At last, many people have learned not to click on strange links that they do not know, not to enter information on strange pages. However, the attackers do not hesitate to develop themselves and actively use different known techniques in order to lure their victims into their networks.

In order for a phishing attack to be successful, as far as we have seen so far, the attackers pay a lot of attention to the following. A legitimate-looking URL address and a properly designed, localized website. The situation that we will talk about in this article is used to meet the first criterion.

Microsoft 365 Defender Threat By the Intelligence team according to the published report, the attackers have recently sent phishing links to users with OpenRedirect websites. So how does he do this?

As you know, many innocent sites already have the feature of redirecting to other websites. For example, if you do a search on Google and look at the URLs of the results, you will see that Google redirects to the target. Or links found in emails. They also redirect to third-party websites.

In order to make phishing scenarios more successful, attackers edit the URL address where the redirect is made and enter the fake website they have prepared as the site to be redirected. This results in a malicious link that looks like a web address from an innocent and reliable source.

Microsoft reported that it has detected at least 350 unique phishing attacks using the OpenRedirect feature of a variety of legitimate services. As for how to understand these connections, it’s actually very simple. Look at the submitted URLs. If there is another website at the end, it is redirecting.

An image explaining what OpenRedirect is. – Image Source: Microsoft

While attackers renew the techniques they use every day, it is very important for us users to be vigilant and careful.

Like it? Share with your friends!

Michael Lewis


Your email address will not be published. Required fields are marked *