![]() Malicious websites are destined to be block listed and don’t have a very long shelf life, so there’s no mileage for them in trustworthy-looking dot coms. Of course, if all they have is a link they don’t want one that’s going to put you off.Īnd that’s a problem, because their domains often are off-putting. ![]() Over the years, scammers have realised that keeping things simple works for them, and the simplest message of all is like this one – nothing more than a malicious link. It reminded me of a very similar Skype message I’d received a few years ago, one that abused an open redirect in Google Maps, and I wondered if there was another. I wasn’t interested in where the link would lead me (for the record, it redirects to a punycode encoded URL that redirects to a malicious site), but I was interested to see how a Google URL was being used to get me there. I’ve blurred some of the URL, but the important thing is that it it looks like this: &usg= It was a link to Google, and that got me wondering, how does that work? It was clearly a phish, but it caught my eye because it didn’t link to some obviously scummy or incongruous URL. ![]() I say “message”, it wasn’t much of one, it was just a link. Yesterday morning I got a Skype message from an ex-colleague, somebody I’d not heard from in some time but was happy to reconnect with.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |