Microsoft warns of a new technique to sneak Phishing

Microsoft alerts of new Phishing campaigns

From Microsoft they have reported that they have seen a increase in malicious campaigns which are based on HTTP Request Smuggling, which attacks how a website processes HTTP request sequences. It must be taken into account that they are vulnerabilities that in many cases are of a critical nature, which is why attackers manage to bypass security measures.

This type of threat is capable of putting at risk different types of devices. For example it can affect a web server, proxy or firewall. It is not a new technique, but with the passage of time it has perfected its attacks and reached more systems.

In this case, Phishing campaigns use HTML5 and JavaScript. They are capable of hiding malicious payloads in encoded strings within an HTML file or on a website. The browser then decodes those strings when a user opens an attachment or clicks a link.

The main risk with this type of techniques is that in many cases the antivirus are not able to detect them. Antivirus engines have a database with previously discovered threats, but in case it is something new and has not been previously discovered, things get complicated.

An example of all this could be a HTML attachment which could include a harmless link that leads to another website that is theoretically legitimate and has no danger. However, when the user clicks there JavaScript will decode an encrypted string and turn it into a really dangerous attachment.

This could lead to the theft of data, passwords, sneaking malware … It is a technique that, ultimately, can put our privacy and security in serious danger.

Phishing attack time

How to avoid these types of attacks

So what can we do to prevent security attacks of this type? The most important thing will always be the common sense. We must avoid making mistakes such as opening an attachment that we have received by email, installing a program from unofficial sources, etc.

For example, avoid ZIP file attachments that contain JavaScript, files that have passwords, or suspicious script codes. In all these cases it is very important to avoid them and not make mistakes, as indicated by Microsoft. This will help us reduce risk.

On the other hand, it is very important to avoid any type of threats to have a good antivirus, that it is updated, as well as having the latest versions of the operating system. This will prevent the entry of many threats that could put computers at risk.

Source link

About Admin

Check Also

Axie Infinity player got rid of an axie valued at 3.2 ETH

In the middle of a token burn event organized by the creators of the video ... Read more

Leave a Reply

Your email address will not be published. Required fields are marked *