What’s a better scam seal of approval for a phisher than to have his or her information-gleaning scam website hosted on a government domain?

Symantec researchers said today they’re seeing that surprising trend with some frequency in recent months.

Now, before you run to the phone to call your congressman (or congresswoman) to complain, this isn’t a problem with the .gov domain used by federal agencies and departments in the United States.

Here’s a list of government domains hosting phishing sites, according to Symantec Security Response: Thailand (.go.th), Indonesia (.go.id), Hungary (.gov.hu), Bangladesh (.gov.bd), Argentina (.gov.ar), Sri Lanka (.gov.lk), Ukraine (.gov.ua), China (.gov.cn), Brazil (.gov.br), Bosnia and Herzegovina (.gov.ba), Columbia (.gov.co) and Malaysia (.gov.my).

Symantec’s Nick Sullivan pointed out today that government domains also give phishing sites extra traffic and a longer lifespan. Here’s what he had to say:

“Most phishing sites are placed on government web servers by hackers who have gained access to the server through a backdoor, a vulnerable web interface or some other means.

Hosting a phishing webpage on a government site has a number of advantages for a phisher. Government websites often receive a high volume of traffic, so their servers can handle the extra traffic generated by a phishing site. This extra traffic might not be noticed immediately, giving the phishing site a longer lifespan before it is detected and shut down. Perhaps most importantly, hosting a phishing site on an actual government URL gives the phishing site a sense of authenticity that’s hard to beat.”
- Nick Sullivan, Symantec Security Response blog, July 12, “Government servers hosting phishing sites”