Hackers Found Abusing URL Protection Tools to Hide Phishing Links

Cybersecurity researchers recently spotted hackers abusing URL protection tools to deliver phishing links to unsuspecting victims, targeting “hundreds of companies or more.”

When someone receives an email with a link in it, the tool copies and rewrites it, then embeds it in a new rewritten link. So once the recipient clicks on that link, it triggers a security scan. In this new campaign, which most likely began in mid-May 2024, the rewritten link redirected recipients to a phishing site.

Leave a Comment