Recently I received a text message like this:
“xxx, we’re trying to get a hold of you about your Costco receipt UUIB-LPZ. Please claim your overcharge reimbursement here
However, when I try to access it again from my laptop to analyze the source code, this link is no longer valid. It’s not like that I want to attack this server, but I really want to understand how this kind of server’s architecture works, and what kind of attack this is.
My guess is that this server keeps generating random mapping path and send to victims, whenever a URL is clicked, the server will redirect the user to the actual clickbait page, and clean up the original URL so most of the time it won’t be recorded and reported.