I have been sending emails with SendGrid containing links with UTM parameters.
As I test I have tried with utm_campaign=testing%20weird%20campaign%20codes (testing weird campaign codes) and I have gotten visits with testing weird campaign codes but also with a strange mangled version: gffgvat jfvee dbzcbvta dbeff. Actually, I got an order of magnitude more visits with the mangled campaign code.
The spacing and word lengths are preserved, but it is not a straightforward replacement cipher as far as I can tell. It is unclear to me if it is intentional obfuscation, encryption or some encoding glitch.
I got these UTMs both with Matomo and Microsoft Clarity, I don't think the issue is on the analytics side.
I have seen some loose references online that Microsoft's Advanced Threat Protection tends to do things like this, mangling URL parameters. Although nothing conclusive from reputable sources.