The result of a collaboration between USA.gov and bitly.com, the service is automatically employed whenever anyone uses bitly to shorten a URL that ends in .gov or .mil.
In the latest spam campaigns, the offered shortened 1.USA.gov links lead to a .vermont.gov site, which then thanks to a open-redirect vulnerability is made to forward the visitors to a scammy work-from-home website that spoofs a legitimate financial news network website:
"To add legitimacy to the website, spammers have designed it so that other links, such as the menu bar at the top and other news articles, actually lead to the financial news website that it is spoofing. However, the links in the article all lead to a different website where the spammer tries to make the sale," the researchers warn.
The campaign seems rather successful, as the shortened URLs have been followed by over 43,000 users in seven days - the majority of which are (not surprisingly) users located in the United States.
The shortened 1.USA.gov links lend an aura of legitimacy to the offered links, as the users are more inclined to trust them that random ones. The other problem is that too many .gov sites can be compromised to serve as redirectors to other malicious sites.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.