Threat Post

Phish Uses Google’s URL Decoding to Swim Past Defenses

Percentage-based URL encoding plus Google domain trickery is helping malicious emails to evade filters. A phishing campaign that takes advantage of Google’s ability to decode non-ASCII URL data on the ...
Search Engine Roundtable

Google: Do Not Use Commas, Brackets Or Non-Standard URL Encoding For Faceted Navigation

Google's John Mueller confirmed that the search company's 2014 guidance with faceted navigation remains true today - do not use non-standard URL encoding. That means do not use commas, brackets or ...
Infosecurity-magazine.com

Tycoon Phishing Kit Utilizes New Capabilities to Hide Malicious Links

New techniques have been developed within the Tycoon phishing kit to hide malicious links in email attacks, researchers from Barracuda have warned. The use of URL encoding, among other new techniques, ...
Bleeping Computer

Microsoft Phishing Attack Uses Google Redirects to Evade Detection

A new phishing campaign uses Google search query redirects to send potential victims to a phishing landing page designed to collect Microsoft Office 365 credentials via encoded URLs. The phishers ...
TechRadar

Phishing emails are getting smarter - and using some new tricks to snare victims

Barracuda says Tycoon now offers new ways to hide malicious links in emails URL encoding, fake CAPTCHAs, domain splits, and other techniques were spotted in the wild The researchers urge businesses ...