In recent months, threat actors have discovered a troubling new method to exploit URL rewriting, a feature intended to protect users by replacing links in emails. By manipulating these rewritten URLs, attackers mask highly evasive phishing links behind trusted domains of security vendors, effectively bypassing detection. This abuse has led to a critical surge in advanced phishing attacks that leverage the very tools developed to prevent them.
Read more here.