3 Ways to Prevent a URL Redirect Attack

Cybercriminals are stealthy in their attacks — especially when financial gains are involved. With this type of attack, hitting the jackpot requires time and patience. Regardless, hackers also employ “noisy” attacks, or ones intended for victims and other website visitors to see. These typically promote very radical or personal views on various subjects. Some common attacks, however, can be either noisy or stealthy, just like the notoriously clever URL redirect attack.

Cybercriminals use these URL redirection attacks to take advantage of users’ trust. They do this by redirecting traffic to a malicious web page using URLs embedded in website code, an .htaccess file, or a phishing email. These attacks are frequent, too: URL redirection attacks make up 17% of malware infections.

For example, a cybercriminal might send out a phishing email that includes a copycat of your website’s URL. This link might look like your website’s URL, but it is actually a phishing attack that will actually lead users to a malicious site that includes forms with login pages that request personal information. Because the phishing site link appears legitimate and users believe they’re on a trusted website, they often willingly share personal information without suspicion.

How to Spot a URL Redirection Vulnerability

Stealthy attacks are difficult to diagnose, and this includes ones that redirect users. Some website owners don’t realize cybercriminals are at work until their web hosts suspend their sites or they experience significant drops in website traffic after checking tools such as Google Analytics.

In addition, search engines also perform regular site scans and will blacklist websites if they detect an infection. However, scanning isn’t a foolproof method: According to SiteLock research, search engines blacklisted only 15% of malware-infected websites in 2018. Additionally, it could take quite some time before Google notifies you that your site is unsafe. This leaves your site’s visitors susceptible to potential security threats and puts your brand reputation at risk.

It’s important that website owners be proactive when it comes to their website’s health and security. They can do this by using cybersecurity solutions that alert them to these attacks the moment they occur.

How to Stop URL Redirection

Fortunately, protecting your website and your customers doesn’t have to be difficult or time-consuming. Start with these three important steps:

1. Use a web application firewall.

A web application firewall is a great first line of defense for directing malicious actors away from your website. Using a WAF guards your site against the most common types of attacks, and some solutions even provide security reports that highlight important data (such as site traffic). This gives you the opportunity to monitor your traffic for significant declines, which is also one key sign of a URL redirect attack.

2. Use an automated website scanner.

An automated website scanner will help you detect malware in your site’s files and database faster than if you review them on your own. An effective website scanner should be able to detect and remove these active infections on a daily basis to minimize negative impacts on your business and customers.

3. Keep software up-to-date.

Cybercriminals typically gain unauthorized access to small business websites by exploiting outdated code. If you use a content management system, third-party plugins or widgets, or other software to enhance your site, you must be diligent about updating it to avoid open redirect vulnerabilities. Implement the patches and updates that developers release to fix existing vulnerabilities and mitigate new threats.

The cybersecurity landscape is changing rapidly each day, and it can be difficult to keep up with on your own. Having a trusted cybersecurity partner who knows how to prevent these attacks can save you time and keep your customers safe from malicious websites. Your customers’ trust is vital to the health of your small business — don’t let cybercriminals take advantage of it. Take the steps above to protect your customers and ensure you can mitigate a URL redirection attack quickly.

Has your site been hacked? If so, learn about SiteLock's website hack cleanup services, and get help today.

Monique Becenti is a product and channel marketing specialist at SiteLock, a cloud-based website security provider currently protecting more than 16 million websites globally. Monique is passionate about improving the customer experience for all. SiteLock’s combination of dedicated research and developmental efforts, aggressive product road maps, and access to a massive global data set make the company a leading innovator in web security.