How often are redirects used in phishing in 2026?, (Mon, Apr 6th)

The report reviews phishing emails collected in Q1 2026 and finds that redirect-based phishing accounted for ~21% of ~350 samples (32% in January, 18% in February, 16.5% in March). Attackers abuse a range of redirect mechanisms — including fully open redirects, tokenized “half-open” redirects (e.g., Google-style tokens), tracking/advertising links, logout endpoints, and URL shorteners — to make malicious links appear legitimate and evade detection; the author recommends removing or restricting redirect endpoints and monitoring for abuse.