Phishing emails aimed at users of Google Workspace and Microsoft 365 have been sent as a result of open-redirect vulnerabilities affecting the American Express and Snapchat domains.
The term “open redirects” refers to a software vulnerability that makes it simpler for hackers to point users toward harmful resources they control.
Vulnerabilities :
Open redirect occurs when a website doesn’t validate user input, allowing hackers to modify the URLs of domains with stellar reviews to route consumers to malicious sites. Because the initial domain name in the altered link is a well-known one, like American Express or Snapchat, victims will believe it.
The link may seem secure to an untrained eye because the first domain name in the modified link is actually the domain name of the original site. According to email security firm INKY, the trusted domain, such as American Express or Snapchat, serves as a temporary landing page before redirecting the user to a malicious website.
DocuSign, FedEx, and Microsoft were used as baits in phishing emails distributed to the Snapchat group, which led to sites that harvest user credentials. Researchers from Inky claim that 6,812 phishing emails sent from Google Workspace and Microsoft 365 hacked over the course of two and a half months used the Snapchat open redirect.
On August 4, 2021, professionals informed Snapchat of a vulnerability through the Open Bug Bounty site, but nothing has been done to fix it.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: