Warning: New email phishing tactics appear
New scam technique
This technique takes advantage of HTML code to integrate a table (table) containing the fake Microsoft logo into email sent to the user. It works well because email security programs don't parse tables, since the tables have never been used in phishing emails. The fake Microsoft logo looks a lot like the real Microsoft logo, so emails easily slip through security filters and appear legitimate and unsuspecting to the email recipient.
What is quite surprising is that it was Microsoft inadvertently supporting this technique. The old Microsoft logo was a stylish design with 4 colors and 3-dimensional border. By 2012, Microsoft changed and simplified its logo, keeping the same 4 colors but switched to a 2-dimensional flat design. It is this simplicity that makes the new Microsoft logo very easy to fake because anyone can create a 4-cell board, with 4 colors like the Microsoft logo.
Phishing email campaigns
Fake SharePoint email
During this campaign, an HTML logo disguised as Microsoft appears in fax messages. Along with the SharePoint mark (Microsoft's collaborative work platform), these emails contain a link with the words "Preview or Download Here" (to preview or download the fax attachment). However, if the user clicks on it, it will go to the UNICEF China website, then redirect to a website about a legitimate web development tool called CodeSandbox, but from there the malware will be installed into user's computer. The fake billboards and logos combined with redirects to legitimate websites leave many users unsuspecting.
+ Office 365
For users of the Office 365 premium office applications service, the phishing campaign sends emails that recommend the user that their password has expired. These emails contain a link with the words "Keep My Current Password". However, if you click on that link, it redirects the user to a legitimate email marketing platform that has been hijacked, and then goes to the CodeSandbox website to install the malware.
+ Voice message
To Microsoft's Voice Message users, the phishing campaign sends emails reporting new voice messages. These emails also contain malicious links, which are hidden in a hexadecimal encrypted HTML attachment. By using fake Microsoft logos, hidden malicious links, and hexadecimal strings, phishing emails were able to bypass security solutions and deceive users.
Stop solution
Phishing emails are increasingly sophisticated and difficult to distinguish. They look very legitimate and unsuspecting, can bypass the common email filtering and security solutions, even leading Microsoft solutions.
Therefore, the best way to analyze and prevent these types of attacks is to combine both humans and machines and compare the results. Users tasked with capturing information, detecting suspicious cues and a good anti-phishing tool equipped with artificial intelligence, will be able to determine if the email was actually sent from Microsoft.
You should read it
- [Infographic] 4 types of Phishing are easy to trap users
- How to report phishing emails in Outlook.com
- How to identify phishing emails
- [Infographic] How to recognize and prevent Phishing attacks
- 5 signs to identify phishing websites
- Microsoft warns of phishing campaigns targeting Outlook Web App and Office 365 users
- The only secure email is the text-only email
- Outlook on Android is about to add phishing email feature
- Beware of the 7 most common types of spam
- What is Callback Phishing? How to fight it?
- What is Spear Phishing?
- Microsoft successfully rescued 50 domain names from the notorious hacker group
Maybe you are interested
Microsoft is about to build the world's most powerful quantum computer
10 Microsoft Edge Settings You Need to Change to Improve Your Browsing Experience
Microsoft doesn't allow users to uninstall the Recall feature in Windows 11
How to take a screenshot of the entire web page on Microsoft Edge
How to translate a web page on Microsoft Edge
Microsoft DirectML now supports PC Copilot+ and WebNN