I just got this email to C3’s general inbox:
Hello,
I´m the webmaster of senate.gov
We are moving our website and want to request a change of your outgoing
link (http://www.fightcolorectalcancer.org/) to our new website,
you would help us very much to make the change sucsesfull. Our new
webadress is http://govsenate.com/
Kind Regards Webmaster of senate.gov
What’s this “new” site? It’s just the real senate.gov site in an iframe (loaded on a Mac after logging out of Facebook and Twitter, of course):
<html>
<head>
</head>
<body>
http://ahref=</body>
</html>
More fun to take a look at the who.is – Registered by a Turkish registrar and name server in Hong Kong.
I guess the idea is to get unsuspecting organizations to actually make the change, and then switch for spam/ad site? Or hidden malware? Who falls for this stuff?
Judi Sohn 