In recent months, Symantec has detected a number of phishing sitesthat have been hosted on government URLs. In June alone, phishing siteswere identified on government sites from the following countries:Thailand (.go.th), Indonesia (.go.id), Hungary (.gov.hu), Bangladesh(.gov.bd), Argentina (.gov.ar), Sri Lanka (.gov.lk), Ukraine (.gov.ua),China (.gov.cn), Brazil (.gov.br), Bosnia and Herzegovina (.gov.ba),Columbia (.gov.co), and Malaysia (.gov.my). This might come as a surprise to some people, as governments arethought to have very secure computer systems. However, the quantity ofphishing sites hosted on government domains around the world seems tosuggest otherwise. These fraudulent sites look like legitimate Websites and are designed to trick users into divulging personalinformation such as government-issued identity numbers, bank password,or credit card numbers. Most phishing sites are placed on governmentWeb servers by hackers who have gained access to the server through abackdoor, a vulnerable Web interface, or some other means.