Archived Weblog Entry - 12/03/2005: "Phishing scam uses FedGov web site"

[Previous entry: "The Canadian CD tax...er, "levy""] [Main Index] [Next entry: "Male use of prostitutes doubles?"]

12/03/2005 Archived Entry: "Phishing scam uses FedGov web site"

"We're from the government, and we're here to screw up." According to Netcraft,

A phishing attack is exploiting an open redirect on a U.S. government web site to gain credibility for bogus e-mails promising an IRS tax refund. The scam e-mail offers an IRS refund of $571 to recipients if they click on a link to govbenefits.gov, a legitimate federal web site that has recently been promoted by President Bush as a tool to streamline relief for victims of Hurricane Katrina.

An open redirect on the govbenefits.gov web site allows phishers to craft a URL that uses the govbenefits.gov URL but instead sends users to a web server in Italy and a phishing site seeking to steal their bank login details and Social Security number.

Yep, the Feds are the guys I want to trust with computer security. Not! —brad