Tactic or Technique: Open redirect

Attackers abuse open redirect vulnerabilities to make malicious links appear trustworthy. These links begin with a legitimate domain, but when clicked, they send you to a completely different site—often one used for phishing or malware delivery.
It often begins with a link like “trusted-company[.]com/redirect?url=malicious-site[.]com” to bypass filters and build false confidence. Since the domain looks familiar, you’re more likely to trust it and click through. Behind the scenes, you’re immediately redirected to an attacker-controlled page.
This tactic works because many users and security tools only check the start of a URL. It’s frequently used in credential phishing and malware campaigns, especially when combined with realistic branding that makes the message feel like it came from a legitimate source.
Attack Types (4):
Credential Phishing
Malware/Ransomware
Spam
BEC/Fraud
Detection Methods (12):
Sender analysis
URL analysis
Content analysis
File analysis
HTML analysis
Javascript analysis
Computer Vision
Natural Language Understanding
Optical Character Recognition
URL screenshot
Header analysis
QR code analysis
Rule Name & Severity
Last Updated
Author
Types, Tactics & Capabilities
Open redirect: vconfex.com
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Open redirect
Sender analysis
URL analysis
/feeds/core/detection-rules/open-redirect-vconfexcom-877de339
Open redirect: amaterasu-for-website-5.com
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Open redirect
Sender analysis
URL analysis
/feeds/core/detection-rules/open-redirect-amaterasu-for-website-5com-d31f7cb8
Open redirect: whitefox.pl
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Open redirect
Sender analysis
URL analysis
/feeds/core/detection-rules/open-redirect-whitefoxpl-18b74a2a
Open redirect: stats.lib.pdx.edu
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Open redirect
Sender analysis
URL analysis
/feeds/core/detection-rules/open-redirect-statslibpdxedu-0fe96183
Open redirect: Ticketmaster
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Open redirect
Sender analysis
URL analysis
/feeds/core/detection-rules/open-redirect-ticketmaster-a5b3901f
Open redirect: TikTok
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Open redirect
Sender analysis
URL analysis
/feeds/core/detection-rules/open-redirect-tiktok-d231d135
Open redirect: tkqlhce.com
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Open redirect
Sender analysis
URL analysis
/feeds/core/detection-rules/open-redirect-tkqlhcecom-44eef073
Open redirect: unitedwaynwvt.org
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Open redirect
Sender analysis
URL analysis
/feeds/core/detection-rules/open-redirect-unitedwaynwvtorg-da6eb27a
Open redirect: ust.hk
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Open redirect
Sender analysis
URL analysis
/feeds/core/detection-rules/open-redirect-usthk-700a19fb
Open redirect: VK
11d ago
Jan 12th, 2026
@vector_sec
Credential Phishing
Malware/Ransomware
Open redirect
Sender analysis
URL analysis
/feeds/core/detection-rules/open-redirect-vk-6ebd6d42
Open redirect: agena-smile.com
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Open redirect
Sender analysis
URL analysis
/feeds/core/detection-rules/open-redirect-agena-smilecom-4a8ebce6
Open redirect: astroarts.co.jp
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Open redirect
Sender analysis
URL analysis
/feeds/core/detection-rules/open-redirect-astroartscojp-6dd617af
Open redirect: designsori.com
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Open redirect
Sender analysis
URL analysis
/feeds/core/detection-rules/open-redirect-designsoricom-4c38ff47
Open redirect: storematch.jp
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Open redirect
Sender analysis
URL analysis
/feeds/core/detection-rules/open-redirect-storematchjp-849bfbb8
Low reputation link to auto-downloaded HTML file with smuggling indicators
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Evasion
Free file host
Free subdomain host
HTML smuggling
Impersonation: Brand
Open redirect
Social engineering
Content analysis
File analysis
HTML analysis
Javascript analysis
Sender analysis
URL analysis
/feeds/core/detection-rules/low-reputation-link-to-auto-downloaded-html-file-with-smuggling-indicators-339676c6
Open redirect: xfinity.com
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Open redirect
Sender analysis
URL analysis
/feeds/core/detection-rules/open-redirect-xfinitycom-7b9012fa
Open redirect: easycamp.com
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Open redirect
Sender analysis
URL analysis
/feeds/core/detection-rules/open-redirect-easycampcom-f05d377d
Open redirect: pmifunds.com
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Open redirect
Sender analysis
URL analysis
/feeds/core/detection-rules/open-redirect-pmifundscom-fdc91036
Open redirect: Cartoon Network
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Spam
Open redirect
Evasion
Content analysis
URL analysis
/feeds/core/detection-rules/open-redirect-cartoon-network-7435e057
Open redirect: YouTube --> Google Redirection Chain
11d ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Open redirect
Sender analysis
URL analysis
/feeds/core/detection-rules/open-redirect-youtube-greater-google-redirection-chain-67823fac
Page 1 of 7