It’s possible `/` redirects but other hidden routes phish. If someone gets e.g.:... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Rauchg on Jan 24, 2025 \| parent \| context \| favorite \| on: Ask HN: Why buy domains and 301 redirect them to m... It’s possible `/` redirects but other hidden routes phish. If someone gets e.g.: a fake password reset email, it might help the attacker bypass sanity checks users make.

ActionHank on Jan 24, 2025 [–]

Also helps create phishing report "false" flags.

If I target a specific region with a phishing link and redirect if the requestor is not in that region I can probably maintain my phishing domains for longer.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact