Skip to navigation

PCPro-Computing in the Real World Printed from www.pcpro.co.uk

Register to receive our regular email newsletter at http://www.pcpro.co.uk/registration.

The newsletter contains links to our latest PC news, product reviews, features and how-to guides, plus special offers and competitions.

Latest News

US tax site baits hook for phishers

Posted on 30 Nov 2005 at 17:17

A configuration error on a US government website is allowing phishers to redirect visitors to bogus sites.

The phishing emails are therefore able to meet key tests for authenticity: firstly the phishers can use a URL belonging to that domain, and simply force a redirect by additional parameters to that link.

Therefore they don't need to obscure the real web address through clever HTML, and the emails arrive as text, and advise copy and pasting the link into a browser - a better way to ensure you are not duped than simply clicking a link.

The emails inform the recipient that they have a payment from the IRS of more than $500 and are asked to paste a benefits.gov link into a browser to organise the tax refund.

However, those that use the URL are bounced straight back out again on to the phishers' bogus site, designed to look like the real thing.

The fake site asks for sensitive information such as Social Security Number and extensive credit card details.

According to Sophos' senior technology consultant Graham Cluley, the phishing site itself (pictured) is now offline. More worrying, however, is that the configuration of the government website still allows redirects of this nature.

Cluley said the mails don't appear to be widespread as yet; nor do they appear to be targeting particular domains of email addresses - the first example was picked up by Sophos's Australian labs.

'The phishers didn't need to hack into or compromise the government website to do this, the website has simply had this vulnerability on it all along,' said Cluley. 'This is a warning to every business and agency that runs a website to be very careful that it cannot be abused to bounce web surfers elsewhere.'

The IRS had not responded to requests for comment at the time of writing.

Author: Matt Whipp

Be the first to comment this article

You need to Login or Register to comment.

(optional)

advertisement

Most Commented News Stories
Latest Blog Posts Subscribe to our RSS Feeds
Latest Reviews Subscribe to our RSS Feeds
Latest Real World Computing

advertisement

Sponsored Links
 
SEARCH
SIGN UP

Your email:

Your password:

remember me

advertisement


Hitwise Top 10 Website 2008