![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
thewayneNominally, the .US top level domain is owned by the U.S. government. However, they contracted out the management of it. And it was then subcontracted out, etc. And now it's being controlled by a bunch of crooks who are doing domain shortening for a bunch of low-lifes who are using it for pfishing, credential theft, etc.
Domain shortening is when you see something like goo.gl/xyzabc. Google takes xyzabc and expands it to a much longer domain, the problem is that you can't see if it's a safe domain in the shortened version! Can you say security risk? I knew you could! The .US is pretty much not at all in use by the U.S. government, and anything critical sent to you by the government, such as an IRS notice, is going to come by the U.S. mail anyway.
https://krebsonsecurity.com/2023/10/us-harbors-prolific-malicious-link-shortening-service/
Domain shortening is when you see something like goo.gl/xyzabc. Google takes xyzabc and expands it to a much longer domain, the problem is that you can't see if it's a safe domain in the shortened version! Can you say security risk? I knew you could! The .US is pretty much not at all in use by the U.S. government, and anything critical sent to you by the government, such as an IRS notice, is going to come by the U.S. mail anyway.
https://krebsonsecurity.com/2023/10/us-harbors-prolific-malicious-link-shortening-service/
no subject
Date: 2023-11-04 01:06 am (UTC)The minions do what they can within the framework that they have to operate in.