Security News > 2021 > May > Exploiting common URL redirection methods to create effective phishing attacks
"Simple" can often be harder than "Complex." When thinking about the trickiest phishing campaigns and their components, URL redirection does not immediately come to mind as the part causing the trouble.
URL forwarding is one method that is often abused by cybercriminals to create multi-layered phishing attacks.
URL redirection is the process of forwarding web users from the originally requested URL to a completely different one.
URL redirection is so common and has become a part of our daily life online that phishers do not mind exploiting it for their own purposes.
When checking the file's page source code, we can see an encoded script that, once decoded, shows the phishing URL of the web page the recipient would be redirected to after milliseconds of delay.
In conclusion: do not underestimate URL redirection.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/cFTPr0chIQc/
Related news
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)