Thieves are using a new technique that involves manipulating font sizes to escape from Office security protocols, known as ZeroFont phishing, reports the International Institute of Cyber Security.
According to specialists in information security training, one of Office 365 malicious software detection mechanisms is based on the processing of natural language to identify the content of frequently used messages in this kind of emails.
For example, a mail that includes words such as “Apple” or “Microsoft” sent from unverified sources, or messages referring to accounts, user names or passwords, are labeled as malicious.
Experts in information security training have pointed out the existence of phishing campaigns that use emails whose content is programmed to appear with zero font size, hence the nickname of ZeroFont Phishing.
“A series of attacks have been recently performed, using a very simple technique, attackers manage to make their blatant falsifications pass the Microsoft anti phishing tests. The tactic requires the use of hidden characters with zero font size, becoming them invisible to the platform’s security protocol, “explains an analysis of the firm Avanan, which provides specialized work and information security training.
Microsoft cannot identify this technique as a fake email because it cannot identify words that raise the malicious content alert; in simple words, a message is displayed to the anti-phishing filters, and a different one is displayed to the mail recipient.