Attackers Using HTTP Response Headers to Redirect Victims to Phishing Pages

Researchers at Palo Alto Networks’ Unit 42 warn that attackers are using refresh entries in HTTP response headers to automatically redirect users to phishing pages without user interaction.