"Hackers Trick Outlook into Showing Fake AV Scans"
"Hackers Trick Outlook into Showing Fake AV Scans"
Threat actors are using an existing technique of zero-point font obfuscation in a novel way to trick Microsoft Outlook users into thinking antivirus scans have successfully vetted phishing emails. The technique could increase the likelihood of phishing emails bypassing security measures and convincing recipients to fall for scams. Jan Kopriva, an analyst at the SANS Internet Storm Center, discovered a phishing email that used text written in a font with zero-pixel size, an obfuscation technique first documented by researchers at Avanan in 2018 and dubbed ZeroFont Phishing.