Trustifi, a global leader in advanced AI email security, has identified the return of a novel approach involving the use of ‘at’ symbols (@) to obfuscate malicious links in emails. This attack method is better known as a “@_Bypass Attack.”
Trustifi has successfully identified and mitigated this emerging malicious technique.
Why is @_Bypass a Problem?
This hack method confuses link extraction libraries, ultimately deceiving users and security systems. The attackers employ a deceptive practice by inserting ‘at’ symbols before the actual domain in a URL.
Link extraction libraries typically parse HTML, text content, or files to filter out URLs and ensure that only legitimate links are displayed or flagged for security checks. In this technique, multiple ‘at’ symbols within the URL create confusion, leading to an altered perception of the actual domain.
For instance, a seemingly innocuous link like:
https://google.com@adobe.com@malicious-domain.com/virus.exe exploits vulnerabilities in link extraction libraries used by browsers and email security solutions.
Browsers might interpret the URL as https://malicious-domain.com/virus.exe after removing the preceding domains, such as google.com@adobe.com@. This manipulation aims to trick both automated security systems and unsuspecting users, making it challenging to identify the trustworthy source of the link.
Why is Browsers Remove Obfuscation a Critical Security Feature?
Browsers play a crucial role in user security by implementing measures to sanitize and standardize URLs for display and security checks. When faced with URLs containing multiple ‘at’ symbols, browsers prioritize user safety by removing extraneous information and presenting a sanitized link version.
By stripping away the confusing elements, browsers help prevent users from falling victim to phishing attacks or inadvertently downloading malicious content. This automatic filtering is an essential line of defense in the ongoing battle against cyber threats.
Trustifi’s Essential Role in Stopping the @_ByPass Attack.
Phishing email attacks are the primary method of delivery for @_Bypass URLs. Cloud-based email security powered by AI is critical to identify these URLs embedded within well-crafted phishing messages.
Stopping @_ByPass begins with enabling a comprehensive email security platform with several layers of integrated protection consolidated into a single management console, reporting, and monitoring platform.
Trustifi, with its advanced threat detection capabilities, helps detect and prevent @_ Bypass attacks embedded within email phishing messages from successfully reaching clients’ inboxes. Clients of Trustifi have access to several integrated email security protection layers, including:
- Advanced AI-Enabled Inbound Shield Filtering
- Single Management Console for quick enablement of any protection layer in Seconds.
- Deep analysis of the email message
- Scanning the Metadata
- Validation of the domain reputation.
These proven defensive controls help stop the @_Bypass attack. By staying vigilant and proactive, Trustifi ensures its users are protected from the latest threats, even those attempting to exploit the intricacies of link extraction libraries.
Why Trustifi?
Trustifi’s proven advanced AI email security platform continues to deliver innovation to its clients. As global threats materialize within seconds as hackers adopt more adversarial AI capabilities, Trustifi answers the challenge with its technological superiority. Users are advised to remain vigilant, and organizations are encouraged to implement robust email security solutions from Trustifi to mitigate the risks associated with these sophisticated tactics.
Trustifi reaffirms its commitment to safeguarding users from the ever-present dangers of malicious emails.
