This blog had been published at www.keepnetlabs.com.
Contact Keepnet for the best antiphishing tools and phishing protection software!
Throughout the years, cybercriminals have become more skilled at escaping the discovery by lurking within benign things and attacking their targets. They essentially utilise of URLs that lead targets to genuine yet compromised websites or have safe-looking redirectors that ultimately redirect targets to a phishing plot. According to the statistics in 2018 Keepnet Phishing Trends Report dataset, 49.32% of phishing messages were opened by the target across all organisations, 33.10 % went on to click the malicious attachment or link, 12,87 % hand over the information.
Microsoft revealed that cybercriminals crafted smart phishing attacks in 2019 by using links to Google search results that were infected so that they “pointed to an attacker-controlled page”, which finally redirected to a phishing web site. A traffic generator ensured that the redirector page was the top result for certain keywords.

According to Microsoft, using this technique, cyber criminals were able to transmit phishing emails that carried simply genuine URLs (i.e., link to search results), “and a trusted domain at that”, for instance:
- hxxps://www[.]google[.]ru/#btnI&q=%3Ca%3EhOJoXatrCPy%3C/a%3E
- hxxps://www[.]google[.]ru/#btnI&q=%3Ca%3EyEg5xg1736iIgQVF%3C/a%3E
The attack was even more clandestine due to its use of “location-specific search results”. When reached by users in Europe, the phishing URL redirected to the website c77684gq[.]beget[.]tech, and ultimately to the phishing page. Outside Europe, the same URL returned no search results.
Contact Keepnet for the best antiphishing tools and phishing protection software!
According to Microsoft, “for this to work, attackers had to make sure that their website, c77684gq[.]beget[.]tech, was the top search result for the keyword “hOJoXatrCPy” when queried from certain regions. The website’s HTML code is composed of a redirector script and a series of anchor elements:”

Microsoft explained that “These anchor elements were designed to be crawled by search engines so that the page is indexed and returned as result for the search keywords that attackers wanted to use for their campaign”.

Finally, cybercriminals set up a traffic generator to poison/ infect search results. Because the phishing URL used the open redirector functionality, it redirected to the top search result, therefore the redirector webpage.
Contact Keepnet for the best antiphishing tools and phishing protection software!
Phishing attacks are the source of more than 90% of successful cyberattacks. To keep your organisation secure, your employees must be completely trained in security awareness and change their behaviour to apply best security practices.
Simply teaching your employees on how to detect phishing emails and deal with them properly can add a powerful layer of security.
Here are tips on how to avoid phishing attacks:
- Don’t click on the links in the email coming from unknown sources
- Don’t open attachments from someone you don’t know. If you receive an attachment from someone you know, call the sender to verify the legitimacy of the email.
- If you get suspicious about an email you got, throw it out.
- Look out for regular phishing style in emails like “Verify your account.”
- Hover the over links in emails, check the URL to verify the authenticity and instead of clicking on the link, type in the web address into the browser manually to access the website.
- If you visit a website with a padlock, click on the padlock to verify the authenticity.
- Protect your accounts by using multi-factor authentication.
- Protect your data by backing it up.

Teknoloji Haberleri
- Samsung Galaxy Watch'larda can sıkan sorunSamsung’un popüler akıllı saat modelleri Galaxy Watch 7 ve Ultra, rastgele bağlantı kesintileri ve yeniden kurulum gerektiren sıfırlama sorunlarıyla kullanıcıları zor durumda bırakıyor.
- Üç model dışarıda kalabilir: iOS 19 hangi iPhone'lara gelecek?Eğer iPhone'unuz iOS 18 çalışıyorsa, bu iOS 19'u da çalıştıracağı anlamına gelmiyor olabilir. Yeni söylenti, üç iPhone modelinin iOS 19 güncellemesini alamayacağını iddia ediyor.
- Windows 95 ile çalışan 30 yıllık bir PC'ye sahipseniz, bu haber sizin için!Retro bilgisayar toplulukları için bir yenilik daha: CrystalMark Retro, Windows 95 ve NT gibi eski işletim sistemlerinde çalışabilen kıyaslama testi uygulamasını güncelledi. Peki, performans analizlerinde hangi sonuçlar elde ediliyor?
- Uzayda 37 gün geçiren farelerde garip değişimNASA'nın yeni araştırmaları, astronotların uzun uzay yolculuklarında maruz kaldığı kas ve kemik kaybının mekanizmalarını daha iyi anlamamızı sağlıyor. Farelerin yardımıyla ulaşılan önemli bulgular, aynı zamanda şaşırtıcı sonuçları da ortaya koyuyor.
- Kod adı Solarium: Yeni iOS 19 tasarımından yeni detaylariOS 19, cam benzeri bir tasarım anlayışını kullanıcıların deneyimine sunmaya hazırlanıyor. Sızan bilgiler, Apple’ın VisionOS’tan ilham alarak daha modern ve yenilikçi bir arayüz üzerinde çalıştığını gösteriyor. WWDC 2025’te bu yeniliklerin detaylarına ulaşmak mümkün olacak.