The Nigerian government's National Information Technology Development Agency is currently hosting a phishing attack against Halifax on its own website at www.nitda.gov.ng. NITDA has been notified, and the Netcraft Toolbar community (which discovered the fraudulent content) is already protected from this attack.
Ironically, NITDA is the clearing house for IT projects in Nigeria, and establishes a set of security guidelines for the Federal Government of Nigeria in its Computer Network Architecture Standards (COMNAS) Framework. This document covers the national policy on network security and describes vulnerability scanning and penetration testing procedures which may have prevented the fraudulent content from appearing on its own website.
Phishing sites are quite commonly hosted on government infrastructure: In July, Netcraft blocked 146 new phishing sites hosted in government domains around the world.
Posted by Paul Mutton in Security
Your link here? Advertising on the Netcraft Blog