A new phishing technique called ZeroFont Phishing has recently been discovered, allowing threat actors to bypass Microsoft’s Natural Language Processing (NLP) used to protect Office users from phishing emails.
Microsoft has been taking steps to enhance the security of its customers, particularly in the realm of phishing attacks. Phishing emails have long been a favored method of infiltration by threat actors looking to compromise organizations. To combat these attacks, Microsoft has implemented Natural Language Processing to scan the content of incoming emails for signs of impersonation or fraud. If an email contains text such as “© 2018 Microsoft Corporation. All rights reserved” but is not from a Microsoft.com domain, it is flagged as fraudulent. This technique is also used to analyze banking information, user accounts, password resets, and financial requests to verify their authenticity.
However, threat actors have found a way to circumvent this protection mechanism through the use of ZeroFont Phishing. In this phishing attack, the threat actor sends an email to the victim posing as an Office 365 quota limit notification, designed to appear as an administrative service email. This deceptive email manages to bypass Microsoft’s security measures due to the implementation of the ZeroFont attack.
The ZeroFont Phishing technique involves inserting random text inside the email, using for a zero font size, and breaking up the text strings to deceive Microsoft’s NLP system. This tactic allows the phishing email to go unnoticed and successfully reach the victim’s inbox.
A complete report on this attack, published by Avanan, provides detailed information about the ZeroFont Phishing technique and the bypass scenarios employed by threat actors. The report offers insights into how organizations can protect themselves against this type of attack.
Phishing attacks continue to pose a significant threat to individuals and organizations alike. It is crucial for users to be vigilant and cautious when interacting with incoming emails, especially those that request sensitive information or appear suspicious. Additionally, implementing robust email security solutions and staying up to date with the latest security measures can help mitigate the risk of falling victim to phishing attacks.
For businesses seeking to enhance their email security, AI-powered solutions such as Trustifi offer comprehensive protection against a wide range of email threats, including phishing, email tracking, account takeovers, and malware. By implementing Trustifi’s email security solutions, businesses can significantly reduce their vulnerability to phishing attacks and other email-based cyber threats.
In conclusion, ZeroFont Phishing is a sophisticated technique that allows threat actors to bypass Microsoft’s Natural Language Processing security measures. This technique highlights the importance of staying up to date with the latest cybersecurity practices and implementing robust email security solutions to protect against phishing attacks.