Phishing - is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.

Two methods exist to prevent redirect phishing:

detect malicious redirects by screening for the lack of the referring page in the HTTP header.
sign links with a digital signature and verify it upon redirect attempt.

The following can be used as protection:

Show redirection warning to a visitor.
Unconditionally redirect a visitor to a site known to be safe.

Recommended for high security level

"; $MESS["SEC_REDIRECT_PARAMETERS_TAB"] = "Parameters"; $MESS["SEC_REDIRECT_PARAMETERS_TAB_TITLE"] = "Redirect protection parameter settings"; $MESS["SEC_REDIRECT_METHODS_HEADER"] = "Methods"; $MESS["SEC_REDIRECT_METHODS"] = "Phishing protection methods:"; $MESS["SEC_REDIRECT_REFERER_CHECK"] = "Check for presence of HTTP header describing the referring page."; $MESS["SEC_REDIRECT_REFERER_SITE_CHECK"] = "The \"Referrer\" HTTP header must contain the current site's domain name. "; $MESS["SEC_REDIRECT_HREF_SIGN"] = "Add digital signature to the below URLs:"; $MESS["SEC_REDIRECT_URLS"] = "Signed URLs"; $MESS["SEC_REDIRECT_SYSTEM"] = "System"; $MESS["SEC_REDIRECT_USER"] = "Users"; $MESS["SEC_REDIRECT_URL"] = "URL:"; $MESS["SEC_REDIRECT_PARAMETER_NAME"] = "Parameter name:"; $MESS["SEC_REDIRECT_ADD"] = "Add"; $MESS["SEC_REDIRECT_ACTIONS_HEADER"] = "Actions"; $MESS["SEC_REDIRECT_ACTIONS"] = "Phishing protection actions:"; $MESS["SEC_REDIRECT_MESSAGE"] = "Message"; $MESS["SEC_REDIRECT_LOG"] = "Add phishing attempt to the log"; $MESS["SEC_REDIRECT_ACTION_REDIRECT"] = "Redirect to specified URL."; $MESS["SEC_REDIRECT_ACTION_REDIRECT_URL"] = "URL:"; $MESS["SEC_REDIRECT_SHOW_MESSAGE_AND_STAY"] = "Show redirect to another URL notification message."; ?>