URL redirection allows one URL to lead to another for various reasons, including covering spelling mistakes, promoting multiple products, and corporate acquisitions. Malicious redirects are now commonly used in phishing attacks.
The uniform resource locator, or URL, of a web page is like its address on the web. URL redirection allows one URL to lead a user directly to another. This redirection can be done for a wide variety of reasons, both benign and malicious.
There are many ways to set up a URL redirect. Most website users are able to set it up directly through their host. Others involve the automatic update feature common on some older browsers and “3” codes indicating temporary or permanent redirects. Whatever the method, there are a number of reasons why users would like to redirect web traffic.
A common reason is to cover easy spelling mistakes or variations on their website. A site named “Way-to-go.com” may find several users attempting to type “Waytogo.com” or “Way-to-go.com” or even “Way-to-go.net”. A site owner would buy all of these names and set each of them to point to the original site. This way, even the wrong addresses would end up in the right place.
Another common URL redirect is for multiple products on the same website. If a company owns the rights to several products that sell well, it may find that people are trying to find the company site by searching by product names. To make the process easier for customers, the company site can have several product sites, such as “www.product-one.com” and “www.product-two.com”, all of which link back to the company page.
The last common reason revolves around corporate acquisitions. If a company has a well-known and heavily used website, it makes sense to keep that address active. If that company were to be taken over, the new company will often set up a redirect of the URL, allowing users to continue using the original address.
In the past, URL redirects were often used to trick search engines, but this trend has all but disappeared. Now, the most common reason to set up the malicious redirect is as part of a phishing attack. A phishing attack is a method of getting a user to voluntarily provide personal information about themselves. Common URL redirect phishing attacks target popular websites that ask for login information. The user types an address incorrectly and is redirected to a site almost identical to the one they expected. When you try to log in, the site logs your information and kicks you out of the system.
Protect your devices with Threat Protection by NordVPN
