Phony Government Websites

BMarie

Just got this e-mail at work, thought I'd pass it along to you.

FYI

The FBI has issued a public service announcement warning about phony government websites. Criminals are using the phony websites to attempt to obtain personal information of their victims and charge them fraudulent fees.

Here is the complete PSA: http://www.ic3.gov/media/2015/150407-2.aspx

Dashrender

Huh I've never heard of IC3 before.

A Former User

@Dashrender said:

Huh I've never heard of IC3 before.

Really? Maybe I only new it from working with PD's.

gjacobse

Nor have I.. Makes me wonder if it itself is not one of the fake GOV site...

But Google shows them as Internet Crime Complaint Center (IC3).

About Us

The IC3 was established as a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C) to receive Internet related criminal complaints and to further research, develop, and refer the criminal complaints to federal, state, local, or international law enforcement and/or regulatory agencies for any investigation they deem to be appropriate. The IC3 was intended, and continues to emphasize, serving the broader law enforcement community to include federal, as well as state, local, and international agencies, which are combating Internet crime and, in many cases, participating in Cyber Crime Task Forces.

scottalanmiller

How does one make a fake government site in the US where the government controls the TLD?

A Former User

@g.jacobse said:

Nor have I.. Makes me wonder if it itself is not one of the fake GOV site...

It's real.

A Former User

@scottalanmiller said:

How does one make a fake government site in the US where the government controls the TLD?

Cause we all know government systems are the most secure..

scottalanmiller

@thecreativeone91 said:

@scottalanmiller said:

How does one make a fake government site in the US where the government controls the TLD?

Cause we all know government systems are the most secure..

Anything on there is as official as it gets. It means that the government authenticated it, in some manner. If it gets put up with a .gov, it means the government security has already failed and the issue is the sites being hacked not them being fake.

scottalanmiller

The even say look for .gov instead of .com. Honestly, if someone falls for a .com site as a government web site, they deserve to be in trouble. You've got to be REALLY uncaring to be that ignorant.

A Former User

@scottalanmiller said:

@thecreativeone91 said:

@scottalanmiller said:

How does one make a fake government site in the US where the government controls the TLD?

Cause we all know government systems are the most secure..

Anything on there is as official as it gets. It means that the government authenticated it, in some manner. If it gets put up with a .gov, it means the government security has already failed and the issue is the sites being hacked not them being fake.

The process of requesting a .gov domain is pretty simple if you have the credentials. I don't think they hardly even read the stuff, I wouldn't be surprised if it's automated or someone just clicks approve on each one without looking into it.

A Former User

@scottalanmiller said:

The even say look for .gov instead of .com. Honestly, if someone falls for a .com site as a government web site, they deserve to be in trouble. You've got to be REALLY uncaring to be that ignorant.

Yeah. a lot of local gov's are using .org TLDs now for some reason.

gjacobse

@scottalanmiller said:

How does one make a fake government site in the US where the government controls the TLD?

Generally most people would not give the .GOV a second thought. However, is it not possible to spoof about 80% of that to make it appear to come from a .GOV site and it not be?

A Former User

@g.jacobse said:

@scottalanmiller said:

How does one make a fake government site in the US where the government controls the TLD?

Generally most people would not give the .GOV a second thought. However, is it not possible to spoof about 80% of that to make it appear to come from a .GOV site and it not be?

Only with local DNS access.

scottalanmiller

@g.jacobse said:

Generally most people would not give the .GOV a second thought. However, is it not possible to spoof about 80% of that to make it appear to come from a .GOV site and it not be?

Spoofing a TLD is a pretty difficult thing to do. You have to hijack DNS to do it. Easy to do internal in a business, hard to do to a person randomly on the Internet.

gjacobse

Seems legit then

In the case of the OP - yes it is legitimate. But there are so many daily occurrences of those that are not.

"trust but verify"

A Former User

@g.jacobse said:

In the case of the OP - yes it is legitimate. But there are so many daily occurrences of those that are not.

Daily occurrence of a .gov TLD that's fake? I've never actually seen it happen.

Lakshmana

@g.jacobse I have seen this issue at client place which was not so good

Dashrender

Well that page is even telling people to go to [email protected] - problems abound!