Threat actors are using Google’s URL decoding of non-ASCII URL data for URL encoding-enabled phishing attacks that hide the destination of malicious email links according to researchers, bypassing secure email gateways.
Don't get caught! #phishing https://t.co/Hcn4AuaoTR
— DaveGilmore_Tripwire (@DaveG_Tripwire) September 26, 2019
Experts Comments
Linkedin Message
@Mounir Hahad, Head , provides expert commentary at @Information Security Buzz.
"The problem with any active scanning of URLs in emails is that the security vendor cannot trigger any downstream action...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/commenst-on-phishing-attacks-using-googles-url-decoding
Facebook Message
@Mounir Hahad, Head , provides expert commentary at @Information Security Buzz.
"The problem with any active scanning of URLs in emails is that the security vendor cannot trigger any downstream action...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/commenst-on-phishing-attacks-using-googles-url-decoding
Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Laurence Pitt, Global Security Strategy Director, provides expert commentary at @Information Security Buzz.
"So we had to expect that it would get more intelligent, in an attempt to evade perimeter security...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/commenst-on-phishing-attacks-using-googles-url-decoding
Facebook Message
@Laurence Pitt, Global Security Strategy Director, provides expert commentary at @Information Security Buzz.
"So we had to expect that it would get more intelligent, in an attempt to evade perimeter security...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/commenst-on-phishing-attacks-using-googles-url-decoding