On 2023-10-03 at 11:02:47 UTC-0400 (Tue, 3 Oct 2023 08:02:47 -0700
(PDT))
John Hardin <jhar...@impsec.org>
is rumored to have said:
On Tue, 3 Oct 2023, Giovanni Bechis wrote:
Hi,
I've received an email with a link like
https://www.bing.com/ck/a?!&&p=XXX&ptn=3&hsh=3&fclid=XXX&u=XXX&ntb=1
that redirects to another bing.com url that finally redirects to a
phishing url. As a workaround I've added "url_shortener bing.com" and
it works (but it's not correct because Bing it's not a shortener),
should we add search engines as well to url shortener configuration
or should we implement something else ?
This should be "something else".
+1
IMHO, this (presumably a tracking URL for a search result?) strikes me
as much more solidly indicative of bad intent than a shortener.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
