CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
June 3rd, 2008

UK Home Office Crime Reduction Website Hosted Italian Phishing Scam

UK Home Office crime reduction website (crimereduction.homeoffice.gov.uk) was hacked on Monday. The attackers used the hacked website to host an Italian phishing website. Remote file inclusion exploit was used to launch the phished page off the web server hosting Crime Reduction website on homeoffice.gov.uk. As a result of the SQL Injection attack a page resembling the www.poste.it site was served up so that it appeared to come from the homeoffice.gov domain. Poste.it is a website of an Italian bank and is a frequent target of phishing attacks.

According to net security firm, phishing fraudsters used the POST method so that phished data submitted by victims was sent to them. It is unclear why they picked a government page located in the UK to host a phishing attack. Usually phishers pick or register a domain name for the fake website that looks as much as possible to the original website to confuse the victims.

The Home Office pulled the rogue content from its site early on Monday morning. This attack is another example of cybrecriminals abusing security exploits on trusted websites to serve up fraudulent content such as fake phishing pages or install malware. Home Office crime reduction website joins a long list of other UK government sites and US Department of Homeland Security website that were abused by attackers during last months. The fact this time it is a crime reduction website should be extra-embarrassing for this British government department.

Share this item with others:

More on CyberInsecure:
  • Fort Jennings State Bank Website Hacked, Hosting A Phishing Page For Italian “Poste Italiane” Bank
  • FCO Warns About “Recession Relief Programme Fund” Phishing Scam
  • Phishers Attack Facebook With A Variety Of New Scams
  • Property Stolen Due To Craigslist Scam
  • UK Justice Minister’s Email Account Used For 419 Scam

    • Posted in Hacked, Phishing | Print This Post Print This Post

    This entry was posted on Tuesday, June 3rd, 2008 at 4:33 am and is filed under Hacked, Phishing. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: UK Home Office Crime Reduction Website Hosted Italian Phishing Scam

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »