Researchers from GreatHorn report they have observed a nearly 6,000-percent jump in attacks using “malformed URL prefixes” to evade protections and deliver phishing emails that look legit. They look legit, that is, unless you look closely at the symbols used in the prefix before the URL.
“The URLs are malformed, not utilizing the normal URL protocols, such as http:// or https://,” researchers said in a blog post about their findings. “Instead, they use http:/\ in their URL prefix.”
The slashes in the address are largely superfluous, the GreatHorn report explained, so browsers and many scanners don’t even look at them.