Security News > 2020 > May > How scammers abuse Google Search’s open redirect feature

How scammers abuse Google Search’s open redirect feature
2020-05-15 13:04

It reminded me of a very similar Skype message I'd received a few years ago, one that abused an open redirect in Google Maps, and I wondered if there was another.

One answer is to find an open redirect on a legitimate website - a redirection facility that can be abused to bounce users from a trustworthy website to another, less trustworthy one.

In some browsers, like Firefox or Safari, Google search results don't lead directly to the listed websites.

If a website is listed on Google Search, it has a usg, which is easily retrieved from the source code of the search results page.

So why does Google tolerate it? Well, Google doesn't consider open redirects to be a security issue.


News URL

https://nakedsecurity.sophos.com/2020/05/15/how-scammers-abuse-google-searchs-open-redirect-feature/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 102 256 4320 4678 741 9995