|

Department of Islamic Development Malaysia is hosting PayPal Phishing Site?!

I was shocked when I discovered a PayPal phishing site is hosting under Department of Islamic Development Malaysia(Jabatan Kemajuan Islam Malaysia) website. :shock:

The website: Islam.gov.my

Jabatan Kemajuan Islam Malaysia

Department of Islamic Development Malaysia site is officially developed by Malaysia government since 1996. It is using a Malaysia top-level domains — gov.my, which is exclusively for Malaysian government organizations.

The PayPal phishing site

The PayPal phishing site is hosting under http://www.islam.gov.my/online/cgi/.

Alert: DO NOT log in your PayPal account there!

PayPal Phishing site in Jabatan Kemajuan Islam Malaysia website
Screenshot: PayPal phishing site hosting under Jabatan Kemajuan Islam Malaysia website. [full screenshot]

Here are the list of phishing pages discovered:

  • http://www.islam.gov.my /online /cgi /webscr_cmd=_login-run/
  • http://www.islam.gov.my/ online /cgi /webscr_cmd=_login-run /primapagina.htm
  • http://www.islam.gov.my/online /cgi /webscr_cmd=_login-run /sysdll.php
Alert: DO NOT log in your PayPal account there!

Info: What is PHISHING?

My two cents

Since the website of Department of Islamic Development Malaysia is using exclusive domain name, chances are the website has been hacked or a webmaster build the phishing site…

I have send this to the webmaster and administrative contact. Hopefully, they will clear the phishing site as soon as possible. It is a bad reputation that Malaysia government website is hosting a phishing site…

Update: Both email delivery to webmaster and administrative contact are failed! This is bad. :(

Update: It has been fixed. Thanks to everyone who notified the related parties.

hack, Islam, malaysia, paypal, phishing, security, web

Share this:

Similar Posts