Dot-Gov Email is More Prone to Forgery Than Social Media and E-Commerce Messages

Americans are more likely to get hacked by opening email from dot-gov websites than from reading online retailer and social media email, according to a new study.

The problem is many federal agencies are not using digital codes that certify government emails are really from the government, researchers say. The lack of email authentication allows cybercriminals to spoof, or forge, dot-gov email addresses and send fraudulent messages. Criminals after money or government secrets have posed as federal entities -- for example, the Federal Deposit Insurance Corporation -- to trick citizens and contractors into divulging bank passwords and confidential strategies. Of 50 highly trafficked or previously targeted federal sites, 42 percent are not authenticating outgoing email, according to a report released by the Online Trust Alliance, an organization that works to improve consumer confidence in Web privacy and security.