from which pages on their site.

    I'm not saying it's a marvel of engineering, but it's a common request from marketers.

"Text processing has made it possible to right-justify any idea, even one which cannot be justified on any other grounds." -- J. Finnegan, USC.

Working...