Gap

Advanced
Joined
14.09.20
Messages
137
Reaction score
1,266
Points
93
Over the past couple of months, the volume of phishing attacks using distorted URL prefixes has increased by 5933%.

Security researchers at GreatHorn have discovered a new phishing campaign in which criminals bypass traditional URL protection.

While many phishing scams involve changing the letters in the URLs of a popular site to force users to go to fake landing pages, the current campaign changes the characters used in the prefix that goes before the URL.

The URLs used in the campaign are in the wrong format and do not use the usual URL protocols, such as http:// or https://. Instead, they use http:/\ in the URL prefix. Since the colon and two slashes have always been used in the standard URL format, most browsers automatically ignore this factor.

In this way, cybercriminals bypass many email scanners and achieve their intended goals.

According to experts, the first attacks using the modified prefix method were recorded in October last year. In the period from the beginning of January to February 2021, the volume of phishing attacks on email using distorted URL prefixes increased by 5933%.

Although these phishing attempts have been identified in organizations from a wide variety of industries, financial, pharmaceutical and construction companies are attacked more often than others. In addition, organizations using the Microsoft Office 365 service were targeted much more often than organizations using Google Workspace as a cloud-based email environment.
 
Top Bottom