Recent phishing attacks reportedly capitalize on Microsoft 365 security holes

Researchers from cloud security company Avanan have reported finding two ways that phishers are evading Microsoft Microsoft 365 Security protections: one using “hexidecimal escape characters” to conceal coding and links, and the other by compromising SharePoint files.

The first method involves emails with an HTML attachment that contain a small excerpt of JavaScript that is obscured in hexadecimal escape characters. “Therefore, no links are visible, but when opened, it presents a locally-generated phishing page with login instructions,” the company explains in an Aug. 24 blog post


Source: SCMagazine

         
Avanan suspects that a recent phishing campaign that abuses SharePoint may be the work of Chinese cybercriminals, due to their use of a malicious domain that was registered this week from China.