Open Redirection
Open Redirection
In 2022, yet another phishing campaign targeting Facebook users was discovered to have netted hundreds of millions of credentials. The technique used was a common one: A link is sent via DM from a compromised Facebook account, then that link performs a series of redirects, often through malvertising pages to rack up views and clicks (and revenue for the attacker), ultimately landing on a fake page. Though the technique of host redirection, also known as open redirect, isn’t new, the sheer scale of this campaign is remarkable. Researchers found that just one phishing landing page out of around 400 had 2.7 million visitors in 2021, and 8.5 by June of 2022. In an interview with researchers, the attacker boasted of making $150 for every thousand visits from U.S. Facebook users, which would put the bad actor’s total earnings at $59 million.
What you need to know: Host redirection attacks are very common and increasingly subversive, as hackers become more creative about how they lure their targets. Attackers use URL redirection to gain a user’s trust before they inevitably strike. They’ll typically use embedded URLs, an .htaccess file or employ phishing tactics in order to redirect traffic to a malicious website.
Comments
Post a Comment