Dec 02, 2013

    Another fake MOM site surfaces

    ANOTHER fake Ministry of Manpower (MOM) website has surfaced, right after one was brought to light last week.

    The ministry has lodged police reports against the two websites, which have similar web addresses to that of MOM's official website: The fake sites also mimic the look and feel of the original.

    The first fake site ( was discovered by MOM on Thursday. The second bogus MOM website ( was discovered on Saturday.

    While the first duplicate website was deleted at 11.36pm on Friday, MOM said on Facebook yesterday that it will take about 48 hours for servers worldwide to effect the deletion. This means some users might still have been able to view the site.

    MOM added that there have been no reports of user data being compromised so far and said that "access to the official MOM website remains unaffected".

    The fake MOM sites come hot on the heels of a string of cyberattacks on government websites.

    Two men were charged with the hacking of the Istana website last week. Earlier last month, James Raj Arokiasamy, the alleged hacker who used the moniker The Messiah, was accused of hacking a town-council website in October.

    Government websites are not the only victims: Sporting-goods store World of Sports' website was hacked by a person or several people claiming to be part of a group called the Bangladesh Grey Hat Hackers. At 4.35pm yesterday, the site was still defaced, but a check three hours later showed that it had been restored.

    Technology-security experts told MyPaper that are are several possible reasons for creating duplicate websites.

    They range from "opportunistic satire" to more malicious intentions, like stealing user accounts and passwords, or getting users to download malware.

    Mr Victor Huang, chief technology officer of IT firm Computer Guys, said: "The creation of duplicate sites on mistyped web addresses, while of questionable legality, isn't technically an act of hacking."

    He noted that unused web addresses are open for registration and organisations are often advised to register commonly mistyped variations of their web addresses to prevent them from being misused.

    Mr David Siah, country manager of Trend Micro Singapore, said that the perpetrators may feel that they are able to get away with their deeds, as the nature of the Internet may make it hard to trace them.

    On the duplicate sites, Acting Minister for Manpower Tan Chuan-Jin advised netizens to remain alert in a post on Facebook yesterday. He said: "Some feel that it is a game and cheer on such activities.

    "It is not. It disrupts all our lives and, if substantive sites are really compromised, the consequences aren't always trivial."