PALM BEACH, FL – A sophisticated email phishing campaign is making the rounds while evading email filters by using a Google domain redirect. According to ThreatPost.com, a leading source of information about IT and business security, the campaign uses percentage-based URL encoding to deceive users.
The campaign makes use of what’s called percentage-based URL encoding – a basic URL-encoding technique in which normal ASCII characters (i.e., “abc” and “123”) are converted into a string that starts with “%” and is followed by two hexadecimal digits. When resolving such an address, Google will convert this non-ASCII format into a string that is universally accepted and understood by all web browsers and servers, on the fly.Tara Seals, ThreatPost.com
You’ll want to keep your eye out for any email that contains a link that winds up looking like some sort of Google redirect which is allowing it to slip through email filters based on a legitimate domain being used.
If you want to get more information about how this is slipping through email filters, click here.
About The Author: John Colascione is Chief Executive Officer of Internet Marketing Services Inc. He specializes in Website Monetization, is a Google AdWords Certified Professional, authored a ‘how to’ book called ”Mastering Your Website‘, and is a key player in several Internet related businesses through his search engine strategy brand Searchen Networks®