Nowadays, phishing links in an email seems to be the most efficient way for scammers to get to the people. It seems pretty obvious if you know where to look. Simply hover over your mouse over the link to find what the true Url is before clicking it. And that’s the way I always tell people to do when not sure if it’s safe to click a link from an email.
Guess what, not the case anymore.
One awesome Redditor u/wanderingbilby discovered and posted a type of phishing Url that gives you nightmares on SysAdmin subreddit.
Here is the Url that is embedded in the email body:
http://t-info.mail.adobe.com/r/?id=hc43f43t4a,afd67070,affc7349&p1=t.mid.accor-mail.com/r/?id=159593f159593159593,hde43e13b13,ecdfafef,ee5cfa06&p1=filepmgklf.com/victimemail @domain.com
Looks totally legit, and it’s from a well-known brand, Adobe. But guess where it leads you to if you click on it.
A shitty and fake Office 365 login page hosted on Windows.net.
A few more test later, what revealed is that basically, you can put anything after &p1= and Adobe will happily redirect the link for you. Free of charge, risk-free, and a much greater chance to trick people to click it.
The Redditor has reported the issue to both Microsoft and Adobe but so far, no action has been taken.
This has totally changed the way how I think what’s safe to click in an email. Guess we all have to take precaution when it comes to security. After all, one bad click, you are one step closer to be tricked into something bad.
While we are on the topic, here are some resources for you to share:
- Google’s Phishing Test
- Website Security Checks:
- Places to report a Phishing scam
- Report Microsoft Security Issues
- Report Phishing site to Google