Open redirects ... and why Phishers love them
Working from home, did you get a meeting invite recently that pointed to https://meet.google.com ? Well, that's indeed where Google's online meeting tool is located. But potentially the URL you got is not "only" leading you there.
Google Meet and Google Hangouts have a so-called open-redirect vulnerability. Phishers have found it, and are currently abusing it in droves. Your users believe they are clicking on a Google link, but end up somewhere else alltogether.
Benign example: https://meet.google.com/linkredirect?dest=https://cwe.mitre.org/data/definitions/601.html
Obviously, the Phishers wont't send your users to the Mitre vulnerability database, but rather make use of obfuscated destination URLs which commonly then lead to a phishing site that mimics a Google or Microsoft login page.
Google Hangouts https://hangouts.google.com has the same problem, and is also being abused.
Battling the never ending Phishing wave is difficult enough without major companies providing help to the crooks in the form of Open Redirects. If you have open redirects in your online web presence, and they are turning up in vulnerability reports for your site, please take them seriously, and fix them.
Comments
Anonymous
Jun 18th 2021
3 years ago
Anonymous
Jun 19th 2021
3 years ago
Anonymous
Jun 19th 2021
3 years ago