According to Microsoft, a new campaign has been observed targeting Microsoft 365 users deploying sophisticated obfuscation tactics to avoid security protections. The campaign is designed to harvest credentials. The business email compromise campaign is tricking natural language processing filters through hiding text in a one-point font size within messages. According to Microsoft, researchers at Avanan first discovered the campaign in September.
Attackers are also hiding malicious links within the cascading style sheets in their fishing emails, another tactic that confuses natural language filters such as Microsoft’s Natural Language Processing software. Researchers released a report on Thursday detailing the campaign. The One Font campaign is also including messages with links coded within the <font> tag, which destroys the effectiveness of email filters that rely on natural language for analysis.
Read More: Tiny Font Size Fools Email Filters in BEC Phishing