Website applications use URL redirectors to forward incoming request to an alternate resource. In URL Redirector Abuse, URL redirectors are abused to cause an attacker’s URL to appear to be endorsed by the legitimate site, tricking victims into believing that they are navigating to a site other than the true destination. Applications accept arbitrary user-defined URLs as input, which are then used as targets for redirection.
It is this last implementation which can be used in URL Redirector Abuse attacks such as phishing. URL redirectors can be abused by attackers trying to social engineer victims into believing that they are navigating to a site other than the true destination.