Security News > 2021 > February > New malformed URL phishing technique can make attacks harder to spot
Email security company GreatHorn is warning of a new form of phishing attack that makes malicious messages more likely to get through filters and harder for the average person to detect by sight.
Email scanning programs, GreatHorn said in a blog post, aren't configured to detect these kinds of attacks because they don't fit known bad criteria.
These attacks were first detected by GreatHorn in October 2020, and have rapidly become a serious threat: Between the first week of January 2021 and early February 2021, the volume of attacks using malformed URL prefixes increased by 5,933%.
In the case of this new trick, attackers are dropping the second forward slash in favor of a backslash, and then stuffing a malicious URL into the prefix before putting in the legitimate domain name, which is treated as additional subdirectories of the malicious page-perfect for crafting a phishing website.
GreatHorn said it has detected these types of malformed URL attacks across all kinds of organizations, but pharmaceuticals, lending, contracting and construction management, and telecommunications have been most hard hit.
The attack began in October with phishing attempts mimicking voicemail messages delivered through email, a tactic that has been common and successful for several years.
News URL
Related news
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)