Updated Tycoon phishing kit emerges

Operators of the Tycoon phishing-as-a-service platform have enhanced the phishing kit's ability to conceal illicit links in emails amid the growing effectiveness of email security tools in determining such links, reports Infosecurity Magazine. Malicious email links have been hidden by the updated Tycoon phishing kit through URL encoding, which involves the insertion of invisible spaces and unusual characters, as well as another hidden email address or code, in web addresses, according to a Barracuda analysis. Attacks involving the improved Tycoon PhaaS platform also involved the use of fraudulent CAPTCHA verification and the Redundant Protocol Prefix tactic, which entails partially hyperlinked URLs, as well as the exploitation of subdomains purporting to be associated with major firms. "Attackers are constantly inventing new and more sophisticated ways to disguise dangerous links in phishing emails... These methods make it much harder for people and traditional security software to tell if they are being lured to a risky website," said Barracuda researchers.