Read the company overview to learn more about how Perception Point provides unparalleled prevention of advanced cyber threats across all attack vectors.
Read the company overview to learn more about how Perception point provides unparalleled prevention of all attacks across email, web browsers and cloud collaboration apps.
Read the company overview to learn more about how Perception point provides unparalleled prevention of all attacks across email, web browsers and cloud collaboration apps.
Check out our webinar in cooperation with Forrester — “Rethinking Email Security: Why Traditional Approaches Fail and Why You Can’t Afford to Ignore it”
Perception Point » News » Novel Phishing Method Bypasses Spam Filters Using Odd Links
May 13, 2022
Novel Phishing Method Bypasses Spam Filters Using Odd Links
Research by Perception Point reveals new type of phishing method exploits the gap in how browsers and email inboxes scan web domains.
A new type of phishing method exploits the gap in how browsers and email inboxes scan web domains. Researchers have discovered a previously unknown mechanism for infiltrating email inboxes with malicious links.
According to research by Perception Point, the smart approach takes advantage of a critical difference in how email inboxes and browsers parse URLs. The attacker used a “@” symbol in the middle of an unusual URL. Ordinary email security filters mistook it for a remark, but browsers recognized it as a valid web address.
The phishing emails managed to get past security, but when recipients clicked on the link inside, they were taken to a false landing page.
In recent months, threat actors have discovered a troubling new method to exploit URL rewriting, a feature intended to protect users by replacing links in emails. By manipulating these rewritten URLs, attackers mask highly evasive phishing links behind trusted domains of security vendors, effectively bypassing detection. This abuse has led to a critical surge in advanced phishing attacks that leverage the very tools developed to prevent them.
Perception Point’s researchers have uncovered a new type of two-step phishing attack leveraging Microsoft Visio files (.vsdx) and SharePoint. These attacks embed malicious URLs in .vsdx format files to evade detection and steal credentials.
In recent research, the Perception Point team uncovered a new wave of attacks abusing DocuSign’s Web Forms—a feature designed for data collection and document management.
Discover how the NIS 2 Directive will impact businesses across the EU, with stricter reporting requirements, expanded scope, and significant penalties. Learn how Perception Point helps organizations ensure compliance.