Security News > 2021 > May > Exploiting common URL redirection methods to create effective phishing attacks
"Simple" can often be harder than "Complex." When thinking about the trickiest phishing campaigns and their components, URL redirection does not immediately come to mind as the part causing the trouble.
URL forwarding is one method that is often abused by cybercriminals to create multi-layered phishing attacks.
URL redirection is the process of forwarding web users from the originally requested URL to a completely different one.
URL redirection is so common and has become a part of our daily life online that phishers do not mind exploiting it for their own purposes.
When checking the file's page source code, we can see an encoded script that, once decoded, shows the phishing URL of the web page the recipient would be redirected to after milliseconds of delay.
In conclusion: do not underestimate URL redirection.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/cFTPr0chIQc/
Related news
- iOS devices face twice the phishing attacks of Android (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)
- Low-tech phishing attacks are gaining ground (source)
- MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks (source)
- Focused Phishing: Attack Targets Victims With Trusted Sites and Live Validation (source)
- CTM360 Identifies Surge in Phishing Attacks Targeting Meta Business Users (source)
- Polymorphic phishing attacks flood inboxes (source)