aiwithwords logo

Microsoft 365 Anti-Phishing Tools Easily Bypassed

Meta Llama
Microsoft 365 Anti-Phishing Tools Easily Bypassed

Microsoft Outlook Anti-Phishing Measures Easily Exploited

Researchers Discover Vulnerability in Microsoft 365

Microsoft Outlook users are at risk of falling victim to phishing attacks due to a vulnerability in the email client’s anti-phishing measures. A report by Certitude researchers William Moody and Wolfgang Ettlinger revealed that the “First Contact Safety Tip” feature in Outlook can be easily bypassed using Cascading Style Sheets (CSS).

How the Vulnerability Works

• The “First Contact Safety Tip” feature can be hidden using CSS rules that change the font color to white and font size to zero.
• The vulnerability allows attackers to send phishing emails without the alert warning the victim.
• The attack can also make a phishing message appear more secure by adding HTML code that spoofs official Microsoft Outlook icons.

Microsoft has acknowledged the vulnerability but has chosen not to address it immediately. This leaves Outlook users vulnerable to phishing attacks. **Users are advised to exercise extra caution when opening emails from unfamiliar sources.**

    leave a reply

    Leave a Reply

    Your email address will not be published. Required fields are marked *