Security News > 2021 > February > New malformed URL phishing technique can make attacks harder to spot
Email security company GreatHorn is warning of a new form of phishing attack that makes malicious messages more likely to get through filters and harder for the average person to detect by sight.
Email scanning programs, GreatHorn said in a blog post, aren't configured to detect these kinds of attacks because they don't fit known bad criteria.
These attacks were first detected by GreatHorn in October 2020, and have rapidly become a serious threat: Between the first week of January 2021 and early February 2021, the volume of attacks using malformed URL prefixes increased by 5,933%.
In the case of this new trick, attackers are dropping the second forward slash in favor of a backslash, and then stuffing a malicious URL into the prefix before putting in the legitimate domain name, which is treated as additional subdirectories of the malicious page-perfect for crafting a phishing website.
GreatHorn said it has detected these types of malformed URL attacks across all kinds of organizations, but pharmaceuticals, lending, contracting and construction management, and telecommunications have been most hard hit.
The attack began in October with phishing attempts mimicking voicemail messages delivered through email, a tactic that has been common and successful for several years.
News URL
Related news
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)