Security News > 2024 > August > Microsoft 365 anti-phishing alert “erased” with one simple trick

Microsoft 365 anti-phishing alert “erased” with one simple trick
2024-08-08 12:47

Attackers looking for a way into organizations using Microsoft 365 can make an alert identifying unsolicited emails "Disappear".

The alert can be made invisible by changing its background and text colors to white, through CSS style tags.

Since the aforementioned alert is attached to the body of an HTML email, its presentation can be altered via CSS style tags.

Setting the background and text color to white does.

An easy trick for that is to change the period in the email with the Unicode character that looks the same.

Unfortunately for Microsoft 365 and Outlook users, these tricks work and will work until Microsoft decides to do something about them.


News URL

https://www.helpnetsecurity.com/2024/08/08/microsoft-365-alert-erased/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 365 50 1369 2820 161 4400