November 17, 2024 at 11:37AM Threat actors are increasingly using Scalable Vector Graphics (SVG) files for phishing and malware distribution due to their ability to evade detection. Unlike traditional image formats, SVGs use code to create images and can embed JavaScript, allowing attackers to hide malicious content. Users should treat unexpected SVG attachments as suspicious. … Read more
August 7, 2024 at 11:35AM Researchers discovered a method to hide the ‘First Contact Safety Tip’ in Microsoft 365, potentially increasing the risk of users opening malicious emails. Despite reporting the flaw to Microsoft, the tech giant decided not to address it at this time. The technique involves manipulating HTML and CSS to hide the … Read more
August 6, 2024 at 08:25AM Users are calling for Microsoft to reconsider the display of sender email addresses in Outlook, as phishing criminals exploit the friendly name feature to mask malicious intent. Despite attracting over 100 votes in Microsoft’s forums, the issue persists, posing a significant security risk. There is a plea for Microsoft to … Read more
March 20, 2024 at 03:38PM Microsoft has uncovered a clever phishing scheme targeting early tax filers in 2024. The scam involves an email claiming to contain tax returns and leads users to a fake website. Once downloaded, it installs malware to steal account credentials. Microsoft warns taxpayers to be cautious, especially certain vulnerable groups, and … Read more