Overriding redirection requests
The following are recommended application security measures to help guard against phishing attacks, particularly ones that attempt to redirect the user into authenticating with an untrusted server over the file:///
protocol.
Applications using URL Monikers (URLMon.dll) for URI processing
Best practice is to implement the IBindCallbackRedirect and its Redirect method in the callback provided while creating the binding context with CreateAsyncBindCtx