Researchers discovered a spam scam spoofing a link-shortening service called 1.usa.gov. The scam was derailed on Oct. 19 after the General Services Administration stepped in and put up warning pages to users. The attackers were mainly searching for servers with an open-redirect vulnerability in DotNetNuke’s LinkClick.aspx file. The phony sites spoofed CNBC news pages, with content “scraped” from the legitimate CNBC.com site. The issue is that. URLs can be created and pointed to non-.gov sites, researchers say.”]
Source: https://www.darkreading.com/attacks-breaches/-gov-mil-url-shortener-spam-attack-curtailed