Attackers defeat SEGs using… SEGs

Email security tools such as Secure Email Gateways (SEGs) often encode URLs that are embedded in emails. This enables the security appliance to scan the URL before the recipient visits the website. But when SEGs detect URLs in emails that have already been SEG encoded they don't scan the URL. A new report from Cofense reveals that threat actors are making use of this to avoid detection. This has been going on for some time, but the second quarter of this year, and May in particular, saw an increase in threat actors taking advantage of SEG encoding of malicious URLs… [Continue Reading]