What are open redirect phishing attacks?

Featured image

Share this article

Hands wearing long sleeve shirt working at open laptop in high contrast, moody lighting

Open redirect phishing attacks are designed to trick victims into thinking they are visiting a legitimate website. Cybercriminals frequently use this technique to steal login credentials and other sensitive information.

Keep reading to learn more about open redirect phishing attacks and ways to reduce your risk. Plus, find out how a HIPAA compliant email provider can help.

What is an open redirect?

A redirect is an HTTP response code that moves users to a different website than the originally requested destination. There are many legitimate purposes for a redirect, such as when a website switches to a new domain.

An open redirect vulnerability occurs when an application permits users to control a redirect and does not validate untrusted user input. This makes it easier for attackers to redirect users to a malicious site.

How do hackers leverage open redirects for phishing attacks? 

Cybercriminals exploit open redirects by embedding the URL of a genuine website into a phishing email. A common example is impersonating a bank’s website.

Since the actual domain is shown when users click the link, this gives the attack more credibility. In reality, malicious code is hidden to direct victims to a malicious website.

Once the victim clicks through to the dangerous site, they are usually prompted to provide credentials on a login form. The cybercriminal then uses this information to impersonate the user and gain access to other personal information such as credit card details.

Open redirects can also be used for other cyberattacks, such as server side request forgery (SSRF) and cross-site scripting (XSS). These allow hackers to target internal systems and intercept local data.

Ways to reduce your risk for a redirect phishing attack

The best way to avoid open redirect phishing attacks is to inspect the entire URL before clicking a link. This can be done by hovering your mouse over the URL to ensure that it is going to the site you expected.

If you can only see the domain or if the link is especially long with a string of extra characters, that is a good reason to pause. Additional best practices for your organization include:

  • Avoid using redirects and forwards altogether.
  • If redirects are needed, do not incorporate user-controllable data into these targets.
  • When user input can not be avoided, ensure that the supplied value is valid, authorized, and appropriate for the particular application.
  • Sanitize input by creating a list of trusted URLs. This should be based on an allow-list, rather than a block list.
  • Leave sensitive data such as usernames and passwords out of logs.

Strengthen email security with Paubox

As cybercriminals continue to evolve their methods, employee training is another key piece of preventing your staff from falling victim to open redirect attacks and other malicious schemes. Unfortunately, human error is ultimately unavoidable.

Therefore, it’s important for healthcare providers to cover all bases with a stronger inbound email security strategy. That’s where Paubox Email Suite’s HIPAA compliant email platform comes in.

Along with enabling healthcare email encryption, Paubox Email Suite’s Plus and Premium plan levels include robust inbound email security tools that block phishing emails and other malicious attacks from reaching the inbox in the first place. Our patent-pending Zero Trust Email feature uses email AI to confirm that an email is legitimate. Additionally, our patented ExecProtect solution quickly intercepts display name spoofing attempts.

Try Paubox Email Suite Plus for FREE today.

HITRUST CSF certified
4.9/5.0 on the G2 Grid
Paubox sends 70 million HIPAA certified and secure emails every month.

Author Photo

About the author

Sara Uzer

Read more by Sara Uzer

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022