A new type of targeted phishing attack has caught the attention of the cybersecurity world in recent days. It’s a phishing attack that uses URLs ranging from 400 characters to almost 1,000 characters, as reported by Bleeping Computer.
The threat works the same way other phishing attacks usually work, trying to fool people into believing the message is from a legitimate company, but with that not-so-subtle difference of containing long URLs, very long ones.
The cybercriminal impersonates your mail domain's support and claims that, due to multiple login attempts, your account has been blacklisted. To solve the issue, of course, you have to click on the malicious link “Confirm Your Email” and provide your credential on a fake website.
Why use a long URL in a phishing attack?
That’s the question: why use a long URL? A long URL, in general, favors the user, since an extensive link can easily be identified as suspicious and dangerous. So the best answer to this question would be, as Naked Security pointed out, that the criminal is trying to hide something.
We explain. To commit the scam, the crook uses a hacked server and multiple subdirectories to hide the malicious files location, which makes the URL long.
Phishing attack conclusion
No email protection software would have much trouble identifying the link in this case as malicious. The important thing is to be aware of the fact that phishing scams exploit human vulnerability. In other words, someone needs to fall for the scam for it to work.
When it comes to email security, the main recommendation remains the same: be wary of urgent emails, sensitive information requests and unexpected links and attachments.