CleanTraffic: The redirect service that is anything but clean
Did you know cybercriminals are using A/B testing to optimize their phishing campaigns?
Weโve recently uncovered CleanTraffic; a new filtering service being used to conceal malicious links from security tools.
๐ How it works:
When someone clicks a protected link in a phishing email, CleanTraffic uses behavioral analytics like mouse movement to distinguish bots from real users:
Real users are funneled into the phishing flow.
Bots and scanners are routed to harmless decoy pages.
This traffic filtering keeps malicious content off the radar. The platform even includes campaign analytics, much like legitimate marketing tools.๐
As major CDN providers tighten abuse controls, threat actors are turning to such alternatives. Understanding these systems is key to tracking phishing operators who outsmart automated detections.
Have you encountered similar tradecraft in your investigations? Share your thoughts below! ๐ง
#Cybersecurity #Phishing #ThreatIntelligence #Cybercrime
This is an interesting advancement, most tools in our trade could be used offensively or defensively, as malicious operators encountered anti-bot capabilities in web application firewalls, they decided to deploy similar technologies on their own infrastructure to keep other peoples tools away. Fun times :)