Threat Post

Phish Uses Google’s URL Decoding to Swim Past Defenses

Percentage-based URL encoding plus Google domain trickery is helping malicious emails to evade filters. A phishing campaign that takes advantage of Google’s ability to decode non-ASCII URL data on the ...
Dark Reading

Threat Actors Ramp Up Use of Encoded URLs to Bypass Secure Email

Secure email gateways (SEG) do a lot to protect organizations from malware, spam, and phishing email. For some threat actors though, they also offer an attractive option for sneaking malicious mail ...
Infosecurity-magazine.com

Tycoon Phishing Kit Utilizes New Capabilities to Hide Malicious Links

New techniques have been developed within the Tycoon phishing kit to hide malicious links in email attacks, researchers from Barracuda have warned. The use of URL encoding, among other new techniques, ...