Phony Government Websites
-
The even say look for .gov instead of .com. Honestly, if someone falls for a .com site as a government web site, they deserve to be in trouble. You've got to be REALLY uncaring to be that ignorant.
-
@scottalanmiller said:
@thecreativeone91 said:
@scottalanmiller said:
How does one make a fake government site in the US where the government controls the TLD?
Cause we all know government systems are the most secure..
Anything on there is as official as it gets. It means that the government authenticated it, in some manner. If it gets put up with a .gov, it means the government security has already failed and the issue is the sites being hacked not them being fake.
The process of requesting a .gov domain is pretty simple if you have the credentials. I don't think they hardly even read the stuff, I wouldn't be surprised if it's automated or someone just clicks approve on each one without looking into it.
-
@scottalanmiller said:
The even say look for .gov instead of .com. Honestly, if someone falls for a .com site as a government web site, they deserve to be in trouble. You've got to be REALLY uncaring to be that ignorant.
Yeah. a lot of local gov's are using .org TLDs now for some reason.
-
@scottalanmiller said:
How does one make a fake government site in the US where the government controls the TLD?
Generally most people would not give the .GOV a second thought. However, is it not possible to spoof about 80% of that to make it appear to come from a .GOV site and it not be?
-
@g.jacobse said:
@scottalanmiller said:
How does one make a fake government site in the US where the government controls the TLD?
Generally most people would not give the .GOV a second thought. However, is it not possible to spoof about 80% of that to make it appear to come from a .GOV site and it not be?
Only with local DNS access.
-
@g.jacobse said:
Generally most people would not give the .GOV a second thought. However, is it not possible to spoof about 80% of that to make it appear to come from a .GOV site and it not be?
Spoofing a TLD is a pretty difficult thing to do. You have to hijack DNS to do it. Easy to do internal in a business, hard to do to a person randomly on the Internet.
-
Seems legit then
In the case of the OP - yes it is legitimate. But there are so many daily occurrences of those that are not.
"trust but verify"
-
@g.jacobse said:
In the case of the OP - yes it is legitimate. But there are so many daily occurrences of those that are not.
Daily occurrence of a .gov TLD that's fake? I've never actually seen it happen.
-
@g.jacobse I have seen this issue at client place which was not so good
-
Well that page is even telling people to go to [email protected] - problems abound!