Pharma Key Target of New Phishing Campaign Using Malformed URLs
Health IT Security
Threat actors are bypassing traditional URL security defenses with malformed URL protocols to attack end users, according to new data from GreatHorn Threat Intelligence Team. Pharmaceutical companies are among the most targeted with this new phishing tactic.
URL components are broken into five parts: the HTTP, FTP, mailto, or git protocols that tell the web client how to access the resource; the primary domain host or location; a number used when another port is desired outside the default; the path (optional); and the query string.
Hackers understand these requirements and are taking advantage of the schematic to better trick users into interacting with malicious emails.
First observed in October 2020, the tactic doesn’t involve...