On 10/3/23 17:02, John Hardin wrote:
On Tue, 3 Oct 2023, Giovanni Bechis wrote:Hi, I've received an email with a link like https://www.bing.com/ck/a?!&&p=XXX&ptn=3&hsh=3&fclid=XXX&u=XXX&ntb=1 that redirects to another bing.com url that finally redirects to a phishing url. As a workaround I've added "url_shortener bing.com" and it works (but it's not correct because Bing it's not a shortener), should we add search engines as well to url shortener configuration or should we implement something else ?This should be "something else". Is the redirection part indicated by the /ck/a path or the query parameters? Sadly this isn't like the Google redirector where the target URL is actually present and can be captured - or did you remove that part?
all parameter values are hashes, we cannot use a regexp to find the redirection url. Giovanni
OpenPGP_signature
Description: OpenPGP digital signature
