I visited some other blog today and read a fresh post about JAKIM site hosting a Paypal Phishing site.
Try yourself and go to http://www.islam.gov.my/online/cgi/. You’ll see this:
And if you get to http://www.islam.gov.my/online/cgi/webscr_cmd=_login-run/primapagina.htm (I suggest you only go there if you know what you are doing) you’ll see this: http://www.phishtank.com/… which really looks like the main page of PayPal. Careless users or users who does not really care about what the address bar displays might log in to the site, effectively giving their username and password to someone else.
During this testing I also found out that my Firefox is able to identify and warn me that the site is a phishing site:
I am trying to inform the JAKIM about this so that necessary actions can be taken. I’ve also contacted NISER. This is indeed an embarassing incident 🙁
Update 09 Oct 2006:
It seems that they have removed the phishing pages. Very good and quick action.
I’ve received no respond from them or NISER, though.
I’ve tried to contact all of them, but as NISER already made clear on their site, their office hours is Mon – Fri 08:30 -17:30 MYT (Note: Not operational every Saturday and Sunday). I’ve emailed info[at]niser.org.my, though.
So I guess this will only be resolved on Monday.
This issue has been updated here.