Attackers have been leveraging a novel phishing approach that involves the creation of an unusual link with an “@” symbol in between, which browsers identify as legitimate domains and therefore allows evasion of security systems, according to Threatpost. Perception Point researchers discovered a low-effort phishing email spoofing a Microsoft notice that was able to bypass the detection of advanced email security filters owing to the presence of the @ sign in the embedded URL. “It is common knowledge that an @ sign will be ignored by email security systems when used within the text of an email, and there are many instances of this being used legitimately. For example, it can be used to refer to user information within the body of the message,” said Perception Point Vice President of Customer Success and Incident Response Motti Elloul. Ease of execution of the trick could prompt immediate adoption among threat actors and should push security teams to strengthen their detection engines, Elloul added.
This article first appeared in SC Magazine by SC Staff on May 12, 2022.