Microsoft Warns of a HTML Evasive and Targeted Phishing Campaign

Phishing techniques change at the same rate that security and protection technologies do – it’s a constant cat and mouse game.

What is the HTML targeted phishing campaign?

Microsoft have spent a year investigating a new invoice-themed XLS.HTML phishing campaign, a very targeted, evasive and evolving attack.

In this type of attack, cyber criminals will divide the HTML attachment into segments. They will then encode them with techniques, such as Morse code to hide the malicious segments.

The HTML file may appear safe at the code level which may lead to it being undetected by standard security solutions.

What do cyber criminals want from the phishing campaign?

Cyber criminals are looking to gather information to help them in future infiltration attempts, harvesting usernames, passwords and IP addresses. They gain their targets email address, company logo and other details to help with their convincing social engineering attacks.

When your organisation’s data gets into the wrong hands it can lead to large fines, negative reputation and business closure, which is why cyber security, data protection and data security should be high on your business agenda.

How can you secure your organisation from cyber attacks?

In order to help protect your organisation from cyber crime, you must implement a multi-layered approach:

Adding multiple layers of protection will greatly reduce the risk of cyber threats from reaching your systems and team.

• Get in touch today to discuss cyber security
• Read our latest cyber security case study with 4 Earth Intelligence