T0123.004 "Conduct Server Redirect"

Tactic stage: TA18

Summary: A server redirect, also known as a URL redirect, occurs when a server automatically forwards a user from one URL to another using server-side scripting languages. An influence operation may conduct a server redirect to divert target audience members from one website to another without their knowledge. The redirected website may pose as a legitimate source, host malware, or otherwise aid operation objectives.

Relationships

Has counters:

Detection methods include:

Datasets

Examples include:

Seen in incidents:

DISARM Frameworks provided CC-by-SA by the DISARM Foundation