How phishing attacks spoofing Microsoft are evading security detection

The phishing emails use a Microsoft logo within an HTML table, which is not analyzed by security programs, says INKY.

Cybercriminals who specialize in phishing campaigns are always inventing new tactics to sneak past traditional security tools. In a recent campaign discovered by email security provider Inky, attackers impersonating Microsoft are using a devious method to spoof the software giant's latest logo. Released on Wednesday, Inky's report "The Microsoft Table Logo Impersonation Scam" describes how this method plays out.

The scam takes advantage of HTML code by incorporating an embedded table that contains a spoofed version of the Microsoft logo. This works because email security programs don't analyze tables because they haven't traditionally been used in phishing emails. The spoofed logo looks just like Microsoft's actual logo, so the content is able to pass through security filters and appears legitimate to potential victims.

Ironically, Microsoft itself inadvertently contributed to this scheme. The company's old logo image displayed the familiar four colors in a contoured, three-dimensional style. In 2012, Microsoft changed and simplified its logo using the same colors but in a flat, two-dimensional layout. Because of its simplicity, the new logo is easier to spoof as anyone can create four cells in a table, each with one of the four colors as the background.

Read full article.