Security News > 2021 > September > Open redirect on UK council website was being used for Royal Mail-themed parcel payments scam
An open redirect on a UK council-backed property website allowed low-level miscreants to evade filters.
The website operated by tech services biz Civica had an open redirect being actively abused by spammers, piggybacking off the website's domain authority so their messages weren't flagged up by scanning tools.
Open redirects exist when parameters passed in an HTTP GET request redirect the user to another URL without validating the target address.
"The reason these open redirects are useful is that they add legitimacy to the URL in the email itself which helps it to bypass spam filters," noted Helme.
Spam emails sent with links to recently spun-up domains are likely to be caught by spam filters, whereas using open redirects on well-established sites for bouncing users through a few sites until they end up on a phishing page means the odds of the message being filtered out are much lower.
Microsoft has previously warned of credential-phishing campaigns abusing open redirect vulnerabilities to get through spam filters.