Security News > 2023 > September > New ZeroFont phishing tricks Outlook into showing fake AV-scans
Hackers are utilizing a new trick of using zero-point fonts in emails to make malicious emails appear as safely scanned by security tools in Microsoft Outlook.
The ZeroFont attack method, first documented by Avanan in 2018, is a phishing technique that exploits flaws in how AI and natural language processing systems in email security platforms analyze text.
In its 2018 report, Avanan warned that ZeroFont bypassed Microsoft's Office 365 Advanced Threat Protection even when the emails contained known malicious keywords.
In a new phishing email seen by Kopriva, a threat actor uses the ZeroFont attack to manipulate message previews on widely used email clients such as Microsoft Outlook.
This discrepancy is achieved by leveraging ZeroFont to hide the bogus security scan message at the start of the phishing email, so while it's not visible to the recipient, Outlook still grabs it and displays it as a preview on the email listing pane.
Phishing campaign steals accounts for Zimbra email servers worlwide.