Reply to post: Re: This ought to be a standard

Hackers unleash smart Twitter phishing tool that snags two in three users

Anonymous Coward
Anonymous Coward

Re: This ought to be a standard

This is not a new risk, which is why I do not accept shortened URLs from anyone but those who I know to not pass on 3rd party ones.

The problem here is trusting any url, especially one presented to you in an app. The reason CLICK HERE is used so often is that social engineering works for every none, not just evil hackers.

There are manifold further problems with URLs: If I sent you a link to example.com/thisisreallysafe/ how do you know I am not going to use a dynamic rewrite to send you to example.com/thisisreallybadshiz ? Do you mitigate this by only going to links on sites you already know and trust the TLD?

Millions of people click on links to new sites and services every day. Few are as obvious as example.com/exploitkitpage.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019