T0123.004 "Conduct Server Redirect"
Tactic stage: TA18
Summary: A server redirect, also known as a URL redirect, occurs when a server automatically forwards a user from one URL to another using server-side scripting languages. An influence operation may conduct a server redirect to divert target audience members from one website to another without their knowledge. The redirected website may pose as a legitimate source, host malware, or otherwise aid operation objectives.
Detection methods include:
Seen in incidents: