The Department for Environment, Food & Rural Affairs (DEFRA) website in the U.K. fell victim to a redirect attack in which the cybercriminals used an open redirect to send visitors to fake OnlyFans pages.
Threat actors exploited an open redirect that appeared to be a valid UK government URL but instead routed visitors to the bogus OnlyFans dating site.
The website widely used services that offer users access to adult content for a subscription so they could steal users’ personal information.
"id": "DEP225811123",
"linkid": "defra",
"type": "Cyber Attack",
"date": "01/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"