Summary: Cybercriminals are increasingly exploiting vulnerabilities in government websites to execute phishing campaigns, as revealed by recent research from Cofense Intelligence. Legitimate .gov domains are often misused for credential phishing and as open redirects, targeting users’ trust in government sites. The study highlights the need for better security measures and awareness to combat these evolving threats.
Affected: Government organizations and users of .gov domains
Keypoints :
- Cybercriminals exploit .gov TLDs utilizing open redirects and hosting credential phishing pages.
- Nearly 60% of abused .gov domains showed signs of vulnerabilities related to the Liferay platform.
- The US represented 9% of the total abused domains, indicating targeted phishing campaigns primarily mimicking Microsoft services.
- Government agencies across over 20 countries are affected, with Brazil being the most targeted.
- Mitigation strategies include stricter validation processes, regular software updates, and increased phishing awareness.
Source: https://www.infosecurity-magazine.com/news/threat-actors-exploit-gov-websites/