Data breach: covert redirect

Data Breach: covert redirect
Posted by: Orhan Sari Category: Cyber-security Awareness, Malware, Phishing Simulation Tags: , , Post Date: February 6, 2018

Data breach: covert redirect

Covert Redirect is a security breach and occurs when cyber hackers use open routing. Open redirects are not successful in checking whether the redirected URL is a valid URL. Cybercriminals who use covert redirect take advantage of this weakness, open a fake login window, steal login information, and redirect to a malware-infringing page. In this page, there are situations that may be harmful to the user, such as identity theft.

First discovered in June 2014 by Wang Jing, PhD student at Nanyang University of Technology, this type of phishing attacks affected large sites such as Facebook, Google, Yahoo and Microsoft using OAuth and OpenID.

For example, suppose that a user clicks a malicious phishing link on Facebook. Then a window will open asking if the user wants to authorize the application. If the target user chooses to authorize the application, the victim’s personal sensitive information can be exposed. This information may include your email address, date of birth, contacts, and history of work.

Get Protected against Covert redirect for Free

Keepnet Labs security awareness and anti-phishing platform offer solution for covert redirect or the other types of phishing attacks for free.  The platform has many modules that help users to learn phishing schemes and take action against them.

Register and try Keepnet modules for free.

Share this post