Phish Uses Google’s URL Decoding to Swim Past Defenses

26 September 2019

A phishing campaign that takes advantage of Google’s ability to decode non-ASCII URL data on the fly is making the rounds – looking to fool the unsavvy by effectively hiding the website address of the campaign’s phishing page. The campaign makes use of what’s called percentage-based URL encoding – a basic URL-encoding technique in which normal ASCII characters (i.e., “abc” and “123”) are converted into a string that starts with “%” and is followed by two hexadecimal digits.

Read full article on Threat Post

Date:

26 September 2019

Categorie(s):

NEWS

Tag(s):

Campaigns, Identity Theft, Swim, Techniques, Web Security

Dating apps kiss’n’tell all sorts of sensitive personal info4 May 2024
Multilogin Antidetect Browser Review 20244 May 2024
Navigating the API Security Landscape: A CEO’s Perspective on Embedding Zero Trust Principles4 May 2024
Lightsail VPN Review: Is Lightsail VPN Safe? [+Best Alternatives]4 May 2024
How To Secure Your Business In The Times Of All-pervasive Hackers4 May 2024