Here’s a legitimate bank, Banca Fideuram, whose real site is actively being used in phishing redirects.
You can see for yourself how poor a job that’s been done with this site: this link will generate a popup that’s certainly not from the bank.
Pretty sloppy.
And now we have congress-critters unwittingly being used in redirecting to all kinds of sites. Take a gander at this Google search [*.house.gov/exit.aspx]. See all the spam links pushing redirects, hopping off the website of our Honorable Reps? Or how about just putting in the word “intelligence” for some more fun?
This poor congress-critter is unwittingly redirecting some visitors to a hard core porn site, gipno(dot)com — www.blunt(dot)house.gov/exit.aspx?link=gipno(dot)com.
Heck, they’re not the only ones. Take, for example, Hershey’s (which, to their credit, requires user assent to redirect), or this school.
Some of these have been out for quite some time…
I’m certain there’s lots more out there. Feel free to post more of your own findings in the comments section.
Alex Eckelberry
(Credit to Francesco Benedini, sikurezza.org mailing list and Marco d’Itri for pointing out the bank redirect, and Adam Thomas for the house redirect)