Author Topic: ZeroFont phishing attack can bypass Office 365 protections  (Read 164 times)

Offline Antus67

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 3279
    • View Profile
BY: June 20, 2018  By Pierluigi Paganini

According to cloud security firm Avanan, one of the detection mechanisms in Office 365 involves natural language processing to identify the content of the messages typically used in malicious emails.

For example, an email including the words “Apple” or “Microsoft” that are not sent from legitimate domains, or messages referencing user accounts, password resets or financial requests are flagged as malicious.

Experts from Avanan discovered phishing campaigns using emails in which some of the content is set to be displayed with zero-size font using <span style=”FONT-SIZE: 0px”>, for this reason, they dubbed the technique ZeroFont.

full article here:
Trojan Remover