Why is that so satisfying to click on while it's at the top of the page?
abtinf · 5m ago
Or just report their mandatory compliance emails as phishing attempts.
I’ve worked for multiple large companies where the annual IT security signoffs look exactly like malicious emails: weird formatting; originates from weird external url that includes suspicious words; urgent call to action; and threats of discipline for non-compliance.
All this money being spent on training, only to immediately lull users into accept threats.
non_aligned · 47m ago
I know it's a joke and I had a sensible chuckle, but if you want to routinely use it at work, just keep in mind that it's probably gonna make things worse.
Since you can't exhaustively enumerate every good thing or every bad thing on the internet, a lot of security detection mechanisms are based on heuristics. These heuristics produce a fair number of false positives as it is. If you bring the rate up, it just increases the likelihood that your security folks will miss bad things down the line.
Aeolun · 33m ago
I think the lesson here is that any link in an email is bad. We should just block all of them.
DrJokepu · 26m ago
Why not address the problem at its real source and just block emails entirely?
SoftTalker · 13m ago
Because email is not the problem. HTML email is.
bigiain · 7m ago
People are the problem. We need to remove them from all processes.
seemaze · 1m ago
That process has begun..
virtualcharles · 7m ago
A whole new generation of rickrolling is about to begin.
Nice. Suggestion: default to https instead of http. Wouldn't want the links to lead somewhere malicious by accident.
flir · 21m ago
With a self-signed, expired, TLS 1.0 cert?
(For a different domain).
Terr_ · 1h ago
It may be possible to make a more-limited system without redirects, by abusing stuff like user:pass@host URL schemes, or #anchor suffixes... although it would be less reliable, some hosts/URLs would have problems.
Skullfurious · 42m ago
After half a decade on discord... What are the odds of me being banned for sending a ragebait google redirect to my buddies?
alabhyajindal · 51m ago
Beautiful. I got my joy back
ungreased0675 · 21m ago
I laughed really hard, this is fantastic.
xorvoid · 1h ago
Chaotic Neutral
yoz-y · 1h ago
Great. Since shadyurl seems to have died
leshokunin · 1h ago
I used to use it to redirect our links at work, back when the web was less paranoid. It was such silly fun. Surprised its dead
OrvalWintermute · 1h ago
The person that created this has a wonderful sense of humor!
johnecheck · 1h ago
Imagine if they later update these links to actually phish people. That'd be pretty funny.
Johnny555 · 36m ago
That's what I was thinking -- eventually he'll stop paying for those domains and they'll go up for sale, and a domain taster may find that they are still active enough to use for real phishing.
https://carnalflicks.online/var/lib/systemd/coredump/logging...
1: https://pc-helper.xyz/scanner-snatcher/session-snatcher/cred...
I’ve worked for multiple large companies where the annual IT security signoffs look exactly like malicious emails: weird formatting; originates from weird external url that includes suspicious words; urgent call to action; and threats of discipline for non-compliance.
All this money being spent on training, only to immediately lull users into accept threats.
Since you can't exhaustively enumerate every good thing or every bad thing on the internet, a lot of security detection mechanisms are based on heuristics. These heuristics produce a fair number of false positives as it is. If you bring the rate up, it just increases the likelihood that your security folks will miss bad things down the line.
https://cam-xxx.live/trojan-hunter/evil-snatcher/malware_cry...
(For a different domain).