Security News > 2021 > February > New malformed URL phishing technique can make attacks harder to spot

Email security company GreatHorn is warning of a new form of phishing attack that makes malicious messages more likely to get through filters and harder for the average person to detect by sight.

Email scanning programs, GreatHorn said in a blog post, aren't configured to detect these kinds of attacks because they don't fit known bad criteria.

These attacks were first detected by GreatHorn in October 2020, and have rapidly become a serious threat: Between the first week of January 2021 and early February 2021, the volume of attacks using malformed URL prefixes increased by 5,933%.

In the case of this new trick, attackers are dropping the second forward slash in favor of a backslash, and then stuffing a malicious URL into the prefix before putting in the legitimate domain name, which is treated as additional subdirectories of the malicious page-perfect for crafting a phishing website.

GreatHorn said it has detected these types of malformed URL attacks across all kinds of organizations, but pharmaceuticals, lending, contracting and construction management, and telecommunications have been most hard hit.

The attack began in October with phishing attempts mimicking voicemail messages delivered through email, a tactic that has been common and successful for several years.

News URL

https://www.techrepublic.com/article/new-malformed-url-phishing-technique-can-make-attacks-harder-to-spot/#ftag=RSS56d97e7