Source: www.schneier.com – Author: Bruce Schneier
Brian Krebs reported that X (formerly known as Twitter) started automatically changing twitter.com links to x.com links. The problem is: (1) it changed any domain name that ended with “twitter.com,” and (2) it only changed the link’s appearance (anchortext), not the underlying URL. So if you were a clever phisher and registered fedetwitter.com, people would see the link as fedex.com, but it would send people to fedetwitter.com.
Thankfully, the problem has been fixed.
Tags: domain names, phishing, Twitter
Sidebar photo of Bruce Schneier by Joe MacInnis.
Original Post URL: https://www.schneier.com/blog/archives/2024/04/x-com-automatically-changing-link-names-but-not-links.html
Category & Tags: Uncategorized,domain names,phishing,Twitter – Uncategorized,domain names,phishing,Twitter
Views: 0
