Threat hunters say they’ve seen a concerted rise in the use of a phishing tactic designed to bypass traditional email defenses by subtly changing the prefixes (a.k.a. schemes) of malicious URLs in hyperlinks. (Sean Gallup/Getty Images)
Threat hunters say they’ve seen a concerted rise in the use of a phishing tactic designed to bypass traditional email defenses by subtly changing the prefixes (a.k.a. schemes) of malicious URLs in hyperlinks.
In other words, rather than a URL beginning with “http://” it instead starts with “http:/”. Yet the rest of the URL remains the same. “The URLs don’t fit the ‘known bad’ profiles developed by simple email scanning programs, allowing them to slip through undetected,” explains a blog post today from the GreatHorn Threat Intelligence Team.
Email recipients generally won’t immediately notice the issue either because the malicious link is hidden behind a call-to-action button such as “Click Here.” Or “Play Audio.” However, even if they were to check out the authenticity of the link before clicking, it’s possible users would still not notice the very minute change in the pref ..
Support the originator by clicking the read the rest link below.
