Symantec has reported an increase in spam messages containing .gov URLs. Cybercriminals are using 1.usa.gov links in their spam campaigns to trick users into thinking the links lead to genuine US government Web sites.
Spammers have created these shortened URLs through a loophole in the URL shortening service provided by bit.ly. USA.gov and bit.ly have collaborated, enabling anyone to shorten a .gov or .mil URL into a trustworthy 1.usa.gov URL.
According to researchers from security firm Symantec, they simply leveraged an open-redirect vulnerability present on the official government site of Vermont (Vermont.gov) . Therefore, something like 1.usa.gov/…/Rxpfn9 takes you to labor.vermont.gov/LinkClick.aspx?link=[spam site] which then redirects you to the spam site in question.
Email spam has been the primary method for distributing the short links, wrote Jeff Jarmoc of Dell SecureWorks' Counter Threat Unit.
Most of the victims are in United States (61%), Canada (23%), Australia, and Great Britain. While taking advantage of URL shorteners or an open-redirect vulnerability is not a new tactic, the fact that spammers can utilize a .gov service to make their own links is worrisome. We encourages users to always follow best practices and exercise caution when opening links even if it is a .gov URL.
Would love to here from you...